问问各位大佬,页游下载时候用到的密钥都是怎么找到的,比如这个新游的解包,它用到的APP_KEY_B64和SECURE_LINK_KEY都是咋找到的,问了问gemini,它让用Il2CppDumper找,但也没找到相关的内容
AbsfRuntimeConfig.dat安卓端是安装包里面的,web自己抓包,具体怎么来的自己ida看游戏代码
import base64
import hmac
import hashlib
import struct
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
class AbsfConfigDecryptor:
def __init__(self):
# FileManager::Open
self.file_secret_key_str = "lFrV7RRCrW1X"
self.file_crypto_key_str = "nZcN9BsZJH9s"
self.aes_key = hmac.new(
self.file_secret_key_str.encode('utf-8'),
self.file_crypto_key_str.encode('utf-8'),
hashlib.sha256
).digest()
def decrypt_raw(self, b64_str):
if not b64_str or b64_str == "[EmptyValue]":
return None
try:
data = base64.b64decode(b64_str)
if len(data) < 32: return None
iv = data[:16]
ciphertext = data[16:]
cipher = AES.new(self.aes_key, AES.MODE_CBC, iv)
decrypted = unpad(cipher.decrypt(ciphertext), AES.block_size)
return decrypted
except Exception:
return None
def decrypt_int(self, b64_str):
data = self.decrypt_raw(b64_str)
if data and len(data) >= 4:
return struct.unpack("<i", data[:4])[0]
return None
def decrypt_string(self, b64_str):
data = self.decrypt_raw(b64_str)
if data:
return data.decode('utf-8').strip()
return "[EmptyValue]"
def read_7bit_encoded_int(f):
result, shift = 0, 0
while True:
b = f.read(1)
if not b: return None
byte = ord(b)
result |= (byte & 0x7f) << shift
if not (byte & 0x80): break
shift += 7
return result
def read_csharp_string(f):
length = read_7bit_encoded_int(f)
if length is None: return None
return f.read(length).decode('utf-8', errors='ignore')
if __name__ == "__main__":
file_path = "AbsfRuntimeConfig.dat"
decryptor = AbsfConfigDecryptor()
with open(file_path, "rb") as f:
count_enc = read_csharp_string(f)
count = decryptor.decrypt_int(count_enc)
for i in range(count):
key_enc = read_csharp_string(f)
val_enc = read_csharp_string(f)
if key_enc is None or val_enc is None: break
key = decryptor.decrypt_string(key_enc)
val = decryptor.decrypt_string(val_enc)
print(f"[{i+1:02d}] {key} = {val}")
1 个赞