获取apk文件
反编译apk
- apktool.bat;apktool.jar
作用:最大程度的还原apk中的manifest文件和资源文件 。使用apktool工具反编译apk文件比直接解压同一个apk文件大;还可以将反编译之后的apk重新打包成apk文件,但需要重新签名,才能安装使用。 -
classes-dex2.jar
作用:将APK直接解压后,目录下包含的一个classes.dex文件反编译为 -
dex2jar
作用:直接查看classes-dex2jar.jar文件
分析反编译后的包体
查看包体,会得到assets目录,如图
apps目录则是app的核心代码,这里没有经过原生安卓的方法,因为经过分析,此app是使用MUI,用js编写的app,为webview,所有核心代码都在此目录!我们使用HbuilderX打开此目录,则app的工程文件自动显示,接下来,我们可以随意查看代码
分析代码业务逻辑
查看代码后,我们会得到如下信息:
1. app接口: http://api.51moot.cn/api/
- 静态资源网址: https://mootimg.oss-cn-beijing.aliyuncs.com/Moot/
-
核心sign获取接口:http://api.51moot.cn/api/v1/sign
所有请求都会验证sign的正确性,不过可笑的是这个sign是固定的!
分析播放业务逻辑
通过查阅代码,我们可以找到视频播放页面是course_vedio.html,核心代码course_vedio.js文件,以下是播放器初始化代码,可以看出只需要传入我们的用户ID就可以统计时长
通过百度查找polyvObject方法,我们可以得到这是保利威公司的播放器sdk,核心依赖sdk文档->点击查看
至此,我们只需要拼接所需信息即可完成模拟播放,以下是我封装过的接口,使用php语言编写,通过此接口我们可以得到任何想要的信息
更新日志:
2021-01-07:
(1.)支持学生账户提取试卷及一键答题
2020-10-28:
(1.)修复APP外部与内部进度不同步的问题
2020-09-02:
(1.)修复节点失效
2020-08-17:
(1.)增加一键秒刷
2020-06-03:
(1.)增加pc协议支持
(2.)增加pc cookie提取
(3.)增加pc协议的视频加密信息获取
(4.)网站同时支持falsh和h5内核,播放更加流畅
(5.)优化答题业务逻辑
<?php
/*
* Title:美和易思信息获取插件
* Author:流逝中沉沦
* Date:2020/01/01 20:00:00
*/
namespace SinKingCloud;
class Mstanford
{
private $ApiUrl = array('pc' => 'https://www.51moot.net/', 'mobile' => 'http://112.126.118.66/');
private $sign; //签名
private $UserInfo; //账户信息
public $cookies = null; //pc cookie
/**
*构造参数
*/
function __construct($ApiUrl = false, $sign = false)
{
if ($ApiUrl) {
$this->ApiUrl = $ApiUrl;
}
if ($sign) {
$this->sign = $sign;
} else {
$this->sign = $this->get_sign();
}
}
/**
* 获取sign
* @return String 签名
*/
private function get_sign()
{
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/sign");
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
return $arr['data'];
} else {
return false;
}
}
/**
* 账户登陆(app协议)
* @param String $user 账户
* @param String $pwd 密码
* @return Array 数据集
*/
public function UserLogin($user, $pwd)
{
if (!empty($user) && !empty($pwd)) {
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/web_user?login_name=" . $user . "&login_pass=" . $pwd . "&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
$this->UserInfo = $arr['data'];
return $arr['data'];
} else {
return false;
}
} else {
return false;
}
}
/**
* 账户登陆(pc协议)
* @param String $user 账户
* @param String $pwd 密码
* @return Array 数据集
*/
public function UserPcLogin($user, $pwd)
{
if (!empty($user) && !empty($pwd)) {
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['pc'] . "/main/login_validate", "login_name=" . $user . "&login_pass=" . $pwd . "&auto_login=true", 0, 0, 1);
$arr = explode("\n", $res);
$data = json_decode(end($arr), true);
if ($data['code'] == 'success') {
//取cookie
preg_match_all('/Set-Cookie: (.*?);/', $res, $arr);
$this->cookies = implode(";", $arr[1]);
//二次登陆获取用户信息
return $this->UserLogin($user, $pwd);
} else {
return false;
}
} else {
return false;
}
}
/**
* 账户信息查询(app协议)
* @param Int $uid 账户ID
* @return Array 数据集
*/
public function UserQuery($uid)
{
if (!empty($uid)) {
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . '/api/v1/web_user?id=' . $uid . '&sign=' . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
$this->UserInfo = $arr['data'];
return $arr['data'];
} else {
return false;
}
} else {
return false;
}
}
/**
* 课程信息查询(app协议)
* @param Array $id 课程ID
* @return Array 数据集
*/
public function CourseQuery($id = array(), $uid = 6518)
{
if (empty($id) || !is_array($id) || empty($this->sign)) {
return false;
} else {
$list = implode(',', $id);
$data = array();
for ($i = 1; $i <= 5; $i++) {
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/course_info?page_index=0&page_size=9999&id_list=" . $list . "&type=1&is_progress=true&user_id=" . $uid . "&assort_id=3&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
continue;
}
if ($arr['code'] == 0) {
foreach ($arr['data']['rows'] as $key) {
$data[] = $key;
}
} else {
continue;
}
}
return $data;
}
}
/**
* 课程详情(app协议)
* @param Int $id 课程ID
* @return Array
*/
public function CourseInfo($id)
{
if (empty($id)) {
return false;
}
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api//v1/course_dirctory?course_id=" . $id . "&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
return $arr['data'];
} else {
return false;
}
}
/**
* 视频详情(app协议)
* @param Array $id 课程ID
* @return Array 数据集
*/
public function DirctoryInfo($id)
{
if (empty($id)) {
return false;
} else {
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/course_dirctory?id=" . $id . "&is_dirctory=true&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
return $arr['data'];
} else {
return false;
}
}
}
/**
* 视频详情(pc协议)
* @param Array $id 课程ID
* @return Array 数据集
*/
public function DirctoryPcInfo($id)
{
if (empty($id)) {
return false;
} else {
if (empty($this->cookies)) {
return false;
}
$res = $this->get_curl($this->ApiUrl['pc'] . "/server_hall_2/server_hall_2/video_play?dir_id=" . $id . "&do=_do", 0, 0, $this->cookies);
//取视频加密信息
preg_match_all('/polyvPlayer([\s\S]*?);/i', $res, $arr);
if (isset($arr[0][0])) {
$res = substr(substr($arr[0][0], 12), 0, -2);
$arr = json_decode(str_replace(array("\n", "\t", "wrap", "false", "'"), array("", "", "'wrap'", "'false'", '"'), $res), true);
return array(
'vid' => $arr['vid'],
'ts' => $arr['ts'],
'sign' => $arr['sign'],
'session_id' => $arr['session_id'],
'playsafe' => $arr['playsafe']
);
} else {
return false;
}
}
}
/**
* 试卷评测(app协议)
* @param Int $id 试卷ID
* @param Int $uid 用户ID
* @param Int $num 错误的个数
* @return Array 数据集
*/
public function CourseTest($id, $uid, $num = 0)
{
if (empty($id) || empty($uid)) {
return false;
}
if (empty($this->sign)) {
$this->get_sign();
}
$arr = $this->GetTestInfo($id);
if ($arr) {
$data1 = "api_action=evaluating_check&example_id=" . $id . "&user_id=" . $uid . "&sign=" . $this->sign;
$ids = array();
$ids2 = array();
$errors = array();
for ($i = 0; $i < $num; $i++) {
$errors[] = rand(0, count($arr));
}
$i = 0;
foreach ($arr as $value) {
$ids[] = $value['id'];
if (in_array($i, $errors)) {
$value['answer_list'] = rand(0, 3);
}
$ids2[] = '&answer_list' . $value['id'] . '=' . $value['answer_list'];
$i++;
}
$data2 = "&subject_id_list=" . implode("[{@}]", $ids);
$data3 = implode("", $ids2);
$data = $data1 . $data2 . $data3;
$res2 = $this->put_curl($this->ApiUrl['mobile'] . "/api/v1/example_subject", $data);
$arr2 = json_decode($res2, true);
if ($arr2['code'] == 0) {
return $arr2['data'];
} else {
return false;
}
} else {
return false;
}
}
/**
* 试卷评测结果(app协议)
* @param Int $id 试卷ID
* @param Int $uid 用户ID
* @return Array 数据集
*/
public function GetTestResault($id, $uid)
{
if (empty($id) || empty($uid)) {
return false;
}
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/example_result?example_id=" . $id . "&user_id=" . $uid . "&is_ext=true&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
return $arr['data'];
}
/**
* 试卷详情(app协议)
* @param Int $id 试卷ID
* @return Array 数据集
*/
public function GetTestInfo($id)
{
if (empty($this->sign)) {
$this->get_sign();
}
$res = $this->get_curl($this->ApiUrl['mobile'] . "/api/v1/example_subject?example_id=" . $id . "&is_random=false&sign=" . $this->sign);
$arr = json_decode($res, true);
if (!array_key_exists('code', $arr)) {
return false;
}
if ($arr['code'] == 0) {
return $arr['data'];
}
return false;
}
/**
* 用户试卷列表(pc协议)
* @param Boolean 是否为老师
* @return Array 数据集
*/
public function GetTestList($admin = false)
{
if (empty($this->cookies)) {
return false;
}
$type = $admin ? "tea" : "stu";
$res = $this->get_curl($this->ApiUrl['pc'] . "/server_hall_2/" . $type . "/examine", 0, 0, $this->cookies);
preg_match_all('/JSON.parse[\s\S]*?}/i', $res, $arr);
if ($arr[0]) {
$new = array();
foreach ($arr[0] as $key) {
$txt = htmlspecialchars_decode(str_replace("JSON.parse('", "", $key));
$arr2 = json_decode($txt, true);
if (empty($arr2['id']) || empty($arr2['title'])) continue;
$new[] = array(
'id' => $arr2['id'],
'title' => $arr2['title']
);
}
$tmp_arr = array();
foreach ($new as $k => $v) {
if (in_array($v['id'], $tmp_arr)) {
unset($new[$k]);
} else {
$tmp_arr[$k] = $v['id'];
}
}
return $new;
} else {
return false;
}
}
/**
* 观看视频
* @param Int $user_id 用户id
* @param String $video_id 视频id值
* @param Int $times 观看秒数
* @param Int $id 视频id
* @return Boolean 执行结果
*/
public function LookVideo($user_id, $video_id, $times, $id)
{
$pid = time() . rand(100, 999) . 'X' . rand(100000, 999999);
$vid = $video_id;
$uid = substr($vid, 0, 10);
$flow = 0;
$ts = time() . "886";
$href = 'https://www.51moot.net/server_hall_2/server_hall_2/video_play?dir_id=' . $id . '&do=_do';
$duration = $times;
$cts = $times;
$pd = $times;
$sd = 10;
$param2 = base64_encode($user_id);
$pn = 'HTML5';
$pv = 'v1.15.1';
$cataid = "1480326650851";
$sign = md5("rtas.net" . $pid . $vid . '0' . $pd . $cts);
$url = 'https://prtas.videocc.net/v2/view?pid=' . $pid . '&vid=' . $vid . '&uid=' . $uid . '&flow=' . $flow . '&ts=' . $ts . '&href=' . base64_encode($href) . '&duration=' . $duration . '&cts=' . $cts . '&sign=' . $sign . '&sd=' . $sd . '&pd=' . $pd . '&pn=' . $pn . '&pv=' . $pv . '¶m2=' . $param2 . '&cataid=' . $cataid . '&ute=bop';
return $this->get_curl($url) == "1";
}
/**
* Curl get post请求
* @param String $url 网址
* @param String $post POST参数
* @param String $referer refer地址
* @param String $cookie 携带COOKIE
* @param String $header 请求头
* @param String $ua User-agent
* @param String $nobaody 重定向
* @return String 数据
*/
private function get_curl($url, $post = 0, $referer = 0, $cookie = 0, $header = 0, $ua = 0, $nobaody = 0)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$clwl[] = "Accept:*/*";
$clwl[] = "Accept-Encoding:gzip,deflate,sdch";
$clwl[] = "Accept-Language:zh-CN,zh;q=0.8";
curl_setopt($ch, CURLOPT_HTTPHEADER, $clwl);
if ($post) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if ($header) {
curl_setopt($ch, CURLOPT_HEADER, TRUE);
}
if ($cookie) {
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
}
if ($referer) {
if ($referer == 1) {
curl_setopt($ch, CURLOPT_REFERER, $this->ApiUrl . $url);
} else {
curl_setopt($ch, CURLOPT_REFERER, $referer);
}
}
if ($ua) {
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
} else {
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Linux; U; Android 4.0.4; es-mx; HTC_One_X Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0');
}
if ($nobaody) {
curl_setopt($ch, CURLOPT_NOBODY, 1);
//主要头部
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); //跟随重定向
}
curl_setopt($ch, CURLOPT_ENCODING, "gzip");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
/**
* Curl PUT请求
* @param String $url 网址
* @param String $data 参数
* @param Array $header 请求头
* @return String 数据
*/
private function put_curl($url, $data = "", $header = array())
{
$ch = curl_init();
$header[] = "Content-type:application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$res = curl_exec($ch);
curl_close($ch);
return $res;
}
}
总体功能实现
封装完接口,我们可以得到想要功能,我们可以实现多视频同时播放来实现刷课,以下是实现效果,另外送上一个已经写好的网站->点击访问
这样就可以刷课了(功能太过变态,低调使用!!!)~~~
http://passo.su/forums/index.php?autocom=gallery&req=si&img=4285
http://terios2.ru/forums/index.php?autocom=gallery&req=si&img=4671
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4927
https://hrv-club.ru/forums/index.php?autocom=gallery&req=si&img=6996
http://wish-club.ru/forums/index.php?autocom=gallery&req=si&img=5341
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4919
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4917
http://wish-club.ru/forums/index.php?autocom=gallery&req=si&img=5335
http://terios2.ru/forums/index.php?autocom=gallery&req=si&img=4655
https://hrv-club.ru/forums/index.php?autocom=gallery&req=si&img=6981
http://toyota-porte.ru/forums/index.php?autocom=gallery&req=si&img=3296
http://passo.su/forums/index.php?autocom=gallery&req=si&img=4273
https://hrv-club.ru/forums/index.php?autocom=gallery&req=si&img=6970
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4879
http://toyota-porte.ru/forums/index.php?autocom=gallery&req=si&img=3273
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4875
https://myteana.ru/forums/index.php?autocom=gallery&req=si&img=6681
https://honda-fit.ru/forums/index.php?autocom=gallery&req=si&img=7105
https://myteana.ru/forums/index.php?autocom=gallery&req=si&img=6679
http://terios2.ru/forums/index.php?autocom=gallery&req=si&img=4612
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4873
http://toyota-porte.ru/forums/index.php?autocom=gallery&req=si&img=3265
https://vitz.ru/forums/index.php?autocom=gallery&req=si&img=4858
http://terios2.ru/forums/index.php?autocom=gallery&req=si&img=4596
https://myteana.ru/forums/index.php?autocom=gallery&req=si&img=6660
http://wish-club.ru/forums/index.php?autocom=gallery&req=si&img=5277
https://mazda-demio.ru/forums/index.php?autocom=gallery&req=si&img=6378
https://honda-fit.ru/forums/index.php?autocom=gallery&req=si&img=7077
https://mazda-demio.ru/forums/index.php?autocom=gallery&req=si&img=6364
http://terios2.ru/forums/index.php?autocom=gallery&req=si&img=4574