-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bili_ticket
related discovery (#903 Extended)
#940
Labels
新增/Add
添加或修改新的内容
Milestone
Comments
Here's example of {
"b00e":"tv.danmaku.bili", // pn => process name
"a0c6":"7.57.2", // vn => version name
"c94e":"3.2.43", // sdk_version => ?
"cd5e":"android", // os
"b59e":"", // serial, leave it empty
"dd3b":0, // root?
"a769":0, // root?
"fd49":"11", // osv => os version
"c203":"", // mac, default empty
"b935":458243454, // apk_sign => **Not know how `libbili.so` gets such value**
"ed96":"", // mid
"f438":"XU0D0580A80C82276D9DF33B4D20665C42E33", // buvid
"e57c":"Dalvik/2.1.0 (Linux; U; Android 11; Pixel 2 XL Build/RP1A.201005.004.A1) 7.57.2 os/android model/Pixel 2 XL mobi_app/android build/7572100 channel/master innerVer/7572110 osVer/11 network/2", // ua
"aff2":1, // app_id
"edc2":1705589660, // ctime
"e24d":7572110, // vc => version code
"e701":"13566853", // build => build sn
"e29f":"0", // ptrace
"e58c":"", // frida => **Not know how `libbili.so` gets such value**
"fd4c":"", // xposed => **Not know how `libbili.so` gets such value**
"d7be":"", // magisk => **Not know how `libbili.so` gets such value**
"e7fa":1, // net
"debc":"google", // brand
"adf0":"Pixel 2 XL", // model
"ccd6":1705677891, // fts
"ada0":"a3811c3af294c9ff045bf24c9bb0545b2024011923245159b5fa061488ab5b05" // fp => see `fp_local`
} I'm more than curious about the relation between hashcode and real name(ahh, pure characters seen from the register) like |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since the way getting web
bili_ticket
was found by @aynuarance in #903, I guess that the way getting appbili_ticket
is similar and also makes use of HS256, meaning that what we need to do is finding the HMAC key. After a day of hard work REing oflibbili.so
(OLLVM obfuscation, f**k you), I successfully did so.Encryption algorithm: HMAC-SHA256
HMAC KEY INFO:
ec02
XgwSnGZ1p
ec01
Ezlc3tgtl
Details:
Progress:
x-exbadbasket
from normal APP.x-exbadbasket
fromlibbili.so
.The text was updated successfully, but these errors were encountered: