迅雷协议分析–多链接资源获取(3)

  • A+
所属分类:系统文档

作者:yang890511

(接上)

看见了吗,回复包解密后,里面带着的链接地址就是P2SP的多个可供下载的服务器的链接地址.
而且回复里面包含一些文件相关的信息,比如SHA-1 HASH值之类的,大家有兴趣的话,可以自
已分析它的包的结构,我下篇文章分析它的包结构,呵呵:)

注意,上面的发送包和回复包不是关联的,因为我调试的时候没有把它们关取在一起,送了不同的包进行分析的.

好了,客户端与服务器之间的获取多个下载源的加密通信过程就到此结束了,这儿我主要的只介绍
它们通信的加密算法而已,具体其它的协议以后有时间再发.

时间仓促,如有不足之处,还请多多指教.

最后附上加解密的源代码.
#include <stdio.h>
#include <string.h>
#include <openssl/aes.h>
#include “thunder-md5.h”

unsigned char thunder[]={
0×34, 0×00, 0×00, 0×00, 0×96, 0×00, 0×00, 0×00,0×80,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×40,0×00,0×00,0×00,0×00,0×00,0×00,0×00};

unsigned char thunder_md5_pad[]={
0×80,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,0×00,
0×00,0×00,0×00,0×00,0×00,0×00,0×40,0×00,0×00,0×00,0×00,0×00,0×00,0×00};
unsigned char thunder_AES_key[16];//thunder MD5 padding data

unsigned char in[]={0×02,0×3A,0xA0,0×8A,0×5E
,0×52,0×22,0xAC,0×5E,0xFA,0xC8,0xF6,0×54,0xE8,0xDC,0×9A,0xBC,0xE6,0×78,0×11,0xD9
,0×59,0xC3,0xE8,0×64,0×8E,0xB8,0×93,0xEA,0xE7,0×43,0×28,0xBA,0×16,0xFF,0xC4,0xA9
,0xDC,0xAB,0×26,0×7C,0×56,0×08,0×47,0xD9,0xA9,0×37,0xF6,0xC1,0×3A,0×7B,0×68,0xC8
,0×11,0×74,0×9D,0×62,0×6D,0×4C,0×6C,0xE7,0xAD,0×08,0×46,0×70,0×31,0xAC,0×97,0×34
,0xAE,0×15,0×18,0×37,0xB3,0×97,0×32,0×91,0×13,0xF8,0xFB,0xAA,0×30,0×75,0×10,0×02
,0×78,0×8E,0xF6,0×38,0×1D,0×43,0×6B,0xB9,0xF4,0xDE,0xC4,0×09,0×23,0×3A,0×27,0×8B
,0xE6,0×2C,0×5D,0×87,0xBF,0×4C,0xBF,0xBF,0×54,0×15,0×4E,0xDB,0×8F,0×77,0×95,0xC0
,0×67,0xEE,0×1E,0xB4,0xB4,0×36,0xF6,0xEF,0xCF,0×96,0×77,0×1A,0xEA,0×9E,0×63,0×11
,0×40,0xFC,0xE1,0×23,0×81,0×90,0×92,0×5E,0xFE,0×23,0×36,0xFB,0×1A,0×23,0×37,0×9A
,0×7D,0×20,0×95,0xCA,0×47,0xC2,0xDA,0xE9,0xE8,0xFE,0×30,0×4C,0xA0,0xFE,0×4F,0×6E
,0xA0,0xA5,0×81,0×45,0xBA,0xAF,0×68,0xEE,0×60,0xA1,0xD5,0×00,0xA8,0xDC,0xCC,0×80
,0×84,0×0C,0×19,0xCF,0×81,0xB9,0×13,0xC0,0×13,0×07,0xE8,0×70,0×05,0×79,0×15,0xF5
,0xD5,0×2B,0×05,0xA1,0xDD,0×34,0xD8,0xD9,0xC3,0xE7,0×05,0×70,0×05,0×79,0×15,0xF5
,0xD5,0×2B,0×05,0xA1,0xDD,0×34,0xD8,0xD9,0xC3,0xE7,0×05,0×70,0×05,0×79,0×15,0xF5
,0xD5,0×2B,0×05,0xA1,0xDD,0×34,0xD8,0xD9,0xC3,0xE7,0×05,0×10,0×3A,0xCC,0×2F,0×13
,0xE1,0xE1,0×8C,0×7B,0xC9,0xC5,0×48,0xB3,0×85,0×73,0×55,0×87,0xEE,0×99,0×14,0×67
,0xB2,0×1B,0×01,0×1B,0×56,0×01,0×2F,0xFB,0×47,0×07,0×88,0xBD,0×4C,0xD2,0×1A,0×08
,0×14,0×42,0xF3,0xF5,0xC2,0×7C,0×26,0×9E,0×24,0×00,0xA4,0xEA,0×5F,0×20,0xFC,0xCA
,0×80,0xF6,0×9B,0xC9,0×28,0×5B,0×55,0×22,0×94,0×33,0×4F,0×3E,0×1B,0xC6,0×31,0×23
,0×82,0xB1,0×97,0×3E,0xC1,0×00,0×2F,0xEF,0xCE,0×06,0×7B,0xAA,0xCD,0xA6,0×61,0xF5
,0xC9,0×59,0×8E,0xDB,0xF6,0×49,0×73,0×9C,0xB9,0×08,0×05,0xC3,0×1E,0xEB,0xA6,0xD3
,0×0F,0xBB,0×86,0xFD,0xFC,0xCC,0×99,0×89,0×61,0xA9,0xB1,0xF9,0×30,0xC7,0×48,0xB1
,0×79,0×6C,0×75,0×26,0×8C,0xF5,0×46,0xF4,0×7F,0×04,0xED,0xD1,0×2B,0×16,0×2D,0×94
,0×2F,0×2C,0xDE,0×6E,0×7B,0×97,0xE7,0×28,0×8B,0xDA,0×0D};//Encrypt data
unsigned char out[4096];
int main(int argc, char *argv[])
{

MD5_CTX c;
AES_KEY aes_key;
int i,j;

MD5Init(&c);
Transform((unsigned long *)c.buf,(unsigned long*)thunder);
strncpy((char*)&thunder_AES_key,(const char*)&c.buf,16);

AES_set_decrypt_key((const unsigned char *)&thunder_AES_key,128,&aes_key);
for ( i=0;i<sizeof(in)/16;i++)
{
AES_decrypt((const unsigned char *)&in[i*16],(unsigned char *)&out[i*16],&aes_key);
}

for ( i=0;i<sizeof(in)/16;i++)
{
for ( j=0;j<16;j++)
{
printf(”%02x ”,out[i*16+j]);
}
printf(”     ”);
for ( j=0;j<16;j++)
{
printf(”%c”,out[i*16+j]);
}
printf(”\n”);
}
return 0;
}

 

  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: