Code Monkey home page Code Monkey logo

byd-react-app-reverse's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

herrfrei

byd-react-app-reverse's Issues

API endpoints

Append any of the following to https://dilinkappoversea-eu.byd.auto/

app/account/getAccountState
app/account/getValidateCodeLogin
app/account/checkRegistVerifyData
app/account/setLoginPassword
app/account/login
app/account/logout
app/account/isKickedIn
control/getBatteryHeatResult
common/basic/getValidateCode
common/basic/validateVerifyData
vehicle/vehicleswitch/verifyControlPassword
vehicle/vehicleswitch/setControlPassword
vehicle/vehicleswitch/modifyAutoPlate
vehicle/vehicleswitch/modifyAutoAlias
vehicle/vehicleswitch/getPushSwitchState
vehicle/vehicleswitch/setPushSwitchState
user/other/feedbackWay
user/other/getUserCareItem
user/other/setUserCareItem
nps/apiService/manager/showCondition
nps/apiService/manager/saveQueInfo

vehicleInfo/vehicle/vehicleRealTimeRequest
vehicleInfo/vehicle/vehicleRealTimeResult
vehicleInfo/vehicle/getTapPosition

Reverse Engineering API Call

  1. Encrypt Payload via AES
AES/CBC/PKCS5Padding mode:  encryption 
AES/CBC/PKCS5Padding key Base64:OlLzwi7W/N5b9pamwCyecw==
AES/CBC/PKCS5Padding key Hex:3a52f3c22ed6fcde5bf696a6c02c9e73
AES/CBC/PKCS5Padding key Utf8:
AES/CBC/PKCS5Padding iv Base64:AAAAAAAAAAAAAAAAAAAAAA==
AES/CBC/PKCS5Padding iv Hex:00000000000000000000000000000000
AES/CBC/PKCS5Padding iv Utf8:

AES/CBC/PKCS5Padding doFinal param Utf8:{"countryCode":"DE","deviceType":"0","imeiMD5":"2EA5EAF78EA945204E99E1BA9ED74B83","networkType":"wifi","random":"0532A56F28264E8D98E239A52B0DC57C","timeStamp":"1698864439417","version":"201"}
AES/CBC/PKCS5Padding doFinal result Base64:SXH+7fhEGZgKiODFLHfdf7JdSnbLn0miRsWOwJgpbvmxKG1r7pu2J9mykv8Q3KuPz45A0CRuY/+mrAfxgk0OFLrDSSsrZzhmo7DuXQ+wUitafRK8DuoNBNxIyzHXwQZJEjvSPfGFkWhQiqw/BHRheM6VM26irV6QNhgDo9uOM0cZct2d929qez//mkNOQrBgH8EQ5yx0aIIpF9zeb7XtPb5tLq09VKLMyrb1aqHs3x8A3hMzBIq2eU0XDWUBFGaT
AES/CBC/PKCS5Padding doFinal result Hex:4971feedf84419980a88e0c52c77dd7fb25d4a76cb9f49a246c58ec098296ef9b1286d6bee9bb627d9b292ff10dcab8fcf8e40d0246e63ffa6ac07f1824d0e14bac3492b2b673866a3b0ee5d0fb0522b5a7d12bc0eea0d04dc48cb31d7c10649123bd23df1859168508aac3f04746178ce95336ea2ad5e90361803a3db8e33471972dd9df76f6a7b3fff9a434e42b0601fc110e72c7468822917dcde6fb5ed3dbe6d2ead3d54a2cccab6f56aa1ecdf1f00de1333048ab6794d170d6501146693
  1. Create a signature via SHA1
SHA-1 update param Utf8:countryCode=DE&deviceType=0&identifier=DE&identifierType=0&imeiMD5=8CCEE4915065D29CCD911DA5DC9C28D3&language=de&networkType=wifi&random=B0E25FF696AF46D2A04D8261AEDEA174&reqTimestamp=1698919441358&timeStamp=1698919441358&version=201&password=3A52F3C22ED6FCDE5BF696A6C02C9E73

SHA-1 digest result Hex:178b71f44aa7b036da503c513bebb167f057c4d0
  1. Encrypt with secneo library or other custom library
{"encryData":"4971FEEDF84419980A88E0C52C77DD7FB25D4A76CB9F49A246C58EC098296EF9B1286D6BEE9BB627D9B292FF10DCAB8FFCF16567F8B3A3E37F9D632EAFC41C208D0A805908BFDA5DCEE5AFEBAC217DF2E71C6DF4B2CFC64AC94C73AA442F9DB28524A8A2909A09F7489B9B8F3F2657CD5726DEF972CB8699145FF5FA18A8FBB8E7CCC16351879764EF5C60D874DD7AD7AACCB242B6646EDED7EFBC21AB3A787D5C9DC5C5D33A2AF08345B36F7E473CC83096E1847F74C54B0280AD02B891436A","identifier":"DE","identifierType":"0","imeiMD5":"8CCEE4915065D29CCD911DA5DC9C28D3","language":"de","reqTimestamp":"1698918141562","sign":"178b71f44aa7b036da503c513bebb167f057c4d0"}

to a request like this. This is not the matching request
{
    "request": "F1whE9TJ/js738h9X4pf815gVlcElQWSvkXsTTl9iESDQIa8mEEafEds572XK/rOU17EWIjDrx7gUEJIMxJNEsHt94DQ/zJMNfVZXIqdRwEyUP5P6JYbrWBpTNrRFWf7osI6mA8XhfGPVn/uhKM73LsrLMoLFhVgvc53/7b5ewdGMEaprEJ5Mj3XkhB/e9RLtmOSaX4bGx0JzuU2Vkv6XSCcYY+AM6qNLuA0/mpXNfiMbsl6Ew4k38P40A/n1D93eBHcoKpYkDdj5KBoMWTMuHXrLtwKG4lZF2nCGQ7z9rMwHK28DTP6TdbzwU6NelGMIAr6EpcwWSXLsUyNjzRUiEke5wBH0vXLtCVaOcfe6LzWy5gdLv+kM9rgEbVnvEWfACycxRRHoUiUVhLMUbJWLd9E/RZPGlMsdKT+lCGQ+z9bu8GxyxmTZiuUal69/QjyQFSRq0wgVEJucLigVQhhPPrkQUZptAnGe/GVCLSBZe7PPWt/YZaadTgT2z0ZI2LG1Xl8dQ8V8ZDmSPrlJEIkZqW6TzaoA0aZmJT9eOXgjmq+508y3opvm24vHqJ0wvsm+fORIW4q02dzlXNUlPe0oU6OpYMdc125qrrcRk4vQpidPvUwRGzETlJw1sOFMrPI3EjLj0QZwJRQD0W26oAvL+iUpTfMa0rAzlKEKJht3dqN2BbeUykpHA4qpn5iUW1ByPQRKmXvO7X2zb9Mj1EtGM+PRE04hAYMlzi/QB6JPRgf00/Ch8h/BmLd0eQuSDu4wYoDWvhhLg4qoEB7ZaFdmMQLMZdkSwBbWldelgXVHyDMmUv5x+7G+y0uyN5URgXr5A8qVSHS2Zghe8VKrSFtlWo44kGZv1n7Z+xYe26nt/NS69/bUCjdEcpn0xNgzDZ11m4xqwKkQT2vXsG52EA23ErpYB9tw7KGbTdELeEVI4oglzOBPRJmzMPPop0Wh20ZQEwM+wKqVIVAuxmavIBPC5fZfTb2UYcuPrrYPcJZw4Lu0NwjbLh4UL0TQl4kDPbsX"
}

APK dex file:
https://send.cm/lxtd9ikduztn
https://www.mirrored.to/files/0DHI0EGH/class.zip_links

class.zip

com.byd.bydautolink.repository.util.CommonRequestUtil
 public final CommonTypeRequest
com.byd.bydautolink.repository.param.request.CommonTypeRequest
 public CommonTypeRequest(@e String str, @e String str2, @e String str3, @e String str4, @e String str5, @e String str6, @e String str7) {
        JniLib.cV(new Object[]{this, str, str2, str3, str4, str5, str6, str7, 481});
    }
import com.fort.andjni.JniLib;
libdexjni.so

Response:

{
    "response": "F+Is4sfuTVp28SE2x3HAuHENczYnXHFRB1LODDN7a0j8JxXhttviQZLg4aEoWoZPvkqfyVBUWxS4m9Y/ngaj59kC/ikXLyuMZbsEcM6er/8TwqyINKNXYyuoqjaZeg+/e8s/KF0VavqPK4wdX8VULfFd5hCHE9yWVZAmN+MvRyo05cUyYZVL5cDYXAe7MxkL1YchBNxPOQf7dCVnlxmtvd4dtRE/DQ9k205ydpGI+DkE0n+yCAF1ytjR5GWiHwImTDhaWXpaJOpNKOBKRou8RqbUv2hmhfFD10cvgEEjPzZ0t5kKiqp+vaoWYfOV4Ujj+45OhKPWro9b7bvHT3IIgsHa+GgeZIVtFGksDe0QzBkLsZK4wGHdIbEiVoQxHfEfWrp0Vm1p1CQ/paNyFfVC/DttJD+VITpROACepEfTJK+McB6soCbHgAWFHdaZ7yAMa0w0Vlt/Qbg2G3MviRZes/lAPTm90tcU1mNwX/xzAqRrpGID7g7f+s8oEivjLMcEMqb5aysoWlOdtJ2s1bjdJUmELX8h+MH0Cz921sVUBaIQENfEjnNqpa5Cz1RNm8DEDguA5UsahpgZshBR7U9fQyBauolMbtXTbY+fIDrcn8BRk/Dz9YZYgcbN9JQawK/GgLUWwHG8WjUNqQvW5WiuRwVvZN8uCt17ytcjKKSlBlLBz5Ok5OarHyW0gx5G5TRiAt3DslixtHyYZ7/1uK0JC8GFIdEe/TF82f7TygGE8fSM="
}

{"code":"0","identifier":"DE","message":"成功","respondData":"6841A86D6CA727BD43A3CBAA102705528B95498A2545559576CCCBD46ADE835E23972F46AB202DBDD5407F2D8E7390E4B7205C2C53A3B407FEE76F2B09480C726535BA8DF017D0D9FA377AC876A9528C2EFC3D6F72AF939AD8568CC28788F0FD88475F667F39C0A4F9099A9889385348D5A2141DA5E0BA59BD933C20CAE189E5DE2CF3AE7CCEF1363B115A0F7E20032E6B154F13636054BBCD87308EE0335DA042AA3162B3FBEF7F441CCA0955A1A504479A04026808C165B9290E5CB5E3B221ED5AD64709723C53B9A1C6B0321A4240320CD0790FC108FF4EC544756E78E1DAE5CCBB40C47CDD1AF0890DFBD7AB63B6"}

The missing link is the final encryption with non standard tools. Maybe you have an idea.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.