【Android 逆向】【攻防世界】RememberOther
1. apk安装到手机,提示输入用户名注册码
2. jadx 打开apk
public boolean checkSN(String userName, String sn) {
try {
if (userName.length() == 0 && sn.length() == 0) {
return true;
}
if (userName == null || userName.length() == 0) {
return false;
}
if (sn == null || sn.length() != 16) {
return false;
}
MessageDigest digest = MessageDigest.getInstance("MD5");
digest.reset();
digest.update(userName.getBytes());
byte[] bytes = digest.digest();
String hexstr = toHexString(bytes, BuildConfig.FLAVOR);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hexstr.length(); i += 2) {
sb.append(hexstr.charAt(i));
}
String userSN = sb.toString();
return userSN.equalsIgnoreCase(sn);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return false;
}
}
这里有个小bug,只要啥也不输就可以通过,直接点注册弹出来sn,哈哈
b3241668ecbeb19921fdac5ac1aafa69
MD5 解密得到 YOU_KNOW_
这里有个小坑,就是还有个doc文档,里面暗示里后缀接一个ANDROID
整个flag是 YOU_KNOW_ANDROID