06.app中常见加密代码
1. 字节与字符串
// 某款app中,hook到一些字节数组--》转成字符串
String salt = "sign";
// 字符串转bytes格式数组
System.out.println(Arrays.toString(salt.getBytes()));
// [115, 105, 103, 110]
String v4 = new String(new byte[]{115, 105, 103, 110});
System.out.println(salt);
System.out.println(v4);
// [115, 105, 103, 110]-->python 转成 字符串
v1 = [115, 105, 103, 110]
def java_arr_to_python_str(v1):
num_list = bytearray()
for i in v1:
if i < 0:
i = i + 256
num_list.append(i)
return num_list.decode('utf-8')
2. UUID
// uuid 固定格式的不重复的随机字符串 65fe0c8e - ac3f - 4bcb - bb0b - 7afe60e1dc31
-作用某个东西的id:唯一id
-app端随机生成uuid带到后端
import java.util.UUID;
public class Hello {
public static void main(String[] args){
String uid = UUID.randomUUID().toString();
System.out.println(uid);
}
}
// 65fe0c8e-ac3f-4bcb-bb0b-7afe60e1dc31
// python 中uuid生成
import uuid
uid = str(uuid.uuid4())
print(uid)
3. 随机值
# 随机生成80位,8位是一个字节,10个字节
BigInteger v4 = new BigInteger(80, new SecureRandom());
# 让字节以16进制展示
String res = v4.toString(16);
System.out.println(res);
# python 3.9
import random
data = random.randbytes(10) # python3.9
ele_list = []
for item in data:
ele = hex(item)[2:]
ele_list.append(ele)
res = "".join(ele_list)
print(res)
# 或者
import random
data = "".join([hex(item)[2:] for item in random.randbytes(10)])
print(data)
4. 时间戳
java
String t1 = String.valueOf(System.currentTimeMillis() / 1000); // 秒级别
String t2 = String.valueOf(System.currentTimeMillis()); // 毫秒级别
System.out.println(t1);
System.out.println(t2);
python
String t1 = String.valueOf(System.currentTimeMillis() / 1000); // 秒级别
String t2 = String.valueOf(System.currentTimeMillis()); // 毫秒级别
System.out.println(t1);
System.out.println(t2);
5. 十六进制字符串
- 与0xff做与运算就是转为16进制
s='pengyuyan'.encode('utf-8')
l=[]
for i in s:
l.append(hex(i)[2:].rjust(2,'0')) # 转16进制,只去后两位,如果不足两位,补0
print(l)
6. md5
关键字符串: MD5 update
判断是否加盐 看 .update 几次,一次就是没有加盐
# 123-->固定的 字符串---》加固定的盐, 666---
import hashlib
obj = hashlib.md5('yyy'.encode('utf-8'))
obj.update('xxxxx'.encode('utf-8'))
# java中没有这个功能,把每个字节转换成16进制
v1 = obj.hexdigest()
print(v1) # d3c0aaaf596e3299f695591f00fd75cb
v2 = obj.digest()
print(v2) # b'\xd3\xc0\xaa\xafYn2\x99\xf6\x95Y\x1f\x00\xfdu\xcb'
7. Base64编码
String name = "彭于晏";
// 编码
Base64.Encoder encoder = Base64.getEncoder();
String res = encoder.encodeToString(name.getBytes());
System.out.println(res); //5b2t5LqO5pmP
// 解码
Base64.Decoder decoder = Base64.getDecoder();
byte[] origin = decoder.decode(res);
String data = new String(origin);
System.out.println(data); // 彭于晏
import base64
name = "彭于晏"
res = base64.b64encode(name.encode('utf-8'))
print(res) # b'5b2t5LqO5pmP'
data = base64.b64decode(res)
origin = data.decode('utf-8')
print(origin) # "彭于晏"