16,747
社区成员
发帖
与我相关
我的任务
分享新浪微博加密
登录新浪微博抓包显示加密后的密码是:d68413068ba6e5fc0d37ac91de21d9ebc7f91e64
原始密码是:delphi
"servertime":1316694459,
"nonce":"MYQZU2"
我按先对原来密码进行sha加密,再用加密后的密码再次加密,最后+1316694459+MYQZU2加密得到结果跟抓包的数据不一样,请教正确的算法,最好有代码,先谢谢了
原始密码是:delphi
"servertime":1316694459,
"nonce":"MYQZU2"
我按先对原来密码进行sha加密,再用加密后的密码再次加密,最后+1316694459+MYQZU2加密得到结果跟抓包的数据不一样,请教正确的算法,最好有代码,先谢谢了
...全文
请发表友善的回复…
发表回复
haitao 2011-09-23
- 打赏
- 举报
直接把c编译成obj,delphi也能使用的
只是必须使用bcb编译才行
只是必须使用bcb编译才行
hxl126 2011-09-23
- 打赏
- 举报
下面是他另一篇文章里写的shal加密算法:
#include "stdafx.h"
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
typedef unsigned __int64 UINT64;
#define NULL 0
// The standard SHA1 needs the input string to fit into a block
// This function align the input string to meet the requirement
void AlignSHA1(const char *pIn,UINT64 *pBlks, UINT64 &nBlksLen)
{
if (pIn == NULL)
{
return;
}
UINT64 nInLen = strlen(pIn);
UINT64 nBlk = ((nInLen+8)>>6)+1;
if (pBlks == NULL)
{
nBlksLen = nBlk*16;
return;
}
for (int j=0; j<nBlksLen; j++)
{
pBlks[j] = 0;
}
for(UINT64 i=0; i<nInLen; i++)
{
pBlks[i>>2] |= pIn[i]<<(24-(i&3)*8);
}
pBlks[i>>2] |= 0x80<<(24-(i&3)*8);
pBlks[nBlksLen-1]=(int)(nInLen*8);
return ;
}
// The int32 add function which doesn't generate overflow
// exception. This is required by the algorithm
UINT64 add(UINT64 x, UINT64 y)
{
UINT64 lsw = (x&0xffff)+(y&0xffff);
UINT64 msw = (x>>16) + (y>>16) +(lsw>>16);
return (msw<<16) | (lsw&0xffff);
}
UINT64 UnsigedRightMove(UINT64 num, UINT64 bit)
{
num &=0xffffffff;
num >>= bit ;
return num;
}
// The int32 _asm rol :)
UINT64 rol(UINT64 num,UINT64 cnt)
{
return(num<<cnt)|UnsigedRightMove(num, (32-cnt));
}
// Perform the appropriate triplet combination function for the current round
UINT64 ft(UINT64 t, UINT64 b, UINT64 c, UINT64 d)
{
if(t<20)return(b&c)|((~b)&d);
if(t<40)return b^c^d;
if(t<60)return(b&c)|(b&d)|(c&d);
return b^c^d;
}
// Determine the appropriate additive constant for the current iteration
UINT64 kt(UINT64 t)
{
return(t<20)?1518500249:(t<40)?1859775393:
(t<60)?-1894007588:-899497514;
}
char* Uint64ToHexStr(UINT64 num, char *buf, int nLen)
{
if (buf == NULL || nLen<8)
{
return buf;
}
char szTemp[9]={0};
ultoa((unsigned long)num, szTemp, 16);
static char *s_pZero[]=
{
"0",
"00",
"000"
"0000",
"00000",
"000000",
"0000000",
"00000000",
"000000000",
};
int nRealLen = strlen(szTemp);
int nSpareBit = 7-nRealLen;
if (nSpareBit >=0 && nSpareBit <=7)
{
memcpy(buf, s_pZero[nSpareBit], nSpareBit+1);
memcpy(buf+ nSpareBit+1, szTemp, nRealLen);
}
else
{
memcpy(buf, szTemp, 8);
}
return buf;
}
//#define BAT
char* SHA1(unsigned char *pIn, char *pOut, int nOutLen)
{
if (pIn == NULL)
{
return pOut;
}
UINT64 nBlksLen = 0;
AlignSHA1((const char*)pIn, NULL, nBlksLen);
UINT64 *pBlks = new UINT64[(int)nBlksLen];
if (pBlks == NULL)
{
return pOut;
}
AlignSHA1((const char*)pIn, pBlks, nBlksLen);
UINT64 w[80] ={0};
UINT64 a = 1732584193;
UINT64 b = -271733879;
UINT64 c = -1732584194;
UINT64 d = 271733878;
UINT64 e = -1009589776;
for (UINT64 i=0; i<nBlksLen; i+=16)
{
UINT64 olda=a;
UINT64 oldb=b;
UINT64 oldc=c;
UINT64 oldd=d;
UINT64 olde=e;
for (UINT64 j=0; j<80; j++)
{
if (j<16)
{
w[j]=pBlks[i+j];
}
else
{
w[j]=rol(w[j-3]^w[j-8]^w[j-14]^w[j-16],1);
}
UINT64 t=add(add(rol(a,5),ft(j,b,c,d)),add(add(e,w[j]),kt(j)));
e=d;
d=c;
c=rol(b,30);
b=a;
a=t;
}
a=add(a,olda);
b=add(b,oldb);
c=add(c,oldc);
d=add(d,oldd);
e=add(e,olde);
}
Uint64ToHexStr(a, pOut, nOutLen);
Uint64ToHexStr(b, pOut+8, nOutLen-8);
Uint64ToHexStr(c, pOut+16, nOutLen-16);
Uint64ToHexStr(d, pOut+24, nOutLen-24);
Uint64ToHexStr(e, pOut+32, nOutLen-32);
if (pBlks != NULL)
{
delete[] pBlks;
pBlks = NULL;
}
return pOut;
}
void main()
{
//定义要sha1的字符串
char pTemp[400]={0};
//定义返回的sha1值
char szHash[41] ={0};
pTemp[0]=0;
strcpy(pTemp,"abc");
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
}
#include "stdafx.h"
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
typedef unsigned __int64 UINT64;
#define NULL 0
// The standard SHA1 needs the input string to fit into a block
// This function align the input string to meet the requirement
void AlignSHA1(const char *pIn,UINT64 *pBlks, UINT64 &nBlksLen)
{
if (pIn == NULL)
{
return;
}
UINT64 nInLen = strlen(pIn);
UINT64 nBlk = ((nInLen+8)>>6)+1;
if (pBlks == NULL)
{
nBlksLen = nBlk*16;
return;
}
for (int j=0; j<nBlksLen; j++)
{
pBlks[j] = 0;
}
for(UINT64 i=0; i<nInLen; i++)
{
pBlks[i>>2] |= pIn[i]<<(24-(i&3)*8);
}
pBlks[i>>2] |= 0x80<<(24-(i&3)*8);
pBlks[nBlksLen-1]=(int)(nInLen*8);
return ;
}
// The int32 add function which doesn't generate overflow
// exception. This is required by the algorithm
UINT64 add(UINT64 x, UINT64 y)
{
UINT64 lsw = (x&0xffff)+(y&0xffff);
UINT64 msw = (x>>16) + (y>>16) +(lsw>>16);
return (msw<<16) | (lsw&0xffff);
}
UINT64 UnsigedRightMove(UINT64 num, UINT64 bit)
{
num &=0xffffffff;
num >>= bit ;
return num;
}
// The int32 _asm rol :)
UINT64 rol(UINT64 num,UINT64 cnt)
{
return(num<<cnt)|UnsigedRightMove(num, (32-cnt));
}
// Perform the appropriate triplet combination function for the current round
UINT64 ft(UINT64 t, UINT64 b, UINT64 c, UINT64 d)
{
if(t<20)return(b&c)|((~b)&d);
if(t<40)return b^c^d;
if(t<60)return(b&c)|(b&d)|(c&d);
return b^c^d;
}
// Determine the appropriate additive constant for the current iteration
UINT64 kt(UINT64 t)
{
return(t<20)?1518500249:(t<40)?1859775393:
(t<60)?-1894007588:-899497514;
}
char* Uint64ToHexStr(UINT64 num, char *buf, int nLen)
{
if (buf == NULL || nLen<8)
{
return buf;
}
char szTemp[9]={0};
ultoa((unsigned long)num, szTemp, 16);
static char *s_pZero[]=
{
"0",
"00",
"000"
"0000",
"00000",
"000000",
"0000000",
"00000000",
"000000000",
};
int nRealLen = strlen(szTemp);
int nSpareBit = 7-nRealLen;
if (nSpareBit >=0 && nSpareBit <=7)
{
memcpy(buf, s_pZero[nSpareBit], nSpareBit+1);
memcpy(buf+ nSpareBit+1, szTemp, nRealLen);
}
else
{
memcpy(buf, szTemp, 8);
}
return buf;
}
//#define BAT
char* SHA1(unsigned char *pIn, char *pOut, int nOutLen)
{
if (pIn == NULL)
{
return pOut;
}
UINT64 nBlksLen = 0;
AlignSHA1((const char*)pIn, NULL, nBlksLen);
UINT64 *pBlks = new UINT64[(int)nBlksLen];
if (pBlks == NULL)
{
return pOut;
}
AlignSHA1((const char*)pIn, pBlks, nBlksLen);
UINT64 w[80] ={0};
UINT64 a = 1732584193;
UINT64 b = -271733879;
UINT64 c = -1732584194;
UINT64 d = 271733878;
UINT64 e = -1009589776;
for (UINT64 i=0; i<nBlksLen; i+=16)
{
UINT64 olda=a;
UINT64 oldb=b;
UINT64 oldc=c;
UINT64 oldd=d;
UINT64 olde=e;
for (UINT64 j=0; j<80; j++)
{
if (j<16)
{
w[j]=pBlks[i+j];
}
else
{
w[j]=rol(w[j-3]^w[j-8]^w[j-14]^w[j-16],1);
}
UINT64 t=add(add(rol(a,5),ft(j,b,c,d)),add(add(e,w[j]),kt(j)));
e=d;
d=c;
c=rol(b,30);
b=a;
a=t;
}
a=add(a,olda);
b=add(b,oldb);
c=add(c,oldc);
d=add(d,oldd);
e=add(e,olde);
}
Uint64ToHexStr(a, pOut, nOutLen);
Uint64ToHexStr(b, pOut+8, nOutLen-8);
Uint64ToHexStr(c, pOut+16, nOutLen-16);
Uint64ToHexStr(d, pOut+24, nOutLen-24);
Uint64ToHexStr(e, pOut+32, nOutLen-32);
if (pBlks != NULL)
{
delete[] pBlks;
pBlks = NULL;
}
return pOut;
}
void main()
{
//定义要sha1的字符串
char pTemp[400]={0};
//定义返回的sha1值
char szHash[41] ={0};
pTemp[0]=0;
strcpy(pTemp,"abc");
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
printf("%s/n",szHash);
}
hxl126 2011-09-23
- 打赏
- 举报
杨小卫的专栏 2011年5月写的文章
http://blog.csdn.net/TDGX2004/article/details/6452021
那位高手帮我把下面代码翻译成Delphi,谢谢!
// 新浪微博登录密码加密函数
// password 密码明文
// servertime 提交的参数之一
// nonce 提交的参数之一
// encode_password 输出的加密后的16进制字符串,40个字符
// 返回 encode_password 的长度, 失败则返回0
PASSENCODE_API int SinaSha1Encode(char *password, char *servertime, char *nonce, char *encode_password)
{
if (encode_password)
{
encode_password[0]=NULL;
//定义要sha1的字符串
char pTemp[400]={0};
//定义返回的sha1值
char szHash[41] ={0};
strcpy(pTemp,password);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(pTemp,szHash);
if (servertime) strcat(pTemp,servertime);
if (nonce) strcat(pTemp,nonce);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(encode_password,szHash);
return strlen(encode_password);
}
return 0;
}
http://blog.csdn.net/TDGX2004/article/details/6452021
那位高手帮我把下面代码翻译成Delphi,谢谢!
// 新浪微博登录密码加密函数
// password 密码明文
// servertime 提交的参数之一
// nonce 提交的参数之一
// encode_password 输出的加密后的16进制字符串,40个字符
// 返回 encode_password 的长度, 失败则返回0
PASSENCODE_API int SinaSha1Encode(char *password, char *servertime, char *nonce, char *encode_password)
{
if (encode_password)
{
encode_password[0]=NULL;
//定义要sha1的字符串
char pTemp[400]={0};
//定义返回的sha1值
char szHash[41] ={0};
strcpy(pTemp,password);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(pTemp,szHash);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(pTemp,szHash);
if (servertime) strcat(pTemp,servertime);
if (nonce) strcat(pTemp,nonce);
SHA1((unsigned char*)pTemp, szHash, 41);
strcpy(encode_password,szHash);
return strlen(encode_password);
}
return 0;
}
hxl126 2011-09-23
- 打赏
- 举报
查了别人说的是两次sha1加密后,再加上之前从服务器获得servertime和nonce再次sha1加密,可我得到结果不一样,郁闷
jingtuzhong 2011-09-23
- 打赏
- 举报
楼主抓包是怎样避免中毒的,新浪应该有密钥,楼主很难破解
jingtuzhong 2011-09-23
- 打赏
- 举报
楼主抓包时如何避免中病毒,新浪设置密钥,很难破解
蓝色光芒 2011-09-23
- 打赏
- 举报
研究它的js文件
zhoudianlong 2011-09-23
- 打赏
- 举报
不懂。我顶下。
btxp163 2011-09-23
- 打赏
- 举报
笑而不语
bdmh 2011-09-23
- 打赏
- 举报
不知道人家的加密方法,你就别弄了,后者自己去研究破解算法
亮剑_ 2011-09-23
- 打赏
- 举报
关键是知道他的加密方法吗,不会是猜的吧
haitao 2011-09-23
- 打赏
- 举报
应该bcb6就可以了吧
好像类似:
{$L xxx.obj}
好像类似:
{$L xxx.obj}
hxl126 2011-09-23
- 打赏
- 举报
没装BCB,是不是我用Delphi2007, BCB也要2007.编译obj后要怎么调用?
Monkey_D_Luffy 2011-09-22
- 打赏
- 举报
这个很复杂啊,不懂,学习并帮顶中,希望早日解决1
