Exemplo n.º 1
0
int main()
{
    unsigned char buf[128];
    unsigned char password[] = "wx2jeacen";  /*A430A472934406E7032DFFE294B962C4*/
    unsigned char verifycode[] ="!KBQ";
    memset(buf, 0 , 128);
    lutil_md5_data(password,strlen(password), (const unsigned char *)buf);
    debug_info("%s", buf);
    lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
    debug_info("%s", buf) ;
    lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
    debug_info("%s", buf);

     int i = 0;
    for( i = 0 ;i < strlen(buf); i++)
    {
        if (islower(buf[i]))
            buf[i]= toupper(buf[i]);
    }
    strncat(buf, verifycode, strlen(verifycode)+1);
    debug_info("%s", buf);
    lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
    for( i = 0 ;i < strlen(buf); i++)
    {
        if (islower(buf[i]))
            buf[i]= toupper(buf[i]);
    }
    debug_info("%s", buf);
}
Exemplo n.º 2
0
Arquivo: login.c Projeto: yet/lwqq
/**
 * I hacked the javascript file named comm.js, which received from tencent
 * server, and find that f**k tencent has changed encryption algorithm
 * for password in webqq3 . The new algorithm is below(descripted with javascript):
 * var M=C.p.value; // M is the qq password 
 * var I=hexchar2bin(md5(M)); // Make a md5 digest
 * var H=md5(I+pt.uin); // Make md5 with I and uin(see below)
 * var G=md5(H+C.verifycode.value.toUpperCase());
 * 
 * @param pwd User's password
 * @param vc Verify Code. e.g. "!M6C"
 * @param uin A string like "\x00\x00\x00\x00\x54\xb3\x3c\x53", NB: it
 *        must contain 8 hexadecimal number, in this example, it equaled
 *        to "0x0,0x0,0x0,0x0,0x54,0xb3,0x3c,0x53"
 * 
 * @return Encoded password on success, else NULL on failed
 */
static char *lwqq_enc_pwd(const char *pwd, const char *vc, const char *uin)
{
    int i;
    int uin_byte_length;
    char buf[128] = {0};
    char _uin[9] = {0};

    if (!pwd || !vc || !uin) {
        lwqq_log(LOG_ERROR, "Null parameterment\n");
        return NULL;
    }
    

    /* Calculate the length of uin (it must be 8?) */
    uin_byte_length = strlen(uin) / 4;

    /**
     * Ok, parse uin from string format.
     * "\x00\x00\x00\x00\x54\xb3\x3c\x53" -> {0,0,0,0,54,b3,3c,53}
     */
    for (i = 0; i < uin_byte_length ; i++) {
        char u[5] = {0};
        char tmp;
        strncpy(u, uin + i * 4 + 2, 2);

        errno = 0;
        tmp = strtol(u, NULL, 16);
        if (errno) {
            return NULL;
        }
        _uin[i] = tmp;
    }

    /* Equal to "var I=hexchar2bin(md5(M));" */
    lutil_md5_digest((unsigned char *)pwd, strlen(pwd), (char *)buf);

    /* Equal to "var H=md5(I+pt.uin);" */
    memcpy(buf + 16, _uin, uin_byte_length);
    lutil_md5_data((unsigned char *)buf, 16 + uin_byte_length, (char *)buf);
    
    /* Equal to var G=md5(H+C.verifycode.value.toUpperCase()); */
    snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "%s", vc);
    upcase_string(buf, strlen(buf));

    lutil_md5_data((unsigned char *)buf, strlen(buf), (char *)buf);
    upcase_string(buf, strlen(buf));

    /* OK, seems like every is OK */
    puts(buf);
    return s_strdup(buf);
}