【Android 逆向】【攻防世界】RememberOther

1. apk安装到手机,提示输入用户名注册码

2. jadx 打开apk

    public boolean checkSN(String userName, String sn) {
        try {
            if (userName.length() == 0 && sn.length() == 0) {
                return true;
            }
            if (userName == null || userName.length() == 0) {
                return false;
            }
            if (sn == null || sn.length() != 16) {
                return false;
            }
            MessageDigest digest = MessageDigest.getInstance("MD5");
            digest.reset();
            digest.update(userName.getBytes());
            byte[] bytes = digest.digest();
            String hexstr = toHexString(bytes, BuildConfig.FLAVOR);
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < hexstr.length(); i += 2) {
                sb.append(hexstr.charAt(i));
            }
            String userSN = sb.toString();
            return userSN.equalsIgnoreCase(sn);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return false;
        }
    }

这里有个小bug,只要啥也不输就可以通过,直接点注册弹出来sn,哈哈
b3241668ecbeb19921fdac5ac1aafa69
MD5 解密得到 YOU_KNOW_

这里有个小坑,就是还有个doc文档,里面暗示里后缀接一个ANDROID

整个flag是 YOU_KNOW_ANDROID

posted @ 2023-03-19 10:59  明月照江江  阅读(82)  评论(0编辑  收藏  举报