Thinned IPA 下载方案

需求

• Framework不加密，Plugin和MainExec只加密一个page

• 保证仅含有一个FAT Slice

对比请求参数差异

POST /WebObjects/MZBuy.woa/wa/buyProduct?guid=00008020-000D29A02143002E HTTP/1.1
Host: p46-buy.itunes.apple.com
Cookie: xt-b-ts-12263680861=1654983152761; xp_ab=1#fNPb5Km+-2+xSb5Dsb13#WTckLqP+-2+AgHNRrw02#tBc9hUt+-2+V1mFMbc01#isj11bm+-2+17Eg4xa0#yNFpB6B+-2+HCu1K5Z00#jTGaGZu+-2+m8Eku6y01; pldfltcid=524b36a58d0d4249a127affd05921dab046; mz_at_ssl-12263680861=AwUAAAHUAAIjqAAAAABipQnwLVqGWVeGFPFDRUtxqCKXxr7ZLlI=; wosid-lite=eaDXJisR0I4VrC57owMgEw; NSC_nagjobodf-bopo-qppm*0=ffffffff1275ab0445525d5f4f58455e445a4a42378b; fsas=AAAAAAAAAAGj+JGrlAFjBalRS0H4wuaayA9/05JwY6HYCZJMX9wj0c6RyoeB8nn4Nee0yIl56OHTQEAxXfX7J+RuBpmD7buKOJ2j8oP2DtaKwwZ/V9VR9g==; mzf_in=467232; itspod=46; amp=ZY83o951wZer/eVFhMN5v1B8ittLQwpg9PZeMVd2fTuslXncUG787cVCWuSCEaiciq6TA1OG9VwDxdxXWze3/uRGMQyjRxnf26kIcu+HkpI=; xp_ci=3z3SvdbRzZ8z5SBzCEWz1Bx8Tl7gy; ampsc=zYk+fEeIoUXGwXLLNmfAGdpwzbAMez+GhsKjTBAzlL8=; countryVerified=1; xp_abc=17Eg4xa0; hsaccnt=1; X-Dsid=12263680861; vrep=CN3W49ctEgQIBRAAEgQIBxAAEgQIAhAAEgQIARAAEgQIDBAAEgQIDxAAEgUIBhD1AhIECAQQABIECBAQABIECAkQABIECA4QABIECAMQABIECAsQABIECAoQABIECBIQABIECA0QABIECBEQABIECAgQAA; mt-tkn-12263680861=At5XXnDQ6W9a0WmfIzppWnoP2U9y/l0n7gZNGguZOxXjj1JZa0TIHT9EVAUfyWIFDWg5N+s4bXVVpwabMZu+pZ5BJK+Jge5RiULvPEdkzSg6gJBbanYEkulPY1wZWLZdBzCGDi2eoSZBLb24TiOAt6wd48JXasKeFjyzx5MUu9goiOyqWfwJxufp1ldg3Bmc/WvQqF8=; mz_at0-12263680861=AwQAAAHUAAIjqAAAAABipQnwrBkb8mYb6LvlBoTUnu5LhJCRgxI=
X-Apple-Tz: 28800
X-Apple-Iad-Id: 639F95C4-DEEE-415C-B3C6-2162ED210ADD
Icloud-Dsid: 10255130069
User-Agent: AppStore/3.0 iOS/14.2 model/iPad11,4 hwp/t8020 build/18B92 (5; dt:212) AMS/1
X-Apple-Store-Front: 143462-9,30
X-Dsid: 12263680861
X-Apple-Tid-Pkey: BBXEnjgNZ2e7WayAxsAgw9DRN9hN2MVJItCDa/pknDY3xNY3sOXLvvqvJWeMzWDMC7KBIkP5ysdS9LvWFoJi6og=
X-Apple-I-Md: AAAABQAAABBCf+7FwYeyy/45rcTPNYW2AAAAAw==
X-Apple-Client-Application: com.apple.AppStore
Content-Length: 11808
X-Apple-Tid-Signatureversion: 1
X-Apple-I-Timezone: GMT+8
X-Apple-Amd-M: qvXoGvrN5KOHznNyODTcT2Fnzh/92jSfb8RYInRIsYzsURM6JP+bLw4PbcDFCiLfyFonEOWuRoaLLc3D
X-Apple-I-Client-Time: 2022-06-12T17:26:09Z
X-Apple-Amd: AAAABAAAABBUo7N4riagtKQgdhiv5GiO
X-Apple-Ta-Device: iPad11,4 iPad7,4
Accept-Language: zh-Hans-CN
X-Apple-I-Md-Rinfo: 50660608
X-Apple-Adsid: 000883-08-a5918e33-b433-4523-a14a-e0c39e24c51e
Accept: */*
X-Token: AwIAAAHUAAIjqAAAAABipQnwbXSvYr1hrlvWZZFxmbVBQ7+I+9A=
Content-Type: application/x-apple-plist
X-Apple-I-Locale: zh_CN
X-Apple-I-Md-M: qvXoGvrN5KOHznNyODTcT2Fnzh9g04hkDFpjYphUUnSKp7F/E0b7wKd0gVjR5MB2KvO2+HYiYAyhQCXG
Accept-Encoding: gzip, deflate
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>guid</key>
	<string>00008020-000D29A02143002E</string>
	<key>icloud-backup-enabled</key>
	<string>1</string>
	<key>kbsync</key>
	<string>【kbsync】</string>
	<key>mtApp</key>
	<string>com.apple.AppStore</string>
	<key>mtClientId</key>
	<string>3z3SvdbRzZ8z5SBzCEWz1Bx8Tl7gy</string>
	<key>mtEventTime</key>
	<string>1655054769787</string>
	<key>mtPageContext</key>
	<string>Search</string>
	<key>mtPrevPage</key>
	<string>Error</string>
	<key>mtRequestId</key>
	<string>3z3SvdbRzZ8z5SBzCEWz1Bx8Tl7gyzL4BKVLH7z2155</string>
	<key>mtTopic</key>
	<string>xp_amp_appstore</string>
	<key>ownerDsid</key>
	<string>12263680861</string>
	<key>pg</key>
	<string>default</string>
	<key>price</key>
	<string>0</string>
	<key>pricingParameters</key>
	<string>STDRDL</string>
	<key>productType</key>
	<string>C</string>
	<key>salableAdamId</key>
	<string>1157485146</string>
</dict>
</plist>

请求头分析

Cookie: xt-b-ts-12263680861=1654983152761; xp_ab=1#fNPb5Km+-2+xSb5Dsb13#WTckLqP+-2+AgHNRrw02#tBc9hUt+-2+V1mFMbc01#isj11bm+-2+17Eg4xa0#yNFpB6B+-2+HCu1K5Z00#jTGaGZu+-2+m8Eku6y01; pldfltcid=524b36a58d0d4249a127affd05921dab046; mz_at_ssl-12263680861=AwUAAAHUAAIjqAAAAABipQnwLVqGWVeGFPFDRUtxqCKXxr7ZLlI=; wosid-lite=eaDXJisR0I4VrC57owMgEw; NSC_nagjobodf-bopo-qppm*0=ffffffff1275ab0445525d5f4f58455e445a4a42378b; fsas=AAAAAAAAAAGj+JGrlAFjBalRS0H4wuaayA9/05JwY6HYCZJMX9wj0c6RyoeB8nn4Nee0yIl56OHTQEAxXfX7J+RuBpmD7buKOJ2j8oP2DtaKwwZ/V9VR9g==; mzf_in=467232; itspod=46; amp=ZY83o951wZer/eVFhMN5v1B8ittLQwpg9PZeMVd2fTuslXncUG787cVCWuSCEaiciq6TA1OG9VwDxdxXWze3/uRGMQyjRxnf26kIcu+HkpI=; xp_ci=3z3SvdbRzZ8z5SBzCEWz1Bx8Tl7gy; ampsc=zYk+fEeIoUXGwXLLNmfAGdpwzbAMez+GhsKjTBAzlL8=; countryVerified=1; xp_abc=17Eg4xa0; hsaccnt=1; X-Dsid=12263680861; vrep=CN3W49ctEgQIBRAAEgQIBxAAEgQIAhAAEgQIARAAEgQIDBAAEgQIDxAAEgUIBhD1AhIECAQQABIECBAQABIECAkQABIECA4QABIECAMQABIECAsQABIECAoQABIECBIQABIECA0QABIECBEQABIECAgQAA; mt-tkn-12263680861=At5XXnDQ6W9a0WmfIzppWnoP2U9y/l0n7gZNGguZOxXjj1JZa0TIHT9EVAUfyWIFDWg5N+s4bXVVpwabMZu+pZ5BJK+Jge5RiULvPEdkzSg6gJBbanYEkulPY1wZWLZdBzCGDi2eoSZBLb24TiOAt6wd48JXasKeFjyzx5MUu9goiOyqWfwJxufp1ldg3Bmc/WvQqF8=; mz_at0-12263680861=AwQAAAHUAAIjqAAAAABipQnwrBkb8mYb6LvlBoTUnu5LhJCRgxI=
X-Apple-Tz: 28800
X-Apple-Iad-Id: 639F95C4-DEEE-415C-B3C6-2162ED210ADD
Icloud-Dsid: 10255130069
User-Agent: AppStore/3.0 iOS/14.2 model/iPad11,4 hwp/t8020 build/18B92 (5; dt:212) AMS/1
X-Apple-Store-Front: 143462-9,30
X-Dsid: 12263680861
X-Apple-Tid-Pkey: BBXEnjgNZ2e7WayAxsAgw9DRN9hN2MVJItCDa/pknDY3xNY3sOXLvvqvJWeMzWDMC7KBIkP5ysdS9LvWFoJi6og=
X-Apple-I-Md: AAAABQAAABBCf+7FwYeyy/45rcTPNYW2AAAAAw==
X-Apple-Client-Application: com.apple.AppStore
X-Apple-Tid-Signatureversion: 1
X-Apple-I-Timezone: GMT+8
X-Apple-Amd-M: qvXoGvrN5KOHznNyODTcT2Fnzh/92jSfb8RYInRIsYzsURM6JP+bLw4PbcDFCiLfyFonEOWuRoaLLc3D
X-Apple-I-Client-Time: 2022-06-12T17:26:09Z
X-Apple-Amd: AAAABAAAABBUo7N4riagtKQgdhiv5GiO
X-Apple-Ta-Device: iPad11,4 iPad7,4
X-Apple-I-Md-Rinfo: 50660608
X-Apple-Adsid: 000883-08-a5918e33-b433-4523-a14a-e0c39e24c51e
X-Token: AwIAAAHUAAIjqAAAAABipQnwbXSvYr1hrlvWZZFxmbVBQ7+I+9A=
X-Apple-I-Locale: zh_CN
X-Apple-I-Md-M: qvXoGvrN5KOHznNyODTcT2Fnzh9g04hkDFpjYphUUnSKp7F/E0b7wKd0gVjR5MB2KvO2+HYiYAyhQCXG

• X-Apple-Ta-Device
• 删除后无影响，仍然返回thinned

• User-Agent
• 替换为Configurator后返回错误
• 将其中的OS和model删除后500
• 可能为核心控制