最近想写个网页游戏外挂,结果游戏加密了,反编译了,FLASH是如下代码
可惜我写的方法,读取还是乱码,请高手帮我看看测试地址:http://s19.mm.kunlun.com/index.php?act=login.c_start
正常的返回:<?xml version="1.0" encoding="UTF-8"?>
<root><login.init/></root>
<!--0.0024120807647705 -->
目前更改了加密,所有数据都采用流的方式传输了,这是关键加密方法,对AS3不熟悉,写法可能有误,总是不出正确结果
其FLASH的发送方式更改成 URLLoaderDataFormat.BINARY
POST 和 GET 后的数据,用此函数加密,和解密,请高手指点一下
import flash.utils.*; public class ImageBox extends Object
{ public function ImageBox()
{
return;
}// end function public static function save(data:String) : ByteArray
{
var _loc_2:* = new ByteArray();
_loc_2.writeUTF(data);
_loc_2.compress();
var _loc_3:* = new ByteArray();
var _loc_4:uint = 0;
while (_loc_4 < 10)
{
_loc_3.writeUnsignedInt(Math.floor(Math.random() * int.MAX_VALUE));
_loc_4 = _loc_4 + 1;
}
_loc_3.writeUnsignedInt(_loc_2.length);
_loc_3.writeBytes(_loc_2);
_loc_4 = 0;
while (_loc_4 < 10)
{
_loc_3.writeUnsignedInt(Math.floor(Math.random() * int.MAX_VALUE));
_loc_4 = _loc_4 + 1;
}
return _loc_3;
}// end function public static function open(data:ByteArray) : String
{
var temp:ByteArray;
var str2:String;
var str:String;
var data:* = data;
temp = new ByteArray();
data.position = 0;
data.endian = Endian.LITTLE_ENDIAN;
temp.endian = Endian.LITTLE_ENDIAN;
var i:uint;
while (i < 10)
{
data.readUnsignedInt();
i = (i + 1);
}
str2;
i;
while (i < data.length)
{
str2 = str2 + " " + int(data[i]).toString(16);
i = (i + 1);
}
trace(str2);
var lenth:* = data.readUnsignedInt();
trace("lenth:" + lenth);
try
{
data.readBytes(temp, 0, lenth);
}
catch (e:Error)
{
throw new Error("length:" + data.length + " data:" + str2);
try
{
}
temp.uncompress();
}
catch (e:Error)
{
throw new Error("length:" + data.length + " data:" + str2);
try
{
}
str = temp.readUTF();
}
catch (e:Error)
{
throw new Error("length:" + temp.length);
}
return str;
}// end function }
可惜我写的方法,读取还是乱码,请高手帮我看看测试地址:http://s19.mm.kunlun.com/index.php?act=login.c_start
正常的返回:<?xml version="1.0" encoding="UTF-8"?>
<root><login.init/></root>
<!--0.0024120807647705 -->
目前更改了加密,所有数据都采用流的方式传输了,这是关键加密方法,对AS3不熟悉,写法可能有误,总是不出正确结果
其FLASH的发送方式更改成 URLLoaderDataFormat.BINARY
POST 和 GET 后的数据,用此函数加密,和解密,请高手指点一下
import flash.utils.*; public class ImageBox extends Object
{ public function ImageBox()
{
return;
}// end function public static function save(data:String) : ByteArray
{
var _loc_2:* = new ByteArray();
_loc_2.writeUTF(data);
_loc_2.compress();
var _loc_3:* = new ByteArray();
var _loc_4:uint = 0;
while (_loc_4 < 10)
{
_loc_3.writeUnsignedInt(Math.floor(Math.random() * int.MAX_VALUE));
_loc_4 = _loc_4 + 1;
}
_loc_3.writeUnsignedInt(_loc_2.length);
_loc_3.writeBytes(_loc_2);
_loc_4 = 0;
while (_loc_4 < 10)
{
_loc_3.writeUnsignedInt(Math.floor(Math.random() * int.MAX_VALUE));
_loc_4 = _loc_4 + 1;
}
return _loc_3;
}// end function public static function open(data:ByteArray) : String
{
var temp:ByteArray;
var str2:String;
var str:String;
var data:* = data;
temp = new ByteArray();
data.position = 0;
data.endian = Endian.LITTLE_ENDIAN;
temp.endian = Endian.LITTLE_ENDIAN;
var i:uint;
while (i < 10)
{
data.readUnsignedInt();
i = (i + 1);
}
str2;
i;
while (i < data.length)
{
str2 = str2 + " " + int(data[i]).toString(16);
i = (i + 1);
}
trace(str2);
var lenth:* = data.readUnsignedInt();
trace("lenth:" + lenth);
try
{
data.readBytes(temp, 0, lenth);
}
catch (e:Error)
{
throw new Error("length:" + data.length + " data:" + str2);
try
{
}
temp.uncompress();
}
catch (e:Error)
{
throw new Error("length:" + data.length + " data:" + str2);
try
{
}
str = temp.readUTF();
}
catch (e:Error)
{
throw new Error("length:" + temp.length);
}
return str;
}// end function }
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货