【初识jeb&动态调试(课后作业)】《安卓逆向这档事》
随便输入一个
package com.p002zj.wuaipojie.p003ui;
import android.os.Bundle;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;
import androidx.appcompat.app.AppCompatActivity;
import com.p002zj.wuaipojie.Encode;
import com.p002zj.wuaipojie.util.Base64Utils;
import com.p002zj.wuaipojie.util.SPUtils;
import com.p002zj.wuaipojif.R;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt;
/* compiled from: ChallengeFourth.kt */
@Metadata(m34d1 = {"\u0000$\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\u000e\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006J\u0012\u0010\u0007\u001a\u00020\b2\b\u0010\t\u001a\u0004\u0018\u00010\nH\u0014¨\u0006\u000b"}, m35d2 = {"Lcom/zj/wuaipojie/ui/ChallengeFourth;", "Landroidx/appcompat/app/AppCompatActivity;", "()V", "check", "", "str", "", "onCreate", "", "savedInstanceState", "Landroid/os/Bundle;", "app_release"}, m36k = 1, m37mv = {1, 7, 1}, m39xi = 48)
/* loaded from: classes.dex */
public final class ChallengeFourth extends AppCompatActivity {
@Override // androidx.fragment.app.FragmentActivity, androidx.activity.ComponentActivity, androidx.core.app.ComponentActivity, android.app.Activity
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_challenge_fourth);
Button button = (Button) findViewById(R.id.check_btn);
final EditText editText = (EditText) findViewById(R.id.edit_check);
button.setOnClickListener(new View.OnClickListener() { // from class: com.zj.wuaipojie.ui.ChallengeFourth$$ExternalSyntheticLambda0
@Override // android.view.View.OnClickListener
public final void onClick(View view) {
ChallengeFourth.m94onCreate$lambda0(ChallengeFourth.this, editText, view);
}
});
}
/* JADX INFO: Access modifiers changed from: private */
/* renamed from: onCreate$lambda-0, reason: not valid java name */
public static final void m94onCreate$lambda0(ChallengeFourth challengeFourth, EditText editText, View view) {
if (challengeFourth.check(editText.getText().toString())) {
ChallengeFourth challengeFourth2 = challengeFourth;
Toast.makeText(challengeFourth2, "恭喜你,密钥正确!", 1).show();
SPUtils.INSTANCE.saveInt(challengeFourth2, "level", 3);
return;
}
Toast.makeText(challengeFourth, "密钥错误哦,再想想!", 1).show();
}
public final boolean check(String str) {
int i = 0;
if (!StringsKt.startsWith$default(str, "flag{", false, 2, (Object) null) || !StringsKt.endsWith$default(str, "}", false, 2, (Object) null)) {
return false;
}
String substring = str.substring(5, str.length() - 1);
Intrinsics.checkNotNullExpressionValue(substring, "this as java.lang.String…ing(startIndex, endIndex)");
String string = SPUtils.INSTANCE.getString(this, "id", "");
Integer valueOf = string != null ? Integer.valueOf(string.length()) : null;
int i2 = 1000;
Intrinsics.checkNotNull(valueOf);
int intValue = valueOf.intValue();
if (intValue >= 0) {
while (true) {
i2 -= 7;
if (i == intValue) {
break;
}
i++;
}
}
String encode = Encode.encode(string + i2);
Base64Utils base64Utils = Base64Utils.INSTANCE;
byte[] bytes = encode.getBytes(Charsets.UTF_8);
Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
return Intrinsics.areEqual(substring, base64Utils.encodeToString(bytes));
}
}
从文件里读取id,经过一定处理和输入的做比较
核心return Intrinsics.areEqual(substring, base64Utils.encodeToString(bytes));
简单粗暴
android hooking watch class_method com.zj.wuaipojie.util.Base64Utils.encodeToString --dump-args --dump-
backtrace --dump-return
over
浙公网安备 33010602011771号