协议分析"/>
Linux QQ 协议分析
Qq for linux 协议分析--个人感觉Tencent的LinuxQQ 协议更简单一些貌似
| // 1、指令0x0091第一次握手请求(Touch_Request)的发送数据,解密后为 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // unsigned char instr[]={ 0x4b,0x16,0xfe,0x18,0xc0,0x7e,0xe6,0x4c,0xe9,0x1f,0x8a,0xd8,0xcd,0x7f,0x3b,0x97,0xfa,0x29,0xe3,0x41, 0x0c,0xba,0xd2,0x57,0xe6,0x17,0x33,0xdd,0x02,0xbf,0xae,0x2c }; |
| //指令0x0091第一次握手请求(Touch_Request)的随机密钥RequestKey1 // unsigned char key[]={0xb6,0x70,0xab,0xd6,0x06,0xd3,0x3a,0x30,0x3a,0x01,0xe9,0x09,0xc3,0x15,0xe1,0x3c}; |
| //指令0x0091第一次握手请求失败,服务器返回的数据(Touch_Respond),用RequestKey1解密后为 00 01 01 00 00 00 01 00 00 00 00 db 85 3c 1b(后4字节为新的ip地址) // unsigned char instr[]={ 0x22,0x57,0x70,0x12,0xcf,0x5a,0xeb,0x21,0x0e,0x62,0x1f,0xf2,0xed,0x1f,0x7c,0x57,0x85,0xef,0x13,0xb9, 0x4a,0xe0,0xc0,0xa1,0xb8,0xe6,0xd5,0x02,0x9a,0x32,0x97,0x07 }; |
| // 2、 指令0x0091第二次握手请求(Touch_Request)的发送数据,用RequestKey1解密后为 00 01 01 01 00 00 00 00 00 00 00 1b 3c 85 db(后4字节为新的ip地址的倒置) // unsigned char instr[]={ 0x4b,0x16,0xfe,0x18,0xc0,0x7e,0xe6,0x4c,0xcc,0x9f,0x3b,0xe7,0x02,0x98,0x52,0x49,0xa5,0xf5,0x56,0x52, 0xc1,0x71,0xe0,0x9b,0xb1,0xc8,0x15,0xdc,0x41,0x78,0xd6,0xb3 }; |
| //指令0x0091第二次握手请求成功,服务器返回的数据(Touch_Respond),用RequestKey1解密后为00 00 // unsigned char instr[]={ 0x9f,0xf1,0x3e,0x30,0x09,0xab,0x4c,0xb8,0x9d,0x05,0xa4,0xd6,0x20,0xf2,0x18,0xc4 }; |
| // 3、 指令0x0062请求预登陆令牌(PreLT_Request) // 指令0x0062请求预登陆令牌, 服务器返回数据(PreLT_Respond),这个数据加密后成为请求登陆令牌的一部分 // unsigned char instr[]={ 0xe1,0xd5,0x55,0x0e,0xce,0xb6,0xd3,0x0a,0x4c,0xdd,0x7c,0xa8,0x61,0xb0,0x77,0x7f,0x11,0x4d,0xb1, 0x39,0xec,0xf0,0x99,0xd0 }; |
| // 4、 指令0x00ba 请求登陆令牌(LoginToken_Request),把(PreLT_Respond) 18 +{ 0xe1,0xd5,0x55,0x0e,0xce,0xb6,0xd3,0x0a,0x4c,0xdd,0x7c,0xa8,0x61,0xb0,0x77,0x7f,0x11,0x4d,0xb1, 0x39,0xec,0xf0,0x99,0xd0 } +03 00 05 00 00 00 00 00 00 00数据TEA随机密钥RequestKey2(现在发现和密钥1一样)加密后作为请求数据 |
| // unsigned char instr[]={ 0xe9,0xb1,0xc7,0x7c,0xb1,0x2d,0x41,0xed,0xf5,0x13,0x6f,0x3e,0xd5,0xf4,0x7f,0x0e,0xc1,0x92,0x89, 0x24,0x4b,0xf3,0xbe,0xf2,0xb5,0x00,0xce,0x63,0xa9,0x3a,0x5b,0xc8,0xab,0xc7,0xe2,0x70,0x6e,0x5b, 0x97,0x3a,0xca,0x79,0x3e,0x1b,0x19,0xbc,0x4a,0x03 }; |
| // 指令0x00ba 请求登陆令牌,服务器返回数据(LoginToken_Respond), 用RequestKey2解密后为03 00 05 00 00 20 +{0x00,0xd0,0xe1,0xa0,0x1a,0x3f,0xb2,0x5d,0x72,0x9d,0x15,0x8c,0x56,0xe4,0x27,0xf3,0xb8,0xae, 0xe2,0x6f,0xd7,0xfe,0x92,0xa7,0x3a,0xa8,0xe8,0xed,0xdd,0xb5,0xb9,0xcc }(LT) // unsigned char instr[]={ 0x5c,0x1e,0x84,0x95,0x35,0xc4,0xb3,0x02,0x3e,0xd6,0xcb,0x71,0x67,0x40,0x63,0xb9,0x33,0xcd, 0xe7,0x2a,0x66,0x70,0x15,0x10,0xe5,0xa9,0x4c,0x4c,0x8a,0x1b,0x21,0x29,0x9f,0xfd,0xee,0xc6, 0x3a,0x63,0xd6,0xb8,0x93,0x8d,0x8b,0x4f,0x73,0x3f,0xe3,0x33 }; |
| // 5、 指令 0xdd 请求预会话密钥(PreSK_Request) //随机密钥RequestKey3 // unsigned char key[]={ 0x3a,0x30,0x3a,0x01,0xe9,0x09,0xc3,0x15,0xe1,0x3c,0x8f,0xd1,0x7f,0x96,0x95,0x6f }; //发送数据,用随机密钥RequestKey3解密后为 005f0000080401e0 20 (LoginToken)00d0e1a01a3fb25d729d158c56e427f3b8aee26fd7fe92a73aa 8e8edddb5b9cc 0020 (PasswdValidStr')779fa088da269125a99eeaac355e2ba63e3c21808b95af9729f6d56582b90640 0014 dd30103a8d878990622b1db4c7c67e98bd12faa2 0064 000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 // unsigned char instr[]={ 0x8f,0x8a,0x21,0x34,0x03,0x45,0xc2,0xf3,0xa9,0x5d,0x3a,0xfd,0x73,0x9f,0x73,0x67,0x95,0xdc,0x21, 0xda,0xf2,0x3e,0x1b,0x62,0x2b,0x9b,0xf6,0xcb,0x2e,0xa4,0x9a,0x77,0xe9,0xed,0xfa,0x60,0x88,0x52, 0x85,0x6f,0x92,0x17,0x85,0x3f,0xb7,0xed,0x74,0x8c,0xea,0xf3,0x95,0x94,0xa3,0x3f,0xee,0xec,0xd7, 0x12,0xa7,0x14,0x5e,0x73,0x52,0xb3,0xbf,0x5a,0x3e,0xf6,0xc0,0xde,0xef,0x46,0x71,0xe6,0xf4,0x43, 0x47,0x05,0x8b,0xfc,0x02,0xd6,0x81,0x11,0x96,0x06,0x6a,0x23,0x2b,0x70,0x2b,0x0d,0xba,0x09,0xe9, 0x68,0x73,0x95,0xb2,0x1a,0x09,0x29,0xfa,0xf2,0x55,0x4e,0x20,0x6c,0xb9,0x55,0xa5,0x44,0xdb,0x5d, 0xd0,0x5b,0x9b,0xd4,0xb2,0x80,0x13,0x70,0x10,0xf9,0x13,0x0a,0xbe,0x8d,0xf1,0x08,0xbd,0x0a,0x24, 0x34,0x2d,0x99,0xe6,0x15,0xaa,0x76,0x4a,0xde,0x72,0x86,0x5a,0xf9,0x45,0x00,0x21,0x87,0xd9,0x5e, 0x2c,0x16,0x3c,0x8d,0xe4,0xee,0xdd,0x29,0x0c,0xd1,0xc7,0x0d,0x3d,0x09,0xb3,0x24,0x67,0x19,0x8f, 0xa5,0xb3,0xa5,0x4b,0xe1,0x19,0x53,0x38,0xbb,0x22,0x25,0x7a,0x37,0x55,0xab,0x09,0x6f,0xae,0x93, 0x99,0x21,0x04,0xb8,0xa9,0x59,0x5e,0xc1,0x3e,0x86,0x27,0x57,0x7b,0x18,0x75,0x3c,0x97,0xfc,0x8c, 0xa5,0xed,0x55,0x05,0x80,0x05,0x31 };
|
| //指令 0xdd 请求预会话密钥,服务器返回数据,解密后为 009700684e0000 0020 eb074a42d036d0c03145d7e2075ee7f0701f47a23cdaf05531cbf97fd013152f 0020 05dbeca28e7b7471751cef7b2e9f96f709e8f9ec4562bbf7f1e63affc9dd2341 0038 (TempToken)9eef45116062d5a6fef4e885bf1469fe30211ff5de5703419d9f389ca94a086045b 9476260346de0eec442d0b5132428bd15ccee941e9110 (TempKey)68374638714b4651617655366234367a 000000000000 unsigned char instr[]={ 0x60,0xce,0x4a,0x4a,0x70,0xe6,0x77,0x2d,0xc1,0xf9,0xa6,0xd3,0x22,0x2a,0x54,0x84,0x58,0x7f,0x83, 0xa1,0x75,0x2f,0xac,0x09,0x7d,0x76,0x85,0xc9,0xe7,0x37,0xbb,0xb1,0xe7,0xdc,0x5c,0x3b,0xe6,0x86, 0xc4,0xa7,0xe2,0xc7,0xdf,0x61,0x56,0x62,0x06,0x2d,0xde,0x5e,0x22,0x0b,0x2f,0xfa,0x6e,0x05,0x10, 0xfa,0xba,0x7e,0xe0,0x31,0x3f,0x52,0xa6,0x1c,0x33,0x9e,0x0c,0x78,0xa8,0xc2,0xef,0xeb,0x24,0x2d, 0xd9,0x65,0xfe,0x84,0x67,0xa0,0x55,0xe6,0x95,0xba,0x14,0xfe,0x43,0xc8,0xe6,0x09,0x32,0x43,0xd1, 0xb3,0xb7,0x03,0x47,0x4e,0x23,0x03,0x85,0x28, 0x2f,0x4a,0xee,0xe4,0x1e,0x43,0x32,0x6f,0xf8,0xba,0x47,0x60,0x39,0xa0,0x92,0x72,0x29,0x14,0x17,0x54,0xb1,0x3a,0xe0,0x6d,0xf6,0xb4, 0xf9,0xf1,0x23,0xd2,0x86,0x53,0xc9,0x3a,0x01,0x78,0xbf,0x08,0x3e,0xe4,0x32,0x16,0x58,0xe5,0x2e,0xaa,0x0e,0x9c,0xc8,0x86,0x04,0xc7, 0xe8,0xed,0xea,0x3d,0x6b,0x6a,0x3a,0x4c,0xed,0xdb,0xcb,0x7e }; // 密钥为M2P = 3fa22c81640aa1e75ad01c38f0f18ce8 // unsigned char key[]={0x3f,0xa2,0x2c,0x81,0x64,0x0a,0xa1,0xe7,0x5a,0xd0,0x1c,0x38,0xf0,0xf1,0x8c,0xe8}; |
| // 6、 指令 0x0022请求传话密钥(SessionKey_Request) //TempKey // unsigned char key[]={0x68,0x37,0x46,0x38,0x71,0x4b,0x46,0x51,0x61,0x76,0x55,0x36,0x62,0x34,0x36,0x7a}; //发送数据,解密后为(448字节) 0000 0020 (PasswdValidStr') 779fa088da269125a99eeaac355e2ba63e3c21808b95af9729f6d56582b90640 16052d6262467d645e66657ce3339907 00000000000000000000000000000000000000564ec8fb0a4fefb37a5dd8860face51a19 2800000000000000000000000 0000000000000000000000000004dd959f0bceac2005abbc4fd6f2d016f2000d0e1a01a3fb25d729d158c56e427f3b8aee 26fd7fe92a73aa8e8edddb5b9cc00000006000000000000011101bf4687dc001050d5fe4396dbf48750ad961689ad55a90 00000000000000000000000000000000000000000000000000243412db90010f8a87080348f7bba534133ac3a9b4fba00 c8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000 //464字节 // unsigned char instr[]={ 0xaf,0x54,0xd5,0x0f,0x20,0xb3,0x84,0x18,0xa9,0xdb,0x12,0xfd,0x97,0xfd,0xcb,0x1b,0x30,0x13,0x22,0x65,0x9c,0xc6,0xfa, 0x09,0x76,0xfc,0x96,0x12,0x72,0xbe,0xdf,0xf1,0x77,0xd4,0x22,0x98,0x1c,0x57,0xb0,0x27,0xba,0x41,0x58,0xbb,0x43,0x47, 0x15,0xcd,0x89,0x8a,0x76,0x15,0x3e,0xe2,0x92,0x05,0x93,0x34,0x2d,0x31,0x13,0x5d,0x36,0x2f,0x00,0x69,0x4b,0xc1, 0xbb,0xc4,0xc2,0x8c,0xdc,0xae,0x4e,0x6a,0x4e,0xaa,0x33,0xcd,0x80,0x63,0x51,0x70,0x47,0x77,0x2e,0x76,0x7d,0x26, 0xdb,0xd8,0x65,0x96,0x6f,0xfc,0xd5,0x4e,0x16,0x52,0x99,0xc2,0xa6,0x8d,0x23,0x5d,0x87,0xb3,0x68,0x52,0xd2,0xd3, 0x4d,0xa4,0x7c,0x19,0xd0,0x86,0x54,0x4a,0xcd,0xee,0xd0,0xf3,0x36,0x65,0x05,0x17,0xbf,0xd7,0xb2,0x54,0x67,0xa9, 0x2b,0xcf,0xc2,0x9a,0xbd,0x4e,0x28,0x6f,0xfc,0x26,0xb9,0x8d,0x95,0x75,0x7c,0x2f,0xbb,0xf3,0x37,0xba,0x70,0xb7,0x36, 0x91,0xae,0x5f,0x5f,0x26,0xcd,0x97,0x5f,0x24,0x89,0x75,0xf5,0x6d,0xce,0x91,0xde,0xd7,0x9c,0xf0,0xa5,0xd5,0x23,0xf9, 0xa5,0xc5,0xba,0x9f,0x08,0x1f,0x19,0xb9,0xfd,0x9f,0x55,0x14,0x4c,0xff,0xbd,0x98,0x14,0x11,0x01,0x9a,0x45,0x5d,0x4d, 0xb8,0xf8,0xd4,0x3d,0x54,0x7d,0x43,0xdf,0x88,0x54,0xcb,0xa4,0x05,0xeb,0x9f,0x6a,0x6c,0x70,0xa6,0x43,0x60,0xc0,0x2b, 0x5e,0x36,0x4d,0xa9,0x09,0x78,0x1f,0x3a,0xdc,0x93,0x5f,0x2e,0x22,0xe1,0x1c,0xaa,0x82,0xce,0xa8,0x1c,0x9b,0xbd,0xfe, 0x24,0xf3,0xe3,0xf9,0x87,0x0b,0xe7,0x05,0xbe,0x3a,0x9e,0xf7,0xc1,0x79,0xd4,0x21,0x2c,0x2e,0x6f,0xd9,0x6f,0x8f,0x26, 0xa5,0x4e,0x2d,0x9c,0x3d,0x3b,0x24,0xfa,0x60,0x8f,0x55,0xc8,0xbe,0x8d,0x15,0xaa,0x6d,0xd6,0x9e,0xfc,0x4c,0x81,0x8c, 0xee,0x48,0x16,0x1f,0x60,0xc6,0x62,0xe9,0xf6,0x14,0xc1,0xb3,0xd7,0xa6,0xa8,0xdd,0xb0,0xd5,0x9e,0x98,0xf7,0x52,0x2a, 0x10,0xd1,0xcc,0x2e,0x28,0x61,0x53,0x66,0x58,0x5d,0xff,0x1c,0x5f,0x16,0xdf,0x31,0x4c,0x27,0x0e,0xcd,0x32,0x97,0x15, 0xef,0x98,0xf5,0x90,0x01,0x93,0x58,0x6a,0x4c,0x27,0x51,0x0b,0xb7,0x0a,0x08,0xd0,0xd5,0xa6,0x1d,0x08,0xaa,0x70,0xb3, 0x12,0x22,0x62,0xf0,0xda,0x63,0xaf,0x00,0x9c,0x1a,0xb3,0x75,0xf1,0xf7,0x40,0xf8,0xe3,0x56,0xbc,0x9d,0xb5,0x0b,0xa9, 0x1d,0x66,0x07,0x89,0x8e,0x87,0xc3,0x2a,0xd7,0xee,0x15,0xdd,0x10,0x1f,0x5f,0x6a,0xee,0x32,0xdb,0x88,0xd6,0x07,0x68, 0x88,0xb6,0xf8,0xa7,0x9e,0x7f,0xa4,0x2d,0x4a,0x1c,0x35,0x56,0xb1,0xbd,0xd7,0x9f,0xc0,0xef,0xc8,0x66,0x64,0x36,0xf1, 0x4f,0xc2,0x44,0xcf,0x1b,0xe5,0x33,0xf7,0x13,0x73,0x20,0xc2,0x2a,0x54,0xd0,0xfa,0x1e,0x9d,0x97,0x30,0xe4,0xa8,0x9c, 0x4a,0xcb,0xd2,0x7c,0xe4,0xd2,0xc1,0x10 };
|
| //指令 0x0022请求传话密钥,服务器返回数据,解密后为(280字节) 00 (SessionKey)6b7a375a766759334e7a326954475141 (QQ号)09ac1e6b (cIP)7d55422b (cPort:)5228 (127.0.0.1)7f000001 (cPort:8000)1f40 491809dd 030a684e0000465824b72e8fd702ce7f76ce3429e415f66d720f754914f73d8dc2cf1f40da558a45 (cPort)1f4000814240008000003ab65aa3e9568a8b99e0f354ab9492a49454c744164d52bbca8a6df3f336fb130000000100 00000000000040f8bb97354918091d49017fe04915c077000a000a0100000e1001148ffe4fbbb663c769c3c0000000000000 00000000080204080808080804020028dd638dd1ca48a6d201a2f5b66836f2460138b05b1b47f0c2c203624796ef046cf34d 9c37e3228f4c0030c613c8fafe981ce4f0eac3c8cec82e24f898dfdd36823b86de7f73961dcb260229e70dc8f7fe376b76b1f45eccbf14fb // 密钥为M2P = 3fa22c81640aa1e75ad01c38f0f18ce8 unsigned char key[]={0x3f,0xa2,0x2c,0x81,0x64,0x0a,0xa1,0xe7,0x5a,0xd0,0x1c,0x38,0xf0,0xf1,0x8c,0xe8}; //298字节 unsigned char instr[]= { 0x9b,0x57,0x9f,0xc3,0x23,0xa0,0xba,0x9f,0x54,0x16,0x91,0xb9,0x81,0x58,0xd7,0x88,0x41,0xd4,0x1b,0x67,0x81,0x7f, 0x40,0x67,0x46,0x3d,0x08,0x09,0x72,0x29,0x71,0x4c,0x6c,0x25,0xcf,0x40,0x83,0x5f,0x88,0x7f,0x70,0x72,0xe5,0xf4, 0x57,0xeb,0xb7,0x6e,0x18,0xe1,0x84,0xfc,0xcf,0xa9,0x8d,0x71,0x37,0x62,0x01,0x1a,0x4c,0x05,0x64,0x70,0xe1,0xcb, 0xb5,0xc2,0x5c,0x9a,0x8d,0x26,0x2c,0xc7,0x66,0x67,0x9b,0xba,0x96,0xc0,0x1d,0x3b,0x55,0x83,0xb5,0x48,0x3d,0x8f, 0xdf,0xb1,0xa4,0x2d,0x77,0xc1,0x37,0xc9,0xd1,0x93,0xf3,0x0e,0x6f,0x6a,0x24,0x01,0xeb,0x12,0x8b,0xab,0xdd,0x0b, 0x04,0xc8,0x69,0x76,0x76,0x4b,0xe8,0xc7,0x31,0xfd,0x9d,0xea,0xe3,0x4e,0x29,0x36,0xbf,0x2b,0x71,0x3b,0x27,0x3c, 0x28,0xf2,0xe6,0x4c,0x7a,0xa5,0x63,0x07,0x39,0x98,0xda,0xe3,0x3b,0xea,0x88,0x54,0xae,0xf0,0xe7,0x3b,0x66,0x52, 0xc1,0x87,0xeb,0x26,0xda,0xfe,0x50,0x19,0x37,0xcc,0x9c,0x6a,0xf6,0x46,0x83,0xd9,0x59,0x67,0xa3,0x27,0xd7,0x4c, 0x20,0x50,0xba,0x7c,0x0a,0x87,0x47,0x08,0xd8,0xe5,0x3c,0x8c,0xff,0x29,0xa9,0xcd,0xde,0x5d,0xa4,0xb5,0xd5,0xcc, 0x5f,0x66,0x1b,0xde,0x91,0xab,0x6f,0x0d,0xd7,0x8a,0xb5,0xcc,0x32,0x9e,0xfa,0x71,0x89,0x0b,0x25,0x83,0xb7,0x5e, 0x15,0xc9,0xb0,0xd1,0x56,0x19,0x74,0x93,0xe8,0x6a,0x16,0xcb,0x85,0x2e,0xfc,0x5c,0x3c,0xc5,0x2d,0xbd,0x35,0xa9, 0x74,0x9f,0x18,0x7d,0xd7,0xd7,0x24,0xd3,0x29,0xb0,0x49,0x79,0x69,0xda,0x6e,0xc3,0x37,0xfd,0x33,0x12,0xb7,0x37, 0xfb,0x0d,0xa8,0x35,0xda,0x85,0x24,0xb4,0x7e,0x07,0xb5,0xd9,0x05,0xa6,0x73,0xb4,0x28,0x2a,0x48,0xef,0x1f,0xd1, 0x78,0x2b,0x83,0x9e,0x83,0x04,0xcd,0x0a,0x4b,0x6f }; |
更多推荐
Linux QQ 协议分析
发布评论