New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

协议不合法 #97

Closed
fffonion opened this Issue Jun 26, 2017 · 70 comments

Comments

Projects
None yet
@fffonion
Owner

fffonion commented Jun 26, 2017

这个issue集中讨论108协议无法登录或者登录几次之后失败
以及更新新协议的开发进度

@yezz5

This comment has been minimized.

Show comment
Hide comment
@yezz5

yezz5 Jul 1, 2017

2017-07-01 09:28:15 115.228.. 浙江省- 迅雷上网加速器android f0a*******
2017-07-01 09:12:27 115.228.. 浙江省- 迅雷上网加速器android f0a******* 反馈
2017-07-01 08:56:39 115.228.. 浙江省- 迅雷上网加速器android f0a*******
查看了迅雷安全中心,有上线记录但无法加速。

yezz5 commented Jul 1, 2017

2017-07-01 09:28:15 115.228.. 浙江省- 迅雷上网加速器android f0a*******
2017-07-01 09:12:27 115.228.. 浙江省- 迅雷上网加速器android f0a******* 反馈
2017-07-01 08:56:39 115.228.. 浙江省- 迅雷上网加速器android f0a*******
查看了迅雷安全中心,有上线记录但无法加速。

@supppig

This comment has been minimized.

Show comment
Hide comment
@supppig

supppig Jul 6, 2017

原来合并了issue啊。。。那我就发到这里吧。。。
导致各种协议错误的,其实不是这个程序的锅,而是hiboy大大的老毛子脚本存在问题。

启动迅雷快鸟的脚本参看:
https://github.com/hiboyhiboy/opt-script/blob/master/script/Sh48_Fast_Dick.sh

其中FastDick_keep的过程:
FastDick_keep () {
logger -t "【迅雷快鸟】" "守护进程启动"
while true; do
sleep 948
eval $(ps -w | grep "/opt/FastDick/swjsq" | grep -v grep | awk '{print "kill "$1";";}')
killall FastDick_script.sh
killall -9 FastDick_script.sh
/etc/storage/FastDick_script.sh &
done
}
作为一个守护进程,每隔16分钟,杀一次快鸟进程。导致快鸟需要重新登陆。短时间内累积的登陆次数过多,所以就被迅雷暂时封号了。

其实解决方法,我已经在论坛上说过了。
http://www.right.com.cn/forum/thread-216528-1-1.html
8楼已经给了临时解决办法,目前我就是用这个办法运行着脚本,效果非常棒!
遗憾的是hiboy大大现在还没把脚本改过来,导致论坛上一堆人说迅雷快鸟用不了了。

小声:其实我改了keepalive的时间为290秒,1.5小时重新登陆,因为默认的时间会出现加速失败的情况(原因未知,就是有时候发现加速失效了)。

supppig commented Jul 6, 2017

原来合并了issue啊。。。那我就发到这里吧。。。
导致各种协议错误的,其实不是这个程序的锅,而是hiboy大大的老毛子脚本存在问题。

启动迅雷快鸟的脚本参看:
https://github.com/hiboyhiboy/opt-script/blob/master/script/Sh48_Fast_Dick.sh

其中FastDick_keep的过程:
FastDick_keep () {
logger -t "【迅雷快鸟】" "守护进程启动"
while true; do
sleep 948
eval $(ps -w | grep "/opt/FastDick/swjsq" | grep -v grep | awk '{print "kill "$1";";}')
killall FastDick_script.sh
killall -9 FastDick_script.sh
/etc/storage/FastDick_script.sh &
done
}
作为一个守护进程,每隔16分钟,杀一次快鸟进程。导致快鸟需要重新登陆。短时间内累积的登陆次数过多,所以就被迅雷暂时封号了。

其实解决方法,我已经在论坛上说过了。
http://www.right.com.cn/forum/thread-216528-1-1.html
8楼已经给了临时解决办法,目前我就是用这个办法运行着脚本,效果非常棒!
遗憾的是hiboy大大现在还没把脚本改过来,导致论坛上一堆人说迅雷快鸟用不了了。

小声:其实我改了keepalive的时间为290秒,1.5小时重新登陆,因为默认的时间会出现加速失败的情况(原因未知,就是有时候发现加速失效了)。

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jul 6, 2017

Owner

@supppig 感谢,我贴到Readme里

Owner

fffonion commented Jul 6, 2017

@supppig 感谢,我贴到Readme里

@caiy92

This comment has been minimized.

Show comment
Hide comment
@caiy92

caiy92 Aug 25, 2017

新版潘多拉使用python,用swjsq.py启动加速,切换到后台运行后,一段时间后,python ./swjsq.py进程会消失

caiy92 commented Aug 25, 2017

新版潘多拉使用python,用swjsq.py启动加速,切换到后台运行后,一段时间后,python ./swjsq.py进程会消失

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Aug 25, 2017

Owner

@caiy92 建议前台运行或者nohup python ./swjsq.py 2>&1 > swjsq.log &看一下是什么原因导致退出的

Owner

fffonion commented Aug 25, 2017

@caiy92 建议前台运行或者nohup python ./swjsq.py 2>&1 > swjsq.log &看一下是什么原因导致退出的

@keykin

This comment has been minimized.

Show comment
Hide comment
@keykin

keykin Jan 19, 2018

快鸟登录协议又更新了,请问登录接口和参数是怎么获取到的呢?

keykin commented Jan 19, 2018

快鸟登录协议又更新了,请问登录接口和参数是怎么获取到的呢?

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 19, 2018

Owner

@keykin 登录协议是迅雷的,和快鸟没关系。登录相关的实现加壳了,需要一个脱壳大牛的帮助
qq 20180119053613

Owner

fffonion commented Jan 19, 2018

@keykin 登录协议是迅雷的,和快鸟没关系。登录相关的实现加壳了,需要一个脱壳大牛的帮助
qq 20180119053613

@keykin

This comment has been minimized.

Show comment
Hide comment
@keykin

keykin Jan 19, 2018

@fffonion 以前是哪位大牛支撑的呢?现在还能继续玩耍吗?

keykin commented Jan 19, 2018

@fffonion 以前是哪位大牛支撑的呢?现在还能继续玩耍吗?

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 19, 2018

Owner
Owner

fffonion commented Jan 19, 2018

@xsm1997

This comment has been minimized.

Show comment
Hide comment
@xsm1997

xsm1997 Jan 19, 2018

今天用不了了,提示协议不合法。

xsm1997 commented Jan 19, 2018

今天用不了了,提示协议不合法。

@Lonlykids

This comment has been minimized.

Show comment
Hide comment
@Lonlykids

Lonlykids Jan 19, 2018

Contributor

是安卓的APK加了壳吗.?

Contributor

Lonlykids commented Jan 19, 2018

是安卓的APK加了壳吗.?

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 19, 2018

Owner
Owner

fffonion commented Jan 19, 2018

@Lonlykids

This comment has been minimized.

Show comment
Hide comment
@Lonlykids

Lonlykids Jan 20, 2018

Contributor

@fffonion
http://dev.open-api-auth.xunlei.com/platform?m=Developer&op=docPage
看了一下..iOS端是用这个协议登陆的..应该有切入点.?

Contributor

Lonlykids commented Jan 20, 2018

@fffonion
http://dev.open-api-auth.xunlei.com/platform?m=Developer&op=docPage
看了一下..iOS端是用这个协议登陆的..应该有切入点.?

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 21, 2018

Owner

@Lonlykids interesting,欢迎pr 😄
@zxc14236 协议非法是没法获得session的,后面的提速步骤没有执行

Owner

fffonion commented Jan 21, 2018

@Lonlykids interesting,欢迎pr 😄
@zxc14236 协议非法是没法获得session的,后面的提速步骤没有执行

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 21, 2018

现在的问题是新版本协议因为没有快鸟用来生成设备签名的算法,登录不了快鸟帐号。其它的我看了一下,跟原来都差不多的。
我现在的临时办法是手机抓包获取peerID和devicesign,然后路由器就用这两个参数登录,各位可以考虑用这个办法先解自己的燃眉之急。
另外吐槽一下迅雷,新协议的用户密码竟然是明文传输,这届的程序员不行啊。。。

sensec commented Jan 21, 2018

现在的问题是新版本协议因为没有快鸟用来生成设备签名的算法,登录不了快鸟帐号。其它的我看了一下,跟原来都差不多的。
我现在的临时办法是手机抓包获取peerID和devicesign,然后路由器就用这两个参数登录,各位可以考虑用这个办法先解自己的燃眉之急。
另外吐槽一下迅雷,新协议的用户密码竟然是明文传输,这届的程序员不行啊。。。

@Lonlykids

This comment has been minimized.

Show comment
Hide comment
@Lonlykids

Lonlykids Jan 21, 2018

Contributor

@sensec SessionID会过期的吖...过期了后你还不是要重新抓包.?

Contributor

Lonlykids commented Jan 21, 2018

@sensec SessionID会过期的吖...过期了后你还不是要重新抓包.?

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 21, 2018

@Lonlykids peerID和devicesign对于每个设备都是独有的,迅雷以此分辨用户是否在多个设备登录,在原来的108版本协议中这两个参数以网卡MAC地址为基础生成,算法各软件里都有。目前用的协议版本是200,算法换掉了,没有合法的devicesign就无法登录。
SessionID是登录之后迅雷服务器返回的,然后提交给ISP服务器作提速帐号验证,所以过期后重新向迅雷服务器登录一下就有新SessionID。

sensec commented Jan 21, 2018

@Lonlykids peerID和devicesign对于每个设备都是独有的,迅雷以此分辨用户是否在多个设备登录,在原来的108版本协议中这两个参数以网卡MAC地址为基础生成,算法各软件里都有。目前用的协议版本是200,算法换掉了,没有合法的devicesign就无法登录。
SessionID是登录之后迅雷服务器返回的,然后提交给ISP服务器作提速帐号验证,所以过期后重新向迅雷服务器登录一下就有新SessionID。

@Lonlykids

This comment has been minimized.

Show comment
Hide comment
@Lonlykids

Lonlykids Jan 21, 2018

Contributor

@sensec 噢..是喔..顺序搞反了.

Contributor

Lonlykids commented Jan 21, 2018

@sensec 噢..是喔..顺序搞反了.

@shiwentao1994

This comment has been minimized.

Show comment
Hide comment
@shiwentao1994

shiwentao1994 Jan 21, 2018

@sensec 请教下获得了peerID和devicesign后在路由器上怎么操作?

shiwentao1994 commented Jan 21, 2018

@sensec 请教下获得了peerID和devicesign后在路由器上怎么操作?

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 21, 2018

Owner

@sensec
108协议的devicesign是这样生成的

sign = div.协议版本.device_id + md5(sha1(packageName + businessType + md5(GUID)))

其中device_id可以随机生成,GUID是一个和协议相关的值,另外的变量都是已知的
我猜这个算法没变或者差不多,关键是需要这个GUID

Owner

fffonion commented Jan 21, 2018

@sensec
108协议的devicesign是这样生成的

sign = div.协议版本.device_id + md5(sha1(packageName + businessType + md5(GUID)))

其中device_id可以随机生成,GUID是一个和协议相关的值,另外的变量都是已知的
我猜这个算法没变或者差不多,关键是需要这个GUID

@zxc14236

This comment has been minimized.

Show comment
Hide comment
@zxc14236

zxc14236 Jan 21, 2018

疑似找到办法,安卓4.4.4安装apk抓包的地址为https://mobile-login.xunlei.com:443/login,密码明文传输的
贴上抓包的结果,部分被我删掉
{"verifyCode":"","isCompressed":"0","OSVersion":"4.4.4","deviceModel":"HM 1S","businessType":"68","passWord":"明文密码","sdkVersion":"177662","appName":"ANDROID-com.xunlei.vip.swjsq","platformVersion":"2","devicesign":"删掉","verifyKey":"","protocolVersion":"200","deviceName":"Xiaomi Hm 1S","userName":"用户名","sequenceNo":"1000010","peerID":"删掉","clientVersion":"2.4.1.3"}
另外替换原来生成的脚本中的登陆参数可以正常使用

zxc14236 commented Jan 21, 2018

疑似找到办法,安卓4.4.4安装apk抓包的地址为https://mobile-login.xunlei.com:443/login,密码明文传输的
贴上抓包的结果,部分被我删掉
{"verifyCode":"","isCompressed":"0","OSVersion":"4.4.4","deviceModel":"HM 1S","businessType":"68","passWord":"明文密码","sdkVersion":"177662","appName":"ANDROID-com.xunlei.vip.swjsq","platformVersion":"2","devicesign":"删掉","verifyKey":"","protocolVersion":"200","deviceName":"Xiaomi Hm 1S","userName":"用户名","sequenceNo":"1000010","peerID":"删掉","clientVersion":"2.4.1.3"}
另外替换原来生成的脚本中的登陆参数可以正常使用

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 21, 2018

@fffonion 是的,packageName和businessType这次都没变,结果变了只能说明迅雷改了算法或者换掉了GUID。hash后值不可逆,所以我们无法推算出原因,唯一的办法就是破解得到源码。

@zxc14236 这个没用。要得到这个返回值,你首先需要向服务器发送合法的devicesign。现在的问题是我们无法生成符合迅雷算法的devicesign,只能通过抓包获取固定值,即是无法通用只能给自己用。

再次吐槽迅雷明文传输密码。
以前迅雷的做法是先将密码计算hash,再用RSA公钥进行加密,到了服务器端用私钥解密得到密码hash值,然后与数据库里的hash值比对就好。这样保证了传输过程的安全,就算私钥泄露或者服务器被黑也只能得到一堆hash值,无法还原出密码原文。
而现在,抓包后简直亮瞎眼,明文传输密码。。。虽然用了SSL保证传输层安全,不过一个中间人攻击就玩完。而且从这点来看,有理由怀疑迅雷服务器中存储的也是密码原文,一旦被黑后果可想而知。。。所以建议大家把迅雷密码单独设置,千万不要跟其它网站/服务的密码相同。

sensec commented Jan 21, 2018

@fffonion 是的,packageName和businessType这次都没变,结果变了只能说明迅雷改了算法或者换掉了GUID。hash后值不可逆,所以我们无法推算出原因,唯一的办法就是破解得到源码。

@zxc14236 这个没用。要得到这个返回值,你首先需要向服务器发送合法的devicesign。现在的问题是我们无法生成符合迅雷算法的devicesign,只能通过抓包获取固定值,即是无法通用只能给自己用。

再次吐槽迅雷明文传输密码。
以前迅雷的做法是先将密码计算hash,再用RSA公钥进行加密,到了服务器端用私钥解密得到密码hash值,然后与数据库里的hash值比对就好。这样保证了传输过程的安全,就算私钥泄露或者服务器被黑也只能得到一堆hash值,无法还原出密码原文。
而现在,抓包后简直亮瞎眼,明文传输密码。。。虽然用了SSL保证传输层安全,不过一个中间人攻击就玩完。而且从这点来看,有理由怀疑迅雷服务器中存储的也是密码原文,一旦被黑后果可想而知。。。所以建议大家把迅雷密码单独设置,千万不要跟其它网站/服务的密码相同。

@Iy204

This comment has been minimized.

Show comment
Hide comment
@Iy204

Iy204 Jan 23, 2018

@Lonlykids 还是一样,好象是因为我只买了上行加速的原因?在官方PC客户端里,绑定宽带账户只是一段说明。没有绑定解绑的地方。

Iy204 commented Jan 23, 2018

@Lonlykids 还是一样,好象是因为我只买了上行加速的原因?在官方PC客户端里,绑定宽带账户只是一段说明。没有绑定解绑的地方。

@Hoesca

This comment has been minimized.

Show comment
Hide comment
@Hoesca

Hoesca Jan 23, 2018

@fffonion 更新脚本后报错,上个版本没有这个问题

Traceback (most recent call last):
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 787, in
ins.run(uid, pwd)
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 326, in run
dt = self.login_xunlei(uname, pwd)
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 240, in login_xunlei
ct = http_req('https://mobile-login.xunlei.com:443/login', body=json.dumps(payload), headers=header_xl, encoding='utf-8')
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json_init
.py", line 231, in dumps
return _default_encoder.encode(obj)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 257, in iterencode
return _iterencode(o, 0)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 180, in default
o.class.name)
TypeError: Object of type 'bytes' is not JSON serializable

Hoesca commented Jan 23, 2018

@fffonion 更新脚本后报错,上个版本没有这个问题

Traceback (most recent call last):
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 787, in
ins.run(uid, pwd)
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 326, in run
dt = self.login_xunlei(uname, pwd)
File "E:\FilesArchived\Xunlei-Fastdick-master\swjsq.py", line 240, in login_xunlei
ct = http_req('https://mobile-login.xunlei.com:443/login', body=json.dumps(payload), headers=header_xl, encoding='utf-8')
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json_init
.py", line 231, in dumps
return _default_encoder.encode(obj)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 257, in iterencode
return _iterencode(o, 0)
File "C:\Program Files (x86)\Microsoft Visual Studio\Shared\Python36_64\lib\json\encoder.py", line 180, in default
o.class.name)
TypeError: Object of type 'bytes' is not JSON serializable

@Lonlykids

This comment has been minimized.

Show comment
Hide comment
@Lonlykids

Lonlykids Jan 23, 2018

Contributor

@hhyzz Python换成27版本试试.?

Contributor

Lonlykids commented Jan 23, 2018

@hhyzz Python换成27版本试试.?

@happyskey

This comment has been minimized.

Show comment
Hide comment
@happyskey

happyskey Jan 23, 2018

无法安装Python的路由器版本
https://github.com/fffonion/Xunlei-Fastdick/raw/master/swjsq.py

运行时报错:
F:\swjsq>python swjsq.py
Traceback (most recent call last):
File "swjsq.py", line 787, in
ins.run(uid, pwd)
File "swjsq.py", line 326, in run
dt = self.login_xunlei(uname, pwd)
File "swjsq.py", line 240, in login_xunlei
ct = http_req('https://mobile-login.xunlei.com:443/login', body=json.dumps(payload), headers=header_xl, encoding='utf-8')
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json_init
.py", line 231, in dumps
return _default_encoder.encode(obj)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 257, in iterencode
return _iterencode(o, 0)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 180, in default
o.class.name)
TypeError: Object of type 'bytes' is not JSON serializable

happyskey commented Jan 23, 2018

无法安装Python的路由器版本
https://github.com/fffonion/Xunlei-Fastdick/raw/master/swjsq.py

运行时报错:
F:\swjsq>python swjsq.py
Traceback (most recent call last):
File "swjsq.py", line 787, in
ins.run(uid, pwd)
File "swjsq.py", line 326, in run
dt = self.login_xunlei(uname, pwd)
File "swjsq.py", line 240, in login_xunlei
ct = http_req('https://mobile-login.xunlei.com:443/login', body=json.dumps(payload), headers=header_xl, encoding='utf-8')
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json_init
.py", line 231, in dumps
return _default_encoder.encode(obj)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 257, in iterencode
return _iterencode(o, 0)
File "C:\Users\happy\AppData\Local\Programs\Python\Python36-32\lib\json\encoder.py", line 180, in default
o.class.name)
TypeError: Object of type 'bytes' is not JSON serializable

@Hoesca

This comment has been minimized.

Show comment
Hide comment
@Hoesca

Hoesca Jan 23, 2018

@happyskey @Lonlykids 测试python2.7版本正常

Hoesca commented Jan 23, 2018

@happyskey @Lonlykids 测试python2.7版本正常

@171957200

This comment has been minimized.

Show comment
Hide comment
@171957200

171957200 Jan 23, 2018

@Iy204 我和你一样的情况,但是测速显示没提速,用PC客户端又可以用。很奇怪

171957200 commented Jan 23, 2018

@Iy204 我和你一样的情况,但是测速显示没提速,用PC客户端又可以用。很奇怪

@xiejinpeng007

This comment has been minimized.

Show comment
Hide comment
@xiejinpeng007

xiejinpeng007 Jan 23, 2018

python版可以使用
不过感觉进程会被杀,测试中.

root@LEDE:/usr/bin/swjsq# python swjsq.py
00:16:37 Login xunlei succeeded
00:16:37 Expire date for fastdick: 20180626
00:16:37 Expire date for upstream acceleration: 20180219
00:16:38 To Upgrade: 四川电信 down 20M -> 100M, up 2M -> 10M
00:16:38 Initializing upgrade
00:16:40 Upgrade done: down 100M, up 50M

xiejinpeng007 commented Jan 23, 2018

python版可以使用
不过感觉进程会被杀,测试中.

root@LEDE:/usr/bin/swjsq# python swjsq.py
00:16:37 Login xunlei succeeded
00:16:37 Expire date for fastdick: 20180626
00:16:37 Expire date for upstream acceleration: 20180219
00:16:38 To Upgrade: 四川电信 down 20M -> 100M, up 2M -> 10M
00:16:38 Initializing upgrade
00:16:40 Upgrade done: down 100M, up 50M
@happyskey

This comment has been minimized.

Show comment
Hide comment
@happyskey

happyskey Jan 23, 2018

happyskey commented Jan 23, 2018

@xiejinpeng007

This comment has been minimized.

Show comment
Hide comment
@xiejinpeng007

xiejinpeng007 Jan 24, 2018

@happyskey 了解,谢谢。

通过重启路由器跑 nohup python /data/usr/bin/swjsq/swjsq.py >/dev/null 2>&1 & 命令
python 版脚本已测试没有问题。
迅雷安全中心的记录是10分钟心跳一次。
LEDE固件。

xiejinpeng007 commented Jan 24, 2018

@happyskey 了解,谢谢。

通过重启路由器跑 nohup python /data/usr/bin/swjsq/swjsq.py >/dev/null 2>&1 & 命令
python 版脚本已测试没有问题。
迅雷安全中心的记录是10分钟心跳一次。
LEDE固件。

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 24, 2018

Owner

@hhyzz 稍后修复py3.x

10分钟登陆一次的问题是因为新协议,我稍后测试一下session具体的有效时间是多久

Owner

fffonion commented Jan 24, 2018

@hhyzz 稍后修复py3.x

10分钟登陆一次的问题是因为新协议,我稍后测试一下session具体的有效时间是多久

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 24, 2018

@fffonion 上个108 session已经能维持很久了,我试过可以一直在线48小时(本地电信48小时强制断线,所以没有更长的记录)。那么10分钟发一次keepalive就好,遇到服务器返回错误再重新走一趟登录流程。keepalive时间抓包看过也不是固定的,可能是受android后台机制影响,最长的一次是35分钟才出现一个,保守一点10分钟也差不多了。

另外有一点变化。向下行ISP服务器发送bandwidth,会同时返回上下行数据。can_upgrade是下行,can_upspeedup是上行。如果已登录,发包里带了userid和sessionid,bind_dial_account就是已绑定的宽带帐号(未登录则为空)。这个值如果跟dial_account不同,就需要先去迅雷网站解绑(看说明是一个月只能解绑一次)。客户端为快鸟网站下载的2.4.1.3安卓版,区域为浙江电信,不知道其它地方的服务器返回是否相同。
下行bandwidth返回:

{
	"auto_backend_supported": 0,
	"bandwidth": {
		"downstream": 102400,
		"upstream": 4096
	},
	"bind_dial_account": "",
	"can_upgrade": 1,
	"can_upspeedup": 1,
	"dial_account": "zj::************",
	"errno": 0,
	"max_bandwidth": {
		"downstream": 204800,
		"upstream": 10240
	},
	"message": "",
	"province": "zhe_jiang",
	"province_name": "浙江",
	"richmessage": "",
	"sequence": 268435457,
	"sp": "tel",
	"sp_name": "电信",
	"timestamp": 1516338151
}

另外从抓包来看,迅雷似乎准备丢弃timestamp改用sequence。现在下行发包还有time_and=,上行已经没有了。第一个参数都是sequence=,9位数字递增。
下行,多了chanel和time_and:

GET /v2/upgrade?sequence=268435458&peerid=************004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516338157389&userid=******&sessionid=********************************&user_type=1&os=android-7.1.1&dial_account=zj::************&needbind=1

上行:

GET /v2/upgrade?sequence=268435457&peerid=************004V&userid=******&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.1&sessionid=********************************&user_type=1&dial_account=zj::************

sensec commented Jan 24, 2018

@fffonion 上个108 session已经能维持很久了,我试过可以一直在线48小时(本地电信48小时强制断线,所以没有更长的记录)。那么10分钟发一次keepalive就好,遇到服务器返回错误再重新走一趟登录流程。keepalive时间抓包看过也不是固定的,可能是受android后台机制影响,最长的一次是35分钟才出现一个,保守一点10分钟也差不多了。

另外有一点变化。向下行ISP服务器发送bandwidth,会同时返回上下行数据。can_upgrade是下行,can_upspeedup是上行。如果已登录,发包里带了userid和sessionid,bind_dial_account就是已绑定的宽带帐号(未登录则为空)。这个值如果跟dial_account不同,就需要先去迅雷网站解绑(看说明是一个月只能解绑一次)。客户端为快鸟网站下载的2.4.1.3安卓版,区域为浙江电信,不知道其它地方的服务器返回是否相同。
下行bandwidth返回:

{
	"auto_backend_supported": 0,
	"bandwidth": {
		"downstream": 102400,
		"upstream": 4096
	},
	"bind_dial_account": "",
	"can_upgrade": 1,
	"can_upspeedup": 1,
	"dial_account": "zj::************",
	"errno": 0,
	"max_bandwidth": {
		"downstream": 204800,
		"upstream": 10240
	},
	"message": "",
	"province": "zhe_jiang",
	"province_name": "浙江",
	"richmessage": "",
	"sequence": 268435457,
	"sp": "tel",
	"sp_name": "电信",
	"timestamp": 1516338151
}

另外从抓包来看,迅雷似乎准备丢弃timestamp改用sequence。现在下行发包还有time_and=,上行已经没有了。第一个参数都是sequence=,9位数字递增。
下行,多了chanel和time_and:

GET /v2/upgrade?sequence=268435458&peerid=************004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516338157389&userid=******&sessionid=********************************&user_type=1&os=android-7.1.1&dial_account=zj::************&needbind=1

上行:

GET /v2/upgrade?sequence=268435457&peerid=************004V&userid=******&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.1&sessionid=********************************&user_type=1&dial_account=zj::************
@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 25, 2018

Owner

@hhyzz py3.x的问题已修复
@sensec 👌感谢

Owner

fffonion commented Jan 25, 2018

@hhyzz py3.x的问题已修复
@sensec 👌感谢

@lphgor

This comment has been minimized.

Show comment
Hide comment
@lphgor

lphgor Jan 26, 2018

突然发现一个问题,我的userID是8位数的
@fffonion

uid_temp=`echo $ret|grep -oE "userID...[0-9]{9}"`
uid=`echo $uid_temp|grep -oE "[0-9]{9}"`

lphgor commented Jan 26, 2018

突然发现一个问题,我的userID是8位数的
@fffonion

uid_temp=`echo $ret|grep -oE "userID...[0-9]{9}"`
uid=`echo $uid_temp|grep -oE "[0-9]{9}"`
@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 26, 2018

Owner

@lphgor 感谢反馈,已修复:)

Owner

fffonion commented Jan 26, 2018

@lphgor 感谢反馈,已修复:)

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 26, 2018

@fffonion @lphgor
出现一个新情况。有人反馈200协议无法登录,具体表现为向 mobile-login.xunlei.com:443/login 发包后服务器没有返回任何数据。抓包分析,他是先用111协议向 login.mobile.reg2t.sandai.net:443/ 发包,第一次会返回帐号异常,第二次发包带上了verifyKey和verifyCode两个值就可以通过,然后获取到userID和loginKey两个值记录到APP。以后就是用userID和loginKey登录 mobile-login.xunlei.com:443/loginkey。
111协议的密码是经过RSA加密的,算法跟以前108协议相同,登录流程也跟108差不多,就是这个verifyKey和verifyCode不知道怎么产生。两位大神可否看一下迅雷源码,到底是什么情况?
讨论过程见 (http://www.right.com.cn/forum/thread-267641-6-1.html) ,稍后我把抓包数据整理一下发出来。

sensec commented Jan 26, 2018

@fffonion @lphgor
出现一个新情况。有人反馈200协议无法登录,具体表现为向 mobile-login.xunlei.com:443/login 发包后服务器没有返回任何数据。抓包分析,他是先用111协议向 login.mobile.reg2t.sandai.net:443/ 发包,第一次会返回帐号异常,第二次发包带上了verifyKey和verifyCode两个值就可以通过,然后获取到userID和loginKey两个值记录到APP。以后就是用userID和loginKey登录 mobile-login.xunlei.com:443/loginkey。
111协议的密码是经过RSA加密的,算法跟以前108协议相同,登录流程也跟108差不多,就是这个verifyKey和verifyCode不知道怎么产生。两位大神可否看一下迅雷源码,到底是什么情况?
讨论过程见 (http://www.right.com.cn/forum/thread-267641-6-1.html) ,稍后我把抓包数据整理一下发出来。

@sensec

This comment has been minimized.

Show comment
Hide comment
@sensec

sensec Jan 26, 2018

抓到的APP登录数据

这是第一次帐号未注销情况下的登录流程:

Host: stat.login.xunlei.com
User-Agent: Dalvik/2.1.0 (Linux; U; Android 7.1.2; E5823 Build/NJH47F)

POST /update
{"protocolVersion":"200","clientVersion":"2.4.1.3","businesType":"68","platformVersion":"10","sdkVersion":"2.1.1.177662","appName":"com.xunlei.vip.swjsq","deviceID":"a4a7a50646871e17c3effd832a751f65"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:49 GMT

POST /loginkey
{"protocolVersion":"200","sequenceNo":"1000001","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userName":"702102337","loginKey":"lk10.28b1093e728c2c7f7f678a1c77f3b3ad0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb"}

{"timestamp":"1516896589","userNewNo":"1405739408","platformVersion":"2","errorCode":"0","vipList":[{"isVip":"0","isYear":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","payId":"0"}],"userID":"702102337","secureKey":"sk100.f68ccf431a0419dd1080a33bd7684399","isCompressed":"0","sessionID":"F205D90A4DF25E8DDDED778130732931","loginKey":"lk10.2887bf50fd6f98922b6149e7e1ff672b0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb","userName":"","nickName":"手机用户185****5233","sequenceNo":"1000001","account":"200","protocolVersion":"200"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:49 GMT

POST /getuserinfo
{"protocolVersion":"200","sequenceNo":"1000002","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userID":"702102337","sessionID":"F205D90A4DF25E8DDDED778130732931","vasid":"14"}

{"birthday":"","platformVersion":"2","role":"0","order":"138957348","rank":"1","sequenceNo":"1000002","vipList":[{"isVip":"0","isAutoDeduct":"-1","isYear":"0","register":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","isRemind":"0","vipDayGrow":"0","payId":"0"},{"isVip":"0","isAutoDeduct":"0","isYear":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"14","isRemind":"0","vipDayGrow":"0","payId":"0"}],"userNewNo":"1405739408","province":"","mobile":"185****5233","isSubAccount":"0","errorCode":"0","sex":"u","isSpecialNum":"0","userID":"702102337","todayScore":"0","isCompressed":"0","personalSign":"","city":"","protocolVersion":"200","country":"","nickName":"手机用户185****5233","account":"200","imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/%s"}


Host: api.portal.swjsq.vip.xunlei.com:81
User-Agent: okhttp/3.4.1

GET /v2/queryportal
{"errno":0,"interface_ip":"119.147.41.210","interface_port":"12180","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:50 GMT

POST /getuserinfo
{"protocolVersion":"200","sequenceNo":"1000003","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userID":"702102337","sessionID":"F205D90A4DF25E8DDDED778130732931","vasid":"33"}

{"birthday":"","platformVersion":"2","role":"0","order":"138957348","rank":"1","sequenceNo":"1000003","vipList":[{"isVip":"0","isAutoDeduct":"-1","isYear":"0","register":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","isRemind":"0","vipDayGrow":"0","payId":"0"},{"isVip":"1","isAutoDeduct":"0","vipLevel":"1","vipGrow":"0","expireDate":"20180722","payName":"网银支付方式","vasType":"3","vasid":"33","isRemind":"0","vipDayGrow":"12","payId":"4"}],"userNewNo":"1405739408","province":"","mobile":"185****5233","isSubAccount":"0","errorCode":"0","sex":"u","isSpecialNum":"0","userID":"702102337","todayScore":"0","isCompressed":"0","personalSign":"","city":"","protocolVersion":"200","country":"","nickName":"手机用户185****5233","account":"200","imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/%s"}


Host: 119.147.41.210:12180
User-Agent: okhttp/3.4.1

GET /v2/bandwidth?sequence=268435457&peerid=B6AE3D04894D004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516896593043&userid=702102337&sessionid=F205D90A4DF25E8DDDED778130732931&user_type=2&os=android-7.1.2.25E5823
{"auto_backend_supported":0,"bandwidth":{"downstream":51200,"upstream":1024},"bind_dial_account":"","can_upgrade":1,"can_upspeedup":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":102400,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516896588}


Host: api.upportal.swjsq.vip.xunlei.com
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1
Date: Thu, 25 Jan 2018 16:09:50 GMT

GET /v2/queryportal
{"errno":0,"interface_ip":"180.97.85.185","interface_port":"12700","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/bandwidth?sequence=268435456&peerid=B6AE3D04894D004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823
{"bandwidth":{"downstream":51200,"upstream":1024},"can_upgrade":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":30720,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435456,"sp":"tel","sp_name":"电信","timestamp":1516896591}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/upgrade?sequence=268435457&peerid=B6AE3D04894D004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823&sessionid=F205D90A4DF25E8DDDED778130732931&user_type=1&dial_account=sn::09142323152
{"bandwidth":{"downstream":10240,"upstream":30720},"dial_account":"sn::09142323152","errno":0,"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516896591}

这是第二次清空APP数据后的登录流程:

Host: stat.login.xunlei.com
User-Agent: Dalvik/2.1.0 (Linux; U; Android 7.1.2; E5823 Build/NJH47F)

POST /update
{"protocolVersion":"200","clientVersion":"2.4.1.3","businesType":"68","platformVersion":"10","sdkVersion":"2.1.0.177662","appName":"com.xunlei.vip.swjsq","deviceID":"a4a7a50646871e17c3effd832a751f65"}


Host: api.portal.swjsq.vip.xunlei.com:81
User-Agent: okhttp/3.4.1

GET /v2/queryportal
{"errno":0,"interface_ip":"119.147.41.210","interface_port":"12180","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 119.147.41.210:12180
User-Agent: okhttp/3.4.1

GET /v2/bandwidth?sequence=268435457&peerid=986AC3925083004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516931869501&userid=0&sessionid=&user_type=2&os=android-7.1.2.25E5823
{"auto_backend_supported":0,"bandwidth":{"downstream":51200,"upstream":1024},"bind_dial_account":"","can_upgrade":1,"can_upspeedup":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":102400,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516931866}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:57:59 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":1,"userName":"185****5233","passWord":"394F009996AF124E7A2012D78E0BB496B0CF0D0739D1226D80E7823A4D859E2954D211E25BB145F6398A4BC8EF1FE2CCBF7936DE42263911887753C154E777F571F9A8EDCE3E21574998BA71A663DE98251769B24A7CC1E00AA2FC9FF1223EDA996F999225342C7ABFD438DAA2575D0AB4CE944078E1600237C93DB2AB3EA07F","loginType":0,"sessionID":"","verifyKey":"","verifyCode":"","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"rsaKey":{"e":"010001","n":"AC69F5CCC8BDE47CD3D371603748378C9CFAD2938A6B021E0E191013975AD683F5CBF9ADE8BD7D46B4D2EC2D78AF146F1DD2D50DC51446BB8880B8CE88D476694DFC60594393BEEFAA16F5DBCEBE22F89D640F5336E42F587DC4AFEDEFEAC36CF007009CCCE5C1ACB4FF06FBA69802A8085C2C54BADD0597FC83E6870F1E36FD"},"extensionList":"","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2"}

{"platformVersion":1,"errorCode":6,"errorDescUrl":"http:\/\/verify2.xunlei.com\/image?t=MEA","errorDesc":"您的帐号存在异常,请登录安全中心确认!","cmdID":2,"protocolVersion":111,"sCompressed":0,"errorIsRetry":0,"verifyType":"MEA","isequenceNo":1000001}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000003,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":1,"userName":"185****5233","passWord":"394F009996AF124E7A2012D78E0BB496B0CF0D0739D1226D80E7823A4D859E2954D211E25BB145F6398A4BC8EF1FE2CCBF7936DE42263911887753C154E777F571F9A8EDCE3E21574998BA71A663DE98251769B24A7CC1E00AA2FC9FF1223EDA996F999225342C7ABFD438DAA2575D0AB4CE944078E1600237C93DB2AB3EA07F","loginType":0,"sessionID":"","verifyKey":"EA7B6D3E9293B2F3CCDA17230A3C6FE0D8878EBB650398029CD40E429E4BA3DB","verifyCode":"xkhv","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"rsaKey":{"e":"010001","n":"AC69F5CCC8BDE47CD3D371603748378C9CFAD2938A6B021E0E191013975AD683F5CBF9ADE8BD7D46B4D2EC2D78AF146F1DD2D50DC51446BB8880B8CE88D476694DFC60594393BEEFAA16F5DBCEBE22F89D640F5336E42F587DC4AFEDEFEAC36CF007009CCCE5C1ACB4FF06FBA69802A8085C2C54BADD0597FC83E6870F1E36FD"},"extensionList":"","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2"}

{"isVip":0,"platformVersion":1,"level":0,"loginKey":"lk10.88c2da6135ad9899b365f0adf6acc1ae0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb","vasType":0,"sequenceNo":1000003,"protocolVersion":111,"userNewNo":1405739408,"isYear":0,"errorCode":0,"isCompressed":0,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","userID":702102337,"grow":0,"expireDate":"----","payName":"----","cmdID":2,"userName":"","payId":0,"nickName":"手机用户185****5233","account":200,"jumpKey":"e3dfb1a3fbca9f0a457e1e2e4154a0fe8d5eb1e889f5b5fbbf0cf99671cbf57054b35448faf4b62c97e7e34d2f95cdc1506e05b5e922f899633bd715b00d3679362865c58bbf6877490ad50619b31f6660f1868f38f74af3fb4e81049975cf63"}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1,"businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":17,"userID":"","sessionID":"","portalCount":1,"appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662}

{"portalSrvIpList":[{"port":"443","ip":"223.111.209.146","type":"https"},{"port":"443","ip":"180.97.85.240","type":"https"}],"loginSrvIpList":[{"port":"443","ip":"223.111.209.146","type":"https"},{"port":"443","ip":"180.97.85.240","type":"https"}],"errorCode":0,"version":1,"isCompressed":0,"cmdID":18,"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000000,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":11,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F"}

{"platformVersion":1,"errorCode":0,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":12,"protocolVersion":111,"msgType":0,"sequenceNo":1000000,"shouldKick":0,"userID":702102337}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000004,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":3,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"vasid":14,"extensionList":["todayScore","isVip","isSubAccount","sex","imgURL","birthday","vasType","personalSign","vipLevel","expireDate","isSpecialNum","register","payId","isYear","province","mobile","isRemind","jumpKey","vipGrow","account","payName","country","nickName","allowScore","isAutoDeduct","vipDayGrow","order","rank","role","city"]}

{"other_payId":0,"role":0,"other_vasType":0,"vasType":0,"sequenceNo":1000004,"other_isVip":0,"isYear":0,"errorCode":0,"sex":"u","vipLevel":0,"other_isRemind":0,"cmdID":4,"payId":0,"nickName":"手机用户185****5233","isSubAccount":0,"isVip":0,"platformVersion":1,"todayScore":0,"order":138957348,"other_isAutoDeduct":0,"vipGrow":0,"birthday":"","rank":1,"other_vipDayGrow":0,"vipDayGrow":0,"isAutoDeduct":-1,"isSpecialNum":0,"imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/50x50","other_vipGrow":0,"province":"","mobile":"185****5233","payName":"----","expireDate":"----","isRemind":0,"register":"0","other_payName":"----","userID":702102337,"isCompressed":0,"personalSign":"","city":"","protocolVersion":111,"country":"","other_expireDate":"----","account":200,"other_vipLevel":0}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:04 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000005,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":3,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"vasid":33,"extensionList":["todayScore","isVip","isSubAccount","sex","imgURL","birthday","vasType","personalSign","vipLevel","expireDate","isSpecialNum","register","payId","isYear","province","mobile","isRemind","jumpKey","vipGrow","account","payName","country","nickName","allowScore","isAutoDeduct","vipDayGrow","order","rank","role","city"]}

{"other_payId":4,"role":0,"other_vasType":3,"vasType":0,"sequenceNo":1000005,"other_isVip":1,"isYear":0,"errorCode":0,"sex":"u","vipLevel":0,"other_isRemind":0,"cmdID":4,"payId":0,"nickName":"手机用户185****5233","isSubAccount":0,"isVip":0,"platformVersion":1,"todayScore":0,"order":138957348,"other_isAutoDeduct":0,"vipGrow":0,"birthday":"","rank":1,"other_vipDayGrow":12,"vipDayGrow":0,"isAutoDeduct":-1,"isSpecialNum":0,"imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/50x50","other_vipGrow":0,"province":"","mobile":"185****5233","payName":"----","expireDate":"----","isRemind":0,"register":"0","other_payName":"网银支付方式","userID":702102337,"isCompressed":0,"personalSign":"","city":"","protocolVersion":111,"country":"","other_expireDate":"20180722","account":200,"other_vipLevel":1}


Host: api.upportal.swjsq.vip.xunlei.com
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1
Date: Fri, 26 Jan 2018 01:58:04 GMT

GET /v2/queryportal
{"errno":0,"interface_ip":"180.97.85.185","interface_port":"12700","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/bandwidth?sequence=268435456&peerid=986AC3925083004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823
{"bandwidth":{"downstream":51200,"upstream":1024},"can_upgrade":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":30720,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435456,"sp":"tel","sp_name":"电信","timestamp":1516931884}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/upgrade?sequence=268435457&peerid=986AC3925083004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823&sessionid=C053D8A0EA1657D0DF1E6E29EC94059F&user_type=1&dial_account=sn::09142323152
{"bandwidth":{"downstream":10240,"upstream":30720},"dial_account":"sn::09142323152","errno":0,"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516931885}

sensec commented Jan 26, 2018

抓到的APP登录数据

这是第一次帐号未注销情况下的登录流程:

Host: stat.login.xunlei.com
User-Agent: Dalvik/2.1.0 (Linux; U; Android 7.1.2; E5823 Build/NJH47F)

POST /update
{"protocolVersion":"200","clientVersion":"2.4.1.3","businesType":"68","platformVersion":"10","sdkVersion":"2.1.1.177662","appName":"com.xunlei.vip.swjsq","deviceID":"a4a7a50646871e17c3effd832a751f65"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:49 GMT

POST /loginkey
{"protocolVersion":"200","sequenceNo":"1000001","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userName":"702102337","loginKey":"lk10.28b1093e728c2c7f7f678a1c77f3b3ad0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb"}

{"timestamp":"1516896589","userNewNo":"1405739408","platformVersion":"2","errorCode":"0","vipList":[{"isVip":"0","isYear":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","payId":"0"}],"userID":"702102337","secureKey":"sk100.f68ccf431a0419dd1080a33bd7684399","isCompressed":"0","sessionID":"F205D90A4DF25E8DDDED778130732931","loginKey":"lk10.2887bf50fd6f98922b6149e7e1ff672b0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb","userName":"","nickName":"手机用户185****5233","sequenceNo":"1000001","account":"200","protocolVersion":"200"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:49 GMT

POST /getuserinfo
{"protocolVersion":"200","sequenceNo":"1000002","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userID":"702102337","sessionID":"F205D90A4DF25E8DDDED778130732931","vasid":"14"}

{"birthday":"","platformVersion":"2","role":"0","order":"138957348","rank":"1","sequenceNo":"1000002","vipList":[{"isVip":"0","isAutoDeduct":"-1","isYear":"0","register":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","isRemind":"0","vipDayGrow":"0","payId":"0"},{"isVip":"0","isAutoDeduct":"0","isYear":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"14","isRemind":"0","vipDayGrow":"0","payId":"0"}],"userNewNo":"1405739408","province":"","mobile":"185****5233","isSubAccount":"0","errorCode":"0","sex":"u","isSpecialNum":"0","userID":"702102337","todayScore":"0","isCompressed":"0","personalSign":"","city":"","protocolVersion":"200","country":"","nickName":"手机用户185****5233","account":"200","imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/%s"}


Host: api.portal.swjsq.vip.xunlei.com:81
User-Agent: okhttp/3.4.1

GET /v2/queryportal
{"errno":0,"interface_ip":"119.147.41.210","interface_port":"12180","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: mobile-login.xunlei.com:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.1.177662
Date: Thu, 25 Jan 2018 16:09:50 GMT

POST /getuserinfo
{"protocolVersion":"200","sequenceNo":"1000003","platformVersion":"2","isCompressed":"0","businessType":"68","clientVersion":"2.4.1.3","peerID":"B6AE3D04894D004V","appName":"ANDROID-com.xunlei.vip.swjsq","sdkVersion":"177662","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2","userID":"702102337","sessionID":"F205D90A4DF25E8DDDED778130732931","vasid":"33"}

{"birthday":"","platformVersion":"2","role":"0","order":"138957348","rank":"1","sequenceNo":"1000003","vipList":[{"isVip":"0","isAutoDeduct":"-1","isYear":"0","register":"0","vipLevel":"0","vipGrow":"0","expireDate":"----","payName":"----","vasType":"0","vasid":"2","isRemind":"0","vipDayGrow":"0","payId":"0"},{"isVip":"1","isAutoDeduct":"0","vipLevel":"1","vipGrow":"0","expireDate":"20180722","payName":"网银支付方式","vasType":"3","vasid":"33","isRemind":"0","vipDayGrow":"12","payId":"4"}],"userNewNo":"1405739408","province":"","mobile":"185****5233","isSubAccount":"0","errorCode":"0","sex":"u","isSpecialNum":"0","userID":"702102337","todayScore":"0","isCompressed":"0","personalSign":"","city":"","protocolVersion":"200","country":"","nickName":"手机用户185****5233","account":"200","imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/%s"}


Host: 119.147.41.210:12180
User-Agent: okhttp/3.4.1

GET /v2/bandwidth?sequence=268435457&peerid=B6AE3D04894D004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516896593043&userid=702102337&sessionid=F205D90A4DF25E8DDDED778130732931&user_type=2&os=android-7.1.2.25E5823
{"auto_backend_supported":0,"bandwidth":{"downstream":51200,"upstream":1024},"bind_dial_account":"","can_upgrade":1,"can_upspeedup":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":102400,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516896588}


Host: api.upportal.swjsq.vip.xunlei.com
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1
Date: Thu, 25 Jan 2018 16:09:50 GMT

GET /v2/queryportal
{"errno":0,"interface_ip":"180.97.85.185","interface_port":"12700","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/bandwidth?sequence=268435456&peerid=B6AE3D04894D004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823
{"bandwidth":{"downstream":51200,"upstream":1024},"can_upgrade":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":30720,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435456,"sp":"tel","sp_name":"电信","timestamp":1516896591}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/upgrade?sequence=268435457&peerid=B6AE3D04894D004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823&sessionid=F205D90A4DF25E8DDDED778130732931&user_type=1&dial_account=sn::09142323152
{"bandwidth":{"downstream":10240,"upstream":30720},"dial_account":"sn::09142323152","errno":0,"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516896591}

这是第二次清空APP数据后的登录流程:

Host: stat.login.xunlei.com
User-Agent: Dalvik/2.1.0 (Linux; U; Android 7.1.2; E5823 Build/NJH47F)

POST /update
{"protocolVersion":"200","clientVersion":"2.4.1.3","businesType":"68","platformVersion":"10","sdkVersion":"2.1.0.177662","appName":"com.xunlei.vip.swjsq","deviceID":"a4a7a50646871e17c3effd832a751f65"}


Host: api.portal.swjsq.vip.xunlei.com:81
User-Agent: okhttp/3.4.1

GET /v2/queryportal
{"errno":0,"interface_ip":"119.147.41.210","interface_port":"12180","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 119.147.41.210:12180
User-Agent: okhttp/3.4.1

GET /v2/bandwidth?sequence=268435457&peerid=986AC3925083004V&client_type=android-swjsq-2.4.1.3&client_version=androidswjsq-2.4.1.3&chanel=umeng-10900011&time_and=1516931869501&userid=0&sessionid=&user_type=2&os=android-7.1.2.25E5823
{"auto_backend_supported":0,"bandwidth":{"downstream":51200,"upstream":1024},"bind_dial_account":"","can_upgrade":1,"can_upspeedup":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":102400,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516931866}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:57:59 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":1,"userName":"185****5233","passWord":"394F009996AF124E7A2012D78E0BB496B0CF0D0739D1226D80E7823A4D859E2954D211E25BB145F6398A4BC8EF1FE2CCBF7936DE42263911887753C154E777F571F9A8EDCE3E21574998BA71A663DE98251769B24A7CC1E00AA2FC9FF1223EDA996F999225342C7ABFD438DAA2575D0AB4CE944078E1600237C93DB2AB3EA07F","loginType":0,"sessionID":"","verifyKey":"","verifyCode":"","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"rsaKey":{"e":"010001","n":"AC69F5CCC8BDE47CD3D371603748378C9CFAD2938A6B021E0E191013975AD683F5CBF9ADE8BD7D46B4D2EC2D78AF146F1DD2D50DC51446BB8880B8CE88D476694DFC60594393BEEFAA16F5DBCEBE22F89D640F5336E42F587DC4AFEDEFEAC36CF007009CCCE5C1ACB4FF06FBA69802A8085C2C54BADD0597FC83E6870F1E36FD"},"extensionList":"","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2"}

{"platformVersion":1,"errorCode":6,"errorDescUrl":"http:\/\/verify2.xunlei.com\/image?t=MEA","errorDesc":"您的帐号存在异常,请登录安全中心确认!","cmdID":2,"protocolVersion":111,"sCompressed":0,"errorIsRetry":0,"verifyType":"MEA","isequenceNo":1000001}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000003,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":1,"userName":"185****5233","passWord":"394F009996AF124E7A2012D78E0BB496B0CF0D0739D1226D80E7823A4D859E2954D211E25BB145F6398A4BC8EF1FE2CCBF7936DE42263911887753C154E777F571F9A8EDCE3E21574998BA71A663DE98251769B24A7CC1E00AA2FC9FF1223EDA996F999225342C7ABFD438DAA2575D0AB4CE944078E1600237C93DB2AB3EA07F","loginType":0,"sessionID":"","verifyKey":"EA7B6D3E9293B2F3CCDA17230A3C6FE0D8878EBB650398029CD40E429E4BA3DB","verifyCode":"xkhv","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"rsaKey":{"e":"010001","n":"AC69F5CCC8BDE47CD3D371603748378C9CFAD2938A6B021E0E191013975AD683F5CBF9ADE8BD7D46B4D2EC2D78AF146F1DD2D50DC51446BB8880B8CE88D476694DFC60594393BEEFAA16F5DBCEBE22F89D640F5336E42F587DC4AFEDEFEAC36CF007009CCCE5C1ACB4FF06FBA69802A8085C2C54BADD0597FC83E6870F1E36FD"},"extensionList":"","deviceModel":"E5823","deviceName":"Sony E5823","OSVersion":"7.1.2"}

{"isVip":0,"platformVersion":1,"level":0,"loginKey":"lk10.88c2da6135ad9899b365f0adf6acc1ae0e87dc4d3c0b849d6166351778f138122e4ecb03359be5a35183b3b254e085cb","vasType":0,"sequenceNo":1000003,"protocolVersion":111,"userNewNo":1405739408,"isYear":0,"errorCode":0,"isCompressed":0,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","userID":702102337,"grow":0,"expireDate":"----","payName":"----","cmdID":2,"userName":"","payId":0,"nickName":"手机用户185****5233","account":200,"jumpKey":"e3dfb1a3fbca9f0a457e1e2e4154a0fe8d5eb1e889f5b5fbbf0cf99671cbf57054b35448faf4b62c97e7e34d2f95cdc1506e05b5e922f899633bd715b00d3679362865c58bbf6877490ad50619b31f6660f1868f38f74af3fb4e81049975cf63"}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1,"businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":17,"userID":"","sessionID":"","portalCount":1,"appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662}

{"portalSrvIpList":[{"port":"443","ip":"223.111.209.146","type":"https"},{"port":"443","ip":"180.97.85.240","type":"https"}],"loginSrvIpList":[{"port":"443","ip":"223.111.209.146","type":"https"},{"port":"443","ip":"180.97.85.240","type":"https"}],"errorCode":0,"version":1,"isCompressed":0,"cmdID":18,"protocolVersion":111,"sequenceNo":1000001,"platformVersion":1}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000000,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":11,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F"}

{"platformVersion":1,"errorCode":0,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":12,"protocolVersion":111,"msgType":0,"sequenceNo":1000000,"shouldKick":0,"userID":702102337}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:03 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000004,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":3,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"vasid":14,"extensionList":["todayScore","isVip","isSubAccount","sex","imgURL","birthday","vasType","personalSign","vipLevel","expireDate","isSpecialNum","register","payId","isYear","province","mobile","isRemind","jumpKey","vipGrow","account","payName","country","nickName","allowScore","isAutoDeduct","vipDayGrow","order","rank","role","city"]}

{"other_payId":0,"role":0,"other_vasType":0,"vasType":0,"sequenceNo":1000004,"other_isVip":0,"isYear":0,"errorCode":0,"sex":"u","vipLevel":0,"other_isRemind":0,"cmdID":4,"payId":0,"nickName":"手机用户185****5233","isSubAccount":0,"isVip":0,"platformVersion":1,"todayScore":0,"order":138957348,"other_isAutoDeduct":0,"vipGrow":0,"birthday":"","rank":1,"other_vipDayGrow":0,"vipDayGrow":0,"isAutoDeduct":-1,"isSpecialNum":0,"imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/50x50","other_vipGrow":0,"province":"","mobile":"185****5233","payName":"----","expireDate":"----","isRemind":0,"register":"0","other_payName":"----","userID":702102337,"isCompressed":0,"personalSign":"","city":"","protocolVersion":111,"country":"","other_expireDate":"----","account":200,"other_vipLevel":0}


Host: login.mobile.reg2t.sandai.net:443
User-Agent: android-async-http/xl-acc-sdk/version-2.1.0.177662
Date: Fri, 26 Jan 2018 01:58:04 GMT

POST /
{"protocolVersion":111,"sequenceNo":1000005,"platformVersion":1,"peerID":"986AC3925083004V","businessType":68,"clientVersion":"2.4.1.3","isCompressed":0,"cmdID":3,"userID":702102337,"sessionID":"C053D8A0EA1657D0DF1E6E29EC94059F","appName":"ANDROID-com.xunlei.vip.swjsq","devicesign":"div101.a4a7a50646871e17c3effd832a751f65477521cd345e78e77657d4272431fdfe","sdkVersion":177662,"vasid":33,"extensionList":["todayScore","isVip","isSubAccount","sex","imgURL","birthday","vasType","personalSign","vipLevel","expireDate","isSpecialNum","register","payId","isYear","province","mobile","isRemind","jumpKey","vipGrow","account","payName","country","nickName","allowScore","isAutoDeduct","vipDayGrow","order","rank","role","city"]}

{"other_payId":4,"role":0,"other_vasType":3,"vasType":0,"sequenceNo":1000005,"other_isVip":1,"isYear":0,"errorCode":0,"sex":"u","vipLevel":0,"other_isRemind":0,"cmdID":4,"payId":0,"nickName":"手机用户185****5233","isSubAccount":0,"isVip":0,"platformVersion":1,"todayScore":0,"order":138957348,"other_isAutoDeduct":0,"vipGrow":0,"birthday":"","rank":1,"other_vipDayGrow":12,"vipDayGrow":0,"isAutoDeduct":-1,"isSpecialNum":0,"imgURL":"http:\/\/img2.user.kanimg.com\/usrimg\/702102337\/50x50","other_vipGrow":0,"province":"","mobile":"185****5233","payName":"----","expireDate":"----","isRemind":0,"register":"0","other_payName":"网银支付方式","userID":702102337,"isCompressed":0,"personalSign":"","city":"","protocolVersion":111,"country":"","other_expireDate":"20180722","account":200,"other_vipLevel":1}


Host: api.upportal.swjsq.vip.xunlei.com
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1
Date: Fri, 26 Jan 2018 01:58:04 GMT

GET /v2/queryportal
{"errno":0,"interface_ip":"180.97.85.185","interface_port":"12700","message":"","province":"shaan_xi","province_name":"陕西","sp":"tel","sp_name":"电信"}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/bandwidth?sequence=268435456&peerid=986AC3925083004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823
{"bandwidth":{"downstream":51200,"upstream":1024},"can_upgrade":1,"dial_account":"sn::09142323152","errno":0,"max_bandwidth":{"downstream":30720,"upstream":10240},"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435456,"sp":"tel","sp_name":"电信","timestamp":1516931884}


Host: 180.97.85.185:12700
User-Agent: android-async-http/xl-acc-sdk/version-1.0.0.1

GET /v2/upgrade?sequence=268435457&peerid=986AC3925083004V&userid=702102337&client_type=android-uplink-2.4.1.3&client_version=andrioduplink-2.4.1.3&os=android-7.1.2.25E5823&sessionid=C053D8A0EA1657D0DF1E6E29EC94059F&user_type=1&dial_account=sn::09142323152
{"bandwidth":{"downstream":10240,"upstream":30720},"dial_account":"sn::09142323152","errno":0,"message":"","province":"shan_xi","province_name":"陕西","richmessage":"","sequence":268435457,"sp":"tel","sp_name":"电信","timestamp":1516931885}
@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 26, 2018

Owner
Owner

fffonion commented Jan 26, 2018

@ken198

This comment has been minimized.

Show comment
Hide comment
@ken198

ken198 Jan 27, 2018

查看安全中心,每十分钟有两条同时登录的请求记录

ken198 commented Jan 27, 2018

查看安全中心,每十分钟有两条同时登录的请求记录

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 27, 2018

Owner

@ken198 检查一下有没有开多个进程

Owner

fffonion commented Jan 27, 2018

@ken198 检查一下有没有开多个进程

@ken198

This comment has been minimized.

Show comment
Hide comment
@ken198

ken198 Jan 27, 2018

@fffonion 没有开多进程,换了3个路由都是这样,潘多拉、padavan,开路由时候安全中心是1个登录记录,10分钟后就出现两个同时登录的记录,相差不过10秒

ken198 commented Jan 27, 2018

@fffonion 没有开多进程,换了3个路由都是这样,潘多拉、padavan,开路由时候安全中心是1个登录记录,10分钟后就出现两个同时登录的记录,相差不过10秒

@lphgor

This comment has been minimized.

Show comment
Hide comment
@lphgor

lphgor Jan 29, 2018

我觉得是不是可以考虑把renew去掉?
我测试了一天,去掉renew以后,安全中心没有新的登录记录,session依然有效。没有必要10分钟renew一次。

lphgor commented Jan 29, 2018

我觉得是不是可以考虑把renew去掉?
我测试了一天,去掉renew以后,安全中心没有新的登录记录,session依然有效。没有必要10分钟renew一次。

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Jan 29, 2018

Owner

@lphgor 好的,我先把renew去掉了,暂时依靠错误判断来重新登陆好了

Owner

fffonion commented Jan 29, 2018

@lphgor 好的,我先把renew去掉了,暂时依靠错误判断来重新登陆好了

@guaosi

This comment has been minimized.

Show comment
Hide comment
@guaosi

guaosi Feb 13, 2018

总是要我输入验证码,有什么好的解决办法吗

00:55:42 Error: login xunlei failed, 为了您的账号安全,请输入验证码[6]
00:55:42 {'msgurl': '', 'isequenceNo': '1000001', 'protocolVersion': '200', 'errorDescUrl': 'http://verify2.xunlei.com/i
mage?t=MEA', 'errorCode': '6', 'errorIsRetry': 0, 'errorDesc': '为了您的账号安全,请输入验证码[6]', 'isCompressed': '0',
'verifyType': 'MEA', 'platformVersion': '2'}

guaosi commented Feb 13, 2018

总是要我输入验证码,有什么好的解决办法吗

00:55:42 Error: login xunlei failed, 为了您的账号安全,请输入验证码[6]
00:55:42 {'msgurl': '', 'isequenceNo': '1000001', 'protocolVersion': '200', 'errorDescUrl': 'http://verify2.xunlei.com/i
mage?t=MEA', 'errorCode': '6', 'errorIsRetry': 0, 'errorDesc': '为了您的账号安全,请输入验证码[6]', 'isCompressed': '0',
'verifyType': 'MEA', 'platformVersion': '2'}

@fffonion

This comment has been minimized.

Show comment
Hide comment
@fffonion

fffonion Feb 13, 2018

Owner

@guaosi 尝试一下昨天更新的版本?

Owner

fffonion commented Feb 13, 2018

@guaosi 尝试一下昨天更新的版本?

@guaosi

This comment has been minimized.

Show comment
Hide comment
@guaosi

guaosi Feb 15, 2018

@fffonion 问题依旧,不知道要怎么办,有看到一个issue说删除本地的swjsq.account.txt,然后py swjsq.py,最后再重新创建swjsq.account.txt再次py swjsq.py。我测试还是无效,问题依旧,感觉头疼

guaosi commented Feb 15, 2018

@fffonion 问题依旧,不知道要怎么办,有看到一个issue说删除本地的swjsq.account.txt,然后py swjsq.py,最后再重新创建swjsq.account.txt再次py swjsq.py。我测试还是无效,问题依旧,感觉头疼

@fffonion fffonion closed this Jun 22, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment