吾爱汇编

 找回密码
 立即注册

QQ登录

绑定QQ避免忘记帐号

查看: 2857|回复: 1

某LOL特权封包加密分析.

[复制链接]
FrankBoy 发表于 2021-8-17 09:29 | 显示全部楼层 |阅读模式

本站严厉禁止求脱求破行为(包含无自我分析直接求思路),如发现此类求助主题请点击“举报”,让我们共同维护优质的学习环境!


50HB
本帖最后由 FrankBoy 于 2021-8-17 09:31 编辑

关键的一个登录返回包加密了。 直接固定返回会直接非法数据。

验证应该是 tcp 的自写验证。

下载地址:  https://you8.lanzoui.com/s/You8

遇到这种的,加密方法该如何分析。

返回解密后大概是 卡密我修改了。

验证成功|D34EB4C9|D5FDB0E6|70369|4|0enWpLPJuaa68yzKudPDxKO/6bqvyv2/ybvxyKG0y7SmxNrI3aGjyte0zsGqzfggICAgIA==|120|CCECBFA8|E2507898|34300000|CEDE|多IP|9784951|FF420000_3135393533_00E81BC730D7855150F0B2EC87DD1604_19E446E1_这个是输入的卡密信息_739D809B_560972783|40|无|125.40.18.59|BAD3C4CFCAA1D6A3D6DDCAD0C1AACDA8|1629140960|0|CEDE|YOUTKAF734351HD4178A29ABD825D931|0|无|2021年8月17日22时42分9秒|0|1|CEDE|666

抓包的分析我已经发到下边了,两个特别长的应该是有加密。没分析出来。其他的我已经都在下边备注了封包的内容

[ecode=1=6]
* “tcpConnected” | 189 | 7597860
* “TCP发送数据” | 字节集:57{233,3,0,0,49,0,0,0,189,226,176,243,95,70,52,51,50,67,51,57,48,124,183,181,187,216,183,254,206,241,198,247,206,196,188,254,124,185,171,184,230,46,116,120,116,124,49,50,51,124,49,50,51,124,49,50,51}

解绑_F432C390|返回服务器文件|公告.txt|123|123|123


* “TCP接收数据” | 字节集:30{1,2,4,2,5,4,30,0,0,0,181,227,206,210,187,241,200,161,185,217,183,189,207,194,212,216,181,216,214,183}

点我获取官方下载地址

* “TCP发送数据” | 字节集:0{}
* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 189 | 7597860
* “tcpConnected” | 190 | 7860508
* “TCP发送数据” | 字节集:61{233,3,0,0,53,0,0,0,189,226,176,243,95,70,52,51,50,67,51,57,48,124,183,181,187,216,183,254,206,241,198,247,206,196,188,254,124,181,175,180,176,185,171,184,230,46,116,120,116,124,49,50,51,124,49,50,51,124,49,50,51}

解绑_F432C390|返回服务器文件|弹窗公告.txt|123|123|123


* “TCP接收数据” | 字节集:75{1,2,4,2,5,4,75,0,0,0,204,216,200,168,206,200,182,168,195,235,191,168,206,222,202,211,184,252,208,194,13,10,89,111,117,204,216,200,168,206,168,210,187,185,217,205,248,207,194,212,216,58,121,111,117,56,46,108,97,110,122,111,117,105,46,99,111,109,47,115,47,89,111,117,56}

特权稳定秒卡无视更新
You特权唯一官网下载:you8.lanzoui.com/s/You8

* “TCP发送数据” | 字节集:0{}
* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 190 | 7860508
* “tcpConnected” | 191 | 7860508
* “TCP发送数据” | 字节集:731{232,3,0,0,211,2,0,0,166,235,87,2,18,188,254,46,247,152,119,90,141,102,212,47,78,134,251,17,169,87,61,89,214,37,117,84,7,163,70,200,166,145,227,217,110,191,161,141,128,105,187,169,23,72,55,166,170,67,116,69,0,88,226,176,111,236,192,222,247,6,54,55,61,145,190,171,13,151,254,39,67,117,222,202,111,244,128,96,6,236,143,30,195,186,29,55,159,33,138,155,71,101,146,156,229,155,198,38,161,172,125,154,53,65,101,98,144,176,102,223,217,144,163,154,200,146,140,220,251,227,85,75,100,101,216,106,25,42,228,7,23,216,247,99,205,135,195,112,99,223,235,155,205,73,52,64,144,71,12,114,123,170,203,68,228,1,154,10,216,177,73,185,4,73,114,158,37,214,186,61,130,60,122,203,92,15,48,20,178,48,218,141,161,161,163,89,64,249,91,186,96,166,102,102,174,92,28,174,94,93,169,8,182,23,85,203,177,182,215,205,144,155,228,1,177,247,146,249,171,37,51,105,45,29,86,178,210,15,104,246,14,175,109,78,137,117,108,25,28,153,64,128,169,19,183,206,4,89,61,112,196,34,194,0,22,124,95,131,86,152,157,33,209,134,243,67,93,1,123,56,148,131,56,31,246,111,104,58,170,68,217,161,154,36,246,207,10,99,187,136,128,96,172,190,85,180,13,191,236,207,151,52,167,0,154,190,254,153,229,99,252,50,155,184,176,111,183,127,141,53,1,176,188,20,216,6,179,243,39,167,218,234,12,28,38,1,190,20,94,97,31,150,81,167,37,139,21,47,30,197,9,172,99,226,57,131,188,150,75,119,252,79,133,122,7,243,233,82,213,77,1,177,161,73,62,83,186,32,89,37,77,184,185,106,186,239,11,25,249,130,29,181,59,255,239,169,193,172,12,130,145,183,18,33,80,108,236,92,37,34,225,130,83,1,41,79,232,255,98,150,178,57,181,187,6,210,235,109,12,24,59,193,239,196,18,19,254,202,193,246,38,144,157,124,160,39,52,21,166,252,45,173,178,46,146,205,34,155,30,254,135,195,55,171,34,35,240,109,29,54,26,110,147,7,159,169,74,52,175,57,95,188,33,186,186,137,159,170,213,230,49,197,100,32,238,41,42,22,88,173,25,154,37,22,37,93,158,254,155,44,41,230,187,168,55,9,230,239,29,245,251,9,194,78,222,125,255,148,210,229,38,103,154,94,213,60,199,25,126,25,117,176,84,224,141,63,35,20,157,242,7,249,223,117,236,53,234,43,42,49,240,166,217,189,110,198,156,214,117,158,99,203,111,221,180,57,43,10,254,168,125,209,71,116,122,39,141,148,116,102,92,198,221,219,12,97,213,75,106,118,94,154,248,76,39,235,245,56,228,148,124,162,142,210,39,138,92,124,72,177,96,166,230,195,189,44,243,124,251,16,2,85,166,96,160,198,116,38,183,90,91,37,245,53,23,207,112,170,53,15,32,201,253,157,16,131,37,15,249,114,159,225,208,155,22,161,103,78,154,216,192,91,120,55,16,224,73,169,75,153,38,25,219,51,253,176,213,95,174,234,71,123,131,239,185,33,138,46,213,203,56,149,210,129,205,244,207,113,174,6,187,15,184,139,132,96,242,170,175,53,106}


* “TCP接收数据” | 字节集:462{1,2,4,2,5,4,206,1,0,0,154,132,172,233,156,35,30,121,117,124,32,29,56,151,147,245,155,193,58,254,118,10,185,161,246,13,127,66,26,11,12,17,194,132,106,52,57,120,11,73,212,217,48,81,97,91,58,236,160,149,50,46,188,63,129,235,110,50,90,60,136,172,48,122,101,33,127,179,120,110,138,88,233,151,217,75,5,230,215,127,133,53,146,239,180,243,221,78,152,4,102,11,86,79,243,193,246,64,138,64,99,196,4,253,196,242,173,255,30,158,245,109,158,220,120,86,57,196,252,180,167,187,190,166,194,80,225,243,103,217,232,18,187,181,14,75,112,152,84,36,47,174,34,118,8,100,102,165,193,223,250,23,22,107,207,81,215,136,72,29,162,11,1,94,213,103,121,45,112,59,180,225,48,172,81,6,173,37,125,51,202,114,33,109,124,79,181,63,180,202,6,216,195,34,150,196,161,181,62,212,45,91,161,199,162,0,30,69,186,63,34,166,77,38,165,59,164,115,174,22,5,154,168,211,227,251,108,66,235,69,203,195,227,247,89,252,126,19,98,18,100,79,23,104,252,22,86,242,29,51,36,119,165,169,222,53,252,218,96,141,150,242,129,134,150,222,192,63,227,171,177,70,117,107,123,22,146,44,230,180,195,156,51,31,118,169,255,78,254,139,75,207,52,74,185,28,92,71,112,139,177,212,4,107,44,148,162,131,141,146,212,126,83,192,221,97,63,251,201,238,249,255,90,213,105,27,22,1,205,212,118,30,79,105,42,40,255,26,61,113,80,253,19,84,24,130,191,246,43,14,254,245,67,253,206,139,243,31,175,6,251,255,178,67,53,47,209,55,215,21,150,97,34,189,112,190,6,128,64,93,145,29,218,85,114,236,37,207,33,7,152,156,225,70,41,196,218,19,180,145,91,184,210,17,186,140,195,186,190,72,12,66,108,5,139,103,72,231,14,21,153,169,123,140,98,150,231,7,84,122,14,123,155,156,2,93,183,196,253,135,222,107,186,158,203,135,72,113,175,42,119,241}


* “TCP发送数据” | 字节集:0{}
* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 191 | 7860508
* “tcpConnected” | 192 | 7860508
* “TCP发送数据” | 字节集:61{233,3,0,0,53,0,0,0,189,226,176,243,95,70,52,51,50,67,51,57,48,124,183,181,187,216,183,254,206,241,198,247,206,196,188,254,124,211,162,208,219,202,253,193,191,46,116,120,116,124,49,50,51,124,49,50,51,124,49,50,51}

解绑_F432C390|返回服务器文件|英雄数量.txt|123|123|123


* “TCP接收数据” | 字节集:13{1,2,4,2,5,4,13,0,0,0,49,53,49}

151

* “TCP发送数据” | 字节集:0{}
* “tcpConnected” | 193 | 7597860
* “TCP发送数据” | 字节集:61{233,3,0,0,53,0,0,0,189,226,176,243,95,70,52,51,50,67,51,57,48,124,183,181,187,216,183,254,206,241,198,247,206,196,188,254,124,198,164,183,244,202,253,193,191,46,116,120,116,124,49,50,51,124,49,50,51,124,49,50,51}

解绑_F432C390|返回服务器文件|皮肤数量.txt|123|123|123

* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 192 | 7860508

* “TCP接收数据” | 字节集:13{1,2,4,2,5,4,13,0,0,0,51,48,49}

301

* “TCP发送数据” | 字节集:0{}
* “tcpConnected” | 194 | 7860508
* “TCP发送数据” | 字节集:61{233,3,0,0,53,0,0,0,189,226,176,243,95,70,52,51,50,67,51,57,48,124,183,181,187,216,183,254,206,241,198,247,206,196,188,254,124,190,173,209,233,188,211,179,201,46,116,120,116,124,49,50,51,124,49,50,51,124,49,50,51}

解绑_F432C390|返回服务器文件|经验加成.txt|123|123|123

* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 193 | 7597860
* “TCP接收数据” | 字节集:13{1,2,4,2,5,4,13,0,0,0,51,48,37}

30%

* “TCP发送数据” | 字节集:0{}
* “TCP接收数据” | 字节集:0{}
* “tcpClosed” | 194 | 7860508
[/ecode]


最佳答案

吾爱汇编论坛-学破解,防破解!知进攻,懂防守!逆向分析,软件安全!52HB.COM
pipi9 发表于 2021-8-17 09:29 | 显示全部楼层

最佳答案本应属于楼主私有,因此限制查看

您还有0次查看次数,点此查看答案

点此购买查看次数
也可以兑换VIP特权或加入解密专家,每日可免费查看5次最佳答案!

吾爱汇编论坛-学破解,防破解!知进攻,懂防守!逆向分析,软件安全!52HB.COM
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

警告:本站严惩灌水回复,尊重自己从尊重他人开始!

1层
2层

免责声明

吾爱汇编(www.52hb.com)所讨论的技术及相关工具仅限用于研究学习,皆在提高软件产品的安全性,严禁用于不良动机。任何个人、团体、组织不得将其用于非法目的,否则,一切后果自行承担。吾爱汇编不承担任何因为技术滥用所产生的连带责任。吾爱汇编内容源于网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除。如有侵权请邮件或微信与我们联系处理。

站长邮箱:SharkHeng@sina.com
站长QQ:1140549900


QQ|RSS|手机版|小黑屋|帮助|吾爱汇编 ( 京公网安备11011502005403号 , 京ICP备20003498号-6 )|网站地图

Powered by Discuz!

吾爱汇编 www.52hb.com

快速回复 返回顶部 返回列表