目录:
一、行业背景
二、什么是可信ID?
三、可信ID的应用场景
四、可信ID原理分析
五、如何攻破可信ID,可信ID是否真的可信?
六、总结一、行业背景
随着全球范围内移动业务的全面发展,采取移动为主策略的营销人员具有独特的优势,能够为他们的品牌带来最大的成功。根据Zenith估计,到2020年移动设备将占全球广告市场的30%以上。
今年苹果秋季发布会上苹果介绍对用户隐私保护继续升级。从官方披露的公开信息来看,iOS 14的用户隐私保护更新将让用户更加知悉自己个人数据的使用情况,并进一步约束App追踪用户隐私的能力。限制“广告客户标识符”(IDFA)更新已确定延期至明年初执行,这将是一个会极大影响App定制化广告收入的用户数据追踪功能。
目前大多广告依赖IDFA和用户数据进行广告投放和优化。iOS 14 之后,IDFA的授权从设备层面移动到app层面。因此,如果用户需要对每个app进行授权。行业预计:只有20%左右的用户会进行授权;而如果80%的用户不进行授权,那么绝大部分app的都不能进行标识用户身份、归因、推荐、唤醒等。用户不授权跟踪(没有IDFA)之后,怎么办?如果拿不到用户的IDFA授权,或者长远看苹果不再支持IDFA怎么办?
二、什么是可信ID?
可信ID是移动设备唯一性识别技术,在终端IMEI、MAC、OAID及iOS自带“IDFA”难稳定获取及 易被篡改的情况下,通过派发不易被篡改的更稳定终端唯一标识,为APP开发者提供更可信赖的唯一ID,作为数据运营统计基准,有效识别设备篡改、虚拟机等作弊行为,识别应用登陆及其它后续行为中的作弊风险,数据实时、准确可靠且可用于独立佐证。
三、可信ID的应用场景
推广/营销活动防刷:
可信ID及对应状态可实时识别虚拟机、作弊环境,结合客户账户体系,在激活、登陆等节点事前识别业务风险。
应用全周期洞察:
以可信ID为基准,依托数盟全域覆盖及判定能力,可有效判断应用安装未激活、卸载及换机状态,提供关键运营数据赋能。
四、可信ID原理分析
1、整体架构流程
如图1所示:
图1
2、详细流程分析
读取本地ID,如果本地未有缓存ID,将请求服务器计算ID,代码如下:
v18 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("cs+/NyxzuGM+4ZVOsVQBOA=="));// cdid_duv19 = objc_retainAutoreleasedReturnValue(v18);v20 = v19;v21 = objc_msgSend(v17, &objectForKey_, v19);// 读取本地IDcdid_du = objc_retainAutoreleasedReturnValue(v21);objc_release(v20);objc_release(v17);if ( (signed __int64)v12 < 1 || v143 || !cdid_du ){+[FxLNxvmwQHTxxT xxxHxbaeMxfxxe](&OBJC_CLASS___FxLNxvmwQHTxxT, "xxxHxbaeMxfxxe");v31 = (void *)objc_alloc(&OBJC_CLASS___AClNsOHxEnxxFq);v32 = objc_msgSend(v31, (const char *)&unk_190A2D5CF);v138 = v32;v33 = objc_msgSend(v32, "rmxhgtexxxYJsr");v137 = (void *)objc_retainAutoreleasedReturnValue(v33);v136 = 0;for ( i = 0; i < 5; ++i ){if ( !((unsigned __int64)objc_msgSend(v137, (const char *)&unk_190A2E27E, &stru_100144878) & 1) && v137 ){v37 = (void *)objc_alloc(&OBJC_CLASS___xxYuxCNxkKxxZe);v134 = objc_msgSend(v37, (const char *)&unk_190A2D5CF);v133 = objc_msgSend(v134, "GlvxhXtNyNxYxb::", v137, 1LL);// 如果本地未缓存ID,请求服务器获取cdid_duif ( v133 == &unk_C8 ){v38 = objc_msgSend(&OBJC_CLASS___NSUserDefaults, (const char *)&unk_190A34E33);v132 = (void *)objc_retainAutoreleasedReturnValue(v38);v131 = (char *)objc_msgSend(v132, (const char *)&unk_190A736EE, CFSTR("rseq"));v39 = v132;
采集设备信息加密上报服务器计算ID:
id __cdecl getSystemInfo_simulateIDFA2_3_4(BlGpxJxgAacxme *self, SEL a2){__int128 v387; // [xsp+760h] [xbp-30h]SEL v388; // [xsp+770h] [xbp-20h]BlGpxJxgAacxme *v389; // [xsp+778h] [xbp-18h]v389 = self;v388 = a2;v2 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"sharedSingleton");*((_QWORD *)&v387 + 1) = objc_retainAutoreleasedReturnValue(v2);v3 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "xxicbxDxMDxxxe");*(_QWORD *)&v387 = objc_retainAutoreleasedReturnValue(v3);v4 = (void *)objc_alloc(&OBJC_CLASS___NSDictionary);*((_QWORD *)&v386 + 1) = objc_msgSend(v4, "init");v5 = (void *)objc_alloc(&OBJC_CLASS___NSDictionary);*(_QWORD *)&v386 = objc_msgSend(v5, "init");v6 = (void *)objc_alloc(&OBJC_CLASS___xxxNxNxxfRxxxx);v385 = objc_msgSend(v6, "init");v7 = (void *)objc_alloc(&OBJC_CLASS___txxxxYxxxISEgq);v384 = objc_msgSend(v7, "init");v351 = v384;v8 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));v9 = objc_retainAutoreleasedReturnValue(v8);v350 = v9;v10 = objc_msgSend(v384, "xiOExnwjxvxxxV::", v9, 1LL);v383 = (void *)objc_retainAutoreleasedReturnValue(v10);objc_release(v350);v11 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);// tojsonv382 = objc_retainAutoreleasedReturnValue(v11);v349 = v384;v12 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v348 = objc_retainAutoreleasedReturnValue(v12);v347 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v348, v382, 1LL);objc_release(v348);v346 = v384;v13 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v345 = objc_retainAutoreleasedReturnValue(v13);v344 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v345, v382, 2LL);objc_release(v345);if ( !((unsigned __int64)objc_msgSend(v383, "isEqualToString:", &stru_100108878)v292 = objc_retainAutoreleasedReturnValue(v46);v47 = objc_msgSend(&OBJC_CLASS___NSDictionary,&aDictionarywith,v300,CFSTR("se1"),v299,CFSTR("fW2"),v298,CFSTR("sf2W"),v297,CFSTR("js2"),v296,CFSTR("sj2s"),v377,CFSTR("qH4"),v376,CFSTR("zT2"),v293,CFSTR("gy8"),v292,CFSTR("sg8y"),0LL);v48 = objc_retainAutoreleasedReturnValue(v47);v49 = *((_QWORD *)&v386 + 1);*((_QWORD *)&v386 + 1) = v48;objc_release(v49);objc_release(v292);objc_release(v293);objc_release(v296);objc_release(v297);objc_release(v298);objc_release(v299);objc_release(v300);objc_release(v302);objc_storeStrong(&v375, 0LL);}else{v291 = &OBJC_CLASS___NSDictionary;v290 = v380;v50 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));v289 = objc_retainAutoreleasedReturnValue(v50);v288 = v289;v51 = objc_msgSend(v380, &objectForKeyedSubscript_, v289);v287 = objc_retainAutoreleasedReturnValue(v51);v52 = objc_msgSend(v379, &objectAtIndexedSubscript_, 0LL);v286 = objc_retainAutoreleasedReturnValue(v52);v53 = objc_msgSend(v379, &objectAtIndexedSubscript_, 1LL);v285 = objc_retainAutoreleasedReturnValue(v53);v54 = objc_msgSend(v378, &objectAtIndexedSubscript_, 0LL);v284 = objc_retainAutoreleasedReturnValue(v54);v55 = objc_msgSend(v378, &objectAtIndexedSubscript_, 1LL);v170 = 0LL;v169 = CFSTR("zT2");v168 = v376;v167 = CFSTR("qH4");v166 = v377;v165 = CFSTR("sj2s");v163 = CFSTR("js2");v162 = v284;v161 = CFSTR("sf2W");v160 = v285;v159 = CFSTR("fW2");v158 = v286;v157 = CFSTR("se1");v283 = objc_retainAutoreleasedReturnValue(v55);v56 = objc_msgSend(&OBJC_CLASS___NSDictionary,&aDictionarywith,v287,CFSTR("se1"),v286,CFSTR("fW2"),v285,CFSTR("sf2W"),v284,CFSTR("js2"),v283,CFSTR("sj2s"),v377,CFSTR("qH4"),v376,CFSTR("zT2"),0LL);v57 = objc_retainAutoreleasedReturnValue(v56);v58 = *((_QWORD *)&v386 + 1);*((_QWORD *)&v386 + 1) = v57;objc_release(v58);objc_release(v283);objc_release(v284);objc_release(v285);objc_release(v286);objc_release(v287);objc_release(v289);}objc_storeStrong(&v376, 0LL);objc_storeStrong(&v377, 0LL);objc_storeStrong(&v378, 0LL);objc_storeStrong(&v379, 0LL);objc_storeStrong(&v380, 0LL);}else{v343 = v384;v14 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));v15 = objc_retainAutoreleasedReturnValue(v14);v342 = v15;v16 = objc_msgSend(v384, "xiOExnwjxvxxxV::", v15, 2LL);v17 = (void *)objc_retainAutoreleasedReturnValue(v16);v18 = v383;v383 = v17;objc_release(v18);objc_release(v342);if ( !((unsigned __int64)objc_msgSend(v383, "isEqualToString:", &stru_100108878) & 1) && v383 ){v335 = v384;v22 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));v334 = objc_retainAutoreleasedReturnValue(v22);v333 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v334, v383, 1LL);objc_release(v334);}else{v19 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);v381 = objc_retainAutoreleasedReturnValue(v19);v341 = v384;v20 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));v340 = objc_retainAutoreleasedReturnValue(v20);v339 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v340, v381, 1LL);objc_release(v340);v338 = v384;v21 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));v337 = objc_retainAutoreleasedReturnValue(v21);v336 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v337, v381, 2LL);objc_release(v337);objc_storeStrong((char *)&v386 + 8, v387);objc_storeStrong(&v381, 0LL);}}v282 = v384;v59 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v60 = objc_retainAutoreleasedReturnValue(v59);v281 = v60;v61 = objc_msgSend(v282, "xiOExnwjxvxxxV::", v60, 1LL);v374 = (void *)objc_retainAutoreleasedReturnValue(v61);objc_release(v281);if ( !((unsigned __int64)objc_msgSend(v374, "isEqualToString:", &stru_100108878) & 1) && v374 ){v68 = objc_msgSend(v385, "uxWxWrCxxxxjyx:", v374);v373 = (void *)objc_retainAutoreleasedReturnValue(v68);v275 = (void *)*((_QWORD *)&v387 + 1);v274 = v373;v69 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("vObXs+x9vhDcXdpKshNtFw=="));// idfav273 = objc_retainAutoreleasedReturnValue(v69);idfa_1 = v273;v70 = objc_msgSend(v373, &objectForKeyedSubscript_, v273);idfa_3 = objc_retainAutoreleasedReturnValue(v70);v270 = idfa_3;v71 = objc_msgSend(v275, "GBkCxErcvAxxDf:", idfa_3);// enc_fildenc_idfa_3 = (void *)objc_retainAutoreleasedReturnValue(v71);objc_release(idfa_3);objc_release(v273);v269 = (void *)*((_QWORD *)&v387 + 1);v268 = v373;v72 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("uPUdV+fjkO9vswOQpPrXTg=="));v267 = objc_retainAutoreleasedReturnValue(v72);v266 = v267;v73 = objc_msgSend(v373, &objectForKeyedSubscript_, v267);v265 = objc_retainAutoreleasedReturnValue(v73);v264 = v265;v74 = objc_msgSend(v269, "GBkCxErcvAxxDf:", v265);// enc_fildv371 = (void *)objc_retainAutoreleasedReturnValue(v74);objc_release(v265);objc_release(v267);v263 = (void *)*((_QWORD *)&v387 + 1);v262 = v373;v75 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("2xxmKRFKCcr5XU2+msFR+A=="));v261 = objc_retainAutoreleasedReturnValue(v75);v260 = v261;v76 = objc_msgSend(v373, &objectForKeyedSubscript_, v261);v259 = objc_retainAutoreleasedReturnValue(v76);v258 = v259;v77 = objc_msgSend(v263, "HxWTSXOxluCtkx:", v259);v370 = objc_retainAutoreleasedReturnValue(v77);objc_release(v259);objc_release(v261);v257 = (void *)*((_QWORD *)&v387 + 1);v256 = v373;v78 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("+nnUEO7y67rRr/puoH0wmQ=="));v255 = objc_retainAutoreleasedReturnValue(v78);v254 = v255;v79 = objc_msgSend(v373, &objectForKeyedSubscript_, v255);v253 = objc_retainAutoreleasedReturnValue(v79);v252 = v253;v80 = objc_msgSend(v257, "HxWTSXOxluCtkx:", v253);v369 = objc_retainAutoreleasedReturnValue(v80);objc_release(v253);objc_release(v255);v81 = objc_msgSend(v373, &objectForKeyedSubscript_, CFSTR("gy8"));v251 = objc_retainAutoreleasedReturnValue(v81);objc_release(v251);if ( v251 ){v250 = (void *)*((_QWORD *)&v387 + 1);v82 = objc_msgSend(v373, &objectForKeyedSubscript_, CFSTR("gy8"));v249 = objc_retainAutoreleasedReturnValue(v82);v248 = v249;v83 = objc_msgSend(v250, "GBkCxErcvAxxDf:", v249);// enc_fildv368 = (void *)objc_retainAutoreleasedReturnValue(v83);objc_release(v249);v247 = &OBJC_CLASS___NSDictionary;v246 = v373;v84 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));v245 = objc_retainAutoreleasedReturnValue(v84);v244 = v245;v85 = objc_msgSend(v373, &objectForKeyedSubscript_, v245);v243 = objc_retainAutoreleasedReturnValue(v85);v86 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 0LL);idfa_enc = objc_retainAutoreleasedReturnValue(v86);v87 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 1LL);idfa_enc_1 = objc_retainAutoreleasedReturnValue(v87);v88 = objc_msgSend(v371, &objectAtIndexedSubscript_, 0LL);v240 = objc_retainAutoreleasedReturnValue(v88);v89 = objc_msgSend(v371, &objectAtIndexedSubscript_, 1LL);v239 = objc_retainAutoreleasedReturnValue(v89);v238 = v370;v237 = v369;v90 = objc_msgSend(v368, &objectAtIndexedSubscript_, 0LL);v236 = objc_retainAutoreleasedReturnValue(v90);v91 = objc_msgSend(v368, &objectAtIndexedSubscript_, 1LL);v174 = 0LL;sg8y = CFSTR("sg8y");gy8 = CFSTR("gy8");v170 = v236;v169 = CFSTR("zT2");v167 = CFSTR("qH4");v165 = CFSTR("sj2s");v164 = v239;v163 = CFSTR("js2");v162 = v240;v161 = CFSTR("sf2W");v160 = idfa_enc_1;v159 = CFSTR("fW2");v158 = idfa_enc;v157 = CFSTR("se1");v235 = objc_retainAutoreleasedReturnValue(v91);v92 = objc_msgSend(&OBJC_CLASS___NSDictionary,&aDictionarywith,v243,CFSTR("se1"),idfa_enc,CFSTR("fW2"),idfa_enc_1,CFSTR("sf2W"),v240,CFSTR("js2"),v239,CFSTR("sj2s"),v370,CFSTR("qH4"),v369,CFSTR("zT2"),v236,CFSTR("gy8"),v235,CFSTR("sg8y"),0LL);v93 = objc_retainAutoreleasedReturnValue(v92);v94 = v386;*(_QWORD *)&v386 = v93;objc_release(v94);objc_release(v235);objc_release(v236);objc_release(v239);objc_release(v240);objc_release(idfa_enc_1);objc_release(idfa_enc);objc_release(v243);objc_release(v245);objc_storeStrong(&v368, 0LL);}else{v234 = &OBJC_CLASS___NSDictionary;v233 = v373;v95 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));v232 = objc_retainAutoreleasedReturnValue(v95);v231 = v232;v96 = objc_msgSend(v373, &objectForKeyedSubscript_, v232);v230 = objc_retainAutoreleasedReturnValue(v96);v97 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 0LL);v229 = objc_retainAutoreleasedReturnValue(v97);v98 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 1LL);v228 = objc_retainAutoreleasedReturnValue(v98);v99 = objc_msgSend(v371, &objectAtIndexedSubscript_, 0LL);v227 = objc_retainAutoreleasedReturnValue(v99);v100 = objc_msgSend(v371, &objectAtIndexedSubscript_, 1LL);v170 = 0LL;v169 = CFSTR("zT2");v168 = v369;v167 = CFSTR("qH4");v166 = v370;v165 = CFSTR("sj2s");v163 = CFSTR("js2");v162 = v227;v161 = CFSTR("sf2W");v160 = v228;v159 = CFSTR("fW2");v158 = v229;v157 = CFSTR("se1");v226 = objc_retainAutoreleasedReturnValue(v100);v101 = objc_msgSend(&OBJC_CLASS___NSDictionary,&aDictionarywith,v230,CFSTR("se1"),v229,CFSTR("fW2"),v228,CFSTR("sf2W"),v227,CFSTR("js2"),v226,CFSTR("sj2s"),v370,CFSTR("qH4"),v369,CFSTR("zT2"),0LL);v102 = objc_retainAutoreleasedReturnValue(v101);v103 = v386;*(_QWORD *)&v386 = v102;objc_release(v103);objc_release(v226);objc_release(v227);objc_release(v228);objc_release(v229);objc_release(v230);objc_release(v232);}objc_storeStrong(&v369, 0LL);objc_storeStrong(&v370, 0LL);objc_storeStrong(&v371, 0LL);objc_storeStrong(&enc_idfa_3, 0LL);objc_storeStrong(&v373, 0LL);}else{v280 = v384;v62 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v63 = objc_retainAutoreleasedReturnValue(v62);v279 = v63;v64 = objc_msgSend(v280, "xiOExnwjxvxxxV::", v63, 2LL);v65 = (void *)objc_retainAutoreleasedReturnValue(v64);v66 = v374;v374 = v65;objc_release(v66);objc_release(v279);if ( !((unsigned __int64)objc_msgSend(v374, "isEqualToString:", &stru_100108878) & 1) && v374 ){v278 = v384;v67 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v277 = objc_retainAutoreleasedReturnValue(v67);v276 = (unsigned __int64)objc_msgSend(v278, "ExxWKxxtZdtAMN:::", v277, v374, 1LL);objc_release(v277);}else{objc_storeStrong(&v386, v387);}}v104 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);v367 = objc_retainAutoreleasedReturnValue(v104);v225 = v384;v105 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v224 = objc_retainAutoreleasedReturnValue(v105);v223 = (unsigned __int64)objc_msgSend(v225, "ExxWKxxtZdtAMN:::", v224, v367, 1LL);objc_release(v224);v222 = v384;v106 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));v221 = objc_retainAutoreleasedReturnValue(v106);v220 = (unsigned __int64)objc_msgSend(v222, "ExxWKxxtZdtAMN:::", v221, v367, 2LL);objc_release(v221);v107 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "uFxDJAxsGxyOOx");v366 = objc_retainAutoreleasedReturnValue(v107);v108 = (void *)objc_retain(g_strIDSource);v365 = v108;v219 = &OBJC_CLASS___NSNumber;v109 = objc_msgSend(v108, "integerValue");v218 = v109;v110 = objc_msgSend(&OBJC_CLASS___NSNumber, (const char *)&unk_1904A64E2, v109);v364 = objc_retainAutoreleasedReturnValue(v110);v111 = (FxLNxvmwQHTxxT *)+[FxLNxvmwQHTxxT sharedInstance](&OBJC_CLASS___FxLNxvmwQHTxxT, "sharedInstance");v112 = (void *)objc_retainAutoreleasedReturnValue(v111);v363 = v112;v113 = objc_msgSend(v112, "strCustomerId");v362 = objc_retainAutoreleasedReturnValue(v113);*(_OWORD *)v217 = v387;v114 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("2xxmKRFKCcr5XU2+msFR+A=="));v216 = objc_retainAutoreleasedReturnValue(v114);v215 = v216;v115 = objc_msgSend(v217[0], &objectForKeyedSubscript_, v216);v214 = objc_retainAutoreleasedReturnValue(v115);v213 = v214;v116 = objc_msgSend(v217[1], "HxWTSXOxluCtkx:", v214);v361 = objc_retainAutoreleasedReturnValue(v116);objc_release(v214);objc_release(v216);*(_OWORD *)v212 = v387;v117 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("+nnUEO7y67rRr/puoH0wmQ=="));v211 = objc_retainAutoreleasedReturnValue(v117);v210 = v211;v118 = objc_msgSend(v212[0], &objectForKeyedSubscript_, v211);v209 = objc_retainAutoreleasedReturnValue(v118);v208 = v209;v119 = objc_msgSend(v212[1], "HxWTSXOxluCtkx:", v209);v360 = objc_retainAutoreleasedReturnValue(v119);objc_release(v209);objc_release(v211);*(_OWORD *)v207 = v387;v120 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("vObXs+x9vhDcXdpKshNtFw=="));key_idfa = objc_retainAutoreleasedReturnValue(v120);v205 = key_idfa;v121 = objc_msgSend(v207[0], &objectForKeyedSubscript_, key_idfa);idfa_2 = objc_retainAutoreleasedReturnValue(v121);v203 = idfa_2;v122 = objc_msgSend(v207[1], "GBkCxErcvAxxDf:", idfa_2);// enc_fildenc_idfa = (void *)objc_retainAutoreleasedReturnValue(v122);objc_release(idfa_2);objc_release(key_idfa);*(_OWORD *)v202 = v387;v123 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("uPUdV+fjkO9vswOQpPrXTg=="));key_idfv = objc_retainAutoreleasedReturnValue(v123);v200 = key_idfv;v124 = objc_msgSend(v202[0], &objectForKeyedSubscript_, key_idfv);idfv = objc_retainAutoreleasedReturnValue(v124);v198 = idfv;v125 = objc_msgSend(v202[1], "GBkCxErcvAxxDf:", idfv);// enc_fildenc_idfv = (void *)objc_retainAutoreleasedReturnValue(v125);objc_release(idfv);objc_release(key_idfv);v126 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "aoxvxLxSXxxbGf");v127 = (void *)objc_retainAutoreleasedReturnValue(v126);v357 = v127;v128 = objc_msgSend(*((void **)&v387 + 1), "GBkCxErcvAxxDf:", v127);// enc_fildv356 = (void *)objc_retainAutoreleasedReturnValue(v128);v129 = (void *)objc_retain(g_idfaSource);v355 = v129;v197 = &OBJC_CLASS___NSNumber;v130 = objc_msgSend(v129, "integerValue");v196 = v130;v131 = objc_msgSend(&OBJC_CLASS___NSNumber, (const char *)&unk_1904A64E2, v130);v354 = objc_retainAutoreleasedReturnValue(v131);v353 = objc_retain(&stru_100108878);v132 = objc_msgSend(&OBJC_CLASS___NSFileManager, (const char *)&unk_1904AB06A);v133 = (void *)objc_retainAutoreleasedReturnValue(v132);v195 = v133;v134 = objc_msgSend(v133, (const char *)&unk_1A14609D6, 0LL);v194 = objc_retainAutoreleasedReturnValue(v134);objc_release(v194);objc_release(v195);if ( v194 ){v135 = objc_msgSend(&OBJC_CLASS___NSUbiquitousKeyValueStore, (const char *)&unk_1977146F8);v193 = (void *)objc_retainAutoreleasedReturnValue(v135);v136 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("cs+/NyxzuGM+4ZVOsVQBOA=="));v137 = objc_retainAutoreleasedReturnValue(v136);v192 = v137;v138 = objc_msgSend(v193, (const char *)&unk_1904B0BF7, v137);v139 = objc_retainAutoreleasedReturnValue(v138);v140 = v353;v353 = v139;objc_release(v140);objc_release(v192);objc_release(v193);}v191 = &OBJC_CLASS___NSDictionary;v141 = objc_msgSend(enc_idfa, &objectAtIndexedSubscript_, 0LL);enc_idfa_1 = objc_retainAutoreleasedReturnValue(v141);v142 = objc_msgSend(enc_idfa, &objectAtIndexedSubscript_, 1LL);enc_idfa_2 = objc_retainAutoreleasedReturnValue(v142);v143 = objc_msgSend(enc_idfv, &objectAtIndexedSubscript_, 0LL);enc_idfv_1 = objc_retainAutoreleasedReturnValue(v143);enc_idfv_2 = objc_msgSend(enc_idfv, &objectAtIndexedSubscript_, 1LL);v170 = 0LL;v169 = CFSTR("zT2");v168 = v360;v167 = CFSTR("se1");v166 = v366;v165 = CFSTR("qH4");v164 = v361;v163 = CFSTR("sj2s");v161 = CFSTR("js2");v160 = enc_idfv_1;v159 = CFSTR("sf2W");v158 = enc_idfa_2;v157 = CFSTR("fW2");v187 = objc_retainAutoreleasedReturnValue(enc_idfv_2);v145 = objc_msgSend(&OBJC_CLASS___NSDictionary,&aDictionarywith,enc_idfa_1,CFSTR("fW2"),enc_idfa_2,CFSTR("sf2W"),enc_idfv_1,CFSTR("js2"),v187,CFSTR("sj2s"),v361,CFSTR("qH4"),v366,CFSTR("se1"),v360,CFSTR("zT2"),0LL);v146 = objc_retainAutoreleasedReturnValue(v145);v147 = v387;*(_QWORD *)&v387 = v146;objc_release(v147);objc_release(v187);objc_release(enc_idfv_1);objc_release(enc_idfa_2);objc_release(enc_idfa_1);v352 = 0LL;if ( !v357 || (unsigned __int64)objc_msgSend(v357, "isEqualToString:",return (id)objc_autoreleaseReturnValue(v178);}
将获取到与生成ID有关的字段进行加密处理,加密IDFA两种方式,第一是直接加密IDFA:
// 加密字段id __cdecl -[EdkxBSqSeZInGK GBkCxErcvAxxDf:](EdkxBSqSeZInGK *self, SEL a2, id a3){v385 = 4423598488041029675LL;v307 = self;v306 = a2;v305 = 0LL;v237 = 4423598488041029675LL;objc_storeStrong(&v305, a3);if ( v305 && !((unsigned __int64)objc_msgSend(v305, "isEqualToString:", &stru_100108878) & 1) ){v303 = (void *)objc_retain(&stru_100108878);v302 = (signed __int64)objc_msgSend(*((void **)v307 + 1), "integerValue") % 100;v4 = (void *)*((_QWORD *)v307 + 1);v236 = 100LL;v5 = objc_msgSend(v4, "substringToIndex:", 1LL);v301 = (void *)objc_retainAutoreleasedReturnValue(v5);v6 = objc_msgSend(v307, "xxxFhxnEIogmEY:", v305);v7 = (void *)objc_retainAutoreleasedReturnValue(v6);v300 = v7;v8 = objc_msgSend(v7, (const char *)&unk_1904A27C2, 0LL);v9 = (void *)objc_retainAutoreleasedReturnValue(v8);v10 = v305;v305 = v9;objc_release(v10);for ( i = 0; ; ++i ){v235 = i;v11 = objc_msgSend(v305, "length");if ( v235 >= (unsigned __int64)v11 )break;v12 = (unsigned __int64)objc_msgSend(v305, "characterAtIndex:", i);v297 = v302 % 50 + 1;v298 = v297 + v12;if ( v297 + v12 > 126 )v298 -= 95;v154 = v298;v234 = v303;v13 = unk_18A4FB144(&OBJC_CLASS___NSString, "stringWithFormat:", CFSTR("%c"), v298);v14 = objc_retainAutoreleasedReturnValue(v13);v233 = v14;v15 = objc_msgSend(v234, "stringByAppendingString:", v14);v16 = (void *)objc_retainAutoreleasedReturnValue(v15);v17 = v303;v303 = v16;objc_release(v17);objc_release(v233);}v296 = (signed int)objc_msgSend(v301, "intValue") % 4;v232 = 4;*((_QWORD *)&v295 + 1) = objc_retain(&stru_100108878);if ( v296 ){switch ( v296 ){case 1:if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 ){v196 = v303;v195 = (const char **)&selRef_length;v75 = (unsigned __int64)objc_msgSend(v303, "length");v76 = objc_msgSend(v196, "substringToIndex:", v75 >> 1);v271 = (void *)objc_retainAutoreleasedReturnValue(v76);v77 = *v195;v194 = v303;v78 = (unsigned __int64)objc_msgSend(v303, v77);v79 = objc_msgSend(v194, "substringFromIndex:", (v78 >> 1) + 1);v270 = (void *)objc_retainAutoreleasedReturnValue(v79);v80 = *v195;v193 = v303;v81 = (unsigned __int64)objc_msgSend(v303, v80);v338 = v81 >> 1;v337 = 1LL;v339 = v81 >> 1;v340 = 1LL;v268 = 1LL;v267 = v81 >> 1;v82 = objc_msgSend(v193, &substringWithRange_, v81 >> 1, 1LL);v269 = objc_retainAutoreleasedReturnValue(v82);for ( j = 0; ; ++j ){v192 = j;v83 = (unsigned __int64)objc_msgSend(v303, "length");if ( v192 >= v83 >> 1 )break;v191 = (void *)*((_QWORD *)&v295 + 1);v190 = v270;v84 = (char *)objc_msgSend(v270, "length");v342 = &v84[~(signed __int64)j];v341 = 1LL;v343 = &v84[~(signed __int64)j];v344 = 1LL;v265 = 1LL;v264 = &v84[~(signed __int64)j];v189 = 1LL;v188 = &selRef_length;v85 = objc_msgSend(v190, &substringWithRange_, v342, 1LL);v86 = objc_retainAutoreleasedReturnValue(v85);v187 = v86;v87 = objc_msgSend(v191, "stringByAppendingString:", v86);v88 = objc_retainAutoreleasedReturnValue(v87);v89 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v88;objc_release(v89);objc_release(v187);v350 = j;v349 = v189;v351 = j;v352 = v189;v263 = v189;v262 = j;v90 = v188[15];v186 = (void *)*((_QWORD *)&v295 + 1);v91 = objc_msgSend(v271, v90, j, v189);v92 = objc_retainAutoreleasedReturnValue(v91);v185 = v92;v93 = objc_msgSend(v186, "stringByAppendingString:", v92);v94 = objc_retainAutoreleasedReturnValue(v93);v95 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v94;objc_release(v95);objc_release(v185);}v96 = objc_msgSend(*((void **)&v295 + 1), "stringByAppendingString:", v269);v97 = objc_retainAutoreleasedReturnValue(v96);v98 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v97;objc_release(v98);objc_storeStrong(&v269, 0LL);objc_storeStrong(&v270, 0LL);objc_storeStrong(&v271, 0LL);}else{v206 = v303;v58 = (unsigned __int64)objc_msgSend(v303, "length");v59 = objc_msgSend(v206, "substringToIndex:", v58 >> 1);v278 = (void *)objc_retainAutoreleasedReturnValue(v59);v205 = v303;v60 = (unsigned __int64)objc_msgSend(v303, "length");v61 = objc_msgSend(v205, "substringFromIndex:", v60 >> 1);v277 = (void *)objc_retainAutoreleasedReturnValue(v61);for ( k = 0; ; ++k ){v204 = k;v62 = (unsigned __int64)objc_msgSend(v303, "length");if ( v204 >= v62 >> 1 )break;v203 = (void *)*((_QWORD *)&v295 + 1);v202 = v277;v63 = (char *)objc_msgSend(v277, "length");v330 = &v63[~(signed __int64)k];v329 = 1LL;v331 = &v63[~(signed __int64)k];v332 = 1LL;v275 = 1LL;v274 = &v63[~(signed __int64)k];v201 = 1LL;v200 = &selRef_length;v64 = objc_msgSend(v202, &substringWithRange_, v330, 1LL);v65 = objc_retainAutoreleasedReturnValue(v64);v199 = v65;v66 = objc_msgSend(v203, "stringByAppendingString:", v65);v67 = objc_retainAutoreleasedReturnValue(v66);v68 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v67;objc_release(v68);objc_release(v199);v334 = k;v333 = v201;v335 = k;v336 = v201;v273 = v201;v272 = k;v69 = v200[15];v198 = (void *)*((_QWORD *)&v295 + 1);v70 = objc_msgSend(v278, v69, k, v201);v71 = objc_retainAutoreleasedReturnValue(v70);v197 = v71;v72 = objc_msgSend(v198, "stringByAppendingString:", v71);v73 = objc_retainAutoreleasedReturnValue(v72);v74 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v73;objc_release(v74);objc_release(v197);}objc_storeStrong(&v277, 0LL);objc_storeStrong(&v278, 0LL);}break;case 2:if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 ){for ( l = 0; ; ++l ){v176 = 2 * l;v113 = objc_msgSend(v303, "length");if ( v176 >= (unsigned __int64)v113 )break;v175 = (void *)*((_QWORD *)&v295 + 1);v174 = v303;v114 = (char *)objc_msgSend(v303, "length");v362 = &v114[~(signed __int64)(2 * l)];v361 = 1LL;v363 = &v114[~(signed __int64)(2 * l)];v364 = 1LL;v254 = 1LL;v253 = &v114[~(signed __int64)(2 * l)];v115 = objc_msgSend(v174, &substringWithRange_, v253, 1LL);v116 = objc_retainAutoreleasedReturnValue(v115);v173 = v116;v117 = objc_msgSend(v175, "stringByAppendingString:", v116);v118 = objc_retainAutoreleasedReturnValue(v117);v119 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v118;objc_release(v119);objc_release(v173);}for ( m = 0; ; ++m ){v172 = 2 * m;v120 = (char *)objc_msgSend(v303, "length");if ( v172 >= (unsigned __int64)(v120 - 1) )break;v171 = (void *)*((_QWORD *)&v295 + 1);v170 = v303;v121 = (char *)objc_msgSend(v303, "length");v366 = &v121[-2 * m - 2];v365 = 1LL;v367 = &v121[-2 * m - 2];v368 = 1LL;v251 = 1LL;v250 = &v121[-2 * m - 2];v122 = objc_msgSend(v170, &substringWithRange_, v250, 1LL);v123 = objc_retainAutoreleasedReturnValue(v122);v169 = v123;v124 = objc_msgSend(v171, "stringByAppendingString:", v123);v125 = objc_retainAutoreleasedReturnValue(v124);v126 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v125;objc_release(v126);objc_release(v169);}}else{for ( n = 0; ; ++n ){v184 = 2 * n;v99 = objc_msgSend(v303, "length");if ( v184 >= (unsigned __int64)v99 )break;v183 = (void *)*((_QWORD *)&v295 + 1);v182 = v303;v100 = (char *)objc_msgSend(v303, "length");v354 = &v100[~(signed __int64)(2 * n)];v353 = 1LL;v355 = &v100[~(signed __int64)(2 * n)];v356 = 1LL;v260 = 1LL;v259 = &v100[~(signed __int64)(2 * n)];v101 = objc_msgSend(v182, &substringWithRange_, v354, 1LL);v102 = objc_retainAutoreleasedReturnValue(v101);v181 = v102;v103 = objc_msgSend(v183, "stringByAppendingString:", v102);v104 = objc_retainAutoreleasedReturnValue(v103);v105 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v104;objc_release(v105);objc_release(v181);}for ( ii = 0; ; ++ii ){v180 = 2 * ii;v106 = objc_msgSend(v303, "length");if ( v180 >= (unsigned __int64)v106 )break;v179 = (void *)*((_QWORD *)&v295 + 1);v178 = v303;v107 = (char *)objc_msgSend(v303, "length");v358 = &v107[-2 * ii - 2];v357 = 1LL;v359 = &v107[-2 * ii - 2];v360 = 1LL;v257 = 1LL;v256 = &v107[-2 * ii - 2];v108 = objc_msgSend(v178, &substringWithRange_, v256, 1LL);v109 = objc_retainAutoreleasedReturnValue(v108);v177 = v109;v110 = objc_msgSend(v179, "stringByAppendingString:", v109);v111 = objc_retainAutoreleasedReturnValue(v110);v112 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v111;objc_release(v112);objc_release(v177);}}break;case 3:if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 ){for ( jj = 0; ; ++jj ){v162 = 2 * jj;v139 = objc_msgSend(v303, "length");if ( v162 >= (unsigned __int64)v139 )break;v370 = 2 * jj;v369 = 1LL;v371 = 2 * jj;v372 = 1LL;v242 = 1LL;v241 = 2 * jj;v161 = (void *)*((_QWORD *)&v295 + 1);v140 = objc_msgSend(v303, &substringWithRange_, v370, 1LL);v141 = objc_retainAutoreleasedReturnValue(v140);v160 = v141;v142 = objc_msgSend(v161, "stringByAppendingString:", v141);v143 = objc_retainAutoreleasedReturnValue(v142);v144 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v143;objc_release(v144);objc_release(v160);}for ( kk = 0; ; ++kk ){v159 = 2 * kk;v145 = (char *)objc_msgSend(v303, "length");if ( v159 >= (unsigned __int64)(v145 - 1) )break;v346 = 2 * kk | 1;v345 = 1LL;v347 = 2 * kk | 1;v348 = 1LL;v239 = 1LL;v238 = 2 * kk | 1;v158 = (void *)*((_QWORD *)&v295 + 1);v146 = objc_msgSend(v303, &substringWithRange_, v346, 1LL);v147 = objc_retainAutoreleasedReturnValue(v146);v157 = v147;v148 = objc_msgSend(v158, "stringByAppendingString:", v147);v149 = objc_retainAutoreleasedReturnValue(v148);v150 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v149;objc_release(v150);objc_release(v157);}}else{for ( ll = 0; ; ++ll ){v168 = 2 * ll;v127 = objc_msgSend(v303, "length");if ( v168 >= (unsigned __int64)v127 )break;v374 = 2 * ll;v373 = 1LL;v375 = 2 * ll;v376 = 1LL;v248 = 1LL;v247 = 2 * ll;v167 = (void *)*((_QWORD *)&v295 + 1);v128 = objc_msgSend(v303, &substringWithRange_, v374, 1LL);v129 = objc_retainAutoreleasedReturnValue(v128);v166 = v129;v130 = objc_msgSend(v167, "stringByAppendingString:", v129);v131 = objc_retainAutoreleasedReturnValue(v130);v132 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v131;objc_release(v132);objc_release(v166);}for ( mm = 0; ; ++mm ){v165 = 2 * mm;v133 = objc_msgSend(v303, "length");if ( v165 >= (unsigned __int64)v133 )break;v378 = 2 * mm | 1;v377 = 1LL;v379 = 2 * mm | 1;v380 = 1LL;v245 = 1LL;v244 = 2 * mm | 1;v164 = (void *)*((_QWORD *)&v295 + 1);v134 = objc_msgSend(v303, &substringWithRange_, v378, 1LL);v135 = objc_retainAutoreleasedReturnValue(v134);v163 = v135;v136 = objc_msgSend(v164, "stringByAppendingString:", v135);v137 = objc_retainAutoreleasedReturnValue(v136);v138 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v137;objc_release(v138);objc_release(v163);}}break;}}else if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 ){v220 = v303;v219 = (const char **)&selRef_length;v36 = (unsigned __int64)objc_msgSend(v303, "length");v37 = objc_msgSend(v220, "substringToIndex:", v36 >> 1);v288 = (void *)objc_retainAutoreleasedReturnValue(v37);v38 = *v219;v218 = v303;v39 = (unsigned __int64)objc_msgSend(v303, v38);v40 = objc_msgSend(v218, "substringFromIndex:", (v39 >> 1) + 1);v287 = (void *)objc_retainAutoreleasedReturnValue(v40);v41 = *v219;v217 = v303;v42 = (unsigned __int64)objc_msgSend(v303, v41);v318 = v42 >> 1;v317 = 1LL;v319 = v42 >> 1;v320 = 1LL;v285 = 1LL;v284 = v42 >> 1;v43 = objc_msgSend(v217, &substringWithRange_, v42 >> 1, 1LL);v286 = objc_retainAutoreleasedReturnValue(v43);objc_storeStrong((char *)&v295 + 8, v286);for ( nn = 0; ; ++nn ){v216 = nn;v44 = (unsigned __int64)objc_msgSend(v303, "length");if ( v216 >= v44 >> 1 )break;v215 = (void *)*((_QWORD *)&v295 + 1);v214 = v287;v213 = (const char **)&selRef_length;v45 = (char *)objc_msgSend(v287, "length");v322 = &v45[~(signed __int64)nn];v321 = 1LL;v323 = &v45[~(signed __int64)nn];v324 = 1LL;v282 = 1LL;v281 = &v45[~(signed __int64)nn];v212 = 1LL;v211 = &selRef_length;v46 = objc_msgSend(v214, &substringWithRange_, v322, 1LL);v47 = objc_retainAutoreleasedReturnValue(v46);v210 = v47;v48 = objc_msgSend(v215, "stringByAppendingString:", v47);v49 = objc_retainAutoreleasedReturnValue(v48);v50 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v49;objc_release(v50);objc_release(v210);v51 = *v213;v209 = (void *)*((_QWORD *)&v295 + 1);v208 = v288;v52 = (char *)objc_msgSend(v288, v51);v326 = &v52[~(signed __int64)nn];v325 = v212;v327 = &v52[~(signed __int64)nn];v328 = v212;v280 = v212;v279 = &v52[~(signed __int64)nn];v53 = objc_msgSend(v208, v211[15], v326, v212);v54 = objc_retainAutoreleasedReturnValue(v53);v207 = v54;v55 = objc_msgSend(v209, "stringByAppendingString:", v54);v56 = objc_retainAutoreleasedReturnValue(v55);v57 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v56;objc_release(v57);objc_release(v207);}objc_storeStrong(&v286, 0LL);objc_storeStrong(&v287, 0LL);objc_storeStrong(&v288, 0LL);}else{v231 = v303;v18 = (unsigned __int64)objc_msgSend(v303, "length");v19 = objc_msgSend(v231, "substringToIndex:", v18 >> 1);*(_QWORD *)&v295 = objc_retainAutoreleasedReturnValue(v19);v230 = v303;v20 = (unsigned __int64)objc_msgSend(v303, "length");v21 = objc_msgSend(v230, "substringFromIndex:", v20 >> 1);v294 = (void *)objc_retainAutoreleasedReturnValue(v21);for ( i1 = 0; ; ++i1 ){v229 = i1;v22 = (unsigned __int64)objc_msgSend(v303, "length");if ( v229 >= v22 >> 1 )break;v228 = (void *)*((_QWORD *)&v295 + 1);v227 = v294;v226 = (const char **)&selRef_length;v23 = (char *)objc_msgSend(v294, "length");v310 = &v23[~(signed __int64)i1];v309 = 1LL;v311 = &v23[~(signed __int64)i1];v312 = 1LL;v292 = 1LL;v291 = &v23[~(signed __int64)i1];v225 = 1LL;v224 = &selRef_length;v24 = objc_msgSend(v227, &substringWithRange_, v310, 1LL);v25 = objc_retainAutoreleasedReturnValue(v24);v223 = v25;v26 = objc_msgSend(v228, "stringByAppendingString:", v25);v27 = objc_retainAutoreleasedReturnValue(v26);v28 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v27;objc_release(v28);objc_release(v223);v29 = *v226;v222 = v295;v30 = (char *)objc_msgSend((void *)v295, v29);v314 = &v30[~(signed __int64)i1];v313 = v225;v315 = &v30[~(signed __int64)i1];v316 = v225;v290 = v225;v289 = &v30[~(signed __int64)i1];v31 = objc_msgSend((void *)v222, v224[15], v314, v225);v32 = objc_retainAutoreleasedReturnValue(v31);v221 = v32;v33 = objc_msgSend(*((void **)&v222 + 1), "stringByAppendingString:", v32);v34 = objc_retainAutoreleasedReturnValue(v33);v35 = *((_QWORD *)&v295 + 1);*((_QWORD *)&v295 + 1) = v34;objc_release(v35);objc_release(v221);}objc_storeStrong(&v294, 0LL);objc_storeStrong(&v295, 0LL);}v381 = *((_QWORD *)&v295 + 1);v151 = objc_msgSend(v300, (const char *)&unk_1904A27C2, 1LL);v382 = objc_retainAutoreleasedReturnValue(v151);v156 = v382;v152 = objc_msgSend(&OBJC_CLASS___NSArray, &arrayWithObjects_count_, &v381, 2LL);v308 = objc_retainAutoreleasedReturnValue(v152);objc_release(v156);v304 = 1;objc_storeStrong((char *)&v295 + 8, 0LL);objc_storeStrong(&v300, 0LL);objc_storeStrong(&v301, 0LL);objc_storeStrong(&v303, 0LL);}else{v383 = &stru_100108878;v384 = &stru_100108878;v3 = objc_msgSend(&OBJC_CLASS___NSArray, &arrayWithObjects_count_, &v383, 2LL);v308 = objc_retainAutoreleasedReturnValue(v3);v304 = 1;}objc_storeStrong(&v305, 0LL);result = (id)objc_autoreleaseReturnValue(v308);v155 = result;if ( v385 == 4423598488041029675LL )result = v155;return result;}
第二是计算IDFA的MD5后生成一个did的字段:
id __cdecl IDFA_MD5(BlGpxJxgAacxme *self, SEL a2, id a3){BlGpxJxgAacxme *v77; // [xsp+118h] [xbp-48h]v77 = self;v76 = a2;IDFA = 0LL;objc_storeStrong(&IDFA, a3);v3 = (void *)objc_alloc(&OBJC_CLASS___xxxNxNxxfRxxxx);v74 = objc_msgSend(v3, (const char *)&unk_1904A15CF);v4 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)((EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,"xRtnOPpipxtpxx:",(id)CFSTR("Q9h/cD7zftP12bKwl7eWdQ=="));// 常量字符串"superrise"superrise = objc_retainAutoreleasedReturnValue(v4);v43 = superrise;v42 = IDFA;v5 = objc_msgSend(&OBJC_CLASS___NSString, (const char *)&unk_1904A1C2A, CFSTR("%@%@"), IDFA, superrise);IDFA_superrise = objc_retainAutoreleasedReturnValue(v5);v72 = IDFA_superrise;v7 = objc_msgSend(v74, "CyxQVxxkxxOyhf:", IDFA_superrise);// md5IDAmd5 = (void *)objc_retainAutoreleasedReturnValue(v7);v71 = (__int64)IDAmd5;v9 = objc_msgSend(IDAmd5, &::uppercaseString);// MD5字符串转换成大小md5_uppercaseString = objc_retainAutoreleasedReturnValue(v9);uppercaseString = md5_uppercaseString;v11 = (void *)objc_retainAutorelease(md5_uppercaseString);MD5UTF8String = (char *)objc_msgSend(v11, &UTF8String);v68 = 0;for ( i = 0; i <= 17; ++i )v68 += MD5UTF8String[i]; // 字符相加为did倒数第二位,最后一位为固定的00v42 = v68;v65 = &selRef_length;v64 = &selRef_length;v12 = objc_msgSend(&OBJC_CLASS___NSString, (const char *)&unk_1904A1C2A, CFSTR("%02x"), v68);v13 = (void *)objc_retainAutoreleasedReturnValue(v12);v66 = v13;v63 = v13;v14 = (char *)objc_msgSend(v13, &length); // substringFromIndex:v15 = objc_msgSend(v63, &aSubstringfromi, v14 - 2);v16 = objc_retainAutoreleasedReturnValue(v15);v17 = (__int64)v66;v66 = (void *)v16;objc_release(v17);v18 = v65[377];v19 = *MD5UTF8String;//取MD5值前17位做为did组合v20 = MD5UTF8String[1];v21 = MD5UTF8String[2];v22 = MD5UTF8String[3];v23 = MD5UTF8String[4];v24 = MD5UTF8String[5];v25 = MD5UTF8String[6];v26 = MD5UTF8String[7];v27 = MD5UTF8String[8];v28 = MD5UTF8String[9];v29 = MD5UTF8String[10];v30 = MD5UTF8String[11];v31 = MD5UTF8String[12];v32 = MD5UTF8String[13];v33 = MD5UTF8String[14];v34 = MD5UTF8String[15];v35 = MD5UTF8String[16];v36 = MD5UTF8String[17];v37 = v64[6];v60 = v66;v59 = v36;v58 = v35;v57 = v34;v56 = v33;v55 = v32;v54 = v31;v53 = v30;v52 = v29;v51 = v28;v50 = v27;v49 = v26;v48 = v25;v47 = v24;v46 = v23;v45 = v22;v44 = v21;v43 = v20;v42 = v19;v38 = objc_msgSend( // 组合格式v18,v37,CFSTR("%c%c%c%c%c%c:%c%c%c%c%c%c:%c%c%c%c%c%c:%@00"),v19,v20,v21,v22,v23,v24,v25,v26,v27,v28,v29,v30,v31,v32,v33,v34,v35,v36,v66);v39 = objc_retainAutoreleasedReturnValue(v38);v40 = v71;v71 = v39;objc_release(v40);v62 = objc_retain(v71);v61 = 0LL;objc_storeStrong(&v66, 0LL);objc_storeStrong(&uppercaseString, v61);objc_storeStrong(&v71, v61);objc_storeStrong(&v72, v61);objc_storeStrong(&superrise, v61);objc_storeStrong(&v74, v61);objc_storeStrong(&IDFA, v61);return (id)objc_autoreleaseReturnValue(v62);}
还有一个自己生成的ID为simulateIDFA,主要是获取设备硬件设备与系统信息来生成,生成方式:
id __cdecl +[EHxafchbxeRxxx vrGUKfbxUmxRjM](EHxafchbxeRxxx_meta *self, SEL a2){__int64 v2; // x0__int64 v3; // x0__int64 v4; // x0__int64 v5; // x0__int64 v6; // x0__int64 systemHardwareInfo; // x0__int64 v8; // x0__int64 disk; // x0void *v10; // x0void *v11; // x0unsigned __int8 *v12; // x2unsigned __int8 *v13; // x2__int64 v14; // x0id result; // x0__int64 v16; // [xsp+0h] [xbp-C0h]__int64 v17; // [xsp+8h] [xbp-B8h]__int64 v18; // [xsp+10h] [xbp-B0h]__int64 v19; // [xsp+18h] [xbp-A8h]struct objc_object *v20; // [xsp+28h] [xbp-98h]__int64 v21; // [xsp+30h] [xbp-90h]__int64 simulateIDFA; // [xsp+40h] [xbp-80h]unsigned __int8 *deviceinfo2; // [xsp+48h] [xbp-78h]unsigned __int8 *deviceinfo1; // [xsp+50h] [xbp-70h]__int64 disk_1; // [xsp+58h] [xbp-68h]__int64 systemFileTime; // [xsp+60h] [xbp-60h]__int64 systemHardwareInfo_1; // [xsp+68h] [xbp-58h]__int64 systemVersion; // [xsp+70h] [xbp-50h]__int64 deviceName; // [xsp+78h] [xbp-48h]__int64 language; // [xsp+80h] [xbp-40h]__int64 countryCode; // [xsp+88h] [xbp-38h]__int64 v32; // [xsp+90h] [xbp-30h]SEL v33; // [xsp+98h] [xbp-28h]EHxafchbxeRxxx_meta *v34; // [xsp+A0h] [xbp-20h]char md52; // [xsp+A8h] [xbp-18h]char MD51; // [xsp+B0h] [xbp-10h]__int64 v37; // [xsp+B8h] [xbp-8h]v34 = self;v33 = a2;v2 = sysctl_FxxFSExIxxWPJx();v32 = objc_retainAutoreleasedReturnValue(v2);v3 = ::countryCode();countryCode = objc_retainAutoreleasedReturnValue(v3);v4 = ::language();language = objc_retainAutoreleasedReturnValue(v4);v5 = ::deviceName();deviceName = objc_retainAutoreleasedReturnValue(v5);v6 = ::systemVersion();systemVersion = objc_retainAutoreleasedReturnValue(v6);systemHardwareInfo = ::systemHardwareInfo();systemHardwareInfo_1 = objc_retainAutoreleasedReturnValue(systemHardwareInfo);v8 = ::systemFileTime();systemFileTime = objc_retainAutoreleasedReturnValue(v8);disk = ::disk();disk_1 = objc_retainAutoreleasedReturnValue(disk);v19 = deviceName;v18 = language;v17 = countryCode;v16 = v32;v10 = objc_msgSend(&OBJC_CLASS___NSString,"stringWithFormat:",CFSTR("%@,%@,%@,%@"),v32,countryCode,language,deviceName);deviceinfo1 = (unsigned __int8 *)objc_retainAutoreleasedReturnValue(v10);v19 = disk_1;v18 = systemFileTime;v17 = systemHardwareInfo_1;v16 = systemVersion;v11 = objc_msgSend(&OBJC_CLASS___NSString,"stringWithFormat:",CFSTR("%@,%@,%@,%@"),systemVersion,systemHardwareInfo_1,systemFileTime,disk_1);deviceinfo2 = (unsigned __int8 *)objc_retainAutoreleasedReturnValue(v11);MD5_16(deviceinfo1, (size_t)&MD51, v12); //计算MD5MD5_16(deviceinfo2, (size_t)&md52, v13);//计算MD5v14 = combineTwoFingerPrint(&md52, &MD51);//计算出simulateIDFAsimulateIDFA = objc_retainAutoreleasedReturnValue(v14);v21 = objc_retain(simulateIDFA);objc_storeStrong(&simulateIDFA, 0LL);objc_storeStrong(&deviceinfo2, 0LL);objc_storeStrong(&deviceinfo1, 0LL);objc_storeStrong(&disk_1, 0LL);objc_storeStrong(&systemFileTime, 0LL);objc_storeStrong(&systemHardwareInfo_1, 0LL);objc_storeStrong(&systemVersion, 0LL);objc_storeStrong(&deviceName, 0LL);objc_storeStrong(&language, 0LL);objc_storeStrong(&countryCode, 0LL);objc_storeStrong(&v32, 0LL);result = (id)objc_autoreleaseReturnValue(v21);v20 = result;if ( __stack_chk_guard == v37 )result = v20;return result;}
所有采集信息与加密完成后字段组合成JSON格式:
{"FU2": "r6s0l;Tim","fC8": "fb1536d4411ddbf632d49ddf14eeefb0","RQ5": ";97","PJ2": "2","mi1": {//SIM卡信息"mE1": "","xX9": "","Uc4": "+9cmRoTSYyKLhgs5","nO8": ""},"tJ3": 1602896191800537,"Hg2": { //代理"kCFProxyPortNumberKey": 8888,"kCFProxyTypeKey": "kCFProxyTypeHTTP","kCFProxyHostNameKey": "172.29.257.1"},"ZY9": "WIFI","lo7": "2016-10-2720:49:30+0000,2016-10-2720:49:30+0000","gy8": "7JJIIE8I1:<GE6EI:41J6J8177:F;74E:19",//IDFA(加密)"XE3": ["5=26;2666;25", "26:65622445"], //ip内网,外网"ou5": 1600408345,"En9": { //bssd"sl2": "awr410BcvZM=","bO4": "8hj=>>g9>h9>54>f","sb4O": "2b38c2d"},"ms1": {"bt3": "ARM64","RH9": 2},"nC9": "5s;m6x6e4gEm<pItEtGE735e1x;eHH<3=w1v8i5r<m8e1xJr<s9G931i:p9mIf<sEq=34v=e3zr3","sg8y": "850af92","Hq2": 1,"mM3": 3,"kn7": "dj\/jzHEKq9Vp","Be8": "197619.815213625","NA8": false,"Wm7": 4,"th1": 1603093803,"BP1": "1.","at9": {"bB8": 1037041664,"vB9": 12460032,"IW2": 737607680},"AI3": ["zh-Hans-CN"],"Pq2": { //经纬度"lat": 0,"lng": 0,"alt": 0},"Gd9": true,"TV5": 1602896191,"tf8": {"sj2s": "89885ff","js2": "<64F958:16=HFG66JG184E<16JIEIH;E;15", //idfv(加密)"zT2": ";=<i=865j76e8:788;=7<:j56e6i<jjjj7h<:e:6","sf2W": "850af92","fW2": "7JJIIE8I1:<GE6EI:41J6J8177:F;74E:19", //idfa(加密)"qH4": ";5769EHFH1G9FJ:6H9:1GF8:1H=JI<9;H<1E",//idfa(加密)"se1": "A52E1D:6CE264:FA1A3D:2c00" //idfa (加密)},"oF8": 0.2867721915245056,"OW5": "2.2","GI7": {"AI7": "7i:g>:59:>5==;>e>84><gi<j" //ipv6(加密)},"Gl1": "iOS","LW5": "","jN2": { //ip、mac"mT1": "5=26;2666;25","jP2": ">jjjj>>jjjj>>jjjj","LZ5": "fe46>>5f>6;>fg>h", //mac(加密)"sL5Z": "4f28480"},"VR1": 1600408243,"zv7": false,"BBB": "v1.0","xs6": false, //是否被修复"Fx4": {"AI7": "e9<e>;i:8>gegg>i>j4><jijj"//本地IP(加密)},"Pm4": "A52E1D:6CE264:XXXXXX:2c00","AAA": "v1.0","jj5": {"did": "A52E1D:6CE264:XXXXXX:2c00","idfa": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX","idfv": "177EE280-F2B9-4508-ADAF-A4C2CDXXXXXX","gy8": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX","simulateIDFA": "A878FD6B-52F5-BA21-D5E9-4C6D6BXXXXXX",//设备信息组合的MD5值转换得来"OpenUDID": "2a83ffea163746a314e966dff822f89434XXXXXX"},"go4": 6,"kU4": "1exhv_shuzilm_cn","tP9": "10.1.1","RP5": 47865,"bj9": "1.8.9","bk6": {"qA4": 8853983232,"uu2": 12075954176},"identifierPrefix": 4,"eK5": "tEt9e4298;2;732r6szm3x;e4gGm;p=t=t6E435i6p6h:r1yHFG3:wEv1i:r5m=e8x1r4s7g<36v1e8z:3",//签名信息(加密)//CFBundleIdentifier CFBundleName CFBundleVersion /var/containers/Bundle/Application/77505A64-2830-4916-A6CD-622102997C07/v2.3.4.app"mT5": 4,"Ke6": "com.ADpro.testios","hL4": ":;:","Wt9": false,"HJ2": false,"Ih2": "2.3.4","LZ3": {"did": "A52E1D:6CE264:FA1A3D:2c00","idfa": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX","idfv": "177EE280-F2B9-4508-ADAF-A4C2CXXXXXXX","gy8": "56076342-6AA8-4EF3-A3B3-FF0E2XXXXXXX","simulateIDFA": "A878FD6B-52F5-BA21-D5E9-4C6D6BXXXXXX","OpenUDID": "2a83ffea163746a314e966dff822f8943XXXXXX"},"NP1": "v2.3.4","zk4": []}
3、将组合的信息整体压缩加密发送给服务器
//压缩id __cdecl compress(EdkxBSqSeZInGK *self, SEL a2, id a3){void *v3; // x0void *v4; // x0__int64 v6; // [xsp+10h] [xbp-50h]Bytef *dest; // [xsp+18h] [xbp-48h]size_t destLen; // [xsp+20h] [xbp-40h]Bytef *source; // [xsp+28h] [xbp-38h]uLong sourceLen; // [xsp+30h] [xbp-30h]int v11; // [xsp+3Ch] [xbp-24h]void *v12; // [xsp+40h] [xbp-20h]SEL v13; // [xsp+48h] [xbp-18h]EdkxBSqSeZInGK *v14; // [xsp+50h] [xbp-10h]__int64 v15; // [xsp+58h] [xbp-8h]v14 = self;v13 = a2;v12 = 0LL;objc_storeStrong(&v12, a3);if ( v12 ){sourceLen = (uLong)objc_msgSend(v12, (const char *)&unk_190A338EE);v3 = (void *)objc_retainAutorelease(v12);source = (Bytef *)objc_msgSend(v3, (const char *)&unk_190A3FE27);destLen = compressBound(sourceLen);dest = (Bytef *)malloc(destLen);__memset_chk(dest, 0LL, destLen, -1LL);compress(dest, &destLen, source, sourceLen);v4 = objc_msgSend(&OBJC_CLASS___NSData, (const char *)&unk_190A40F5D, dest, destLen);v6 = objc_retainAutoreleasedReturnValue(v4);free(dest);v15 = objc_retain(v6);v11 = 1;objc_storeStrong(&v6, 0LL);}else{v15 = 0LL;v11 = 1;}objc_storeStrong(&v12, 0LL);return (id)objc_autoreleaseReturnValue(v15);}//加密id __cdecl encdata(EdkxBSqSeZInGK *self, SEL a2, id a3, id a4){id v4; // ST58_8void *v5; // x0void *v6; // ST28_8void *v7; // x0__int64 v9; // [xsp+68h] [xbp-78h]void *v10; // [xsp+70h] [xbp-70h]char *v11; // [xsp+78h] [xbp-68h]char *v12; // [xsp+80h] [xbp-60h]void *v13; // [xsp+88h] [xbp-58h]void *v14; // [xsp+90h] [xbp-50h]SEL v15; // [xsp+98h] [xbp-48h]EdkxBSqSeZInGK *v16; // [xsp+A0h] [xbp-40h]__int64 v17; // [xsp+A8h] [xbp-38h]char v18; // [xsp+B7h] [xbp-29h]__int64 v19; // [xsp+D8h] [xbp-8h]v19 = -3431741228743327694LL;v16 = self;v15 = a2;v14 = 0LL;v4 = a4;objc_storeStrong(&v14, a3);v13 = 0LL;objc_storeStrong(&v13, v4);memset(&v18, 0, 0x21uLL);objc_msgSend(v13, (const char *)&unk_190A7E24F, &v18, 33LL, 4LL);v12 = (char *)objc_msgSend(v14, (const char *)&unk_190A338EE);v11 = v12 + 16;v10 = malloc((size_t)(v12 + 16));v9 = 0LL;v5 = (void *)objc_retainAutorelease(v14);v6 = objc_msgSend(v5, (const char *)&unk_190A3FE27);if ( (unsigned int)CCCrypt(0LL, 0LL, 3LL, &v18, 16LL, 0LL, v6, v12, v10, v12 + 16, &v9) ){free(v10);v17 = 0LL;}else{v7 = objc_msgSend(&OBJC_CLASS___NSData, (const char *)&unk_190A84C9A, v10, v9);v17 = objc_retainAutoreleasedReturnValue(v7);}objc_storeStrong(&v13, 0LL);objc_storeStrong(&v14, 0LL);return (id)objc_autoreleaseReturnValue(v17);}
4、请求网络返回并解密获取ID
__text:0000000100121EE4 1C 73 00 94 BL _objc_msgSend__text:0000000100121EE8 48 01 00 B0 ADRP X8, #selRef_sendSynchronousRequest_returningResponse_error_@PAGE__text:0000000100121EEC 08 21 17 91 ADD X8, X8, #selRef_sendSynchronousRequest_returningResponse_error_@PAGEOFF__text:0000000100121EF0 49 01 00 B0 ADRP X9, #classRef_NSURLConnection@PAGE__text:0000000100121EF4 29 C1 33 91 ADD X9, X9, #classRef_NSURLConnection@PAGEOFF__text:0000000100121EF8 0B 00 80 D2 MOV X11, #0__text:0000000100121EFC AB 03 19 F8 STUR X11, [X29,#var_78+8]__text:0000000100121F00 0B 00 80 D2 MOV X11, #0__text:0000000100121F04 AB 83 18 F8 STUR X11, [X29,#var_78]__text:0000000100121F08 29 01 40 F9 LDR X9, [X9] ; _OBJC_CLASS_$_NSURLConnection__text:0000000100121F0C AB 83 5A F8 LDUR X11, [X29,#var_58]__text:0000000100121F10 AC 83 58 F8 LDUR X12, [X29,#var_78]__text:0000000100121F14 AC 83 17 F8 STUR X12, [X29,#var_90+8]__text:0000000100121F18 AC 03 59 F8 LDUR X12, [X29,#var_78+8]__text:0000000100121F1C AC 03 17 F8 STUR X12, [X29,#var_90]__text:0000000100121F20 01 01 40 F9 LDR X1, [X8] ; unk_18ACDDA2B ; char *__text:0000000100121F24 E0 03 09 AA MOV X0, X9 ; void *__text:0000000100121F28 E2 03 0B AA MOV X2, X11__text:0000000100121F2C A3 23 02 D1 SUB X3, X29, #-(var_90+8)__text:0000000100121F30 A4 43 02 D1 SUB X4, X29, #-var_90__text:0000000100121F34 08 73 00 94 BL _objc_msgSend ; 发送网络请求__text:0000000100121F38 FD 03 1D AA MOV X29, X29//解密返回数据__text:0000000100117EE4 FF C3 03 D1 SUB SP, SP, #0xF0__text:0000000100117EE8 FD 7B 0E A9 STP X29, X30, [SP,#0xE0+var_s0]__text:0000000100117EEC FD 83 03 91 ADD X29, SP, #0xE0__text:0000000100117EF0 68 01 00 B0 ADRP X8, #___stack_chk_guard_ptr@PAGE__text:0000000100117EF4 08 41 40 F9 LDR X8, [X8,#___stack_chk_guard_ptr@PAGEOFF]__text:0000000100117EF8 08 01 40 F9 LDR X8, [X8]__text:0000000100117EFC 69 01 00 B0 ADRP X9, #___stack_chk_guard_ptr@PAGE__text:0000000100117F00 29 41 40 F9 LDR X9, [X9,#___stack_chk_guard_ptr@PAGEOFF]__text:0000000100117F04 29 01 40 F9 LDR X9, [X9]__text:0000000100117F08 A9 83 1F F8 STUR X9, [X29,#var_8]__text:0000000100117F0C A0 03 1C F8 STUR X0, [X29,#var_40]__text:0000000100117F10 A1 83 1B F8 STUR X1, [X29,#var_48]__text:0000000100117F14__text:0000000100117F14 loc_100117F14__text:0000000100117F14 09 00 80 D2 MOV X9, #0__text:0000000100117F18 A9 03 1B F8 STUR X9, [X29,#var_50]__text:0000000100117F1C A9 43 01 D1 SUB X9, X29, #-var_50__text:0000000100117F20 E0 03 09 AA MOV X0, X9__text:0000000100117F24 E1 03 02 AA MOV X1, X2__text:0000000100117F28 E3 2F 00 F9 STR X3, [SP,#0xE0+var_88]__text:0000000100117F2C E8 2B 00 F9 STR X8, [SP,#0xE0+var_90]__text:0000000100117F30 2A 9B 00 94 BL _objc_storeStrong__text:0000000100117F34 08 00 80 D2 MOV X8, #0__text:0000000100117F38 A8 83 1A F8 STUR X8, [X29,#var_58]__text:0000000100117F3C A8 63 01 D1 SUB X8, X29, #-var_58__text:0000000100117F40 E9 2F 40 F9 LDR X9, [SP,#0xE0+var_88]__text:0000000100117F44 E0 03 08 AA MOV X0, X8__text:0000000100117F48 E1 03 09 AA MOV X1, X9__text:0000000100117F4C 23 9B 00 94 BL _objc_storeStrong__text:0000000100117F50 88 01 00 F0 ADRP X8, #selRef_getCString_maxLength_encoding_@PAGE__text:0000000100117F54 08 81 02 91 ADD X8, X8, #selRef_getCString_maxLength_encoding_@PAGEOFF__text:0000000100117F58__text:0000000100117F58 loc_100117F58__text:0000000100117F58 A9 A7 00 D1 SUB X9, X29, #-var_29__text:0000000100117F5C E0 03 09 AA MOV X0, X9 ; void *__text:0000000100117F60__text:0000000100117F60 loc_100117F60__text:0000000100117F60 0A 00 80 52 MOV W10, #0__text:0000000100117F64__text:0000000100117F64 loc_100117F64__text:0000000100117F64 41 1D 00 53 UXTB W1, W10__text:0000000100117F68 22 04 80 D2 MOV X2, #0x21 ; size_t__text:0000000100117F6C E8 27 00 F9 STR X8, [SP,#0xE0+var_98]__text:0000000100117F70 E9 23 00 F9 STR X9, [SP,#0xE0+var_A0]__text:0000000100117F74 C8 9A 00 94 BL _memset__text:0000000100117F78__text:0000000100117F78 loc_100117F78__text:0000000100117F78 A8 83 5A F8 LDUR X8, [X29,#var_58]__text:0000000100117F7C E9 27 40 F9 LDR X9, [SP,#0xE0+var_98]__text:0000000100117F80 21 01 40 F9 LDR X1, [X9] ; char *__text:0000000100117F84 2A 04 80 52 MOV W10, #0x21__text:0000000100117F88 E3 03 0A AA MOV X3, X10__text:0000000100117F8C__text:0000000100117F8C loc_100117F8C__text:0000000100117F8C 8A 00 80 52 MOV W10, #4__text:0000000100117F90 E4 03 0A AA MOV X4, X10__text:0000000100117F94 E0 03 08 AA MOV X0, X8 ; void *__text:0000000100117F98 E2 23 40 F9 LDR X2, [SP,#0xE0+var_A0]__text:0000000100117F9C EE 9A 00 94 BL _objc_msgSend__text:0000000100117FA0 88 01 00 F0 ADRP X8, #selRef_length@PAGE__text:0000000100117FA4 08 01 00 91 ADD X8, X8, #selRef_length@PAGEOFF__text:0000000100117FA8 A9 03 5B F8 LDUR X9, [X29,#var_50]__text:0000000100117FAC 01 01 40 F9 LDR X1, [X8] ; "length" ; char *__text:0000000100117FB0 E0 3F 00 B9 STR W0, [SP,#0xE0+var_A4]__text:0000000100117FB4 E0 03 09 AA MOV X0, X9 ; void *__text:0000000100117FB8 E7 9A 00 94 BL _objc_msgSend__text:0000000100117FBC A0 03 1A F8 STUR X0, [X29,#var_60]__text:0000000100117FC0 A8 03 5A F8 LDUR X8, [X29,#var_60]__text:0000000100117FC4 08 41 00 91 ADD X8, X8, #0x10__text:0000000100117FC8 A8 83 19 F8 STUR X8, [X29,#var_68]__text:0000000100117FCC A0 83 59 F8 LDUR X0, [X29,#var_68]__text:0000000100117FD0 A8 9A 00 94 BL _malloc__text:0000000100117FD4 A3 A7 00 D1 SUB X3, X29, #-var_29__text:0000000100117FD8 E0 3B 00 F9 STR X0, [SP,#0xE0+var_70]__text:0000000100117FDC FF 37 00 F9 STR XZR, [SP,#0xE0+var_78]__text:0000000100117FE0 A8 03 5B F8 LDUR X8, [X29,#var_50]__text:0000000100117FE4 E0 03 08 AA MOV X0, X8__text:0000000100117FE8 E3 1B 00 F9 STR X3, [SP,#0xE0+var_B0]__text:0000000100117FEC E9 9A 00 94 BL _objc_retainAutorelease__text:0000000100117FF0 88 01 00 F0 ADRP X8, #selRef_bytes@PAGE__text:0000000100117FF4 08 21 02 91 ADD X8, X8, #selRef_bytes@PAGEOFF__text:0000000100117FF8 01 01 40 F9 LDR X1, [X8] ; "bytes" ; char *__text:0000000100117FFC D6 9A 00 94 BL _objc_msgSend__text:0000000100118000 A7 03 5A F8 LDUR X7, [X29,#var_60]__text:0000000100118004 E8 3B 40 F9 LDR X8, [SP,#0xE0+var_70]__text:0000000100118008 A9 83 59 F8 LDUR X9, [X29,#var_68]__text:000000010011800C 2A 00 80 52 MOV W10, #1__text:0000000100118010 E0 17 00 F9 STR X0, [SP,#0xE0+var_B8]__text:0000000100118014 E0 03 0A AA MOV X0, X10__text:0000000100118018 0A 00 80 52 MOV W10, #0__text:000000010011801C E1 03 0A AA MOV X1, X10__text:0000000100118020 62 00 80 52 MOV W2, #3__text:0000000100118024 E3 1B 40 F9 LDR X3, [SP,#0xE0+var_B0]__text:0000000100118028 04 02 80 D2 MOV X4, #0x10__text:000000010011802C 0B 00 80 D2 MOV X11, #0__text:0000000100118030 E5 03 0B AA MOV X5, X11__text:0000000100118030 ; End of function DecString_3__text:0000000100118030__text:0000000100118034__text:0000000100118034 loc_100118034__text:0000000100118034 E6 17 40 F9 LDR X6, [SP,#0x28]__text:0000000100118038 E8 03 00 F9 STR X8, [SP]__text:000000010011803C E9 07 00 F9 STR X9, [SP,#8]__text:0000000100118040 E8 A3 01 91 ADD X8, SP, #0x68__text:0000000100118044 E8 0B 00 F9 STR X8, [SP,#0x10]__text:0000000100118048 A6 99 00 94 BL _CCCrypt ; 解密__text:000000010011804C E0 67 00 B9 STR W0, [SP,#0x64]__text:0000000100118050 EA 67 40 B9 LDR W10, [SP,#0x64]__text:0000000100118054 2A 02 00 35 CBNZ W10, loc_100118098__text:0000000100118058 88 01 00 D0 ADRP X8, #selRef_dataWithBytesNoCopy_length_@PAGE__text:000000010011805C 08 A1 02 91 ADD X8, X8, #selRef_dataWithBytesNoCopy_length_@PAGEOFF__text:0000000100118060 89 01 00 D0 ADRP X9, #classRef_NSData@PAGE__text:0000000100118064 29 61 2F 91 ADD X9, X9, #classRef_NSData@PAGEOFF__text:0000000100118068 29 01 40 F9 LDR X9, [X9] ; _OBJC_CLASS_$_NSData__text:000000010011806C E2 3B 40 F9 LDR X2, [SP,#0x70]__text:0000000100118070 E3 37 40 F9 LDR X3, [SP,#0x68]__text:0000000100118074 01 01 40 F9 LDR X1, [X8] ; unk_190A84C9A__text:0000000100118078 E0 03 09 AA MOV X0, X9__text:000000010011807C B6 9A 00 94 BL _objc_msgSend__text:0000000100118080 FD 03 1D AA MOV X29, X29__text:0000000100118084 C9 9A 00 94 BL _objc_retainAutoreleasedReturnValue__text:0000000100118088 A0 83 1C F8 STUR X0, [X29,#-0x38]__text:000000010011808C 2A 00 80 52 MOV W10, #1__text:0000000100118090 EA 63 00 B9 STR W10, [SP,#0x60]__text:0000000100118094 07 00 00 14 B loc_1001180B0__text:0000000100118098__text:0000000100118098 loc_100118098__text:0000000100118098 E0 3B 40 F9 LDR X0, [SP,#0x70]__text:000000010011809C 39 9A 00 94 BL _free__text:00000001001180A0 08 00 80 D2 MOV X8, #0__text:00000001001180A4 A8 83 1C F8 STUR X8, [X29,#-0x38]__text:00000001001180A8 29 00 80 52 MOV W9, #1__text:00000001001180AC E9 63 00 B9 STR W9, [SP,#0x60]__text:00000001001180B0__text:00000001001180B0 loc_1001180B0__text:00000001001180B0 A8 63 01 D1 SUB X8, X29, #0x58__text:00000001001180B4 E0 03 08 AA MOV X0, X8__text:00000001001180B8 08 00 80 D2 MOV X8, #0__text:00000001001180BC E1 03 08 AA MOV X1, X8__text:00000001001180C0 C6 9A 00 94 BL _objc_storeStrong__text:00000001001180C4 A8 43 01 D1 SUB X8, X29, #0x50__text:00000001001180C8 E0 03 08 AA MOV X0, X8__text:00000001001180CC 08 00 80 D2 MOV X8, #0__text:00000001001180D0 E1 03 08 AA MOV X1, X8__text:00000001001180D4 C1 9A 00 94 BL _objc_storeStrong__text:00000001001180D8 A8 83 5C F8 LDUR X8, [X29,#-0x38]__text:00000001001180DC E0 03 08 AA MOV X0, X8__text:00000001001180E0 79 9A 00 94 BL _objc_autoreleaseReturnValue__text:00000001001180E4 68 01 00 90 ADRP X8, #___stack_chk_guard_ptr@PAGE__text:00000001001180E8 08 41 40 F9 LDR X8, [X8,#___stack_chk_guard_ptr@PAGEOFF]__text:00000001001180EC 08 01 40 F9 LDR X8, [X8]__text:00000001001180F0 A9 83 5F F8 LDUR X9, [X29,#-8]__text:00000001001180F4 1F 01 09 EB CMP X8, X9__text:00000001001180F8 E0 13 00 F9 STR X0, [SP,#0x20]__text:00000001001180FC A1 00 00 54 B.NE loc_100118110__text:0000000100118100 E0 13 40 F9 LDR X0, [SP,#0x20]__text:0000000100118104 FD 7B 4E A9 LDP X29, X30, [SP,#0xE0]__text:0000000100118108 FF C3 03 91 ADD SP, SP, #0xF0__text:000000010011810C C0 03 5F D6 RET
最终得到服务器返回解密后的结果:
{"err": 0,"rid": "A52E1D:6CE264:XXXXXX:2c00","cdd": "D2HkrQluKgF0FRDGLsNm/npb8l+x3ZJKlCHXf3aQ4XXXXXX","cck": "194","rdm": "177","qid": "56076342-6AA8-4EF3-A3B3-FF0E2XXXXXX"}
rid: 终端通过IDFA生成的did。
cdd:服务器下发的可信ID。
qid: 终端IDFA。
五、如何攻破可信ID,可信ID是否真的可信?
1、通过修IDFA与硬件属性返回新ID。
2、替换成指定机器的信息返回对应的可信ID。
3、基于历史存量可信ID也不能100%补全。
4、在刷机后可信ID稳定性在50%左右。
六、总结
1、对于推送广告的平台,有了这ID,就能把一个用户研究地明明白白,它比你妈妈都知道你在什么时候需要“穿上一条秋裤”了。但是面对IOS 14的严格限制该产品的可信ID效果也会大打折扣。
2、在安全方面该产品只做了字符串加密、类名、方法名混淆,安全能力稍显不足。
文章来源: https://mp.weixin.qq.com/s?__biz=MzU3MDc0MTY1MA==&mid=2247483886&idx=1&sn=72fbb8ebc8b76db6a71f0a5b70089624&chksm=fceb8713cb9c0e0596e657029d8460be625de4bc82cc81a55ad0b3fe15c3bb7c142206f2ac5e&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh