欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

ofo协议分析

程序员文章站 2022-07-08 18:22:36
...

ofo不能自动开锁,只能用app下订单,然后返回一个结果。订单接口


http://order2.api.ofo.com/ofo/Api/v2/carno

X-Tingyun-Id: p35OnrDoP8k;c=2;r=126507277;u=3c080ca28e15d36f2cc5a2b5ef90f31cb9f8512fbd573d0f6ab6e0eea17255ec0b8fbc93e03497e35a0af6b3210a9f9b::9E947366945F51E9
Content-Type: application/x-www-form-urlencoded
Content-Length: 530
Host: order2.api.ofo.com
Connection: Keep-Alive
Accept-Encoding: gzip



lat=31.37029&lng=121.43496&carno=12111×tamp=1527324430912&smart=0&continue=0&bleOpened=1&source-version=15895&appVersion=3.1.0&cuid=fdf3c737c34a87978041f0b3ebfacfff&source=2&location=[31.370290756225586,121.4349594116211,0,1527324363875,0,100,0,2]&sourceVersion=15895&source-system=6.0.1&source-locale=zh_CN&source-model=SM-C5000&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Mjc3MzUzMzYsImEiOjIxODc4MDQyNjAsImIiOjI4MDA3NzIxNzgzMjExNjYwOTQsImMiOjI1NjEyMTYyNjcxMDMwNjM4MjJ9.h5A3HwQrN0-6758MXUZW0TmUY6VlVyP82a32KJ3PMhs


{"errorCode":200,"msg":"创建订单成功","values":{"info":{"carno":"12111","pwd":"1b96ccafe97343061465ace664ea760f","pwdRegx":"^[0-9]{4}$","orderno":"1683762378","second":0,"repairTime":120,"egt":0,"notice":"","isRedPacketArea":0,"model":2,"isGsmLock":0,"lockRefreshTime":60,"isLast":-1,"lock":{"type":1,"info":{"name":"","cryptKey":"","version":""},"unlockType":[1]},"unlouckStatus":1,"createTime":"2018-05-26T09:12:45.976Z","orderStatus":10,"ordernum":"1683762378"},"notice":""}}


解密结果3478

我们反编译一下ofo可以看到,解密方法在so.ofo.labofo.mvp.a.c中

paramAnonymousUnlockResult.info.pwd = Crypt.苹果(paramAnonymousUnlockResult.info.carno, 
paramAnonymousUnlockResult.info.pwd, paramUnlock_v2.timestamp.longValue(), com.ofo.login.ui.a.苹果().香蕉());
String pwd = Crypt.苹果("12111", "1b96ccafe97343061465ace664ea760f", timestamp, 

"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Mjc3MzUzMzYsImEiOjIxODc4MDQyNjAsImIiOjI4MDA3NzIxNzgzMjExNjYwOTQsImMiOjI1NjEyMTYyNjcxMDMwNjM4MjJ9.h5A3HwQrN0-6758MXUZW0TmUY6VlVyP82a32KJ3PMhs");


第一个参数是***,第二个是加密密码,第三个和第四个

lat=31.37029&lng=121.43496&carno=12111×tamp=1527324430912&smart=0&continue=0&bleOpened=1&source-version=15895&appVersion=3.1.0&cuid=fdf3c737c34a87978041f0b3ebfacfff&source=2&location=[31.370290756225586,121.4349594116211,0,1527324363875,0,100,0,2]&sourceVersion=15895&source-system=6.0.1&source-locale=zh_CN&source-model=SM-C5000&token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Mjc3MzUzMzYsImEiOjIxODc4MDQyNjAsImIiOjI4MDA3NzIxNzgzMjExNjYwOTQsImMiOjI1NjEyMTYyNjcxMDMwNjM4MjJ9.h5A3HwQrN0-6758MXUZW0TmUY6VlVyP82a32KJ3PMhs

时间戳和授权码

可以看到解密结果:

ofo协议分析