目录:
一、行业背景
二、什么是可信ID?
三、可信ID的应用场景
四、可信ID原理分析
五、如何攻破可信ID,可信ID是否真的可信?
六、总结
随着全球范围内移动业务的全面发展,采取移动为主策略的营销人员具有独特的优势,能够为他们的品牌带来最大的成功。根据Zenith估计,到2020年移动设备将占全球广告市场的30%以上。
今年苹果秋季发布会上苹果介绍对用户隐私保护继续升级。从官方披露的公开信息来看,iOS 14的用户隐私保护更新将让用户更加知悉自己个人数据的使用情况,并进一步约束App追踪用户隐私的能力。限制“广告客户标识符”(IDFA)更新已确定延期至明年初执行,这将是一个会极大影响App定制化广告收入的用户数据追踪功能。
目前大多广告依赖IDFA和用户数据进行广告投放和优化。iOS 14 之后,IDFA的授权从设备层面移动到app层面。因此,如果用户需要对每个app进行授权。行业预计:只有20%左右的用户会进行授权;而如果80%的用户不进行授权,那么绝大部分app的都不能进行标识用户身份、归因、推荐、唤醒等。用户不授权跟踪(没有IDFA)之后,怎么办?如果拿不到用户的IDFA授权,或者长远看苹果不再支持IDFA怎么办?
可信ID是移动设备唯一性识别技术,在终端IMEI、MAC、OAID及iOS自带“IDFA”难稳定获取及 易被篡改的情况下,通过派发不易被篡改的更稳定终端唯一标识,为APP开发者提供更可信赖的唯一ID,作为数据运营统计基准,有效识别设备篡改、虚拟机等作弊行为,识别应用登陆及其它后续行为中的作弊风险,数据实时、准确可靠且可用于独立佐证。
可信ID及对应状态可实时识别虚拟机、作弊环境,结合客户账户体系,在激活、登陆等节点事前识别业务风险。
以可信ID为基准,依托数盟全域覆盖及判定能力,可有效判断应用安装未激活、卸载及换机状态,提供关键运营数据赋能。
如图1所示:
图1
读取本地ID,如果本地未有缓存ID,将请求服务器计算ID,代码如下:
v18 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("cs+/NyxzuGM+4ZVOsVQBOA=="));// cdid_du
v19 = objc_retainAutoreleasedReturnValue(v18);
v20 = v19;
v21 = objc_msgSend(v17, &objectForKey_, v19);// 读取本地ID
cdid_du = objc_retainAutoreleasedReturnValue(v21);
objc_release(v20);
objc_release(v17);
if ( (signed __int64)v12 < 1 || v143 || !cdid_du )
{
+[FxLNxvmwQHTxxT xxxHxbaeMxfxxe](&OBJC_CLASS___FxLNxvmwQHTxxT, "xxxHxbaeMxfxxe");
v31 = (void *)objc_alloc(&OBJC_CLASS___AClNsOHxEnxxFq);
v32 = objc_msgSend(v31, (const char *)&unk_190A2D5CF);
v138 = v32;
v33 = objc_msgSend(v32, "rmxhgtexxxYJsr");
v137 = (void *)objc_retainAutoreleasedReturnValue(v33);
v136 = 0;
for ( i = 0; i < 5; ++i )
{
if ( !((unsigned __int64)objc_msgSend(v137, (const char *)&unk_190A2E27E, &stru_100144878) & 1) && v137 )
{
v37 = (void *)objc_alloc(&OBJC_CLASS___xxYuxCNxkKxxZe);
v134 = objc_msgSend(v37, (const char *)&unk_190A2D5CF);
v133 = objc_msgSend(v134, "GlvxhXtNyNxYxb::", v137, 1LL);// 如果本地未缓存ID,请求服务器获取cdid_du
if ( v133 == &unk_C8 )
{
v38 = objc_msgSend(&OBJC_CLASS___NSUserDefaults, (const char *)&unk_190A34E33);
v132 = (void *)objc_retainAutoreleasedReturnValue(v38);
v131 = (char *)objc_msgSend(v132, (const char *)&unk_190A736EE, CFSTR("rseq"));
v39 = v132;
采集设备信息加密上报服务器计算ID:
id __cdecl getSystemInfo_simulateIDFA2_3_4(BlGpxJxgAacxme *self, SEL a2)
{
__int128 v387; // [xsp+760h] [xbp-30h]
SEL v388; // [xsp+770h] [xbp-20h]
BlGpxJxgAacxme *v389; // [xsp+778h] [xbp-18h]
v389 = self;
v388 = a2;
v2 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"sharedSingleton");
*((_QWORD *)&v387 + 1) = objc_retainAutoreleasedReturnValue(v2);
v3 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "xxicbxDxMDxxxe");
*(_QWORD *)&v387 = objc_retainAutoreleasedReturnValue(v3);
v4 = (void *)objc_alloc(&OBJC_CLASS___NSDictionary);
*((_QWORD *)&v386 + 1) = objc_msgSend(v4, "init");
v5 = (void *)objc_alloc(&OBJC_CLASS___NSDictionary);
*(_QWORD *)&v386 = objc_msgSend(v5, "init");
v6 = (void *)objc_alloc(&OBJC_CLASS___xxxNxNxxfRxxxx);
v385 = objc_msgSend(v6, "init");
v7 = (void *)objc_alloc(&OBJC_CLASS___txxxxYxxxISEgq);
v384 = objc_msgSend(v7, "init");
v351 = v384;
v8 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));
v9 = objc_retainAutoreleasedReturnValue(v8);
v350 = v9;
v10 = objc_msgSend(v384, "xiOExnwjxvxxxV::", v9, 1LL);
v383 = (void *)objc_retainAutoreleasedReturnValue(v10);
objc_release(v350);
v11 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);// tojson
v382 = objc_retainAutoreleasedReturnValue(v11);
v349 = v384;
v12 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v348 = objc_retainAutoreleasedReturnValue(v12);
v347 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v348, v382, 1LL);
objc_release(v348);
v346 = v384;
v13 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v345 = objc_retainAutoreleasedReturnValue(v13);
v344 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v345, v382, 2LL);
objc_release(v345);
if ( !((unsigned __int64)objc_msgSend(v383, "isEqualToString:", &stru_100108878)
v292 = objc_retainAutoreleasedReturnValue(v46);
v47 = objc_msgSend(
&OBJC_CLASS___NSDictionary,
&aDictionarywith,
v300,
CFSTR("se1"),
v299,
CFSTR("fW2"),
v298,
CFSTR("sf2W"),
v297,
CFSTR("js2"),
v296,
CFSTR("sj2s"),
v377,
CFSTR("qH4"),
v376,
CFSTR("zT2"),
v293,
CFSTR("gy8"),
v292,
CFSTR("sg8y"),
0LL);
v48 = objc_retainAutoreleasedReturnValue(v47);
v49 = *((_QWORD *)&v386 + 1);
*((_QWORD *)&v386 + 1) = v48;
objc_release(v49);
objc_release(v292);
objc_release(v293);
objc_release(v296);
objc_release(v297);
objc_release(v298);
objc_release(v299);
objc_release(v300);
objc_release(v302);
objc_storeStrong(&v375, 0LL);
}
else
{
v291 = &OBJC_CLASS___NSDictionary;
v290 = v380;
v50 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));
v289 = objc_retainAutoreleasedReturnValue(v50);
v288 = v289;
v51 = objc_msgSend(v380, &objectForKeyedSubscript_, v289);
v287 = objc_retainAutoreleasedReturnValue(v51);
v52 = objc_msgSend(v379, &objectAtIndexedSubscript_, 0LL);
v286 = objc_retainAutoreleasedReturnValue(v52);
v53 = objc_msgSend(v379, &objectAtIndexedSubscript_, 1LL);
v285 = objc_retainAutoreleasedReturnValue(v53);
v54 = objc_msgSend(v378, &objectAtIndexedSubscript_, 0LL);
v284 = objc_retainAutoreleasedReturnValue(v54);
v55 = objc_msgSend(v378, &objectAtIndexedSubscript_, 1LL);
v170 = 0LL;
v169 = CFSTR("zT2");
v168 = v376;
v167 = CFSTR("qH4");
v166 = v377;
v165 = CFSTR("sj2s");
v163 = CFSTR("js2");
v162 = v284;
v161 = CFSTR("sf2W");
v160 = v285;
v159 = CFSTR("fW2");
v158 = v286;
v157 = CFSTR("se1");
v283 = objc_retainAutoreleasedReturnValue(v55);
v56 = objc_msgSend(
&OBJC_CLASS___NSDictionary,
&aDictionarywith,
v287,
CFSTR("se1"),
v286,
CFSTR("fW2"),
v285,
CFSTR("sf2W"),
v284,
CFSTR("js2"),
v283,
CFSTR("sj2s"),
v377,
CFSTR("qH4"),
v376,
CFSTR("zT2"),
0LL);
v57 = objc_retainAutoreleasedReturnValue(v56);
v58 = *((_QWORD *)&v386 + 1);
*((_QWORD *)&v386 + 1) = v57;
objc_release(v58);
objc_release(v283);
objc_release(v284);
objc_release(v285);
objc_release(v286);
objc_release(v287);
objc_release(v289);
}
objc_storeStrong(&v376, 0LL);
objc_storeStrong(&v377, 0LL);
objc_storeStrong(&v378, 0LL);
objc_storeStrong(&v379, 0LL);
objc_storeStrong(&v380, 0LL);
}
else
{
v343 = v384;
v14 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));
v15 = objc_retainAutoreleasedReturnValue(v14);
v342 = v15;
v16 = objc_msgSend(v384, "xiOExnwjxvxxxV::", v15, 2LL);
v17 = (void *)objc_retainAutoreleasedReturnValue(v16);
v18 = v383;
v383 = v17;
objc_release(v18);
objc_release(v342);
if ( !((unsigned __int64)objc_msgSend(v383, "isEqualToString:", &stru_100108878) & 1) && v383 )
{
v335 = v384;
v22 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));
v334 = objc_retainAutoreleasedReturnValue(v22);
v333 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v334, v383, 1LL);
objc_release(v334);
}
else
{
v19 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);
v381 = objc_retainAutoreleasedReturnValue(v19);
v341 = v384;
v20 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));
v340 = objc_retainAutoreleasedReturnValue(v20);
v339 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v340, v381, 1LL);
objc_release(v340);
v338 = v384;
v21 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("TPS81+lSXz3nS0TDS2KiMA=="));
v337 = objc_retainAutoreleasedReturnValue(v21);
v336 = (unsigned __int64)objc_msgSend(v384, "ExxWKxxtZdtAMN:::", v337, v381, 2LL);
objc_release(v337);
objc_storeStrong((char *)&v386 + 8, v387);
objc_storeStrong(&v381, 0LL);
}
}
v282 = v384;
v59 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v60 = objc_retainAutoreleasedReturnValue(v59);
v281 = v60;
v61 = objc_msgSend(v282, "xiOExnwjxvxxxV::", v60, 1LL);
v374 = (void *)objc_retainAutoreleasedReturnValue(v61);
objc_release(v281);
if ( !((unsigned __int64)objc_msgSend(v374, "isEqualToString:", &stru_100108878) & 1) && v374 )
{
v68 = objc_msgSend(v385, "uxWxWrCxxxxjyx:", v374);
v373 = (void *)objc_retainAutoreleasedReturnValue(v68);
v275 = (void *)*((_QWORD *)&v387 + 1);
v274 = v373;
v69 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("vObXs+x9vhDcXdpKshNtFw=="));// idfa
v273 = objc_retainAutoreleasedReturnValue(v69);
idfa_1 = v273;
v70 = objc_msgSend(v373, &objectForKeyedSubscript_, v273);
idfa_3 = objc_retainAutoreleasedReturnValue(v70);
v270 = idfa_3;
v71 = objc_msgSend(v275, "GBkCxErcvAxxDf:", idfa_3);// enc_fild
enc_idfa_3 = (void *)objc_retainAutoreleasedReturnValue(v71);
objc_release(idfa_3);
objc_release(v273);
v269 = (void *)*((_QWORD *)&v387 + 1);
v268 = v373;
v72 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("uPUdV+fjkO9vswOQpPrXTg=="));
v267 = objc_retainAutoreleasedReturnValue(v72);
v266 = v267;
v73 = objc_msgSend(v373, &objectForKeyedSubscript_, v267);
v265 = objc_retainAutoreleasedReturnValue(v73);
v264 = v265;
v74 = objc_msgSend(v269, "GBkCxErcvAxxDf:", v265);// enc_fild
v371 = (void *)objc_retainAutoreleasedReturnValue(v74);
objc_release(v265);
objc_release(v267);
v263 = (void *)*((_QWORD *)&v387 + 1);
v262 = v373;
v75 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("2xxmKRFKCcr5XU2+msFR+A=="));
v261 = objc_retainAutoreleasedReturnValue(v75);
v260 = v261;
v76 = objc_msgSend(v373, &objectForKeyedSubscript_, v261);
v259 = objc_retainAutoreleasedReturnValue(v76);
v258 = v259;
v77 = objc_msgSend(v263, "HxWTSXOxluCtkx:", v259);
v370 = objc_retainAutoreleasedReturnValue(v77);
objc_release(v259);
objc_release(v261);
v257 = (void *)*((_QWORD *)&v387 + 1);
v256 = v373;
v78 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("+nnUEO7y67rRr/puoH0wmQ=="));
v255 = objc_retainAutoreleasedReturnValue(v78);
v254 = v255;
v79 = objc_msgSend(v373, &objectForKeyedSubscript_, v255);
v253 = objc_retainAutoreleasedReturnValue(v79);
v252 = v253;
v80 = objc_msgSend(v257, "HxWTSXOxluCtkx:", v253);
v369 = objc_retainAutoreleasedReturnValue(v80);
objc_release(v253);
objc_release(v255);
v81 = objc_msgSend(v373, &objectForKeyedSubscript_, CFSTR("gy8"));
v251 = objc_retainAutoreleasedReturnValue(v81);
objc_release(v251);
if ( v251 )
{
v250 = (void *)*((_QWORD *)&v387 + 1);
v82 = objc_msgSend(v373, &objectForKeyedSubscript_, CFSTR("gy8"));
v249 = objc_retainAutoreleasedReturnValue(v82);
v248 = v249;
v83 = objc_msgSend(v250, "GBkCxErcvAxxDf:", v249);// enc_fild
v368 = (void *)objc_retainAutoreleasedReturnValue(v83);
objc_release(v249);
v247 = &OBJC_CLASS___NSDictionary;
v246 = v373;
v84 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));
v245 = objc_retainAutoreleasedReturnValue(v84);
v244 = v245;
v85 = objc_msgSend(v373, &objectForKeyedSubscript_, v245);
v243 = objc_retainAutoreleasedReturnValue(v85);
v86 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 0LL);
idfa_enc = objc_retainAutoreleasedReturnValue(v86);
v87 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 1LL);
idfa_enc_1 = objc_retainAutoreleasedReturnValue(v87);
v88 = objc_msgSend(v371, &objectAtIndexedSubscript_, 0LL);
v240 = objc_retainAutoreleasedReturnValue(v88);
v89 = objc_msgSend(v371, &objectAtIndexedSubscript_, 1LL);
v239 = objc_retainAutoreleasedReturnValue(v89);
v238 = v370;
v237 = v369;
v90 = objc_msgSend(v368, &objectAtIndexedSubscript_, 0LL);
v236 = objc_retainAutoreleasedReturnValue(v90);
v91 = objc_msgSend(v368, &objectAtIndexedSubscript_, 1LL);
v174 = 0LL;
sg8y = CFSTR("sg8y");
gy8 = CFSTR("gy8");
v170 = v236;
v169 = CFSTR("zT2");
v167 = CFSTR("qH4");
v165 = CFSTR("sj2s");
v164 = v239;
v163 = CFSTR("js2");
v162 = v240;
v161 = CFSTR("sf2W");
v160 = idfa_enc_1;
v159 = CFSTR("fW2");
v158 = idfa_enc;
v157 = CFSTR("se1");
v235 = objc_retainAutoreleasedReturnValue(v91);
v92 = objc_msgSend(
&OBJC_CLASS___NSDictionary,
&aDictionarywith,
v243,
CFSTR("se1"),
idfa_enc,
CFSTR("fW2"),
idfa_enc_1,
CFSTR("sf2W"),
v240,
CFSTR("js2"),
v239,
CFSTR("sj2s"),
v370,
CFSTR("qH4"),
v369,
CFSTR("zT2"),
v236,
CFSTR("gy8"),
v235,
CFSTR("sg8y"),
0LL);
v93 = objc_retainAutoreleasedReturnValue(v92);
v94 = v386;
*(_QWORD *)&v386 = v93;
objc_release(v94);
objc_release(v235);
objc_release(v236);
objc_release(v239);
objc_release(v240);
objc_release(idfa_enc_1);
objc_release(idfa_enc);
objc_release(v243);
objc_release(v245);
objc_storeStrong(&v368, 0LL);
}
else
{
v234 = &OBJC_CLASS___NSDictionary;
v233 = v373;
v95 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("WYGspWgo0hgt+ZxFpTdD6Q=="));
v232 = objc_retainAutoreleasedReturnValue(v95);
v231 = v232;
v96 = objc_msgSend(v373, &objectForKeyedSubscript_, v232);
v230 = objc_retainAutoreleasedReturnValue(v96);
v97 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 0LL);
v229 = objc_retainAutoreleasedReturnValue(v97);
v98 = objc_msgSend(enc_idfa_3, &objectAtIndexedSubscript_, 1LL);
v228 = objc_retainAutoreleasedReturnValue(v98);
v99 = objc_msgSend(v371, &objectAtIndexedSubscript_, 0LL);
v227 = objc_retainAutoreleasedReturnValue(v99);
v100 = objc_msgSend(v371, &objectAtIndexedSubscript_, 1LL);
v170 = 0LL;
v169 = CFSTR("zT2");
v168 = v369;
v167 = CFSTR("qH4");
v166 = v370;
v165 = CFSTR("sj2s");
v163 = CFSTR("js2");
v162 = v227;
v161 = CFSTR("sf2W");
v160 = v228;
v159 = CFSTR("fW2");
v158 = v229;
v157 = CFSTR("se1");
v226 = objc_retainAutoreleasedReturnValue(v100);
v101 = objc_msgSend(
&OBJC_CLASS___NSDictionary,
&aDictionarywith,
v230,
CFSTR("se1"),
v229,
CFSTR("fW2"),
v228,
CFSTR("sf2W"),
v227,
CFSTR("js2"),
v226,
CFSTR("sj2s"),
v370,
CFSTR("qH4"),
v369,
CFSTR("zT2"),
0LL);
v102 = objc_retainAutoreleasedReturnValue(v101);
v103 = v386;
*(_QWORD *)&v386 = v102;
objc_release(v103);
objc_release(v226);
objc_release(v227);
objc_release(v228);
objc_release(v229);
objc_release(v230);
objc_release(v232);
}
objc_storeStrong(&v369, 0LL);
objc_storeStrong(&v370, 0LL);
objc_storeStrong(&v371, 0LL);
objc_storeStrong(&enc_idfa_3, 0LL);
objc_storeStrong(&v373, 0LL);
}
else
{
v280 = v384;
v62 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v63 = objc_retainAutoreleasedReturnValue(v62);
v279 = v63;
v64 = objc_msgSend(v280, "xiOExnwjxvxxxV::", v63, 2LL);
v65 = (void *)objc_retainAutoreleasedReturnValue(v64);
v66 = v374;
v374 = v65;
objc_release(v66);
objc_release(v279);
if ( !((unsigned __int64)objc_msgSend(v374, "isEqualToString:", &stru_100108878) & 1) && v374 )
{
v278 = v384;
v67 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v277 = objc_retainAutoreleasedReturnValue(v67);
v276 = (unsigned __int64)objc_msgSend(v278, "ExxWKxxtZdtAMN:::", v277, v374, 1LL);
objc_release(v277);
}
else
{
objc_storeStrong(&v386, v387);
}
}
v104 = objc_msgSend(v385, "DOFDFCxmFLtxXN:", (_QWORD)v387);
v367 = objc_retainAutoreleasedReturnValue(v104);
v225 = v384;
v105 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v224 = objc_retainAutoreleasedReturnValue(v105);
v223 = (unsigned __int64)objc_msgSend(v225, "ExxWKxxtZdtAMN:::", v224, v367, 1LL);
objc_release(v224);
v222 = v384;
v106 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("RS8OjrvAAW1HJKqFZrTqcA=="));
v221 = objc_retainAutoreleasedReturnValue(v106);
v220 = (unsigned __int64)objc_msgSend(v222, "ExxWKxxtZdtAMN:::", v221, v367, 2LL);
objc_release(v221);
v107 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "uFxDJAxsGxyOOx");
v366 = objc_retainAutoreleasedReturnValue(v107);
v108 = (void *)objc_retain(g_strIDSource);
v365 = v108;
v219 = &OBJC_CLASS___NSNumber;
v109 = objc_msgSend(v108, "integerValue");
v218 = v109;
v110 = objc_msgSend(&OBJC_CLASS___NSNumber, (const char *)&unk_1904A64E2, v109);
v364 = objc_retainAutoreleasedReturnValue(v110);
v111 = (FxLNxvmwQHTxxT *)+[FxLNxvmwQHTxxT sharedInstance](&OBJC_CLASS___FxLNxvmwQHTxxT, "sharedInstance");
v112 = (void *)objc_retainAutoreleasedReturnValue(v111);
v363 = v112;
v113 = objc_msgSend(v112, "strCustomerId");
v362 = objc_retainAutoreleasedReturnValue(v113);
*(_OWORD *)v217 = v387;
v114 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("2xxmKRFKCcr5XU2+msFR+A=="));
v216 = objc_retainAutoreleasedReturnValue(v114);
v215 = v216;
v115 = objc_msgSend(v217[0], &objectForKeyedSubscript_, v216);
v214 = objc_retainAutoreleasedReturnValue(v115);
v213 = v214;
v116 = objc_msgSend(v217[1], "HxWTSXOxluCtkx:", v214);
v361 = objc_retainAutoreleasedReturnValue(v116);
objc_release(v214);
objc_release(v216);
*(_OWORD *)v212 = v387;
v117 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("+nnUEO7y67rRr/puoH0wmQ=="));
v211 = objc_retainAutoreleasedReturnValue(v117);
v210 = v211;
v118 = objc_msgSend(v212[0], &objectForKeyedSubscript_, v211);
v209 = objc_retainAutoreleasedReturnValue(v118);
v208 = v209;
v119 = objc_msgSend(v212[1], "HxWTSXOxluCtkx:", v209);
v360 = objc_retainAutoreleasedReturnValue(v119);
objc_release(v209);
objc_release(v211);
*(_OWORD *)v207 = v387;
v120 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("vObXs+x9vhDcXdpKshNtFw=="));
key_idfa = objc_retainAutoreleasedReturnValue(v120);
v205 = key_idfa;
v121 = objc_msgSend(v207[0], &objectForKeyedSubscript_, key_idfa);
idfa_2 = objc_retainAutoreleasedReturnValue(v121);
v203 = idfa_2;
v122 = objc_msgSend(v207[1], "GBkCxErcvAxxDf:", idfa_2);// enc_fild
enc_idfa = (void *)objc_retainAutoreleasedReturnValue(v122);
objc_release(idfa_2);
objc_release(key_idfa);
*(_OWORD *)v202 = v387;
v123 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("uPUdV+fjkO9vswOQpPrXTg=="));
key_idfv = objc_retainAutoreleasedReturnValue(v123);
v200 = key_idfv;
v124 = objc_msgSend(v202[0], &objectForKeyedSubscript_, key_idfv);
idfv = objc_retainAutoreleasedReturnValue(v124);
v198 = idfv;
v125 = objc_msgSend(v202[1], "GBkCxErcvAxxDf:", idfv);// enc_fild
enc_idfv = (void *)objc_retainAutoreleasedReturnValue(v125);
objc_release(idfv);
objc_release(key_idfv);
v126 = ((id (__cdecl *)(BlGpxJxgAacxme *, SEL))objc_msgSend)(v389, "aoxvxLxSXxxbGf");
v127 = (void *)objc_retainAutoreleasedReturnValue(v126);
v357 = v127;
v128 = objc_msgSend(*((void **)&v387 + 1), "GBkCxErcvAxxDf:", v127);// enc_fild
v356 = (void *)objc_retainAutoreleasedReturnValue(v128);
v129 = (void *)objc_retain(g_idfaSource);
v355 = v129;
v197 = &OBJC_CLASS___NSNumber;
v130 = objc_msgSend(v129, "integerValue");
v196 = v130;
v131 = objc_msgSend(&OBJC_CLASS___NSNumber, (const char *)&unk_1904A64E2, v130);
v354 = objc_retainAutoreleasedReturnValue(v131);
v353 = objc_retain(&stru_100108878);
v132 = objc_msgSend(&OBJC_CLASS___NSFileManager, (const char *)&unk_1904AB06A);
v133 = (void *)objc_retainAutoreleasedReturnValue(v132);
v195 = v133;
v134 = objc_msgSend(v133, (const char *)&unk_1A14609D6, 0LL);
v194 = objc_retainAutoreleasedReturnValue(v134);
objc_release(v194);
objc_release(v195);
if ( v194 )
{
v135 = objc_msgSend(&OBJC_CLASS___NSUbiquitousKeyValueStore, (const char *)&unk_1977146F8);
v193 = (void *)objc_retainAutoreleasedReturnValue(v135);
v136 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("cs+/NyxzuGM+4ZVOsVQBOA=="));
v137 = objc_retainAutoreleasedReturnValue(v136);
v192 = v137;
v138 = objc_msgSend(v193, (const char *)&unk_1904B0BF7, v137);
v139 = objc_retainAutoreleasedReturnValue(v138);
v140 = v353;
v353 = v139;
objc_release(v140);
objc_release(v192);
objc_release(v193);
}
v191 = &OBJC_CLASS___NSDictionary;
v141 = objc_msgSend(enc_idfa, &objectAtIndexedSubscript_, 0LL);
enc_idfa_1 = objc_retainAutoreleasedReturnValue(v141);
v142 = objc_msgSend(enc_idfa, &objectAtIndexedSubscript_, 1LL);
enc_idfa_2 = objc_retainAutoreleasedReturnValue(v142);
v143 = objc_msgSend(enc_idfv, &objectAtIndexedSubscript_, 0LL);
enc_idfv_1 = objc_retainAutoreleasedReturnValue(v143);
enc_idfv_2 = objc_msgSend(enc_idfv, &objectAtIndexedSubscript_, 1LL);
v170 = 0LL;
v169 = CFSTR("zT2");
v168 = v360;
v167 = CFSTR("se1");
v166 = v366;
v165 = CFSTR("qH4");
v164 = v361;
v163 = CFSTR("sj2s");
v161 = CFSTR("js2");
v160 = enc_idfv_1;
v159 = CFSTR("sf2W");
v158 = enc_idfa_2;
v157 = CFSTR("fW2");
v187 = objc_retainAutoreleasedReturnValue(enc_idfv_2);
v145 = objc_msgSend(
&OBJC_CLASS___NSDictionary,
&aDictionarywith,
enc_idfa_1,
CFSTR("fW2"),
enc_idfa_2,
CFSTR("sf2W"),
enc_idfv_1,
CFSTR("js2"),
v187,
CFSTR("sj2s"),
v361,
CFSTR("qH4"),
v366,
CFSTR("se1"),
v360,
CFSTR("zT2"),
0LL);
v146 = objc_retainAutoreleasedReturnValue(v145);
v147 = v387;
*(_QWORD *)&v387 = v146;
objc_release(v147);
objc_release(v187);
objc_release(enc_idfv_1);
objc_release(enc_idfa_2);
objc_release(enc_idfa_1);
v352 = 0LL;
if ( !v357 || (unsigned __int64)objc_msgSend(v357, "isEqualToString:",
return (id)objc_autoreleaseReturnValue(v178);
}
将获取到与生成ID有关的字段进行加密处理,加密IDFA两种方式,第一是直接加密IDFA:
// 加密字段
id __cdecl -[EdkxBSqSeZInGK GBkCxErcvAxxDf:](EdkxBSqSeZInGK *self, SEL a2, id a3)
{
v385 = 4423598488041029675LL;
v307 = self;
v306 = a2;
v305 = 0LL;
v237 = 4423598488041029675LL;
objc_storeStrong(&v305, a3);
if ( v305 && !((unsigned __int64)objc_msgSend(v305, "isEqualToString:", &stru_100108878) & 1) )
{
v303 = (void *)objc_retain(&stru_100108878);
v302 = (signed __int64)objc_msgSend(*((void **)v307 + 1), "integerValue") % 100;
v4 = (void *)*((_QWORD *)v307 + 1);
v236 = 100LL;
v5 = objc_msgSend(v4, "substringToIndex:", 1LL);
v301 = (void *)objc_retainAutoreleasedReturnValue(v5);
v6 = objc_msgSend(v307, "xxxFhxnEIogmEY:", v305);
v7 = (void *)objc_retainAutoreleasedReturnValue(v6);
v300 = v7;
v8 = objc_msgSend(v7, (const char *)&unk_1904A27C2, 0LL);
v9 = (void *)objc_retainAutoreleasedReturnValue(v8);
v10 = v305;
v305 = v9;
objc_release(v10);
for ( i = 0; ; ++i )
{
v235 = i;
v11 = objc_msgSend(v305, "length");
if ( v235 >= (unsigned __int64)v11 )
break;
v12 = (unsigned __int64)objc_msgSend(v305, "characterAtIndex:", i);
v297 = v302 % 50 + 1;
v298 = v297 + v12;
if ( v297 + v12 > 126 )
v298 -= 95;
v154 = v298;
v234 = v303;
v13 = unk_18A4FB144(&OBJC_CLASS___NSString, "stringWithFormat:", CFSTR("%c"), v298);
v14 = objc_retainAutoreleasedReturnValue(v13);
v233 = v14;
v15 = objc_msgSend(v234, "stringByAppendingString:", v14);
v16 = (void *)objc_retainAutoreleasedReturnValue(v15);
v17 = v303;
v303 = v16;
objc_release(v17);
objc_release(v233);
}
v296 = (signed int)objc_msgSend(v301, "intValue") % 4;
v232 = 4;
*((_QWORD *)&v295 + 1) = objc_retain(&stru_100108878);
if ( v296 )
{
switch ( v296 )
{
case 1:
if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 )
{
v196 = v303;
v195 = (const char **)&selRef_length;
v75 = (unsigned __int64)objc_msgSend(v303, "length");
v76 = objc_msgSend(v196, "substringToIndex:", v75 >> 1);
v271 = (void *)objc_retainAutoreleasedReturnValue(v76);
v77 = *v195;
v194 = v303;
v78 = (unsigned __int64)objc_msgSend(v303, v77);
v79 = objc_msgSend(v194, "substringFromIndex:", (v78 >> 1) + 1);
v270 = (void *)objc_retainAutoreleasedReturnValue(v79);
v80 = *v195;
v193 = v303;
v81 = (unsigned __int64)objc_msgSend(v303, v80);
v338 = v81 >> 1;
v337 = 1LL;
v339 = v81 >> 1;
v340 = 1LL;
v268 = 1LL;
v267 = v81 >> 1;
v82 = objc_msgSend(v193, &substringWithRange_, v81 >> 1, 1LL);
v269 = objc_retainAutoreleasedReturnValue(v82);
for ( j = 0; ; ++j )
{
v192 = j;
v83 = (unsigned __int64)objc_msgSend(v303, "length");
if ( v192 >= v83 >> 1 )
break;
v191 = (void *)*((_QWORD *)&v295 + 1);
v190 = v270;
v84 = (char *)objc_msgSend(v270, "length");
v342 = &v84[~(signed __int64)j];
v341 = 1LL;
v343 = &v84[~(signed __int64)j];
v344 = 1LL;
v265 = 1LL;
v264 = &v84[~(signed __int64)j];
v189 = 1LL;
v188 = &selRef_length;
v85 = objc_msgSend(v190, &substringWithRange_, v342, 1LL);
v86 = objc_retainAutoreleasedReturnValue(v85);
v187 = v86;
v87 = objc_msgSend(v191, "stringByAppendingString:", v86);
v88 = objc_retainAutoreleasedReturnValue(v87);
v89 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v88;
objc_release(v89);
objc_release(v187);
v350 = j;
v349 = v189;
v351 = j;
v352 = v189;
v263 = v189;
v262 = j;
v90 = v188[15];
v186 = (void *)*((_QWORD *)&v295 + 1);
v91 = objc_msgSend(v271, v90, j, v189);
v92 = objc_retainAutoreleasedReturnValue(v91);
v185 = v92;
v93 = objc_msgSend(v186, "stringByAppendingString:", v92);
v94 = objc_retainAutoreleasedReturnValue(v93);
v95 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v94;
objc_release(v95);
objc_release(v185);
}
v96 = objc_msgSend(*((void **)&v295 + 1), "stringByAppendingString:", v269);
v97 = objc_retainAutoreleasedReturnValue(v96);
v98 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v97;
objc_release(v98);
objc_storeStrong(&v269, 0LL);
objc_storeStrong(&v270, 0LL);
objc_storeStrong(&v271, 0LL);
}
else
{
v206 = v303;
v58 = (unsigned __int64)objc_msgSend(v303, "length");
v59 = objc_msgSend(v206, "substringToIndex:", v58 >> 1);
v278 = (void *)objc_retainAutoreleasedReturnValue(v59);
v205 = v303;
v60 = (unsigned __int64)objc_msgSend(v303, "length");
v61 = objc_msgSend(v205, "substringFromIndex:", v60 >> 1);
v277 = (void *)objc_retainAutoreleasedReturnValue(v61);
for ( k = 0; ; ++k )
{
v204 = k;
v62 = (unsigned __int64)objc_msgSend(v303, "length");
if ( v204 >= v62 >> 1 )
break;
v203 = (void *)*((_QWORD *)&v295 + 1);
v202 = v277;
v63 = (char *)objc_msgSend(v277, "length");
v330 = &v63[~(signed __int64)k];
v329 = 1LL;
v331 = &v63[~(signed __int64)k];
v332 = 1LL;
v275 = 1LL;
v274 = &v63[~(signed __int64)k];
v201 = 1LL;
v200 = &selRef_length;
v64 = objc_msgSend(v202, &substringWithRange_, v330, 1LL);
v65 = objc_retainAutoreleasedReturnValue(v64);
v199 = v65;
v66 = objc_msgSend(v203, "stringByAppendingString:", v65);
v67 = objc_retainAutoreleasedReturnValue(v66);
v68 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v67;
objc_release(v68);
objc_release(v199);
v334 = k;
v333 = v201;
v335 = k;
v336 = v201;
v273 = v201;
v272 = k;
v69 = v200[15];
v198 = (void *)*((_QWORD *)&v295 + 1);
v70 = objc_msgSend(v278, v69, k, v201);
v71 = objc_retainAutoreleasedReturnValue(v70);
v197 = v71;
v72 = objc_msgSend(v198, "stringByAppendingString:", v71);
v73 = objc_retainAutoreleasedReturnValue(v72);
v74 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v73;
objc_release(v74);
objc_release(v197);
}
objc_storeStrong(&v277, 0LL);
objc_storeStrong(&v278, 0LL);
}
break;
case 2:
if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 )
{
for ( l = 0; ; ++l )
{
v176 = 2 * l;
v113 = objc_msgSend(v303, "length");
if ( v176 >= (unsigned __int64)v113 )
break;
v175 = (void *)*((_QWORD *)&v295 + 1);
v174 = v303;
v114 = (char *)objc_msgSend(v303, "length");
v362 = &v114[~(signed __int64)(2 * l)];
v361 = 1LL;
v363 = &v114[~(signed __int64)(2 * l)];
v364 = 1LL;
v254 = 1LL;
v253 = &v114[~(signed __int64)(2 * l)];
v115 = objc_msgSend(v174, &substringWithRange_, v253, 1LL);
v116 = objc_retainAutoreleasedReturnValue(v115);
v173 = v116;
v117 = objc_msgSend(v175, "stringByAppendingString:", v116);
v118 = objc_retainAutoreleasedReturnValue(v117);
v119 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v118;
objc_release(v119);
objc_release(v173);
}
for ( m = 0; ; ++m )
{
v172 = 2 * m;
v120 = (char *)objc_msgSend(v303, "length");
if ( v172 >= (unsigned __int64)(v120 - 1) )
break;
v171 = (void *)*((_QWORD *)&v295 + 1);
v170 = v303;
v121 = (char *)objc_msgSend(v303, "length");
v366 = &v121[-2 * m - 2];
v365 = 1LL;
v367 = &v121[-2 * m - 2];
v368 = 1LL;
v251 = 1LL;
v250 = &v121[-2 * m - 2];
v122 = objc_msgSend(v170, &substringWithRange_, v250, 1LL);
v123 = objc_retainAutoreleasedReturnValue(v122);
v169 = v123;
v124 = objc_msgSend(v171, "stringByAppendingString:", v123);
v125 = objc_retainAutoreleasedReturnValue(v124);
v126 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v125;
objc_release(v126);
objc_release(v169);
}
}
else
{
for ( n = 0; ; ++n )
{
v184 = 2 * n;
v99 = objc_msgSend(v303, "length");
if ( v184 >= (unsigned __int64)v99 )
break;
v183 = (void *)*((_QWORD *)&v295 + 1);
v182 = v303;
v100 = (char *)objc_msgSend(v303, "length");
v354 = &v100[~(signed __int64)(2 * n)];
v353 = 1LL;
v355 = &v100[~(signed __int64)(2 * n)];
v356 = 1LL;
v260 = 1LL;
v259 = &v100[~(signed __int64)(2 * n)];
v101 = objc_msgSend(v182, &substringWithRange_, v354, 1LL);
v102 = objc_retainAutoreleasedReturnValue(v101);
v181 = v102;
v103 = objc_msgSend(v183, "stringByAppendingString:", v102);
v104 = objc_retainAutoreleasedReturnValue(v103);
v105 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v104;
objc_release(v105);
objc_release(v181);
}
for ( ii = 0; ; ++ii )
{
v180 = 2 * ii;
v106 = objc_msgSend(v303, "length");
if ( v180 >= (unsigned __int64)v106 )
break;
v179 = (void *)*((_QWORD *)&v295 + 1);
v178 = v303;
v107 = (char *)objc_msgSend(v303, "length");
v358 = &v107[-2 * ii - 2];
v357 = 1LL;
v359 = &v107[-2 * ii - 2];
v360 = 1LL;
v257 = 1LL;
v256 = &v107[-2 * ii - 2];
v108 = objc_msgSend(v178, &substringWithRange_, v256, 1LL);
v109 = objc_retainAutoreleasedReturnValue(v108);
v177 = v109;
v110 = objc_msgSend(v179, "stringByAppendingString:", v109);
v111 = objc_retainAutoreleasedReturnValue(v110);
v112 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v111;
objc_release(v112);
objc_release(v177);
}
}
break;
case 3:
if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 )
{
for ( jj = 0; ; ++jj )
{
v162 = 2 * jj;
v139 = objc_msgSend(v303, "length");
if ( v162 >= (unsigned __int64)v139 )
break;
v370 = 2 * jj;
v369 = 1LL;
v371 = 2 * jj;
v372 = 1LL;
v242 = 1LL;
v241 = 2 * jj;
v161 = (void *)*((_QWORD *)&v295 + 1);
v140 = objc_msgSend(v303, &substringWithRange_, v370, 1LL);
v141 = objc_retainAutoreleasedReturnValue(v140);
v160 = v141;
v142 = objc_msgSend(v161, "stringByAppendingString:", v141);
v143 = objc_retainAutoreleasedReturnValue(v142);
v144 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v143;
objc_release(v144);
objc_release(v160);
}
for ( kk = 0; ; ++kk )
{
v159 = 2 * kk;
v145 = (char *)objc_msgSend(v303, "length");
if ( v159 >= (unsigned __int64)(v145 - 1) )
break;
v346 = 2 * kk | 1;
v345 = 1LL;
v347 = 2 * kk | 1;
v348 = 1LL;
v239 = 1LL;
v238 = 2 * kk | 1;
v158 = (void *)*((_QWORD *)&v295 + 1);
v146 = objc_msgSend(v303, &substringWithRange_, v346, 1LL);
v147 = objc_retainAutoreleasedReturnValue(v146);
v157 = v147;
v148 = objc_msgSend(v158, "stringByAppendingString:", v147);
v149 = objc_retainAutoreleasedReturnValue(v148);
v150 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v149;
objc_release(v150);
objc_release(v157);
}
}
else
{
for ( ll = 0; ; ++ll )
{
v168 = 2 * ll;
v127 = objc_msgSend(v303, "length");
if ( v168 >= (unsigned __int64)v127 )
break;
v374 = 2 * ll;
v373 = 1LL;
v375 = 2 * ll;
v376 = 1LL;
v248 = 1LL;
v247 = 2 * ll;
v167 = (void *)*((_QWORD *)&v295 + 1);
v128 = objc_msgSend(v303, &substringWithRange_, v374, 1LL);
v129 = objc_retainAutoreleasedReturnValue(v128);
v166 = v129;
v130 = objc_msgSend(v167, "stringByAppendingString:", v129);
v131 = objc_retainAutoreleasedReturnValue(v130);
v132 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v131;
objc_release(v132);
objc_release(v166);
}
for ( mm = 0; ; ++mm )
{
v165 = 2 * mm;
v133 = objc_msgSend(v303, "length");
if ( v165 >= (unsigned __int64)v133 )
break;
v378 = 2 * mm | 1;
v377 = 1LL;
v379 = 2 * mm | 1;
v380 = 1LL;
v245 = 1LL;
v244 = 2 * mm | 1;
v164 = (void *)*((_QWORD *)&v295 + 1);
v134 = objc_msgSend(v303, &substringWithRange_, v378, 1LL);
v135 = objc_retainAutoreleasedReturnValue(v134);
v163 = v135;
v136 = objc_msgSend(v164, "stringByAppendingString:", v135);
v137 = objc_retainAutoreleasedReturnValue(v136);
v138 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v137;
objc_release(v138);
objc_release(v163);
}
}
break;
}
}
else if ( (unsigned __int64)objc_msgSend(v303, "length") & 1 )
{
v220 = v303;
v219 = (const char **)&selRef_length;
v36 = (unsigned __int64)objc_msgSend(v303, "length");
v37 = objc_msgSend(v220, "substringToIndex:", v36 >> 1);
v288 = (void *)objc_retainAutoreleasedReturnValue(v37);
v38 = *v219;
v218 = v303;
v39 = (unsigned __int64)objc_msgSend(v303, v38);
v40 = objc_msgSend(v218, "substringFromIndex:", (v39 >> 1) + 1);
v287 = (void *)objc_retainAutoreleasedReturnValue(v40);
v41 = *v219;
v217 = v303;
v42 = (unsigned __int64)objc_msgSend(v303, v41);
v318 = v42 >> 1;
v317 = 1LL;
v319 = v42 >> 1;
v320 = 1LL;
v285 = 1LL;
v284 = v42 >> 1;
v43 = objc_msgSend(v217, &substringWithRange_, v42 >> 1, 1LL);
v286 = objc_retainAutoreleasedReturnValue(v43);
objc_storeStrong((char *)&v295 + 8, v286);
for ( nn = 0; ; ++nn )
{
v216 = nn;
v44 = (unsigned __int64)objc_msgSend(v303, "length");
if ( v216 >= v44 >> 1 )
break;
v215 = (void *)*((_QWORD *)&v295 + 1);
v214 = v287;
v213 = (const char **)&selRef_length;
v45 = (char *)objc_msgSend(v287, "length");
v322 = &v45[~(signed __int64)nn];
v321 = 1LL;
v323 = &v45[~(signed __int64)nn];
v324 = 1LL;
v282 = 1LL;
v281 = &v45[~(signed __int64)nn];
v212 = 1LL;
v211 = &selRef_length;
v46 = objc_msgSend(v214, &substringWithRange_, v322, 1LL);
v47 = objc_retainAutoreleasedReturnValue(v46);
v210 = v47;
v48 = objc_msgSend(v215, "stringByAppendingString:", v47);
v49 = objc_retainAutoreleasedReturnValue(v48);
v50 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v49;
objc_release(v50);
objc_release(v210);
v51 = *v213;
v209 = (void *)*((_QWORD *)&v295 + 1);
v208 = v288;
v52 = (char *)objc_msgSend(v288, v51);
v326 = &v52[~(signed __int64)nn];
v325 = v212;
v327 = &v52[~(signed __int64)nn];
v328 = v212;
v280 = v212;
v279 = &v52[~(signed __int64)nn];
v53 = objc_msgSend(v208, v211[15], v326, v212);
v54 = objc_retainAutoreleasedReturnValue(v53);
v207 = v54;
v55 = objc_msgSend(v209, "stringByAppendingString:", v54);
v56 = objc_retainAutoreleasedReturnValue(v55);
v57 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v56;
objc_release(v57);
objc_release(v207);
}
objc_storeStrong(&v286, 0LL);
objc_storeStrong(&v287, 0LL);
objc_storeStrong(&v288, 0LL);
}
else
{
v231 = v303;
v18 = (unsigned __int64)objc_msgSend(v303, "length");
v19 = objc_msgSend(v231, "substringToIndex:", v18 >> 1);
*(_QWORD *)&v295 = objc_retainAutoreleasedReturnValue(v19);
v230 = v303;
v20 = (unsigned __int64)objc_msgSend(v303, "length");
v21 = objc_msgSend(v230, "substringFromIndex:", v20 >> 1);
v294 = (void *)objc_retainAutoreleasedReturnValue(v21);
for ( i1 = 0; ; ++i1 )
{
v229 = i1;
v22 = (unsigned __int64)objc_msgSend(v303, "length");
if ( v229 >= v22 >> 1 )
break;
v228 = (void *)*((_QWORD *)&v295 + 1);
v227 = v294;
v226 = (const char **)&selRef_length;
v23 = (char *)objc_msgSend(v294, "length");
v310 = &v23[~(signed __int64)i1];
v309 = 1LL;
v311 = &v23[~(signed __int64)i1];
v312 = 1LL;
v292 = 1LL;
v291 = &v23[~(signed __int64)i1];
v225 = 1LL;
v224 = &selRef_length;
v24 = objc_msgSend(v227, &substringWithRange_, v310, 1LL);
v25 = objc_retainAutoreleasedReturnValue(v24);
v223 = v25;
v26 = objc_msgSend(v228, "stringByAppendingString:", v25);
v27 = objc_retainAutoreleasedReturnValue(v26);
v28 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v27;
objc_release(v28);
objc_release(v223);
v29 = *v226;
v222 = v295;
v30 = (char *)objc_msgSend((void *)v295, v29);
v314 = &v30[~(signed __int64)i1];
v313 = v225;
v315 = &v30[~(signed __int64)i1];
v316 = v225;
v290 = v225;
v289 = &v30[~(signed __int64)i1];
v31 = objc_msgSend((void *)v222, v224[15], v314, v225);
v32 = objc_retainAutoreleasedReturnValue(v31);
v221 = v32;
v33 = objc_msgSend(*((void **)&v222 + 1), "stringByAppendingString:", v32);
v34 = objc_retainAutoreleasedReturnValue(v33);
v35 = *((_QWORD *)&v295 + 1);
*((_QWORD *)&v295 + 1) = v34;
objc_release(v35);
objc_release(v221);
}
objc_storeStrong(&v294, 0LL);
objc_storeStrong(&v295, 0LL);
}
v381 = *((_QWORD *)&v295 + 1);
v151 = objc_msgSend(v300, (const char *)&unk_1904A27C2, 1LL);
v382 = objc_retainAutoreleasedReturnValue(v151);
v156 = v382;
v152 = objc_msgSend(&OBJC_CLASS___NSArray, &arrayWithObjects_count_, &v381, 2LL);
v308 = objc_retainAutoreleasedReturnValue(v152);
objc_release(v156);
v304 = 1;
objc_storeStrong((char *)&v295 + 8, 0LL);
objc_storeStrong(&v300, 0LL);
objc_storeStrong(&v301, 0LL);
objc_storeStrong(&v303, 0LL);
}
else
{
v383 = &stru_100108878;
v384 = &stru_100108878;
v3 = objc_msgSend(&OBJC_CLASS___NSArray, &arrayWithObjects_count_, &v383, 2LL);
v308 = objc_retainAutoreleasedReturnValue(v3);
v304 = 1;
}
objc_storeStrong(&v305, 0LL);
result = (id)objc_autoreleaseReturnValue(v308);
v155 = result;
if ( v385 == 4423598488041029675LL )
result = v155;
return result;
}
第二是计算IDFA的MD5后生成一个did的字段:
id __cdecl IDFA_MD5(BlGpxJxgAacxme *self, SEL a2, id a3)
{
BlGpxJxgAacxme *v77; // [xsp+118h] [xbp-48h]
v77 = self;
v76 = a2;
IDFA = 0LL;
objc_storeStrong(&IDFA, a3);
v3 = (void *)objc_alloc(&OBJC_CLASS___xxxNxNxxfRxxxx);
v74 = objc_msgSend(v3, (const char *)&unk_1904A15CF);
v4 = ((id (__cdecl *)(EdkxBSqSeZInGK_meta *, SEL, id))objc_msgSend)(
(EdkxBSqSeZInGK_meta *)&OBJC_CLASS___EdkxBSqSeZInGK,
"xRtnOPpipxtpxx:",
(id)CFSTR("Q9h/cD7zftP12bKwl7eWdQ=="));// 常量字符串"superrise"
superrise = objc_retainAutoreleasedReturnValue(v4);
v43 = superrise;
v42 = IDFA;
v5 = objc_msgSend(&OBJC_CLASS___NSString, (const char *)&unk_1904A1C2A, CFSTR("%@%@"), IDFA, superrise);
IDFA_superrise = objc_retainAutoreleasedReturnValue(v5);
v72 = IDFA_superrise;
v7 = objc_msgSend(v74, "CyxQVxxkxxOyhf:", IDFA_superrise);// md5
IDAmd5 = (void *)objc_retainAutoreleasedReturnValue(v7);
v71 = (__int64)IDAmd5;
v9 = objc_msgSend(IDAmd5, &::uppercaseString);// MD5字符串转换成大小
md5_uppercaseString = objc_retainAutoreleasedReturnValue(v9);
uppercaseString = md5_uppercaseString;
v11 = (void *)objc_retainAutorelease(md5_uppercaseString);
MD5UTF8String = (char *)objc_msgSend(v11, &UTF8String);
v68 = 0;
for ( i = 0; i <= 17; ++i )
v68 += MD5UTF8String[i]; // 字符相加为did倒数第二位,最后一位为固定的00
v42 = v68;
v65 = &selRef_length;
v64 = &selRef_length;
v12 = objc_msgSend(&OBJC_CLASS___NSString, (const char *)&unk_1904A1C2A, CFSTR("%02x"), v68);
v13 = (void *)objc_retainAutoreleasedReturnValue(v12);
v66 = v13;
v63 = v13;
v14 = (char *)objc_msgSend(v13, &length); // substringFromIndex:
v15 = objc_msgSend(v63, &aSubstringfromi, v14 - 2);
v16 = objc_retainAutoreleasedReturnValue(v15);
v17 = (__int64)v66;
v66 = (void *)v16;
objc_release(v17);
v18 = v65[377];
v19 = *MD5UTF8String;//取MD5值前17位做为did组合
v20 = MD5UTF8String[1];
v21 = MD5UTF8String[2];
v22 = MD5UTF8String[3];
v23 = MD5UTF8String[4];
v24 = MD5UTF8String[5];
v25 = MD5UTF8String[6];
v26 = MD5UTF8String[7];
v27 = MD5UTF8String[8];
v28 = MD5UTF8String[9];
v29 = MD5UTF8String[10];
v30 = MD5UTF8String[11];
v31 = MD5UTF8String[12];
v32 = MD5UTF8String[13];
v33 = MD5UTF8String[14];
v34 = MD5UTF8String[15];
v35 = MD5UTF8String[16];
v36 = MD5UTF8String[17];
v37 = v64[6];
v60 = v66;
v59 = v36;
v58 = v35;
v57 = v34;
v56 = v33;
v55 = v32;
v54 = v31;
v53 = v30;
v52 = v29;
v51 = v28;
v50 = v27;
v49 = v26;
v48 = v25;
v47 = v24;
v46 = v23;
v45 = v22;
v44 = v21;
v43 = v20;
v42 = v19;
v38 = objc_msgSend( // 组合格式
v18,
v37,
CFSTR("%c%c%c%c%c%c:%c%c%c%c%c%c:%c%c%c%c%c%c:%@00"),
v19,
v20,
v21,
v22,
v23,
v24,
v25,
v26,
v27,
v28,
v29,
v30,
v31,
v32,
v33,
v34,
v35,
v36,
v66);
v39 = objc_retainAutoreleasedReturnValue(v38);
v40 = v71;
v71 = v39;
objc_release(v40);
v62 = objc_retain(v71);
v61 = 0LL;
objc_storeStrong(&v66, 0LL);
objc_storeStrong(&uppercaseString, v61);
objc_storeStrong(&v71, v61);
objc_storeStrong(&v72, v61);
objc_storeStrong(&superrise, v61);
objc_storeStrong(&v74, v61);
objc_storeStrong(&IDFA, v61);
return (id)objc_autoreleaseReturnValue(v62);
}
还有一个自己生成的ID为simulateIDFA,主要是获取设备硬件设备与系统信息来生成,生成方式:
id __cdecl +[EHxafchbxeRxxx vrGUKfbxUmxRjM](EHxafchbxeRxxx_meta *self, SEL a2)
{
__int64 v2; // x0
__int64 v3; // x0
__int64 v4; // x0
__int64 v5; // x0
__int64 v6; // x0
__int64 systemHardwareInfo; // x0
__int64 v8; // x0
__int64 disk; // x0
void *v10; // x0
void *v11; // x0
unsigned __int8 *v12; // x2
unsigned __int8 *v13; // x2
__int64 v14; // x0
id result; // x0
__int64 v16; // [xsp+0h] [xbp-C0h]
__int64 v17; // [xsp+8h] [xbp-B8h]
__int64 v18; // [xsp+10h] [xbp-B0h]
__int64 v19; // [xsp+18h] [xbp-A8h]
struct objc_object *v20; // [xsp+28h] [xbp-98h]
__int64 v21; // [xsp+30h] [xbp-90h]
__int64 simulateIDFA; // [xsp+40h] [xbp-80h]
unsigned __int8 *deviceinfo2; // [xsp+48h] [xbp-78h]
unsigned __int8 *deviceinfo1; // [xsp+50h] [xbp-70h]
__int64 disk_1; // [xsp+58h] [xbp-68h]
__int64 systemFileTime; // [xsp+60h] [xbp-60h]
__int64 systemHardwareInfo_1; // [xsp+68h] [xbp-58h]
__int64 systemVersion; // [xsp+70h] [xbp-50h]
__int64 deviceName; // [xsp+78h] [xbp-48h]
__int64 language; // [xsp+80h] [xbp-40h]
__int64 countryCode; // [xsp+88h] [xbp-38h]
__int64 v32; // [xsp+90h] [xbp-30h]
SEL v33; // [xsp+98h] [xbp-28h]
EHxafchbxeRxxx_meta *v34; // [xsp+A0h] [xbp-20h]
char md52; // [xsp+A8h] [xbp-18h]
char MD51; // [xsp+B0h] [xbp-10h]
__int64 v37; // [xsp+B8h] [xbp-8h]
v34 = self;
v33 = a2;
v2 = sysctl_FxxFSExIxxWPJx();
v32 = objc_retainAutoreleasedReturnValue(v2);
v3 = ::countryCode();
countryCode = objc_retainAutoreleasedReturnValue(v3);
v4 = ::language();
language = objc_retainAutoreleasedReturnValue(v4);
v5 = ::deviceName();
deviceName = objc_retainAutoreleasedReturnValue(v5);
v6 = ::systemVersion();
systemVersion = objc_retainAutoreleasedReturnValue(v6);
systemHardwareInfo = ::systemHardwareInfo();
systemHardwareInfo_1 = objc_retainAutoreleasedReturnValue(systemHardwareInfo);
v8 = ::systemFileTime();
systemFileTime = objc_retainAutoreleasedReturnValue(v8);
disk = ::disk();
disk_1 = objc_retainAutoreleasedReturnValue(disk);
v19 = deviceName;
v18 = language;
v17 = countryCode;
v16 = v32;
v10 = objc_msgSend(
&OBJC_CLASS___NSString,
"stringWithFormat:",
CFSTR("%@,%@,%@,%@"),
v32,
countryCode,
language,
deviceName);
deviceinfo1 = (unsigned __int8 *)objc_retainAutoreleasedReturnValue(v10);
v19 = disk_1;
v18 = systemFileTime;
v17 = systemHardwareInfo_1;
v16 = systemVersion;
v11 = objc_msgSend(
&OBJC_CLASS___NSString,
"stringWithFormat:",
CFSTR("%@,%@,%@,%@"),
systemVersion,
systemHardwareInfo_1,
systemFileTime,
disk_1);
deviceinfo2 = (unsigned __int8 *)objc_retainAutoreleasedReturnValue(v11);
MD5_16(deviceinfo1, (size_t)&MD51, v12); //计算MD5
MD5_16(deviceinfo2, (size_t)&md52, v13);//计算MD5
v14 = combineTwoFingerPrint(&md52, &MD51);//计算出simulateIDFA
simulateIDFA = objc_retainAutoreleasedReturnValue(v14);
v21 = objc_retain(simulateIDFA);
objc_storeStrong(&simulateIDFA, 0LL);
objc_storeStrong(&deviceinfo2, 0LL);
objc_storeStrong(&deviceinfo1, 0LL);
objc_storeStrong(&disk_1, 0LL);
objc_storeStrong(&systemFileTime, 0LL);
objc_storeStrong(&systemHardwareInfo_1, 0LL);
objc_storeStrong(&systemVersion, 0LL);
objc_storeStrong(&deviceName, 0LL);
objc_storeStrong(&language, 0LL);
objc_storeStrong(&countryCode, 0LL);
objc_storeStrong(&v32, 0LL);
result = (id)objc_autoreleaseReturnValue(v21);
v20 = result;
if ( __stack_chk_guard == v37 )
result = v20;
return result;
}
所有采集信息与加密完成后字段组合成JSON格式:
{
"FU2": "r6s0l;Tim",
"fC8": "fb1536d4411ddbf632d49ddf14eeefb0",
"RQ5": ";97",
"PJ2": "2",
"mi1": {//SIM卡信息
"mE1": "",
"xX9": "",
"Uc4": "+9cmRoTSYyKLhgs5",
"nO8": ""
},
"tJ3": 1602896191800537,
"Hg2": { //代理
"kCFProxyPortNumberKey": 8888,
"kCFProxyTypeKey": "kCFProxyTypeHTTP",
"kCFProxyHostNameKey": "172.29.257.1"
},
"ZY9": "WIFI",
"lo7": "2016-10-2720:49:30+0000,2016-10-2720:49:30+0000",
"gy8": "7JJIIE8I1:<GE6EI:41J6J8177:F;74E:19",//IDFA(加密)
"XE3": ["5=26;2666;25", "26:65622445"], //ip内网,外网
"ou5": 1600408345,
"En9": { //bssd
"sl2": "awr410BcvZM=",
"bO4": "8hj=>>g9>h9>54>f",
"sb4O": "2b38c2d"
},
"ms1": {
"bt3": "ARM64",
"RH9": 2
},
"nC9": "5s;m6x6e4gEm<pItEtGE735e1x;eHH<3=w1v8i5r<m8e1xJr<s9G931i:p9mIf<sEq=34v=e3zr3",
"sg8y": "850af92",
"Hq2": 1,
"mM3": 3,
"kn7": "dj\/jzHEKq9Vp",
"Be8": "197619.815213625",
"NA8": false,
"Wm7": 4,
"th1": 1603093803,
"BP1": "1.",
"at9": {
"bB8": 1037041664,
"vB9": 12460032,
"IW2": 737607680
},
"AI3": ["zh-Hans-CN"],
"Pq2": { //经纬度
"lat": 0,
"lng": 0,
"alt": 0
},
"Gd9": true,
"TV5": 1602896191,
"tf8": {
"sj2s": "89885ff",
"js2": "<64F958:16=HFG66JG184E<16JIEIH;E;15", //idfv(加密)
"zT2": ";=<i=865j76e8:788;=7<:j56e6i<jjjj7h<:e:6",
"sf2W": "850af92",
"fW2": "7JJIIE8I1:<GE6EI:41J6J8177:F;74E:19", //idfa(加密)
"qH4": ";5769EHFH1G9FJ:6H9:1GF8:1H=JI<9;H<1E",//idfa(加密)
"se1": "A52E1D:6CE264:FA1A3D:2c00" //idfa (加密)
},
"oF8": 0.2867721915245056,
"OW5": "2.2",
"GI7": {
"AI7": "7i:g>:59:>5==;>e>84><gi<j" //ipv6(加密)
},
"Gl1": "iOS",
"LW5": "",
"jN2": { //ip、mac
"mT1": "5=26;2666;25",
"jP2": ">jjjj>>jjjj>>jjjj",
"LZ5": "fe46>>5f>6;>fg>h", //mac(加密)
"sL5Z": "4f28480"
},
"VR1": 1600408243,
"zv7": false,
"BBB": "v1.0",
"xs6": false, //是否被修复
"Fx4": {
"AI7": "e9<e>;i:8>gegg>i>j4><jijj"//本地IP(加密)
},
"Pm4": "A52E1D:6CE264:XXXXXX:2c00",
"AAA": "v1.0",
"jj5": {
"did": "A52E1D:6CE264:XXXXXX:2c00",
"idfa": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX",
"idfv": "177EE280-F2B9-4508-ADAF-A4C2CDXXXXXX",
"gy8": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX",
"simulateIDFA": "A878FD6B-52F5-BA21-D5E9-4C6D6BXXXXXX",//设备信息组合的MD5值转换得来
"OpenUDID": "2a83ffea163746a314e966dff822f89434XXXXXX"
},
"go4": 6,
"kU4": "1exhv_shuzilm_cn",
"tP9": "10.1.1",
"RP5": 47865,
"bj9": "1.8.9",
"bk6": {
"qA4": 8853983232,
"uu2": 12075954176
},
"identifierPrefix": 4,
"eK5": "tEt9e4298;2;732r6szm3x;e4gGm;p=t=t6E435i6p6h:r1yHFG3:wEv1i:r5m=e8x1r4s7g<36v1e8z:3",//签名信息(加密)
//CFBundleIdentifier CFBundleName CFBundleVersion /var/containers/Bundle/Application/77505A64-2830-4916-A6CD-622102997C07/v2.3.4.app
"mT5": 4,
"Ke6": "com.ADpro.testios",
"hL4": ":;:",
"Wt9": false,
"HJ2": false,
"Ih2": "2.3.4",
"LZ3": {
"did": "A52E1D:6CE264:FA1A3D:2c00",
"idfa": "56076342-6AA8-4EF3-A3B3-FF0E2CXXXXXX",
"idfv": "177EE280-F2B9-4508-ADAF-A4C2CXXXXXXX",
"gy8": "56076342-6AA8-4EF3-A3B3-FF0E2XXXXXXX",
"simulateIDFA": "A878FD6B-52F5-BA21-D5E9-4C6D6BXXXXXX",
"OpenUDID": "2a83ffea163746a314e966dff822f8943XXXXXX"
},
"NP1": "v2.3.4",
"zk4": []
}
3、将组合的信息整体压缩加密发送给服务器
//压缩
id __cdecl compress(EdkxBSqSeZInGK *self, SEL a2, id a3)
{
void *v3; // x0
void *v4; // x0
__int64 v6; // [xsp+10h] [xbp-50h]
Bytef *dest; // [xsp+18h] [xbp-48h]
size_t destLen; // [xsp+20h] [xbp-40h]
Bytef *source; // [xsp+28h] [xbp-38h]
uLong sourceLen; // [xsp+30h] [xbp-30h]
int v11; // [xsp+3Ch] [xbp-24h]
void *v12; // [xsp+40h] [xbp-20h]
SEL v13; // [xsp+48h] [xbp-18h]
EdkxBSqSeZInGK *v14; // [xsp+50h] [xbp-10h]
__int64 v15; // [xsp+58h] [xbp-8h]
v14 = self;
v13 = a2;
v12 = 0LL;
objc_storeStrong(&v12, a3);
if ( v12 )
{
sourceLen = (uLong)objc_msgSend(v12, (const char *)&unk_190A338EE);
v3 = (void *)objc_retainAutorelease(v12);
source = (Bytef *)objc_msgSend(v3, (const char *)&unk_190A3FE27);
destLen = compressBound(sourceLen);
dest = (Bytef *)malloc(destLen);
__memset_chk(dest, 0LL, destLen, -1LL);
compress(dest, &destLen, source, sourceLen);
v4 = objc_msgSend(&OBJC_CLASS___NSData, (const char *)&unk_190A40F5D, dest, destLen);
v6 = objc_retainAutoreleasedReturnValue(v4);
free(dest);
v15 = objc_retain(v6);
v11 = 1;
objc_storeStrong(&v6, 0LL);
}
else
{
v15 = 0LL;
v11 = 1;
}
objc_storeStrong(&v12, 0LL);
return (id)objc_autoreleaseReturnValue(v15);
}
//加密
id __cdecl encdata(EdkxBSqSeZInGK *self, SEL a2, id a3, id a4)
{
id v4; // ST58_8
void *v5; // x0
void *v6; // ST28_8
void *v7; // x0
__int64 v9; // [xsp+68h] [xbp-78h]
void *v10; // [xsp+70h] [xbp-70h]
char *v11; // [xsp+78h] [xbp-68h]
char *v12; // [xsp+80h] [xbp-60h]
void *v13; // [xsp+88h] [xbp-58h]
void *v14; // [xsp+90h] [xbp-50h]
SEL v15; // [xsp+98h] [xbp-48h]
EdkxBSqSeZInGK *v16; // [xsp+A0h] [xbp-40h]
__int64 v17; // [xsp+A8h] [xbp-38h]
char v18; // [xsp+B7h] [xbp-29h]
__int64 v19; // [xsp+D8h] [xbp-8h]
v19 = -3431741228743327694LL;
v16 = self;
v15 = a2;
v14 = 0LL;
v4 = a4;
objc_storeStrong(&v14, a3);
v13 = 0LL;
objc_storeStrong(&v13, v4);
memset(&v18, 0, 0x21uLL);
objc_msgSend(v13, (const char *)&unk_190A7E24F, &v18, 33LL, 4LL);
v12 = (char *)objc_msgSend(v14, (const char *)&unk_190A338EE);
v11 = v12 + 16;
v10 = malloc((size_t)(v12 + 16));
v9 = 0LL;
v5 = (void *)objc_retainAutorelease(v14);
v6 = objc_msgSend(v5, (const char *)&unk_190A3FE27);
if ( (unsigned int)CCCrypt(0LL, 0LL, 3LL, &v18, 16LL, 0LL, v6, v12, v10, v12 + 16, &v9) )
{
free(v10);
v17 = 0LL;
}
else
{
v7 = objc_msgSend(&OBJC_CLASS___NSData, (const char *)&unk_190A84C9A, v10, v9);
v17 = objc_retainAutoreleasedReturnValue(v7);
}
objc_storeStrong(&v13, 0LL);
objc_storeStrong(&v14, 0LL);
return (id)objc_autoreleaseReturnValue(v17);
}
4、请求网络返回并解密获取ID
__text:0000000100121EE4 1C 73 00 94 BL _objc_msgSend
__text:0000000100121EE8 48 01 00 B0 ADRP X8, #selRef_sendSynchronousRequest_returningResponse_error_@PAGE
__text:0000000100121EEC 08 21 17 91 ADD X8, X8, #selRef_sendSynchronousRequest_returningResponse_error_@PAGEOFF
__text:0000000100121EF0 49 01 00 B0 ADRP X9, #classRef_NSURLConnection@PAGE
__text:0000000100121EF4 29 C1 33 91 ADD X9, X9, #classRef_NSURLConnection@PAGEOFF
__text:0000000100121EF8 0B 00 80 D2 MOV X11, #0
__text:0000000100121EFC AB 03 19 F8 STUR X11, [X29,#var_78+8]
__text:0000000100121F00 0B 00 80 D2 MOV X11, #0
__text:0000000100121F04 AB 83 18 F8 STUR X11, [X29,#var_78]
__text:0000000100121F08 29 01 40 F9 LDR X9, [X9] ; _OBJC_CLASS_$_NSURLConnection
__text:0000000100121F0C AB 83 5A F8 LDUR X11, [X29,#var_58]
__text:0000000100121F10 AC 83 58 F8 LDUR X12, [X29,#var_78]
__text:0000000100121F14 AC 83 17 F8 STUR X12, [X29,#var_90+8]
__text:0000000100121F18 AC 03 59 F8 LDUR X12, [X29,#var_78+8]
__text:0000000100121F1C AC 03 17 F8 STUR X12, [X29,#var_90]
__text:0000000100121F20 01 01 40 F9 LDR X1, [X8] ; unk_18ACDDA2B ; char *
__text:0000000100121F24 E0 03 09 AA MOV X0, X9 ; void *
__text:0000000100121F28 E2 03 0B AA MOV X2, X11
__text:0000000100121F2C A3 23 02 D1 SUB X3, X29, #-(var_90+8)
__text:0000000100121F30 A4 43 02 D1 SUB X4, X29, #-var_90
__text:0000000100121F34 08 73 00 94 BL _objc_msgSend ; 发送网络请求
__text:0000000100121F38 FD 03 1D AA MOV X29, X29
//解密返回数据
__text:0000000100117EE4 FF C3 03 D1 SUB SP, SP, #0xF0
__text:0000000100117EE8 FD 7B 0E A9 STP X29, X30, [SP,#0xE0+var_s0]
__text:0000000100117EEC FD 83 03 91 ADD X29, SP, #0xE0
__text:0000000100117EF0 68 01 00 B0 ADRP X8, #___stack_chk_guard_ptr@PAGE
__text:0000000100117EF4 08 41 40 F9 LDR X8, [X8,#___stack_chk_guard_ptr@PAGEOFF]
__text:0000000100117EF8 08 01 40 F9 LDR X8, [X8]
__text:0000000100117EFC 69 01 00 B0 ADRP X9, #___stack_chk_guard_ptr@PAGE
__text:0000000100117F00 29 41 40 F9 LDR X9, [X9,#___stack_chk_guard_ptr@PAGEOFF]
__text:0000000100117F04 29 01 40 F9 LDR X9, [X9]
__text:0000000100117F08 A9 83 1F F8 STUR X9, [X29,#var_8]
__text:0000000100117F0C A0 03 1C F8 STUR X0, [X29,#var_40]
__text:0000000100117F10 A1 83 1B F8 STUR X1, [X29,#var_48]
__text:0000000100117F14
__text:0000000100117F14 loc_100117F14
__text:0000000100117F14 09 00 80 D2 MOV X9, #0
__text:0000000100117F18 A9 03 1B F8 STUR X9, [X29,#var_50]
__text:0000000100117F1C A9 43 01 D1 SUB X9, X29, #-var_50
__text:0000000100117F20 E0 03 09 AA MOV X0, X9
__text:0000000100117F24 E1 03 02 AA MOV X1, X2
__text:0000000100117F28 E3 2F 00 F9 STR X3, [SP,#0xE0+var_88]
__text:0000000100117F2C E8 2B 00 F9 STR X8, [SP,#0xE0+var_90]
__text:0000000100117F30 2A 9B 00 94 BL _objc_storeStrong
__text:0000000100117F34 08 00 80 D2 MOV X8, #0
__text:0000000100117F38 A8 83 1A F8 STUR X8, [X29,#var_58]
__text:0000000100117F3C A8 63 01 D1 SUB X8, X29, #-var_58
__text:0000000100117F40 E9 2F 40 F9 LDR X9, [SP,#0xE0+var_88]
__text:0000000100117F44 E0 03 08 AA MOV X0, X8
__text:0000000100117F48 E1 03 09 AA MOV X1, X9
__text:0000000100117F4C 23 9B 00 94 BL _objc_storeStrong
__text:0000000100117F50 88 01 00 F0 ADRP X8, #selRef_getCString_maxLength_encoding_@PAGE
__text:0000000100117F54 08 81 02 91 ADD X8, X8, #selRef_getCString_maxLength_encoding_@PAGEOFF
__text:0000000100117F58
__text:0000000100117F58 loc_100117F58
__text:0000000100117F58 A9 A7 00 D1 SUB X9, X29, #-var_29
__text:0000000100117F5C E0 03 09 AA MOV X0, X9 ; void *
__text:0000000100117F60
__text:0000000100117F60 loc_100117F60
__text:0000000100117F60 0A 00 80 52 MOV W10, #0
__text:0000000100117F64
__text:0000000100117F64 loc_100117F64
__text:0000000100117F64 41 1D 00 53 UXTB W1, W10
__text:0000000100117F68 22 04 80 D2 MOV X2, #0x21 ; size_t
__text:0000000100117F6C E8 27 00 F9 STR X8, [SP,#0xE0+var_98]
__text:0000000100117F70 E9 23 00 F9 STR X9, [SP,#0xE0+var_A0]
__text:0000000100117F74 C8 9A 00 94 BL _memset
__text:0000000100117F78
__text:0000000100117F78 loc_100117F78
__text:0000000100117F78 A8 83 5A F8 LDUR X8, [X29,#var_58]
__text:0000000100117F7C E9 27 40 F9 LDR X9, [SP,#0xE0+var_98]
__text:0000000100117F80 21 01 40 F9 LDR X1, [X9] ; char *
__text:0000000100117F84 2A 04 80 52 MOV W10, #0x21
__text:0000000100117F88 E3 03 0A AA MOV X3, X10
__text:0000000100117F8C
__text:0000000100117F8C loc_100117F8C
__text:0000000100117F8C 8A 00 80 52 MOV W10, #4
__text:0000000100117F90 E4 03 0A AA MOV X4, X10
__text:0000000100117F94 E0 03 08 AA MOV X0, X8 ; void *
__text:0000000100117F98 E2 23 40 F9 LDR X2, [SP,#0xE0+var_A0]
__text:0000000100117F9C EE 9A 00 94 BL _objc_msgSend
__text:0000000100117FA0 88 01 00 F0 ADRP X8, #selRef_length@PAGE
__text:0000000100117FA4 08 01 00 91 ADD X8, X8, #selRef_length@PAGEOFF
__text:0000000100117FA8 A9 03 5B F8 LDUR X9, [X29,#var_50]
__text:0000000100117FAC 01 01 40 F9 LDR X1, [X8] ; "length" ; char *
__text:0000000100117FB0 E0 3F 00 B9 STR W0, [SP,#0xE0+var_A4]
__text:0000000100117FB4 E0 03 09 AA MOV X0, X9 ; void *
__text:0000000100117FB8 E7 9A 00 94 BL _objc_msgSend
__text:0000000100117FBC A0 03 1A F8 STUR X0, [X29,#var_60]
__text:0000000100117FC0 A8 03 5A F8 LDUR X8, [X29,#var_60]
__text:0000000100117FC4 08 41 00 91 ADD X8, X8, #0x10
__text:0000000100117FC8 A8 83 19 F8 STUR X8, [X29,#var_68]
__text:0000000100117FCC A0 83 59 F8 LDUR X0, [X29,#var_68]
__text:0000000100117FD0 A8 9A 00 94 BL _malloc
__text:0000000100117FD4 A3 A7 00 D1 SUB X3, X29, #-var_29
__text:0000000100117FD8 E0 3B 00 F9 STR X0, [SP,#0xE0+var_70]
__text:0000000100117FDC FF 37 00 F9 STR XZR, [SP,#0xE0+var_78]
__text:0000000100117FE0 A8 03 5B F8 LDUR X8, [X29,#var_50]
__text:0000000100117FE4 E0 03 08 AA MOV X0, X8
__text:0000000100117FE8 E3 1B 00 F9 STR X3, [SP,#0xE0+var_B0]
__text:0000000100117FEC E9 9A 00 94 BL _objc_retainAutorelease
__text:0000000100117FF0 88 01 00 F0 ADRP X8, #selRef_bytes@PAGE
__text:0000000100117FF4 08 21 02 91 ADD X8, X8, #selRef_bytes@PAGEOFF
__text:0000000100117FF8 01 01 40 F9 LDR X1, [X8] ; "bytes" ; char *
__text:0000000100117FFC D6 9A 00 94 BL _objc_msgSend
__text:0000000100118000 A7 03 5A F8 LDUR X7, [X29,#var_60]
__text:0000000100118004 E8 3B 40 F9 LDR X8, [SP,#0xE0+var_70]
__text:0000000100118008 A9 83 59 F8 LDUR X9, [X29,#var_68]
__text:000000010011800C 2A 00 80 52 MOV W10, #1
__text:0000000100118010 E0 17 00 F9 STR X0, [SP,#0xE0+var_B8]
__text:0000000100118014 E0 03 0A AA MOV X0, X10
__text:0000000100118018 0A 00 80 52 MOV W10, #0
__text:000000010011801C E1 03 0A AA MOV X1, X10
__text:0000000100118020 62 00 80 52 MOV W2, #3
__text:0000000100118024 E3 1B 40 F9 LDR X3, [SP,#0xE0+var_B0]
__text:0000000100118028 04 02 80 D2 MOV X4, #0x10
__text:000000010011802C 0B 00 80 D2 MOV X11, #0
__text:0000000100118030 E5 03 0B AA MOV X5, X11
__text:0000000100118030 ; End of function DecString_3
__text:0000000100118030
__text:0000000100118034
__text:0000000100118034 loc_100118034
__text:0000000100118034 E6 17 40 F9 LDR X6, [SP,#0x28]
__text:0000000100118038 E8 03 00 F9 STR X8, [SP]
__text:000000010011803C E9 07 00 F9 STR X9, [SP,#8]
__text:0000000100118040 E8 A3 01 91 ADD X8, SP, #0x68
__text:0000000100118044 E8 0B 00 F9 STR X8, [SP,#0x10]
__text:0000000100118048 A6 99 00 94 BL _CCCrypt ; 解密
__text:000000010011804C E0 67 00 B9 STR W0, [SP,#0x64]
__text:0000000100118050 EA 67 40 B9 LDR W10, [SP,#0x64]
__text:0000000100118054 2A 02 00 35 CBNZ W10, loc_100118098
__text:0000000100118058 88 01 00 D0 ADRP X8, #selRef_dataWithBytesNoCopy_length_@PAGE
__text:000000010011805C 08 A1 02 91 ADD X8, X8, #selRef_dataWithBytesNoCopy_length_@PAGEOFF
__text:0000000100118060 89 01 00 D0 ADRP X9, #classRef_NSData@PAGE
__text:0000000100118064 29 61 2F 91 ADD X9, X9, #classRef_NSData@PAGEOFF
__text:0000000100118068 29 01 40 F9 LDR X9, [X9] ; _OBJC_CLASS_$_NSData
__text:000000010011806C E2 3B 40 F9 LDR X2, [SP,#0x70]
__text:0000000100118070 E3 37 40 F9 LDR X3, [SP,#0x68]
__text:0000000100118074 01 01 40 F9 LDR X1, [X8] ; unk_190A84C9A
__text:0000000100118078 E0 03 09 AA MOV X0, X9
__text:000000010011807C B6 9A 00 94 BL _objc_msgSend
__text:0000000100118080 FD 03 1D AA MOV X29, X29
__text:0000000100118084 C9 9A 00 94 BL _objc_retainAutoreleasedReturnValue
__text:0000000100118088 A0 83 1C F8 STUR X0, [X29,#-0x38]
__text:000000010011808C 2A 00 80 52 MOV W10, #1
__text:0000000100118090 EA 63 00 B9 STR W10, [SP,#0x60]
__text:0000000100118094 07 00 00 14 B loc_1001180B0
__text:0000000100118098
__text:0000000100118098 loc_100118098
__text:0000000100118098 E0 3B 40 F9 LDR X0, [SP,#0x70]
__text:000000010011809C 39 9A 00 94 BL _free
__text:00000001001180A0 08 00 80 D2 MOV X8, #0
__text:00000001001180A4 A8 83 1C F8 STUR X8, [X29,#-0x38]
__text:00000001001180A8 29 00 80 52 MOV W9, #1
__text:00000001001180AC E9 63 00 B9 STR W9, [SP,#0x60]
__text:00000001001180B0
__text:00000001001180B0 loc_1001180B0
__text:00000001001180B0 A8 63 01 D1 SUB X8, X29, #0x58
__text:00000001001180B4 E0 03 08 AA MOV X0, X8
__text:00000001001180B8 08 00 80 D2 MOV X8, #0
__text:00000001001180BC E1 03 08 AA MOV X1, X8
__text:00000001001180C0 C6 9A 00 94 BL _objc_storeStrong
__text:00000001001180C4 A8 43 01 D1 SUB X8, X29, #0x50
__text:00000001001180C8 E0 03 08 AA MOV X0, X8
__text:00000001001180CC 08 00 80 D2 MOV X8, #0
__text:00000001001180D0 E1 03 08 AA MOV X1, X8
__text:00000001001180D4 C1 9A 00 94 BL _objc_storeStrong
__text:00000001001180D8 A8 83 5C F8 LDUR X8, [X29,#-0x38]
__text:00000001001180DC E0 03 08 AA MOV X0, X8
__text:00000001001180E0 79 9A 00 94 BL _objc_autoreleaseReturnValue
__text:00000001001180E4 68 01 00 90 ADRP X8, #___stack_chk_guard_ptr@PAGE
__text:00000001001180E8 08 41 40 F9 LDR X8, [X8,#___stack_chk_guard_ptr@PAGEOFF]
__text:00000001001180EC 08 01 40 F9 LDR X8, [X8]
__text:00000001001180F0 A9 83 5F F8 LDUR X9, [X29,#-8]
__text:00000001001180F4 1F 01 09 EB CMP X8, X9
__text:00000001001180F8 E0 13 00 F9 STR X0, [SP,#0x20]
__text:00000001001180FC A1 00 00 54 B.NE loc_100118110
__text:0000000100118100 E0 13 40 F9 LDR X0, [SP,#0x20]
__text:0000000100118104 FD 7B 4E A9 LDP X29, X30, [SP,#0xE0]
__text:0000000100118108 FF C3 03 91 ADD SP, SP, #0xF0
__text:000000010011810C C0 03 5F D6 RET
最终得到服务器返回解密后的结果:
{
"err": 0,
"rid": "A52E1D:6CE264:XXXXXX:2c00",
"cdd": "D2HkrQluKgF0FRDGLsNm/npb8l+x3ZJKlCHXf3aQ4XXXXXX",
"cck": "194",
"rdm": "177",
"qid": "56076342-6AA8-4EF3-A3B3-FF0E2XXXXXX"
}
rid: 终端通过IDFA生成的did。
cdd:服务器下发的可信ID。
qid: 终端IDFA。
1、通过修IDFA与硬件属性返回新ID。
2、替换成指定机器的信息返回对应的可信ID。
3、基于历史存量可信ID也不能100%补全。
4、在刷机后可信ID稳定性在50%左右。
1、对于推送广告的平台,有了这ID,就能把一个用户研究地明明白白,它比你妈妈都知道你在什么时候需要“穿上一条秋裤”了。但是面对IOS 14的严格限制该产品的可信ID效果也会大打折扣。
2、在安全方面该产品只做了字符串加密、类名、方法名混淆,安全能力稍显不足。