获取微信小程序压缩包
某小程序请求中有sign参数,包含在url或header中.....
打开微信小程序时,微信会把小程序压缩包(后缀名.wxapkg)下载到本地;
从目录
/data/data/com.tencent.mm/MicroMsg/{数字串}/appbrand/pkg/找到目标小程序包(打开一下小程序,然后按时间排列方便查找)
反编译
切换到工具解压目录-->反编译命令:node wuWxapkg.js 小程序包
node .wuWxapkg.js 小程序包.wxapkg执行完毕后同目录解压缩文件(小程序主包):
分析签名算法
直接在ide打开此目录,全局搜索关键字:
从上下文中找到相关逻辑(可以看出来是vue的工程,格式化后再看)
把相关签名逻辑放到一个文件中,并把抓包参数填入,调试一下:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
</body>
<script>
var A = 8;
start();
function start() {
var m = {
cid: 2,
from: "58_ershoufang",
app: "a-wb",
platform: "windows",
b: "microsoft",
s: "win10",
t: 1590570613, //a.default.time(),
cv: "5.0",
wcv: "5.0",
wv: "7.0.9",
sv: "2.10.4",
batteryLevel: 0,
muid: "ff4bb653e802a502f49f1487b6d091f9",
weapp_version: "1.0.0",
user_id: "",
oid: "oIArb4keuVN06vcQTVuN4fjNdwhs",
udid: "oIArb4keuVN06vcQTVuN4fjNdwhs",
page: 2,
page_size: 25
};
for (var g in m) isEmpty(m[g]) || (m[g] = ("" + m[g]).replace(/(s|
|
| )+/g, ""));
var o = {
isPost: !1,
city_id: 2
};
var c = {};
var n = o.isPost ? "POST" : "GET";
delete o.isPost, "GET" == n ? m = Object.assign(m, o) : c = Object.assign(c, o);
Object.keys(m).forEach(function(e) {
var t = m[e];
isEmpty(t) || (m[e] = decodeURI(t)), c.hasOwnProperty(e) && !isEmpty(c[e]) && (m[e] = c[e])
});
var sig = sign(m, c);
console.log("签名::" + sig);
}
function isEmpty(e) {
return "" == e || null == e || void 0 === e || 0 == e || 0 == e || "{}" == JSON.stringify(e) || "[]" == JSON.stringify(
e);
}
function sign(e, n) {
var r = [];
r.push("ak=" + "931d0f0a7f7bc73c7cee04b87a1f3cb83d175517"), r.push("wk=" + "3B7C4B291A9F171B1C3AC5");
var o = /(s|
|
| |+)+/g;
for (var i in e) n[i] && !isEmpty(n[i]) || r.push(i + "=" + decodeURI(e[i] + "").replace(o, ""));
for (var u in n) r.push(u + "=" + decodeURI(n[u] + "").replace(o, ""));
r.sort();
var a, s = r.join("&");
return s = s.replace(o, ""), a = decodeURIComponent(s), s = encodeURIComponent(a).replace(/[!'()*]/g, function(e) {
return "%" + e.charCodeAt(0).toString(16).toUpperCase();
}), hex_sha1(s);
}
function r(r, n) {
r[n >> 5] |= 128 << n % 32, r[14 + (n + 64 >>> 9 << 4)] = n;
for (var o = 1732584193, a = -271733879, i = -1732584194, h = 271733878, A = 0; A < r.length; A += 16) {
var v = o,
d = a,
l = i,
b = h;
o = c(o = e(o = e(o = e(o = e(o = u(o = u(o = u(o = u(o = t(o = t(o = t(o = t(o, a, i, h, r[A + 0], 7, -680876936),
a = t(a, i = t(i, h = t(h, o, a, i, r[A + 1], 12, -389564586), o, a, r[A + 2], 17, 606105819), h, o, r[
A + 3], 22, -1044525330), i, h, r[A + 4], 7, -176418897), a = t(a, i = t(i, h = t(h, o, a, i, r[A + 5],
12, 1200080426), o, a, r[A + 6], 17, -1473231341), h, o, r[A + 7], 22, -45705983), i, h, r[A + 8], 7,
1770035416), a = t(a, i = t(i, h = t(h, o, a, i, r[A + 9], 12, -1958414417), o, a, r[A + 10], 17, -
42063), h, o, r[A + 11], 22, -1990404162), i, h, r[A + 12], 7, 1804603682), a = t(a, i = t(i, h = t(h, o,
a, i, r[A + 13], 12, -40341101), o, a, r[A + 14], 17, -1502002290), h, o, r[A + 15], 22, 1236535329), i,
h, r[A + 1], 5, -165796510), a = u(a, i = u(i, h = u(h, o, a, i, r[A + 6], 9, -1069501632), o, a, r[A +
11], 14, 643717713), h, o, r[A + 0], 20, -373897302), i, h, r[A + 5], 5, -701558691), a = u(a, i = u(i, h =
u(h, o, a, i, r[A + 10], 9, 38016083), o, a, r[A + 15], 14, -660478335), h, o, r[A + 4], 20, -405537848),
i, h, r[A + 9], 5, 568446438), a = u(a, i = u(i, h = u(h, o, a, i, r[A + 14], 9, -1019803690), o, a, r[A +
3], 14, -187363961), h, o, r[A + 8], 20, 1163531501), i, h, r[A + 13], 5, -1444681467), a = u(a, i = u(i, h =
u(h, o, a, i, r[A + 2], 9, -51403784), o, a, r[A + 7], 14, 1735328473), h, o, r[A + 12], 20, -1926607734), i,
h, r[A + 5], 4, -378558), a = e(a, i = e(i, h = e(h, o, a, i, r[A + 8], 11, -2022574463), o, a, r[A + 11], 16,
1839030562), h, o, r[A + 14], 23, -35309556), i, h, r[A + 1], 4, -1530992060), a = e(a, i = e(i, h = e(h, o, a,
i, r[A + 4], 11, 1272893353), o, a, r[A + 7], 16, -155497632), h, o, r[A + 10], 23, -1094730640), i, h, r[A +
13], 4, 681279174), a = e(a, i = e(i, h = e(h, o, a, i, r[A + 0], 11, -358537222), o, a, r[A + 3], 16, -
722521979), h, o, r[A + 6], 23, 76029189), i, h, r[A + 9], 4, -640364487), a = e(a, i = e(i, h = e(h, o, a, i, r[
A + 12], 11, -421815835), o, a, r[A + 15], 16, 530742520), h, o, r[A + 2], 23, -995338651), i, h, r[A + 0], 6, -
198630844),
a = c(a = c(a = c(a = c(a, i = c(i, h = c(h, o, a, i, r[A + 7], 10, 1126891415), o, a, r[A + 14], 15, -1416354905),
h, o, r[A + 5], 21, -57434055), i = c(i, h = c(h, o = c(o, a, i, h, r[A + 12], 6, 1700485571), a, i, r[A + 3],
10, -1894986606), o, a, r[A + 10], 15, -1051523), h, o, r[A + 1], 21, -2054922799), i = c(i, h = c(h, o = c(o,
a, i, h, r[A + 8], 6, 1873313359), a, i, r[A + 15], 10, -30611744), o, a, r[A + 6], 15, -1560198380), h, o, r[A +
13], 21, 1309151649), i = c(i, h = c(h, o = c(o, a, i, h, r[A + 4], 6, -145523070), a, i, r[A + 11], 10, -
1120210379), o, a, r[A + 2], 15, 718787259), h, o, r[A + 9], 21, -343485551),
o = f(o, v), a = f(a, d), i = f(i, l), h = f(h, b);
}
return Array(o, a, i, h);
}
function n(r, n, t, u, e, c) {
return f(o(f(f(n, r), f(u, c)), e), t);
}
function t(r, t, u, e, c, f, o) {
return n(t & u | ~t & e, r, t, c, f, o);
}
function u(r, t, u, e, c, f, o) {
return n(t & e | u & ~e, r, t, c, f, o);
}
function e(r, t, u, e, c, f, o) {
return n(t ^ u ^ e, r, t, c, f, o);
}
function c(r, t, u, e, c, f, o) {
return n(u ^ (t | ~e), r, t, c, f, o);
}
function f(r, n) {
var t = (65535 & r) + (65535 & n);
return (r >> 16) + (n >> 16) + (t >> 16) << 16 | 65535 & t;
}
function o(r, n) {
return r << n | r >>> 32 - n;
}
function a(r) {
for (var n = Array(), t = 0; t < r.length * A; t += A) n[t >> 5] |= (255 & r.charCodeAt(t / A)) << t % 32;
return n;
}
function i(r) {
for (var n = "0123456789abcdef", t = "", u = 0; u < 4 * r.length; u++) t += n.charAt(r[u >> 2] >> u % 4 * 8 + 4 & 15) +
n.charAt(r[u >> 2] >> u % 4 * 8 & 15);
return t;
}
var h = {
ak: "931d0f0a7f7bc73c7cee04b87a1f3cb83d175517",
wk: "3B7C4B291A9F171B1C3AC5"
}
function hex_sha1(n) {
return i(r(a(n), n.length * A));
}
</script>
</html>
浏览器看一下:
和抓包结果一致