Upload File

Download - Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Transcript
Page 1: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Just for fun

投机取巧分析 JavaQQ协议

Page 2: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

关于 Just for fun

大名鼎鼎的 Linux创始人 Linus Torvalds的自传书名

Just for fun,一种精神

Page 3: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

前置知识 :典型的 HTTP Get请求

Page 4: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

GET / HTTP/1.1Accept: */*Accept-Language: zh-cnAccept-Encoding: gzip, deflateIf-Modified-Since: Fri, 16 Mar 2007 09:02:51 GMTIf-None-Match: "aa242be0a967c71:216“User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)Host: ehoo.gfkd.mtnConnection: Keep-Alive

Page 5: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

典型的 HTTP Get请求

Page 6: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

HTTP/1.1 404 Not FoundContent-Length: 1308Content-Type: text/htmlServer: Microsoft-IIS/6.0X-Powered-By: ASP.NETDate: Fri, 11 May 2007 15:28:10 GMT

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”>..<HTML><HEAD><TITLE>............</TITLE>..<META HTTP-EQUIV=“Content-Type” Content=“text/html; charset=GB2312”>..<STYLE type=“text/css”>.. BODY………(下面省略 )

Page 7: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

我们的目标 :JavaQQ

很久很久以前 ,我拥有一个 PDA,我以为有它 ,我就拥有了全世界

但是…所以我决定 :自己写个 QQ所以我需要知道 JavaQQ的通信协议Where to get it?

Page 8: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

How to get started?

传统分析 QQ协议的方法 :

用 Iris(刚才用到的 )等抓包软件自己抓包分析 ,偶尔会用到一点点逆向工程的知识 ?

前人告诉我们 :这 ,是需要耐心的 .而我最缺少的就是耐心 .

Page 9: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

那么 ,how to get started?

手机上用的 QQ是 java写的 ,名字叫 ***.jarJAR(Java ARchive),可以简单理解为一大堆 java的 class(java执行的最小单位 )文件打包的产物

这意味着什么 ?这意味着……

Page 10: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

我有救了 !

Class文件在被生成时保留了源文件的大部分信息

有许许多多的工具可以让我们由 class文件反编译出原来的代码文件 ,甚至包括注释 !

腾迅本可以 ,但是它没有使用通常的 java代码混淆技术 ,他把代码白送给了我们

BTW:腾迅的疏忽只是早期招聘的 java程序员的不懂事而已 ,后期已经没有这一现象 .这一现象似乎仅仅发生在 QQ2005?

Page 11: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

JavaQQ2005与 JavaQQ2007对比--用 winrar解压相应的 qq jar文件

QQ2005请注意文件名

Page 12: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

QQ2007 有什么区别 ?

Page 13: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

从 QQ2005源代码我们可以得到什么 ?

我们可以从中学习到面向对象的编程方法(C++教员 )

我们可以从中学习到对于一个聊天软件所应使用的数据结构 (数据结构教员 )

我们可以…但我只想要 QQ的通信协议

Page 14: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get started

你应该知道真相 ,真相使你自由 .

Page 15: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Some tips协议实现主要在 HttpPoster.java中JavaQQ协议基于 HTTP,使用 POST方法Server:http://218.18.95.203:21001/(随版本变化 )

发送编码为 utf-8代码基于 ver 1.0(HttpPoster.java)此版本仅有最基本的聊天功能 ,没有视频聊天等高级功能

Connection-close:每次都要重新连接

Page 16: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Let’s go!命令基本格式

VER=1.0&CMD=XXX&SEQ=XXX&UIN=XXX…………

CMD因命令而异SEQ是为防止重复发送数据包而设置的标记 ,在 JavaQQ代码中 ,SEQ值在每次发送数据包后自动加一UIN是你的 QQ号码

Page 17: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Login

VER=1.0&CMD=Login&SEQ=XXX&UIN=XXX&PS=XXX&M5=1&LG=XXX&LC=9326B87B234E7235

PS:经MD5加密后的密码值LG:手机使用的语言 ,如 en,cn等LC,M5:固定值 ,可能与手机型号 /QQ版本号有关 ?

Page 18: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Login Reply:VER=1.0&CMD=Login&SEQ=XXX&UIN=

XXX&RES=0&RS=0

RES=0:成功返回RS=0:登陆成功

VER=1.0&CMD=Login&SEQ=XXX&UIN=XXX&RES=0&RS=1&RA=XXXX

RS=1:登陆失败RA=XXX:登陆失败的原因

Page 19: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Friend List:

VER=1.0&CMD=List&SEQ=XXX&UIN=XXX&TN=160&UN=0

TN=160&UN=0:固定值

Page 20: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Friend List Reply:

VER=1.0&CMD=LIST&SEQ=XXX&UIN=XXX&RES=0&FN=1&SN=XX&UN=XXX,XXX,XXX,…..

FN=1:固定值SN=XX:好友个数UN=XX,XX,XX:好友的号码 ,用” ,”分隔

Page 21: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Online Friend List:

VER=1.0&CMD=Query_Stat&SEQ=XXX&UIN=XXX&TN=50&UN=0

TN=50&UN=0:固定值

Page 22: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Online Friend List Reply:

VER=1.0&CMD=QUERY_STAT&SEQ=XXX&UIN=XXX&RES=0&FC=XXX,XXX,XXX,&FN=1&SN=XX&ST=XX,XX,XX,&UN=XX,XX,XX,&NK=XX,XX,XX,

FC=XX:XX为头像的 id,可参考 PC版 QQ.

SN=XX:在线好友人数 .

ST=XX:好友状态 ,10上线 ,20离线 ,30忙碌UN=XX:好友号码NK=XX:好友昵称 (记得 utf-8)

Page 23: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Message:

VER=1.0&CMD=GetMsgEx&SEQ=XXX&UIN=XXX

Page 24: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Get Message Reply:

VER=1.0&CMD=GETMSGEX&SEQ=XXX&UIN=XXX&RES=0&MN=X&MT=X,X,X,&UN=XX,XXX,XXXX,&MG=XXX,XXX,XXXX,MN=X:消息个数MT=X:消息类型 ,99系统消息 ,9用户消息UN=X:不用说了吧MG=XX:得到的消息 (utf-8).BTW:MT=99&UN=10000&MG=30好友 10000状态改变为忙碌 .可因此提高好友列表刷新效率 .

Page 25: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Send Message:

VER=1.0&CMD=CLTMSG&SEQ=XXX&UIN=XXX&UN=XXX&MG=XXX

MG=XXX(utf-8)

Page 26: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Send Message Reply:

VER=1.0&CMD=CLTMSG&SEQ=XXX&UIN=XXX&RES=0

Page 27: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

现在 :

我们已经可以写出最最简单的 QQ聊天客户端了

我们可以登陆 ,可以收发消息 ,能看到所有的好友以及在线的好友

Page 28: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

在手机上实现 QQ时 , 一个登陆请求应该是这样 :

POST HTTP/1.1

Content-Type:text/plain;charset=UTF-8

Content-length:100

VER=1.0&CMD=Login&SEQ=413&UIN=409621426&PS=21232f297a57a5a743894a0e4a801fc3&M5=1&LC=9326B87B234E7235

Page 29: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

Other Actions:

GetInfo获取好友信息AddToList添加好友Ack_AddToList添加好友回应DelFromList删除好友Finger查找好友Change_Stat更改状态Logout注销

Page 30: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

可以暴料么 ?

JavaQQ用的协议同 PC上 QQ的 HTTP QQ协议基本相同 ,但是 server不同 ,手机可以通过代理 10.0.0.172:80使用 PC上的 HTTP QQ Server.这意味着 :如果 JavaQQ再次收费 ,我们有了免费的选择— PC上的server是不会收费的

聊天内容根本没有加密 ,真是令人伤心

Page 31: Just for fun JavaQQ. Just for fun Linux Linus Torvalds Just for fun,

The End


Top Related

Domestic Animals BY Malsha Herath Domestic Animals By Malsha Herath Contents Just For Fun Just For Fun Movie References
Domestic Animals BY Malsha Herath Domestic Animals By Malsha Herath Contents Just For Fun Just For Fun Movie References
Linux : Just for Fun 17 años
Linux : Just for Fun 17 años
Y7 Just For Fun Booklet
Y7 Just For Fun Booklet
Just for Fun - LEARNING RESOURCE CENTER - LRMDSdlrciligan.weebly.com/.../lesson_exemplars_in_english_just_for_fun.pdf · Just for Fun We‟ll begin with a ... sampaguita and sweepstake
Just for Fun - LEARNING RESOURCE CENTER - LRMDSdlrciligan.weebly.com/.../lesson_exemplars_in_english_just_for_fun.pdf · Just for Fun We‟ll begin with a ... sampaguita and sweepstake
Getting Starte COPYRIGHTED MATERIAL...To learn more about how Linux was created, pick up the book Just for Fun: The Story of an Accidental Revolutionary by Linus Torvalds (HarperCollins
Getting Starte COPYRIGHTED MATERIAL...To learn more about how Linux was created, pick up the book Just for Fun: The Story of an Accidental Revolutionary by Linus Torvalds (HarperCollins
Adults Just Wanna Have Fun
Adults Just Wanna Have Fun
Girls Just Want to Have Fun
Girls Just Want to Have Fun
Social Media 101 - Just for Fun
Social Media 101 - Just for Fun