某和hospital 获取unicode,同一台手机只请求一次探究

rcbing

1、
POST https://xxx.xxxxxxxx.com:8663/hs-udb-resource/r/10001/100 HTTP/1.1
Cache-Control: no-cache
client_id: 999998@173
signature: K09Gk9OnREXWi2SP5PhiVDqKMEaJDRLScRH/yIQUfonCLMAQanSWM66GlDMG7YNZbNsBiQGi876Jagx7lSwh0vtVXhocFnwL7LjAZVwjXMuxMJMp9R45FpzpntTDjsuO/1pzgg/vcNHik9o+g6FmBwhHwE+J42sIzLgbqtU3Ieo=
Host: xxx.xxxxxxxx.com:8663
terminalType: 1
Accept: application/json
Content-Type: application/json;charset=utf-8
User-Agent: Dalvik/2.1.0 (Linux; U; Android 6.0; Nexus 5 Build/MRA58K)
Connection: Keep-Alive
Accept-Encoding: gzip
Content-Length: 68

{"terminalTime":1554896831007,"devModel":"Nexus 5","terminalType":1}


HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Set-Cookie: 1a7ba70861914f16a13a245afd27a60f=84a6189d324c910eebb285478a77908b23543ea955d2cc646ab4787b7f0c7100fa40e17a31258a96ff4b44de3b70c2d2077faf781a7d6e7e03eb5a903fc01c285b02b59b934f2b480d372fdc6e6260e856109fd6a86546f0; Expires=Fri, 12-Apr-2019 11:47:11 GMT; Path=/; HttpOnly
Set-Cookie: SESSION=6fb2a973-95ef-4f96-ac16-6958e0c0faad; Path=/; HttpOnly
Content-Type: application/json;charset=UTF-8
Date: Wed, 10 Apr 2019 11:47:11 GMT
Connection: close
Content-Length: 85

{"data":{"timelag":"254","unicode":"662525c0b63342509c50bd4ffb77f7f2"},"result":true}



--->>signature：调用的是下面这个sign方法,完成加密之后，还进行了一次替换 .replaceAll("\\n", ""));


public class RSASignature {
    public static byte[] sign(String content, String privateKey) {
        return sign(content, privateKey, "utf8");
    }

    public static byte[] sign(String content, String privateKey, String encode) {
        byte[] result = null;
        try {
            PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(privateKey, 0)));
            Signature signature = Signature.getInstance("SHA1WithRSA");
            signature.initSign(priKey);
            signature.update(content.getBytes(encode));
            return signature.sign();
        } catch (Exception e) {
            return result;
        }
    }
}



sign参数1:{"terminalTime":1554896831007,"devModel":"Nexus 5","terminalType":1}

sign参数2(也就是rsa私钥):MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIuDSrSi0bYpQLXcWn/ZpYgORefNh9qtMefBhi9Fdzr3eyIagD8SxRZQwYmTrAYMOL+ZaQPQllt0JAcHeC0QI0JU3xpRKrSrol301TKqQkrQioafRfiWYfLrPinB6xnrN3ZVSyGM6GTY/mKR7Xy+SDE/QST1tA4U22Wa3/TfBhN5AgMBAAECgYA0Nt8u3AFA/A+MAPyd/QdG9JCVQQcngMq8wmFGL+l/2D/tc52r/Ypl37OPmgU3/jr++pujId4kPEN/nfwMYY3QJ8TWjMaERLB9gmLqWLzjqnddiz1YjS7RMPscgrhxzQ4Qe6cABMyeevbclKWYwCPQjGngfZtKsKLPVHfnyFdCQQJBAMqrROqv5by0xPR3gnprAPqo731Xzhs1mCD2lFlzAzB1NtTerQslRTkeC0gcPseGUwe6g8FyLjaZEm7mJDc/q98CQQCwOYdl16U8MjVxlSn4UuaQoYxq9aQb6RLRf7gqS8na/WOjPz7HbuzHkJtNIm1/Oe2+rmgDtNiQIe27Lh95MaunAkEAulTo0dTSpcKVaiYOgjqq9cooFdeKmR2XNoc+MVc60WyS8vefpSWpFTB4Mt41IgBviiWDSXGO54eomOli1qDlhQJAF9RPqMfWQiOP8oH3IOsk3l3Z/QSmYlfMAaRBpQaGjyRAeuysco9fWUUGmxGSuOd+bJBs5ENqHWNZIDyGaP78dQJBALlEHRJF5fcfPyKZDoYdGergJ7DEvl9G1RDcgvCshFqpidRUhLEwkIW242E3K6ZrdsHklqXHZFmhY7uFf2x28+k=


加密的结果:
K09Gk9OnREXWi2SP5PhiVDqKMEaJDRLScRH/yIQUfonCLMAQanSWM66GlDMG7YNZbNsBiQGi876Jagx7lSwh0vtVXhocFnwL7LjAZVwjXMuxMJMp9R45FpzpntTDjsuO/1pzgg/vcNHik9o+g6FmBwhHwE+J42sIzLgbqtU3Ieo=



这条请求返回的unicode值，后续请求会一直用到，但这app很神奇，安装之后，第一次运行，
会把这条请求发送一次，后续，无论是把这app的数据清空，还是把它御载重装，都不会再请求。
并且这个值也不会变。



经过仔细分析，发现它在下面这四个地方存有记录文件,把这4个文件删除，再次运行就会有这条请求啦
1、app的配置文件目录下，hundsunApp.xml
2、/sdcard/hundsunApp
3、/sdcard/com.yun.config/ucdata
4、/sdcard/com.hundsun/hundsunApp