A Simple Reverse Engineering of Login Encryption Algorithm
1. “Seeing Flowers in the Fog” Error in replaying the login interface: It seems to be related to RSA encryption. Why RSA? Just a feeling~~ “`y9uN67EfI6s5KtHsQSxQ6XDq0MSYnON9XzZmTOXlN3gzGq13%2B5iZ0MmMXLq7ypgoPTr0NN7wnpjHHNbDcfVS/4Eda24Mjf8qgs%2BXX7a470iGyn8oh7S6Ha7QHMIyt9EQ1Oi1KNNSEidngzJB4y/V7jebeXjhaRZNqsPvbQRYSuA%3D“` URL Decoding “`y9uN67EfI6s5KtHsQSxQ6XDq0MSYnON9XzZmTOXlN3gzGq13+5iZ0MmMXLq7ypgoPTr0NN7wnpjHHNbDcfVS/4Eda24Mjf8qgs+XX7a470iGyn8oh7S6Ha7QHMIyt9EQ1Oi1KNNSEidngzJB4y/V7jebeXjhaRZNqsPvbQRYSuA=“` BASE64 Continue Decoding “`˛�#빪ѬA,P鰪Є蜣}_6fL奷x3�虐Ɍ\껊訽:䴞ޘǜփq咿ᝫn�⏗_港H抿(紺²瑐Ԩ娓R'g㲁㯕yxᩖMꃯmXJ“` 2. “Analyzing in Detail” Next, let’s analyze the login logic. Encryption algorithm plugin: http://172.18.252.116:8096/SmartWorkESB/js/jsencrypt.js Login logic: http://172.18.252.116:8096/SmartWorkESB/js/index.js Basically, the client uses the … Read more