简单的分析：某点评 TCP协议 算法

本帖最后由 西枫游戏 于 2024-2-16 16:10 编辑

前言
简单分析{某点评}TCP私信协议，本帖只负责分析交流切勿他用。若侵犯了权益，麻烦管理帮忙删除，谢谢！
--------------------------------------------------------------------------------------------------------------------------------------------------------
TCP交互流程
TCP协议交互理解：

请求服务器共享密钥，或本地按规则生成一组key【篇文比较长分段开始】

RSA公钥加密并且组包发送到服务器统一加密密钥({某小破站登陆协议一样})【暂时先分析统一密钥】

登陆服务器：组包数据包括 1. 登陆的设备id  2. 附带APP版本号   3. 附带该账号的uid   4. 附带该账号的令牌{token，CK}之类

--------------------------------------------------------------------------------------------------------------------------------------------------------
工具
--------------------------------------------------------------------------------------------------------------------------------------------------------
分析流程


二进制数据包解析：

密钥：【3f7cdf7a1c29ec3166af5d63b3b52c58c1f2c7500d03fd388dd897d5d9579c86】

公钥：【MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkDUifT/SK+x6eeutgOrOzaKnG3GnAog74NSkKsm8smkZXhOSzZa7E7irOxcwB60WawGAQR8BHbO7kosYlz6SJyR8ZIGfVa+jV3uBfylP+uIl/6JvdK8h7yhbLbMSsQkCnMIEWCP9YEtHxjo1cxyUlQL2yIly9eY015EiYp1Z8swIDAQAB】

二进制数据组包：{0,0,0,227,0,3,0,124,0,0,0,0,143,104,25,231,0,0,0,1,0,0,0,0,0,5,0,128,7,177,17,195,30,164,186,28,119,182,2,34,143,158,251,19,38,173,176,161,46,123,97,48,95,140,209,35,149,122,147,4,121,101,113,219,29,81,215,249,237,193,188,99,223,81,58,119,207,227,135,115,40,175,107,140,19,180,204,72,9,195,192,70,18,237,30,145,127,62,136,44,184,129,16,254,33,56,222,46,245,102,182,162,241,176,184,18,245,133,59,172,193,119,34,255,114,3,59,156,159,60,117,240,156,119,96,145,148,73,23,204,180,198,212,252,209,100,80,212,179,223,198,237,236,212,20,229,0,69,32,112,97,115,115,112,111,114,116,58,49,57,49,53,57,56,52,52,52,53,95,116,105,109,101,58,50,48,50,52,58,48,49,58,50,51,32,49,52,58,53,55,58,49,54,58,55,55,49,115,101,115,115,105,111,110,73,68,58,50,54,51,52,52,52,53,48,52,53}

{0,0,0,227}  // 数据包长度

{0,3,0,124}  //  固定【196732】类似于标签

{143,104,25,231}  // CRC32 签名

{128}  //RSA加密后的AES_CTR_KEY的数据长度

{7,177,17,195,30,164,186,28,119,182,2,34,143,158,251,19,38,173,176,161,46,123,97,48,95,140,209,35,149,122,147,4,121,101,113,219,29,81,215,249,237,193,188,99,223,81,58,119,207,227,135,115,40,175,107,140,19,180,204,72,9,195,192,70,18,237,30,145,127,62,136,44,184,129,16,254,33,56,222,46,245,102,182,162,241,176,184,18,245,133,59,172,193,119,34,255,114,3,59,156,159,60,117,240,156,119,96,145,148,73,23,204,180,198,212,252,209,100,80,212,179,223,198,237,236,212,20,229}  // RSA加密后的AES_CTR_KEY的数据

{69} // 明文数据长度

{32,112,97,115,115,112,111,114,116,58,49,57,49,53,57,56,52,52,52,53,95,116,105,109,101,58,50,48,50,52,58,48,49,58,50,51,32,49,52,58,53,55,58,49,54,58,55,55,49,115,101,115,115,105,111,110,73,68,58,50,54,51,52,52,52,53,48,52,53}  // 明文数据

明文数据【passport:1915984445_time:2024:01:23 14:57:16:771sessionID:2634445045】 // 包含uid // time // 以及uuid的CRC32签名

服务器 【103.x.x.49 : 8500】 目前统一密钥分析完毕。【仅供学习交流 若侵犯了权益，麻烦管理帮忙删除，谢谢】