Skip to content

Instantly share code, notes, and snippets.

@Gowee

Gowee/cipher.java

Last active October 11, 2020 07:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Gowee/cd7f44982a1d5d9bf4cc0aa69767eb3a to your computer and use it in GitHub Desktop.
Save Gowee/cd7f44982a1d5d9bf4cc0aa69767eb3a to your computer and use it in GitHub Desktop.
Download ZIP
对360的绿光浏览器(Tuber同款)的RE(未完成)
Raw
cipher.java
// import com.coloros.mcssdk.c.a;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
//import org.json.JSONObject;
public class Main {
public static void main(String[] args) throws Exception {
System.out.println("Hello world!");
String key1 = key.substring(16, 32);
String key2 = key.substring(37, 53);
byte[] data = hexStringToByteArray(rawdata);
System.out.println(new String(b(key1, key2, data))); // decrypt
// System.out.println(hexify(a(key1, key2, data))); // encrypt
}
public static String hexify(byte[] bytes) {
// From: https://mkyong.com/java/java-how-to-convert-bytes-to-hex/
StringBuilder result = new StringBuilder();
for (byte aByte : bytes) {
result.append(String.format("%02x", aByte));
// upper case
// result.append(String.format("%02X", aByte));
}
return result.toString();
}
public static byte[] hexStringToByteArray(String s) {
// From somewhere?
byte[] b = new byte[s.length() / 2];
for (int i = 0; i < b.length; i++) {
int index = i * 2;
int v = Integer.parseInt(s.substring(index, index + 2), 16);
b[i] = (byte) v;
}
return b;
}
/* renamed from: zo reason: default package */
/* compiled from: DesAesUtils */
private static final char[] a = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
public static String a(byte[] bArr) throws Exception {
StringBuilder sb = new StringBuilder(bArr.length * 2);
for (int i = 0; i < bArr.length; i++) {
sb.append(a[(bArr[i] & 240) >>> 4]);
sb.append(a[bArr[i] & 15]);
}
return sb.toString();
}
private static String key = "=mdf45dc*&%@#4g8axb2c3e4f5$6e7%893dfsa1b2c3d4e5f6g7h8sdg";
public static Cipher a(String str, String str2) throws Exception {
byte[] bytes = str2.getBytes("utf-8");
byte[] bytes2 = str.getBytes("utf-8");
Cipher instance = Cipher.getInstance("AES/CBC/PKCS5Padding");
instance.init(2, new SecretKeySpec(bytes2, "AES"), new IvParameterSpec(bytes));
return instance;
}
public static Cipher b(String str, String str2) throws Exception {
byte[] bytes = str2.getBytes("utf-8");
byte[] bytes2 = str.getBytes("utf-8");
Cipher instance = Cipher.getInstance("AES/CBC/PKCS5Padding");
instance.init(1, new SecretKeySpec(bytes2, "AES"), new IvParameterSpec(bytes));
return instance;
}
public static byte[] a(String str, String str2, byte[] bArr) throws Exception {
return b(str, str2).doFinal(bArr);
}
public static byte[] b(String str, String str2, byte[] bArr) throws Exception {
return a(str, str2).doFinal(bArr);
}
private static String rawdata = "3cb595d85637dae5dec6f2864997b706031bc6555ce756e78ccd302377d0c11b8a50866763599fe4966549cd95bf6aa9383d10369b33561619b156382ed5d6fe1d50c305ccbf16f1344d03e72078fd43163e781b4568fca688cda2ef9caf9ec6be3ba53b21cda8484ff751913a95f0f7802ef88302bd8252ef488c035d117cc8f6362da3a1da49bb052eb5b971dc311ea3ee8f041963a22d5dcf02124635eb5e0269b7b9210501870ba64add10e6e8272d5923b8042400b4bf0c7df09f9d39b3ce622ae98de7839cc24d20cdee3ddf6d460f1242ef0a0e35e8c74b8d33deed2e9da57bfa93779f6c67978114ad0343115eb3509655bd29315f165ab1701423cc8370b5949e87e009911f721ff88dd6f050b86483ae2dbc98dd99f60543b8043c71d8f2de0c251a452f7ad799784c5e4c8b8d286980f2d9d9caf8c72834fd8192c00d9269221078443266519b7f9fa5ec1cfaf951ee9314e30fc9e4006e431e89a13e94571649cece26162efb1018c05652d42a0cb34e251bd25103e6b45e6ea1f3f42ad0ea4e0733c31c91d12998113971eb83db4ab06c05fd6740638791e213623260be55f4600883c5cca67235cf354922103e4c4751154ae17b4d343538dc96998287b948e36ac8a8438a46031493918ce22945c061dd80d7e6aebef15e075be04e71afbeec4d7a9a354db83c46c40a0c7632535231636a01a0773c383ad4034c1a99d94a618d6bcfab9ab601c8b38357204f7e308b3e04ed58b33272197d3205898125e4c662d2917d8bb79415913d95e8934e46972930c3e33b944d6b8f2ca31d49553035a1c225705c15593a9130cc239cf42e101225e3f09c9cca16c73fb245dc30336c81b7dcd68dcfa021dde26d2f0b01c706e8d23924af4540b631e9f2323487f6ce94077ddd964fbcec6637fd1200741010e34e134e9d7b26792ed541a9b7e9d512e291597e971abe5f30471556c291e4ac5f24369da86682d4e49ad46897012335f00fc96a018db157d538e5f6a8f14789f458c26d05e7249f2ff3d599d5145106052a1c8287724c71f6bd6d1103ddbc44157fd07c2c5e4c9852bf0aed90c6d99155655190c3a6927fed488daaca71273c7d43b3e76ffaf28131c2e25c7d1779b3af883cdd31cfa4815fd91100ab1065c495acce542ebc83c47b40cfb7179e9b42030f2c0546752421b8bdab4eb1b200eb2b6d791e36c318dda39706f7e94873a30e842196143992ad82a32e2c509cfff184ab597eb511472f69a97f827d565971341465e5088a3265bee43eca6d7c1835341fd21e06d7dff18752426adeca5e408024ec83385b60ff008e3f00d6402cc7bc847ec7221bf5b2f7448d41451051040027232f113ee09717a0b5ea42683b534b08545ceebeca3f990fa93b542bb7150cc25a5a5c6982cb358acfe32495fc9d701ed0232922ef7fcbe9ffd04a69e4de8749ea202819035ec2362decb94a0812d0af65a9d6f741d4496343cc8163ae413136cb56fe05a1b63643f0611fde73b1b2207179986d0de0c51908b7ec86d4b2df181de817c2acc27d829fc6846d442d212cfb1b0f06924897eec141ab83640a2a03636448bef4662d493f6eb447a637eef5ce518aaf4fe411d544b686b8a2583e38c08270e7845cd165b63a45777278af836d72b5f333bb37d52f15a1c83ee315ea3ae5acaf1bd1afa447818a93ddfc6ebd82722cebc4ec22ad902a83d9129c2dd6e7bfad5ac313eb05f8904d602d96df314ce0225fc5cb301df3d71161ecf7cb15f080808c19abea9aa20d991c123b13c50b37b801ff9ee062ad8227c441302b865ba56e5286e85b6360256a33bc47a9a9504661f1d9e633cb4c8b585e0ab83c8e6a3293f41a76272ffcc3531e724d0595fa69f372768dfb8b97a9333908630db39a4aee637dbf53db430bf97ea1c05623d3a491eef37c427eb1d51d2f43189c18078f2f02cbf4491e51da589d38adca00b8545649f3709d8a6fc6bbc5b1c96678ce52e0fdcf23f00ecbcda18bbbe416c39604c5887b7ad0722e39e6d5f46eb827049b1db8e567518f9469f282b54d021078e44ab7ead8f242aa29e2ab39c3af435c37a43dd49f6aca703510e4846e58274b359f607e74ae3870fd4a487b22b58fc1f59f9ca6b35fbcf77982241c63654cf714524a9a38d9b27e07300af4dd38a09f069502cfa919d96168df0d78762147b500ec288c5f3a62bf186913751a7d3d8dbe22f92641693cda26ec9f740c3c46c2bfd73cc123b2c39ca4dc47ef784bd799b04decf37f2d1b34cd4400c29cf3e72eed27a339e6ed7034e9cddc960df7286233f724de712f24f1c1f138c997f596eb237b96c3746013c38cf1a14e370acb6746a2e2613cccec1081041b05d886c12c2e4062bfcf8a556eecee9c85050f167b27bf0576b25228a4e740a7404b00fe2134816fbf5352c773b3f70bcf8a32e02d0b3fabd6e73564ab8659df8bb60a5f0176f453b4fd1e9f9db3a351db619dbe7370f4b70df441f83a16cead97550c29fe0f64d59dc3a159a305093d54bfb0e278f56f2528e674bee2e19870288e2946005dbe58ff1f20d1a60280a707cf9648d1cdd11e39900388a853e60ff1fbf1c5a933b63d6eea4d8d88601f015cdb8055fc7ef7723c03574b5ce8f3158effc236f92b4b7067054b538a081f37f374a9e416c129474733bcd3843cb0fbb9a1095b71b6726801eca52c6632d54e2c8ae07b4b70ec04540a5d8fc490edb1b38d82e1119720afa3f62e98b38c381d57b723c355f568bc597ac9d44b003c193b7f4f55f0a10fdd70212aca869311dd955c21bb35201fcb4d728610d1ed38fc02b72d22282f737f8d246806d1b9361fede1692387453b587ba8b90e883111452624bcb474b1024233b23c3b5439e7c096569e8a6b0f6ad7939c4a38449c4136f4c10bb87dbf018d9609d98d2327b9772756b0e1bfecf310e5b8e79549a209441e3a6bb8d0cbe54e588f355d875d66a216499c6895ae04cc16ad62bcbf22f1c7a8b72c215e3f7e69a03da331819dadac032bdb672e24171559215b69ecf1908a6f689100bc71ea25cb168d16f02d453942600d048da4c710cd08dc4b3c9cddaa736931b83ff1f1e753d1985cac2d11948ab0f484eae03a823954b5f873582b25a159c0d6f19f4e0dcb20251a6997e5a48b4ac2635beac087b46f4d089b40b256d8568fc374824baacc1b0df7f64e3b4de5d3f54c2f34fbbfa69d1ed2a84115d3699088c9609eb103458e33285a9ef622e7cf2d6802259138cc9ce75432a298e21baf7abff05f366d762a003ea1884f4e78f8f0029c315a35cad15f0a31153d25333481b5dbc7361e0573db749428729f9ed48fd879cfa762262afb889d59c51104a787dba86592a9465ba88330f255f2fe86ad183b2c0998f58e4264c7a7c7a8b0f3ab621662a65be35a09f28542e0c76d90292d18c221eb33b22f67014b2bf098113afc659875cd2c46ef36e39bb87baa9dea30cf0dee6d97e261f52fa4ab295f09bab04b5588888fadfa435591adc763790d5047ee557b285ba1febe0238489d2da24478523dd19ac52ced01b38b053b2a1b66f2d3e0b970862643d3d9407a64e7e69cdfd0f64031f17bbc2847ec49f27b1c4428fda5b72b99af7c44edd7ebe0d31a7a1636835a1a4c6e2dcdb45b90746d6172bf7d463a202a8e7ee17e28c991edc45daf3e89e4911390d0997768d1cacb1d0021353c3326e5284f759c751a136d3b6c1d798c846feca903aaecb764cd1b444ffc79d46772a16a54f88716d738d586d48bad84860bfff641e54c343356f15d2992a71181583fde776e5ce2784f68729c6f53abaf37fe89271cf3ec584aeaa31d9abbdd43cebf0ca924ec945497834c72e8a6c42a9d4663a507190a04635160c27d14ee9328c3c6aef4e190ddc6ae345d8a5e9f1ebdefa371dd358dfa8bd9b6ab83e7510b11c4f2678521ab5449b5517d538c01743ac0499dee5241977d481dec8b574142e63994de9ea515ec084b557350f49a3730ff05fe92cc9fff19bac0da60e7071278e8a3faff1350a1dbb169203de2bbc9f961e919bfe7244a2188372e66e4e71ff7291d8414dc783b9fe1341bcb65debe07087adf842923817f5215c503722b519f8c8b0f29c813e5e99792440ba77c47d5425c7d9de344cc4d7f393aa87bb1e664e563251e8699c689fd5e0a3ac96b163f4dc2c3d7a7e964da27f337ea1abc9066816c00dd0ec47f904ffec8a676f3b61c703ef63100d0dfed0634bde7cee176d19b6d46c0e92955bad0ae8eeef3214d17804ff7133f74e5c504c7ce6498d141e92ad88af834c3df25ff6269d23d596455b50fcda78cc48b0ed9abf8cde026c8ec259390d4d5e2097ba4064661e0262e54356501f30204b3db70f9f5156c489ddf4dcd8202fcf7ee4fd472f5ce58d70b9142ecf8a27702b14c205fe45b4b5542ccdbbb98926cbb064e0b72ea5ea8920fc758965654f868c0526740955b8ac5d11a11c31127e43ee6d06a6a9f1e6942a5ac6b2d5e968e5af041d012e184329bca1fa60f2e13b6a3668ccc5fd6573082f5b2c5c772e5ddb5b5cca9de9f61dbe447bda6b9619d7411ba597c001b60e3aecb9587bf75d317e484a8ec06873aeb9d270c1261f2f39fd853d3772326ca2ecd6481a471da49846f1ac813a6bb182bba6b01252572c8798ff6b0ffb1406328bbb9848c03d1aaebb72ed9427bbd0ba92c4d456c446409b352a5eabb1e33d60083a492c99599a35d1039b1014e1808017b7bcc2121936635ea3365a5096b36adf76f09bade2a3f0feb3e0e35700ca6bb2b2ec6a38b2db1e9dc8594423b636d351fab3cb54908a46614db248ee80a9eb85f46b479373164386d63ec99ce37b4dce87616442777ffbeb02e7e88d5aaedbf0f27287482bc6bd258ba4d73a0803abf038d86d19f274dc52ea2d27d7ef2196527354380ac6ed7dee1afc359b05a59e458710f0b9a6ed6896dc22abf32fb7905be36b47708b90066d04bcbc8ed4ca4475d1e086ef22e681e7b3779a68c5993f9fde1e6c7f3e02fd5f1ef55ee7aae7818cb647edaabf2fa0b8497690d96fa6f0debb39112896101889068ed1eb1589332d6cc32e4fdafdfde5c5acf3b8bfcd5fac40ad17d7a7f6218f99e84abfe4d2d37c7ced8d6da02308b8f25b4cc912092e42bcc4c34cee258c62b23f7fc8c72a1a05a83c2af4c4ddf8cfb9fd3544c5a24330211c17f7f4aca3e41ab4420308da5e9f7e9b7c44a71e1957b075f376a90bfb2d532c01c3d8358553245260495f2135f4eb94ddda85909233e1c37288252696f42e2e8913e021e2e0fba0d49f56829c73995929d5cd086f755f7bd2e2eb76cfd49f09fa2ef75f8541ca91e2e175fab56fb53476da5726b3be210d6c47cd6f40cc306afbe2fb074a137b364c66d6768423f3384174c263679445663456277c15953b4c29fb6ce62ca7227d9abb0e512dbd3877e07e657ebeb39f440510d714368c12e38208cc37c2a0a380d64791866ac7b356f85a71de457dc650f1894ad7e325669f7d10342c420d7dcfc6f4b17913201b79c9055319c9641c0252a032d49a2ddf528e8c314b53a8f963ebcf4cf1833d62c19130f89d2082004579a903ace2255977e3146a7f545a573459dffe51cc7bb5fb0ef1fd2b1364e09db48bd6afe48aaeb21c2737677844afe3abce0263b372f71ad40c318318f74a4004cdebcee039765017b5f";
}
Raw
nodes.json
{
"code": 0,
"data": [
{
"protocol": "origin",
"serverIp": "210.52.213.195",
"serverPort": 22209,
"password": "eb90bc9a662d",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-hk.png",
"country": "联通",
"city": "中国香港",
"id": 52,
"tokenVerify": 0,
"delay": 176,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "222.73.144.21",
"serverPort": 41425,
"password": "78b60aadd1f0",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-hk.png",
"country": "电信",
"city": "中国香港",
"id": 44,
"tokenVerify": 0,
"delay": 36,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "221.130.184.68",
"serverPort": 10026,
"password": "3dc7asd5333a",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-hk.png",
"country": "移动",
"city": "中国香港",
"id": 81,
"tokenVerify": 0,
"delay": 75,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "210.52.213.164",
"serverPort": 61081,
"password": "a1dbadcf53f0",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-usa.png",
"country": "联通",
"city": "netflix",
"id": 84,
"tokenVerify": 0,
"delay": 157,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "222.73.144.4",
"serverPort": 10026,
"password": "3dc7asd5333a",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-hk.png",
"country": "电信1",
"city": "中国香港",
"id": 75,
"tokenVerify": 0,
"delay": 93,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "222.73.144.62",
"serverPort": 10026,
"password": "3dc7asd5333a",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-deu.png",
"country": "电信",
"city": "德国法兰克福",
"id": 39,
"tokenVerify": 0,
"delay": 238,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "210.52.213.167",
"serverPort": 36337,
"password": "227430f1c7a3",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-jpn.png",
"country": "联通",
"city": "日本东京",
"id": 24,
"tokenVerify": 0,
"delay": 200,
"viplevel": 1
},
{
"protocol": "origin",
"serverIp": "210.52.213.178",
"serverPort": 21216,
"password": "717d20cf6e1d",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-hk.png",
"country": "联通",
"city": "中国香港1",
"id": 17,
"tokenVerify": 0,
"delay": 156,
"viplevel": 0
},
{
"protocol": "origin",
"serverIp": "210.52.213.184",
"serverPort": 61081,
"password": "a1dbadcf53f0",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-usa.png",
"country": "联通",
"city": "美国洛杉矶1",
"id": 56,
"tokenVerify": 0,
"delay": 145,
"viplevel": 0
},
{
"protocol": "origin",
"serverIp": "221.130.187.20",
"serverPort": 21216,
"password": "717d20cf6e1d",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-usa.png",
"country": "移动",
"city": "美国洛杉矶1",
"id": 58,
"tokenVerify": 0,
"delay": 350,
"viplevel": 0
},
{
"protocol": "origin",
"serverIp": "222.73.144.199",
"serverPort": 52380,
"password": "c36f254f66ed",
"confuseMode": "plain",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"encryptMode": "rc4-md5",
"nationalFlag": "http:\/\/download.sgreennet.com\/images\/flags\/new\/ser-usa.png",
"country": "电信",
"city": "美国洛杉矶1",
"id": 36,
"tokenVerify": 0,
"delay": 163,
"viplevel": 0
}
],
"msg": "请求成功"
}
Raw
note.md

节点

API

https://browser.sgreennet.com/api/qt/ssr_nodes1?br={PHONE_VENDOR}&ver=3.0.0.1056&platver=10&md={PHONE_MODEL}&plat=android&channelId=110012

访问时另需格式为 hex string 的 HTTP Header token

返回类型为 Content-Type: text/html; charset=utf-8 的 hex string 数据。数据经下述解密过程,可见为序列化后的 JSON。例如 nodes.json

解密

cipher.java 用于加解密,以 AES,密钥已列出。

访问(Abuse)

直接以 sslocal 连入节点,并以curl -x <...>访问,可见:

  • 对于CNML境内站点,提供正常代理服务。
  • 对于CNML境外站点,返回包含「此浏览器无法访问目标站点资源,请切换专用线路定制浏览器」字样的网页。

已知节点密钥,则以 iptables <...> -j DNAT <...> 在本地劫持节点 IP 至密钥相符的受控 ssserver 以便分析流量。可见: HTTP(S)请求中均额外带有 HTTP header Qt-stream-key(hex string)及 Qt-stream-vuser(Base64 encoded binary),且该二 header 不会包含在发送给最终目标站点的 header 中。以 curl 手动指定截获的这些 header 以便模拟该应用,但未能奏效,服务器仍提示前述错误。 重复多次截取,观察发现 Qt-stream-key 会变化,疑类似 TOTP 或是请求内容的摘要,故使手动重现无效。或该应用向 ssserver 发送的数据中包含其它辨识信息。

未果。待进一步分析。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment