本帖最后由 mmmmar 于 2016-7-20 21:11 编辑
昨天看到了
AndFTP 3.5 破解教程
这个帖子,发现里边的软件要输入激活码,今天就尝试了一下,弄了一整天。现在把还原的算法分分享一下,有兴趣的友友可以自己反编译对照一下
[Java] 纯文本查看 复制代码 package com.company;
import javax.crypto.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class Main {
public static void main(String[] args) {
//输入的数据只能是数字和字母组合
String str = "1122aabb1122aabb1122aabb1122aabb1122aabb1122aabb";
String encodeStr = new Main().util_c_q(str);
if(new Main().util_c_c(encodeStr)){
System.out.println("yes");
}else {
System.out.println("No");
}
}
String util_c_q(String str){
str = "{"+str+"}";
int a = str.length()-1;
String s = m_c(str.substring(1,a));
System.out.println(s);
return s;
}
String m_c(String strn){
try {
byte[] by = m_b(strn);
logBytes(by);
int b = 0;
byte[] by2 = m_b(null,by,b,by.length);
logBytes(by2);
return new String(by2,"ISO-8859-1");
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("error");
return "";
}
byte[] m_b(char[] ch,byte[] by,int a,int length) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
if(by == null)
return null;
if(ch == null)
ch = new char[]{'P','B','E','.','c','l','a','s','s'};
PBEKeySpec spec = new PBEKeySpec(ch);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = factory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES");
//
byte[] temp = {-57,115,33,-116,126,-56,-18,-103};
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(temp,30);
cipher.init(2,key,pbeParameterSpec);
return cipher.doFinal(by,a,length);
}
boolean util_c_c(String str){
if(str == null)
return false;
if(str.length()<=0)
return false;
String cm = "^[\\w\\.-]+@([\\w\\-]+\\.)+[A-Z]{2,4}$";
Pattern pattern = Pattern.compile(cm,Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(str);
return matcher.matches();
}
byte[] m_b(String str){
int a = str.length();
//a必须为偶数
int b = a/2;
byte[] by = new byte[b];
for(int v1 = 0;v1<b;v1++){
int c = v1*2;
int d = v1*2+2;
String v3 = str.substring(c,d);
int v =Integer.parseInt(v3,16);
v = v & 0xff;
byte w = (byte)v;
by[v1] = w;
}
return by;
}
public static void logBytes(byte s[]){
StringBuilder builder = new StringBuilder();
for (int i=0;i<s.length;++i){
builder.append(" ").append(s[i]);
}
System.out.println("bytes:"+builder.toString());
}
public static void logChars(char s[]){
StringBuilder builder = new StringBuilder();
for (int i=0;i<s.length;++i){
builder.append(" ").append(s[i]);
}
System.out.println("chars:"+builder.toString());
}
}
util_c_q 是Llysesoft/transfer/client/util/c;的q方法
m_b是Llysesoft/transfer/client/util/m;的b方法
以此类推。
里边的那些数组和字符串是打log弄出来的。
整体就是把输入的激活码加密,然后和一个邮箱的正则表达式匹配,看能不能匹配上。
弄了一整天,但是tm这个软件本来的注册算法在加密时就会报错,然后就成了只要输入的激活码符合那个正则表达式就行。。。。
不知道是不是上边那个帖子里的样本修改过。。。。激活码输入框里的提示的是只能输字母和数字。。。
| 
发表于 2016-7-20 21:09
|
发表于 2016-7-27 18:20
