使用PHP,实现查询天府通余额
2015-12-20 13:10
796 查看
成都的巴适公交APP可以查询天府通余额,于是想将其移植到PHP代码上
解压apk,dex2jar反编译classes.dex为jar,用jd-gui.exe打开就可以看见代码了
原理就是向http://www.basiapp.com/Bus/BusCardBalance/请求数据
参数为signature,ASC加密数据为cardno=0001XXXXXXXX&time=Y-m-d H:i:s
加密秘钥为666AA4DF3533497D973D852004B975BC的MD5的特殊形式
接下来是获得URL地址,从而获得所需数据(8位卡号前面补0001)
获得卡片余额
BusCardBalance:卡片余额
QueryConsumption:消费记录
QueryTopUp:充值记录
解压apk,dex2jar反编译classes.dex为jar,用jd-gui.exe打开就可以看见代码了
public List<CardRechargeBean> getCardRechargeByNum(String paramString) { ArrayList localArrayList = new ArrayList(); localArrayList.add(new BasicNameValuePair("mod", "api")); localArrayList.add(new BasicNameValuePair("ac", "BusConsumption")); localArrayList.add(new BasicNameValuePair("op", "1")); localArrayList.add(new BasicNameValuePair("cardno", "0001" + paramString)); StringBuffer localStringBuffer = new StringBuffer(); localStringBuffer.append(Config.BASE_URL); localStringBuffer.append("Bus/QueryTopUp/"); localStringBuffer.append("?cardno=0001" + paramString); localObject1 = new ArrayList(); for (;;) { try { String str = request(getHttpClient(), ParamUtils.generateSignature(localStringBuffer.toString()), null); localJSONObject = new JSONObject(str.toLowerCase()); if (localJSONObject.getInt("status") == 101) { localType = new TypeToken() {}.getType(); System.out.println(">>>sss:" + str); } } catch (Exception localException) { JSONObject localJSONObject; Type localType; localException.printStackTrace(); if ((localException instanceof InterruptedException)) { continue; } (localException instanceof ConnectException); if (localObject1 != null) { continue; } return new ArrayList(); } finally { if (localObject1 != null) { continue; } new ArrayList(); } try { localObject1 = (List)gson.fromJson(localJSONObject.getString("listdata"), localType); if (localObject1 == null) { localObject1 = new ArrayList(); } return localObject1; } finally {} } } [/java] [java collapse="true" title="com.guoke.chengdu.bashi.tools.util.ParamUtils"] public static final String generateSignature(String paramString) { if ((paramString != null) && (paramString.contains("http://www.basiapp.com"))) { String[] arrayOfString = paramString.split("[?]"); if (arrayOfString != null) {} try { if (arrayOfString.length > 1) { LogUtils.d(LogUtils.LogAuthor.AUTHOR, "before : " + arrayOfString[1] + "&time=" + getNowTime()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "after : " + AESUtil.encrypt(new StringBuilder(String.valueOf(arrayOfString[1])).append("&time=").append(getNowTime()).toString())); String str2 = arrayOfString[0] + "?signature=" + AESUtil.encrypt(new StringBuilder(String.valueOf(arrayOfString[1])).append("&time=").append(getNowTime()).toString()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "split : " + str2); return str2; } String str1 = paramString + "?signature=" + AESUtil.encrypt(new StringBuilder("time=").append(getNowTime()).toString()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "split : " + str1); return str1; } catch (Exception localException) { localException.printStackTrace(); } } return paramString; } public static final String getNowTime() { return new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()); }
public static String keyValue = "666AA4DF3533497D973D852004B975BC"; public static String encrypt(String paramString) throws Exception { SecretKeySpec localSecretKeySpec = new SecretKeySpec(shortmd5(keyValue), "AES"); Cipher localCipher = Cipher.getInstance("AES"); localCipher.init(1, localSecretKeySpec); return byte2hex(localCipher.doFinal(paramString.getBytes())).toLowerCase(); }
原理就是向http://www.basiapp.com/Bus/BusCardBalance/请求数据
参数为signature,ASC加密数据为cardno=0001XXXXXXXX&time=Y-m-d H:i:s
加密秘钥为666AA4DF3533497D973D852004B975BC的MD5的特殊形式
private static byte[] shortmd5(String paramString) throws Exception { MessageDigest localMessageDigest = MessageDigest.getInstance("MD5"); localMessageDigest.update(paramString.getBytes("UTF-8")); return localMessageDigest.digest(); }与
md5('',true)等同
接下来是获得URL地址,从而获得所需数据(8位卡号前面补0001)
class Security { public static function encrypt($input, $key) { $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $input = Security::pkcs5_pad($input, $size); $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, ''); $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $key, $iv); $data = mcrypt_generic($td, $input); mcrypt_generic_deinit($td); mcrypt_module_close($td); $data = bin2hex($data); return $data; } private static function pkcs5_pad ($text, $blocksize) { $pad = $blocksize - (strlen($text) % $blocksize); return $text . str_repeat(chr($pad), $pad); } public static function decrypt($sStr, $sKey) { $decrypted= mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $sKey, base64_decode($sStr), MCRYPT_MODE_ECB ); $dec_s = strlen($decrypted); $padding = ord($decrypted[$dec_s-1]); $decrypted = substr($decrypted, 0, -$padding); return $decrypted; } }
获得卡片余额
echo "http://www.basiapp.com/Bus/BusCardBalance/?signature=".Security::encrypt("cardno=0001{$CARD_NO}&time=". date('Y-m-d H:i:s',time()) , md5('666AA4DF3533497D973D852004B975BC',true));
BusCardBalance:卡片余额
QueryConsumption:消费记录
QueryTopUp:充值记录
相关文章推荐
- 进入TP-Link路由器之后利用快捷键F12查看星号路由密码的方法
- Yii2 Activefrom表单部分组件
- PHP 取网页变量
- PHP版本常用的排序算法汇总
- PHP 乘法口诀表
- php封装好的人民币数值转中文大写类
- 【杭电】[1096]A+B for Input-Output Practice (VIII)
- 【杭电】[1095]A+B for Input-Output Practice (VII)
- 【杭电】[1094]A+B for Input-Output Practice (VI)
- 【杭电】[1093]A+B for Input-Output Practice (V)
- 【杭电】[1092]A+B for Input-Output Practice (IV)
- 【杭电】[1091]A+B for Input-Output Practice (III)
- 【杭电】[1090]A+B for Input-Output Practice (II)
- 【杭电】[1089]A+B for Input-Output Practice (I)
- 关于在Editplus中设置内容提示比如syso的快捷输出的方法
- php 安装gd模块
- laravel(2) 变量传递
- 关于各种文件用Editplus的方式打开出现“向程序发送命令时出现问题”的解决方法
- Laravel (1)基本工作流程
- 使用PHP如何实现高效安全的ftp服务器(一)