无忧行自动Surge签到
Search

无忧行自动Surge签到

大类
iOS
Crack
技术标签
开发-协议脚本
云服务-白嫖
优先级
High
开始日期
Feb 11, 2023
状态
Maintaining
Public
Public
最后更新
Feb 12, 2023

无忧行协议加密 - body & sec

  • Python脚本
from Crypto.Hash import MD5
from Crypto.Cipher import AES
from base64 import *

K = '03F0B33929245A16' # 对应sec中为online_jego_app;XXX;01
def decryptBody(ret):
    sec = b64decode(ret['sec'])
    body = b64decode(ret['body'])
    v, t, n = sec.decode().split(';')
    key = MD5.new((K + t).encode()).hexdigest()[8:24]
    return AES.new(key.encode(), AES.MODE_ECB).decrypt(body)

decrypt({'body': "xxx", 'sec': 'XXX'})

无忧行协议加密 - sign

  • 该加密似乎仅在登录时使用,其他接口似乎并不必须,所以暂时忽略

20230321更新,签到必须带有sign

 

Cookie抓包获取

  • 无忧行目前有这些域名
    • app2/3.jegotrip.com.cn:带token,带Pinning
    • app.jegotrip.com.cn:带token,不带pinning
    • cdn.jegotrip.com.cn:不带token,不带pinning
    • 其他的jegotrip.com.cn:不带token,不带pinning
  • 无忧行的sslpinning可以通过添加NSUserPreference: Jego_Not_SSL = YES 来禁用
  • 重点是找到app.jegotrip.com.cn的调用
 

无忧行签到202302 (v8.1.6)

  • Cookie 获取:任务中心中的明细查询仍在使用app.jegotrip.com.cn
  • 仅有两种:
    • 每日签到:userSign
        • echo -n '\x7B\x22\x73\x65\x63\x22\x3A\x22\x62\x32\x35\x73\x61\x57\x35\x6C\x58\x32\x70\x6C\x5A\x32\x39\x66\x59\x58\x42\x77\x4F\x7A\x45\x32\x4E\x7A\x59\x78\x4E\x44\x51\x77\x4E\x44\x41\x33\x4D\x54\x41\x33\x4F\x44\x59\x37\x4D\x44\x45\x3D\x22\x2C\x22\x62\x6F\x64\x79\x22\x3A\x22\x35\x41\x35\x55\x58\x46\x62\x6C\x78\x30\x76\x54\x79\x4D\x34\x2F\x68\x76\x4E\x4E\x76\x33\x58\x74\x36\x63\x4C\x5A\x67\x70\x4D\x69\x73\x36\x6F\x66\x69\x43\x63\x66\x38\x6F\x55\x3D\x22\x7D' | curl 'https://app3.jegotrip.com.cn/api/service/v1/mission/sign/userSign?token=f5e3f26754664e59af223cdaabcc34a2&lang=zh_CN&timestamp=1676144040718&sign=95575463d8878589a758a0f09940092e8a04c19c' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Connection: keep-alive' -H 'Cookie: acw_tc=784e2c9d16761151063422771e7a8af4b77286aa033c261006ccd0689a30fa' -H 'Accept-Language: zh-CN,zh-Hans;q=0.9' -H 'Accept-Encoding: gzip, deflate, br' -H 'User-Agent: Roam/20221213.1 CFNetwork/1331.0.7 Darwin/21.4.0' --compressed
    • 每日任务
      • 使用翻译:getTranslate → sendEvent → unclaimed → receiveReward
          • echo -n '\x7B\x22\x73\x65\x63\x22\x3A\x22\x62\x32\x35\x73\x61\x57\x35\x6C\x58\x32\x70\x6C\x5A\x32\x39\x66\x59\x58\x42\x77\x4F\x7A\x45\x32\x4E\x7A\x59\x78\x4E\x44\x51\x77\x4F\x44\x41\x31\x4D\x7A\x51\x32\x4D\x7A\x6B\x37\x4D\x44\x45\x3D\x22\x2C\x22\x62\x6F\x64\x79\x22\x3A\x22\x5C\x2F\x2B\x54\x51\x72\x2B\x48\x4D\x6E\x62\x62\x39\x4C\x6A\x38\x79\x4D\x68\x58\x48\x74\x77\x4A\x6B\x5A\x73\x41\x6A\x32\x68\x36\x4A\x46\x34\x35\x51\x68\x51\x4F\x73\x58\x4C\x57\x55\x6C\x6E\x4F\x6F\x61\x78\x41\x4D\x44\x54\x47\x58\x6B\x57\x31\x4B\x76\x30\x5C\x2F\x51\x4F\x32\x5C\x2F\x4C\x59\x54\x71\x46\x41\x33\x6C\x6E\x41\x77\x32\x51\x57\x36\x56\x37\x57\x67\x61\x56\x44\x69\x76\x58\x4C\x50\x52\x67\x70\x53\x58\x63\x4C\x5A\x56\x4E\x77\x43\x73\x32\x56\x50\x59\x6B\x4B\x46\x61\x5C\x2F\x68\x71\x4F\x52\x39\x37\x35\x4C\x57\x78\x46\x4B\x53\x55\x70\x4F\x38\x75\x54\x64\x42\x70\x34\x4E\x6E\x78\x52\x54\x7A\x56\x58\x2B\x48\x77\x2B\x4F\x6B\x48\x57\x31\x6B\x6A\x61\x2B\x67\x6F\x76\x6B\x48\x52\x59\x4A\x73\x62\x5A\x64\x43\x6C\x71\x4B\x34\x63\x42\x78\x4E\x58\x38\x44\x7A\x68\x78\x35\x30\x47\x58\x45\x32\x6D\x5C\x2F\x76\x65\x37\x38\x68\x53\x2B\x2B\x44\x49\x34\x67\x58\x50\x39\x53\x4C\x4A\x51\x3D\x3D\x22\x7D' | curl 'https://app3.jegotrip.com.cn/api/v1/tool/getTranslate?token=f5e3f26754664e59af223cdaabcc34a2&timestamp=1676144080363&sign=025223141973fb3f762797211ad5ffdc755d5371&lang=zh_CN' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Content-Type: application/json' -H 'Cookie: acw_tc=784e2c9d16761151063422771e7a8af4b77286aa033c261006ccd0689a30fa' -H 'Connection: keep-alive' -H 'Accept: */*' -H 'User-Agent: Roam/8.1.6 (iPhone; iOS 15.4.1; Scale/3.00)' -H 'Accept-Language: zh-Hans-CN;q=1, en-CN;q=0.9, ja-CN;q=0.8, en;q=0.7' -H 'Accept-Encoding: gzip, deflate, br' --compressed

b'{"inputSource":"2","deviceId":"8762B8C9-62AA-4475-8AC0-A7484D756A46","mobile":"18511089201","channelId":"1","from":"zh","query":"test","to":"en"}\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f'
          echo -n '\x7B\x22\x65\x76\x65\x6E\x74\x54\x79\x70\x65\x22\x3A\x35\x2C\x22\x72\x65\x6D\x61\x72\x6B\x22\x3A\x22\x22\x7D' | curl 'https://app3.jegotrip.com.cn/api/service/v1/mission/task/sendEvent?token=f5e3f26754664e59af223cdaabcc34a2&timestamp=1676144081506&sign=907d6f1509e76fc7d098f35d258637d7b26ccb35&lang=zh_CN' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Content-Type: application/json' -H 'Cookie: acw_tc=784e2c9d16761151063422771e7a8af4b77286aa033c261006ccd0689a30fa' -H 'Connection: keep-alive' -H 'Accept: */*' -H 'User-Agent: Roam/8.1.6 (iPhone; iOS 15.4.1; Scale/3.00)' -H 'Accept-Language: zh-Hans-CN;q=1, en-CN;q=0.9, ja-CN;q=0.8, en;q=0.7' -H 'Accept-Encoding: gzip, deflate, br' --compressed
          echo -n '\x7B\x22\x73\x65\x63\x22\x3A\x22\x62\x32\x35\x73\x61\x57\x35\x6C\x58\x32\x70\x6C\x5A\x32\x39\x66\x59\x58\x42\x77\x4F\x7A\x45\x32\x4E\x7A\x59\x78\x4E\x44\x51\x77\x4F\x44\x55\x31\x4D\x7A\x63\x34\x4E\x6A\x59\x37\x4D\x44\x45\x3D\x22\x7D' | curl 'https://app3.jegotrip.com.cn/api/service/v1/mission/task/unclaimed?token=f5e3f26754664e59af223cdaabcc34a2&lang=zh_CN&timestamp=1676144085095&sign=3a0798c7061117abf70079587126555caf3da8c3' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Connection: keep-alive' -H 'Cookie: acw_tc=784e2c9d16761151063422771e7a8af4b77286aa033c261006ccd0689a30fa' -H 'Accept-Language: zh-CN,zh-Hans;q=0.9' -H 'Accept-Encoding: gzip, deflate, br' -H 'User-Agent: Roam/20221213.1 CFNetwork/1331.0.7 Darwin/21.4.0' --compressed

b'[{"id":1798535,"taskName":"\xe4\xbd\xbf\xe7\x94\xa8\xe7\xbf\xbb\xe8\xaf\x91","rewardType":1,"rewardNumber":1,"isOverdue":0}]\x08\x08\x08\x08\x08\x08\x08\x08'
          echo -n '\x7B\x22\x73\x65\x63\x22\x3A\x22\x62\x32\x35\x73\x61\x57\x35\x6C\x58\x32\x70\x6C\x5A\x32\x39\x66\x59\x58\x42\x77\x4F\x7A\x45\x32\x4E\x7A\x59\x78\x4E\x44\x51\x77\x4F\x54\x45\x7A\x4E\x7A\x51\x34\x4E\x7A\x59\x37\x4D\x44\x45\x3D\x22\x2C\x22\x62\x6F\x64\x79\x22\x3A\x22\x78\x48\x59\x4E\x69\x62\x6F\x44\x56\x42\x59\x61\x2F\x4E\x4A\x69\x49\x71\x65\x31\x39\x30\x61\x69\x71\x77\x74\x49\x36\x66\x6E\x65\x34\x2F\x78\x34\x48\x61\x43\x2B\x38\x33\x45\x3D\x22\x7D' | curl 'https://app3.jegotrip.com.cn/api/service/v1/mission/task/receiveReward?token=f5e3f26754664e59af223cdaabcc34a2&lang=zh_CN&timestamp=1676144091400&sign=deec9fd5dc9e18092762a3e05c0d4c5bc4df4c61' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Connection: keep-alive' -H 'Cookie: acw_tc=784e2c9d16761151063422771e7a8af4b77286aa033c261006ccd0689a30fa' -H 'Accept-Language: zh-CN,zh-Hans;q=0.9' -H 'Accept-Encoding: gzip, deflate, br' -H 'User-Agent: Roam/20221213.1 CFNetwork/1331.0.7 Darwin/21.4.0' --compressed

b'{"rewardId":1798535}\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c'
      • 发布内容:https://app3.jegotrip.com.cn/api/service/content/v1/pvt/publish
          • echo -n '\x7B\x22\x63\x6F\x6E\x74\x65\x6E\x74\x49\x64\x22\x3A\x22\x22\x2C\x22\x63\x6F\x6E\x74\x65\x6E\x74\x54\x79\x70\x65\x22\x3A\x31\x2C\x22\x74\x69\x74\x6C\x65\x22\x3A\x22\xE6\x97\xA5\xE8\xAE\xB0\x32\x30\x32\x33\x30\x32\x31\x31\x22\x2C\x22\x6C\x6F\x6E\x22\x3A\x22\x22\x2C\x22\x6C\x61\x74\x22\x3A\x22\x22\x2C\x22\x63\x6F\x6E\x74\x65\x6E\x74\x22\x3A\x22\xE4\xBB\x8A\xE5\xA4\xA9\xE4\xB9\x9F\xE6\x98\xAF\xE7\xBE\x8E\xE5\xA5\xBD\xE7\x9A\x84\xE4\xB8\x80\xE5\xA4\xA9\xEF\xBC\x81\x22\x2C\x22\x69\x6D\x61\x67\x65\x55\x72\x6C\x4C\x69\x73\x74\x22\x3A\x5B\x5D\x2C\x22\x76\x69\x64\x65\x6F\x55\x72\x6C\x4C\x69\x73\x74\x22\x3A\x5B\x5D\x2C\x22\x68\x6F\x6D\x65\x49\x6D\x67\x22\x3A\x22\x22\x2C\x22\x63\x6C\x61\x73\x73\x69\x66\x79\x49\x64\x22\x3A\x22\x22\x2C\x22\x63\x6C\x75\x62\x49\x64\x22\x3A\x22\x22\x2C\x22\x61\x64\x64\x72\x65\x73\x73\x22\x3A\x22\x22\x2C\x22\x64\x65\x74\x61\x69\x6C\x65\x64\x41\x64\x64\x72\x65\x73\x73\x22\x3A\x22\x22\x2C\x22\x6D\x65\x64\x69\x61\x54\x79\x70\x65\x22\x3A\x32\x2C\x22\x69\x73\x51\x75\x65\x73\x74\x69\x6F\x6E\x22\x3A\x30\x2C\x22\x73\x6F\x75\x72\x63\x65\x54\x79\x70\x65\x22\x3A\x31\x2C\x22\x74\x6F\x70\x69\x63\x49\x64\x73\x22\x3A\x5B\x5D\x2C\x22\x64\x65\x73\x74\x69\x6E\x61\x74\x69\x6F\x6E\x49\x64\x73\x22\x3A\x5B\x5D\x2C\x22\x63\x69\x74\x79\x49\x64\x22\x3A\x22\x22\x2C\x22\x70\x72\x6F\x76\x69\x6E\x63\x65\x49\x64\x22\x3A\x22\x22\x2C\x22\x63\x6F\x75\x6E\x74\x72\x79\x49\x64\x22\x3A\x22\x22\x2C\x22\x63\x6F\x6E\x74\x65\x6E\x74\x50\x6F\x69\x52\x65\x6C\x61\x74\x69\x6F\x6E\x4C\x69\x73\x74\x22\x3A\x5B\x5D\x2C\x22\x75\x73\x65\x72\x44\x69\x79\x48\x6F\x6D\x65\x46\x6C\x61\x67\x22\x3A\x30\x7D' | curl 'https://app3.jegotrip.com.cn/api/service/content/v1/pvt/publish?token=f5e3f26754664e59af223cdaabcc34a2&lang=zh_CN&timestamp=1676157650304&sign=5cad106eb1578a422ef8d23a80c67b21856d2a76' --data-binary @- -H 'Host: app3.jegotrip.com.cn' -H 'Content-Type: application/json' -H 'Cookie: acw_tc=4c154ff2486506a48fc988fc5e1b668de03085639481daacdd57c1aa9cfa2c29' -H 'Connection: keep-alive' -H 'Accept: application/json' -H 'User-Agent: Roam/20221213.1 CFNetwork/1331.0.7 Darwin/21.4.0' -H 'Accept-Language: zh-CN,zh-Hans;q=0.9' -H 'Accept-Encoding: gzip, deflate, br' --compressed
         
Copyright 2022 Misty