@@ -22,6 +22,10 @@ var (
|
|||||||
UserEng *xorm.Engine
|
UserEng *xorm.Engine
|
||||||
|
|
||||||
PackageVersion = "97.4.6"
|
PackageVersion = "97.4.6"
|
||||||
|
|
||||||
|
// LLAS
|
||||||
|
StartUpKey = "e0xrykyuBrLlwZhd"
|
||||||
|
MasterVersion = "8d6246b7c4264db4"
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
|||||||
@@ -171,3 +171,31 @@ func RSA_Sign_SHA1(cipherText []byte, privatekeypath string) []byte {
|
|||||||
|
|
||||||
return signature
|
return signature
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func RSA_DecryptOAEP(cipherText []byte, privatekeypath string) []byte {
|
||||||
|
//open privatekeyfile
|
||||||
|
privatekeyfile, err := os.Open(privatekeypath)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer privatekeyfile.Close()
|
||||||
|
//get privatekeyfile content
|
||||||
|
privatekeyinfo, _ := privatekeyfile.Stat()
|
||||||
|
buf := make([]byte, privatekeyinfo.Size())
|
||||||
|
privatekeyfile.Read(buf)
|
||||||
|
//pem decode
|
||||||
|
privatekeyblock, _ := pem.Decode(buf)
|
||||||
|
//X509 decode
|
||||||
|
parseKey, err := x509.ParsePKCS8PrivateKey(privatekeyblock.Bytes)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
privateKey := parseKey.(*rsa.PrivateKey)
|
||||||
|
//decrypt the cipher
|
||||||
|
plainText, err := rsa.DecryptOAEP(sha1.New(), rand.Reader, privateKey, cipherText, nil)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return plainText
|
||||||
|
}
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ import (
|
|||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
// Gin
|
// Gin
|
||||||
// gin.SetMode(gin.ReleaseMode)
|
gin.SetMode(gin.ReleaseMode)
|
||||||
|
|
||||||
// Router
|
// Router
|
||||||
r := gin.Default()
|
r := gin.Default()
|
||||||
@@ -17,5 +17,8 @@ func main() {
|
|||||||
// SIF
|
// SIF
|
||||||
router.SifRouter(r)
|
router.SifRouter(r)
|
||||||
|
|
||||||
|
// AS
|
||||||
|
router.AsRouter(r)
|
||||||
|
|
||||||
r.Run(":80") // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
|
r.Run(":80") // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,16 +1,28 @@
|
|||||||
package router
|
package router
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/base64"
|
||||||
|
"fmt"
|
||||||
|
"honoka-chan/config"
|
||||||
|
"honoka-chan/encrypt"
|
||||||
"honoka-chan/handler"
|
"honoka-chan/handler"
|
||||||
"honoka-chan/middleware"
|
"honoka-chan/middleware"
|
||||||
|
"honoka-chan/utils"
|
||||||
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/gin-contrib/sessions"
|
"github.com/gin-contrib/sessions"
|
||||||
"github.com/gin-contrib/sessions/cookie"
|
"github.com/gin-contrib/sessions/cookie"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
|
"github.com/tidwall/gjson"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
sessionKey = "12345678123456781234567812345678"
|
||||||
)
|
)
|
||||||
|
|
||||||
func SifRouter(r *gin.Engine) {
|
func SifRouter(r *gin.Engine) {
|
||||||
@@ -139,3 +151,120 @@ func SifRouter(r *gin.Engine) {
|
|||||||
w.POST("/upload", handler.Upload)
|
w.POST("/upload", handler.Upload)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func AsRouter(r *gin.Engine) {
|
||||||
|
|
||||||
|
s := r.Group("ep3071")
|
||||||
|
{
|
||||||
|
s.POST("/login/login", func(ctx *gin.Context) {
|
||||||
|
body, err := io.ReadAll(ctx.Request.Body)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer ctx.Request.Body.Close()
|
||||||
|
|
||||||
|
var mask string
|
||||||
|
req := gjson.Parse(string(body))
|
||||||
|
req.ForEach(func(key, value gjson.Result) bool {
|
||||||
|
if value.Get("mask").String() != "" {
|
||||||
|
mask = value.Get("mask").String()
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
return true
|
||||||
|
})
|
||||||
|
fmt.Println("Request data:", req.String())
|
||||||
|
fmt.Println("Mask:", mask)
|
||||||
|
|
||||||
|
mask64, err := base64.StdEncoding.DecodeString(mask)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
randomBytes := encrypt.RSA_DecryptOAEP(mask64, "privatekey.pem")
|
||||||
|
fmt.Println("Random Bytes:", randomBytes)
|
||||||
|
|
||||||
|
newKey := utils.SliceXor(randomBytes, []byte(sessionKey))
|
||||||
|
newKey64 := base64.StdEncoding.EncodeToString(newKey)
|
||||||
|
|
||||||
|
loginBody := strings.ReplaceAll(utils.ReadAllText("data/login_body.txt"), "SESSION_KEY", newKey64)
|
||||||
|
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, loginBody)
|
||||||
|
|
||||||
|
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||||
|
fmt.Println(ep)
|
||||||
|
|
||||||
|
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(config.StartUpKey))
|
||||||
|
fmt.Println(sign)
|
||||||
|
|
||||||
|
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||||
|
// fmt.Println(res)
|
||||||
|
|
||||||
|
ctx.Header("Content-Type", "application/json")
|
||||||
|
ctx.String(http.StatusOK, res)
|
||||||
|
})
|
||||||
|
s.POST("/bootstrap/fetchBootstrap", func(ctx *gin.Context) {
|
||||||
|
body, err := io.ReadAll(ctx.Request.Body)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer ctx.Request.Body.Close()
|
||||||
|
fmt.Println(string(body))
|
||||||
|
|
||||||
|
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||||
|
fmt.Println(ep)
|
||||||
|
|
||||||
|
bootstrapBody := utils.ReadAllText("data/bootstrap_body.txt")
|
||||||
|
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||||
|
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||||
|
fmt.Println(sign)
|
||||||
|
|
||||||
|
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||||
|
// fmt.Println(res)
|
||||||
|
|
||||||
|
ctx.Header("Content-Type", "application/json")
|
||||||
|
ctx.String(http.StatusOK, res)
|
||||||
|
})
|
||||||
|
s.POST("/billing/fetchBillingHistory", func(ctx *gin.Context) {
|
||||||
|
body, err := io.ReadAll(ctx.Request.Body)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer ctx.Request.Body.Close()
|
||||||
|
fmt.Println(string(body))
|
||||||
|
|
||||||
|
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||||
|
fmt.Println(ep)
|
||||||
|
|
||||||
|
bootstrapBody := utils.ReadAllText("data/bill_body.txt")
|
||||||
|
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||||
|
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||||
|
fmt.Println(sign)
|
||||||
|
|
||||||
|
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||||
|
// fmt.Println(res)
|
||||||
|
|
||||||
|
ctx.Header("Content-Type", "application/json")
|
||||||
|
ctx.String(http.StatusOK, res)
|
||||||
|
})
|
||||||
|
s.POST("/notice/fetchNotice", func(ctx *gin.Context) {
|
||||||
|
body, err := io.ReadAll(ctx.Request.Body)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer ctx.Request.Body.Close()
|
||||||
|
fmt.Println(string(body))
|
||||||
|
|
||||||
|
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||||
|
fmt.Println(ep)
|
||||||
|
|
||||||
|
bootstrapBody := utils.ReadAllText("data/notice_body.txt")
|
||||||
|
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||||
|
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||||
|
fmt.Println(sign)
|
||||||
|
|
||||||
|
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||||
|
// fmt.Println(res)
|
||||||
|
|
||||||
|
ctx.Header("Content-Type", "application/json")
|
||||||
|
ctx.String(http.StatusOK, res)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user