int main()
{
unsigned char buf[128];
unsigned char password[] = "wx2jeacen"; /*A430A472934406E7032DFFE294B962C4*/
unsigned char verifycode[] ="!KBQ";
memset(buf, 0 , 128);
lutil_md5_data(password,strlen(password), (const unsigned char *)buf);
debug_info("%s", buf);
lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
debug_info("%s", buf) ;
lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
debug_info("%s", buf);
int i = 0;
for( i = 0 ;i < strlen(buf); i++)
{
if (islower(buf[i]))
buf[i]= toupper(buf[i]);
}
strncat(buf, verifycode, strlen(verifycode)+1);
debug_info("%s", buf);
lutil_md5_data(buf, strlen(buf), (const unsigned char *)buf);
for( i = 0 ;i < strlen(buf); i++)
{
if (islower(buf[i]))
buf[i]= toupper(buf[i]);
}
debug_info("%s", buf);
}
/**
* I hacked the javascript file named comm.js, which received from tencent
* server, and find that f**k tencent has changed encryption algorithm
* for password in webqq3 . The new algorithm is below(descripted with javascript):
* var M=C.p.value; // M is the qq password
* var I=hexchar2bin(md5(M)); // Make a md5 digest
* var H=md5(I+pt.uin); // Make md5 with I and uin(see below)
* var G=md5(H+C.verifycode.value.toUpperCase());
*
* @param pwd User's password
* @param vc Verify Code. e.g. "!M6C"
* @param uin A string like "\x00\x00\x00\x00\x54\xb3\x3c\x53", NB: it
* must contain 8 hexadecimal number, in this example, it equaled
* to "0x0,0x0,0x0,0x0,0x54,0xb3,0x3c,0x53"
*
* @return Encoded password on success, else NULL on failed
*/
static char *lwqq_enc_pwd(const char *pwd, const char *vc, const char *uin)
{
int i;
int uin_byte_length;
char buf[128] = {0};
char _uin[9] = {0};
if (!pwd || !vc || !uin) {
lwqq_log(LOG_ERROR, "Null parameterment\n");
return NULL;
}
/* Calculate the length of uin (it must be 8?) */
uin_byte_length = strlen(uin) / 4;
/**
* Ok, parse uin from string format.
* "\x00\x00\x00\x00\x54\xb3\x3c\x53" -> {0,0,0,0,54,b3,3c,53}
*/
for (i = 0; i < uin_byte_length ; i++) {
char u[5] = {0};
char tmp;
strncpy(u, uin + i * 4 + 2, 2);
errno = 0;
tmp = strtol(u, NULL, 16);
if (errno) {
return NULL;
}
_uin[i] = tmp;
}
/* Equal to "var I=hexchar2bin(md5(M));" */
lutil_md5_digest((unsigned char *)pwd, strlen(pwd), (char *)buf);
/* Equal to "var H=md5(I+pt.uin);" */
memcpy(buf + 16, _uin, uin_byte_length);
lutil_md5_data((unsigned char *)buf, 16 + uin_byte_length, (char *)buf);
/* Equal to var G=md5(H+C.verifycode.value.toUpperCase()); */
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "%s", vc);
upcase_string(buf, strlen(buf));
lutil_md5_data((unsigned char *)buf, strlen(buf), (char *)buf);
upcase_string(buf, strlen(buf));
/* OK, seems like every is OK */
puts(buf);
return s_strdup(buf);
}