当前位置: 首页 > 工具软件 > PHPFetion > 使用案例 >

fetion

陈淳
2023-12-01

  1. 用户向服务器发送get请求,获取sip和ssic
  • 服务器返回如下信息: 

  • HTTPMessage: Date: Mon, 17 May 2010 04:39:09 GMT

  • Server: Microsoft-IIS/6.0

  • X-AspNet-Version: 2.0.50727

  • Set-Cookie: ssic=DhIOAADSatQxhddLQSDjDno5AHKr/4fQ7i9mqAzjXsH74h1UWRerWJqPpo5YLIs0CoMrWDmEIVb/FO9KBDzvb1SJ7qJuLfkrGMhVgxrJnMEtnG3VD1uoBEqOQ+eXE5/MqtCgIpMAAA==; path=/

  • Cache-Control: private

  • Content-Type: text/html; charset=utf-8

  • Content-Length: 219 

   <?xml version="1.0" encoding="utf-8" ?>

   <results status-code="200">

  • <user uri=sip:592252757@fetion.com.cn;p=1630 mobile-no="13572997414" user-status="101" user-id="420232113">

  • <credentials></credentials>

  • </user>

   </results> 

  • 记录sip和ssic,后面要用到。 

  1. 向221.176.31.45:8080发送数据,获取nonce
  • F: 592252757       //这个是飞信号

  • I: 1                 //这个应该是会话编号

  • Q: 1 R

  • L: 336              //数据内容的长度 

  • <args><device type="PC" version="327249223" client-version="3.5.2560" /><caps value="simple-im;im-session;temp-group;personal-group;im-relay;xeno-im;direct-sms;sms2fetion" /><events value="contact;permission;system-message;personal-group;compact" /><user-info attributes="all" /><presence><basic value="400" desc="" /></presence></args> 

  • 服务器返回如下信息:

   SIP-C/2.0 401 Unauthoried

   F: 592252757

   I: 1

   Q: 1 R

  • W: Digest algorithm="MD5-sess;SHA1-sess",nonce="2A403D5F718C8CDB67D9D367447507E9" 

  • 记录下nonce,下面会用到。 

  1. 向221.176.31.45:8080发送response:
  • F: 592252757

  • I: 1

  • Q: 2 R

  • A: Digest algorithm="SHA1-sess",response="88EDC599066D6B775CCF4E91637D4A0F",cnonce="627D247341E2C76B51553F413EACB75C",salt="777A6D03",ssic="DhIOAAD+RGauOHll++PD+iSpJwSjgSio8mf1v0pWOKfF8a4YG+i8lP1JfYOYTzbIEVGXYMjqXwxH+nWN5G54oE0o1R4yAHbyoVS4lAFBAazv/tGqaA9QAWDIH00mitYdu7KiRh4AAA=="

  • L: 336 

  • <args><device type="PC" version="327249223" client-version="3.5.2560" /><caps value="simple-im;im-session;temp-group;personal-group;im-relay;xeno-im;direct-sms;sms2fetion" /><events value="contact;permission;system-message;personal-group;compact" /><user-info attributes="all" /><presence><basic value="400" desc="" /></presence></args>

  • 如果服务器返回200 OK,即成功登陆。 

  • 其中response计算方法如下:

  1. 随机生成一个32位的cnonce (627D247341E2C76B51553F413EACB75C)
  2. 指定salt为777A6D03,相应的字符串为wzm/x03 (这个貌似也是任意的)
  3. Hash_pwd=(777A6D03+(Salt+密码的sha1值)的sha1值) (777A6D034D3493C9AC1FA46EB512C6CEF1B050E3802CD215)
  4. 求sip:fetion.com.cn:hash_pwd字符串的sha1值,得出key
  5. 求key:nonce:cnonce字符串的md5值,得出H1
  6. 求REGISTER:sip字符串的md5值,得出H2
  7. 求H1:nonce:H2字符串的md5值,得出response (88EDC599066D6B775CCF4E91637D4A0F)

 

 

 

 

 

 

 

 

curl "http://sms.api.bz/fetion.php?username=xx&password=xx&sendto=xx&message=xx"

相关阅读

相关文章

相关问答