飞常准APK反编译获取飞常准API接口

申明

此文章只是用来提供一种思路,和加强APK软件包混淆加密的意识。如果商业需要使用航班数据建议购买飞常准的API接口吧,稳定性有保证,而且接口数据更齐全还有航班数据主动推动等高级功能。

使用Charels抓取APP使用中的数据包

Charels抓包
打开Charels,手机配置好代理。打开飞常准,使用一些常用的功能,抓取到使用过程中的API请求信息。飞常准使用的是HTTP的协议,如果是HTTPS的只需要配置好证书一样可以抓取请求信息。

整理接口参数信息

飞常准接口
整理出来4个接口:

  1. 机场信息接口
  2. 航班搜索接口
  3. 航班详情接口
  4. 航班补充信息接口

反编译APK软件包

jd-gui
飞常准的APK完全没有混淆和加密使用dex2jar反编译classes.dex得到classes_dex2jar.jar,然后使用jd-gui打开,耐心查找我们需要的加密算法

整理飞常准API接口文档(举例一个机场信息和一个航班信息)

机场信息查询

URL: http://app.veryzhun.com/airport/info/
参数:

  • airport 机场三字码 PEK
  • appType 不知道什么鬼 1
  • channelID 渠道名称 itunes
  • device 不知道什么鬼 0
  • deviceID 设备ID xxx
  • isVip 不知道干嘛的 0
  • isYn 不知道干嘛的 0
  • language 语言 ch
  • signature 签名
  • token 设备token xxx
  • uid 用户ID xxx
  • uniqueID 设备唯一ID xxx
  • version APP版本号 3.7.3

返回示例:

{
  "code": 0,
  "msg": "Ok",
  "data": {
    "airport": {
      "code": "PEK",
      "name": "北京首都",
      "lat": "40.078537",
      "lng": "116.5871",
      "cityName": "北京"
    },
    "traffic": {
      "status": "流量正常",
      "lastDep": "23:12",
      "lastArr": "23:12"
    },
    "weather": {
      "icon": "weather/zhenyu",
      "temper": "20",
      "desc": "小阵雨",
      "seefar": "9999m",
      "wind": "8 m/s",
      "pm25": "13 良",
      "clad": ""
    },
    "hasTraffic": true,
    "hasMap": true,
    "hasFlightBoard": true,
    "hasFlow": true,
    "hasRadar": true,
    "hasTel": true
  }
}

航班信息查询

URL: http://app.veryzhun.com/flight/detailV2
参数:

  • appType 不知道什么鬼 1
  • arr 到达机场三字码 PVG
  • channelID 渠道名称 itunes
  • date 出发日期 2016-05-25
  • dep 到达机场三字码 PEK
  • device 不知道什么鬼 0
  • deviceID 设备ID xxx
  • fnum 航班号 HU7609
  • fromCare 不知道什么鬼 1
  • isVip 不知道干嘛的 0
  • isYn 不知道干嘛的 0
  • language 语言 ch
  • signature 签名
  • token 设备token xxx
  • uid 用户ID xxx
  • uniqueID 设备唯一ID xxx
  • version APP版本号 3.7.3

返回示例:

{
  "code": 0,
  "msg": "Ok",
  "data": {
    "baseInfo": {
      "iconReversal": 0,
      "showDepTimeOrRate": 2,
      "departureTimezone": 28800,
      "flightNumber": "HU7609",
      "airlinesName": "海南航空",
      "airModels": "JET",
      "departureCode": "PEK",
      "arrivalCode": "PVG",
      "departurePlanTimestamp": 1464129000,
      "departureEstimateTimestamp": 1464129000,
      "flightStatus": "计划",
      "isShare": 0,
      "flightCategory": 0,
      "isStop": 0,
      "shareFlight": "",
      "id": "a2d8d044d9706f865a28c1481d305eb5",
      "qxflight": "",
      "isForceLanding": "0",
      "departure": "北京",
      "arrival": "上海",
      "ontimeRate": "92.31%",
      "flightStatusCode": 0,
      "checkinStatus": "",
      "depAirport": "北京首都",
      "arrAirport": "上海浦东",
      "airlinesCode": "HU",
      "airlineIcon": "http://app.veryzhun.com/img/aircorp/hu.png",
      "color": "#6cb8f4",
      "colorIcon": "http://app.veryzhun.com/img/icon/airplane_3.png",
      "oldflightStatusCode": 0,
      "veryZhunDepEstimate": 1464129000,
      "distance": 1178,
      "leftTip": "全程1178公里",
      "rightTip": "",
      "routeAlltime": 8400,
      "percentage": 0,
      "showStop": 0,
      "dep": {
        "lat": 40.078537,
        "lng": 116.5871
      },
      "arr": {
        "lat": 31.151825,
        "lng": 121.799805
      },
      "position": {
        "lat": 40.078537,
        "lng": 116.5871
      },
      "angle": 210,
      "airlineEnName": "Hainan Airlines",
      "action": "",
      "sid": 0,
      "memo": "",
      "orderStyle": -1,
      "orderCare": -1,
      "isId": 0,
      "boardPassImg": "",
      "PRCDate": "2016-05-25",
      "realAirlineCode": "HU",
      "arrCityCode": "SHA",
      "depCityCode": "BJS"
    },
    "info": [
      {
        "departureTimezone": 28800,
        "departureCode": "PEK",
        "departurePlanTimestamp": 1464129000,
        "departureEstimateTimestamp": 1464129000,
        "departureActualTimestamp": 0,
        "checkinTable": "K",
        "boardingGate": "",
        "boardStatus": "",
        "departureTerminal": "T1",
        "door": "4-6号门",
        "checkinend": "航班当日 06:00",
        "departure": "北京",
        "bridge": "",
        "depAirport": "北京首都",
        "depCountry": "中国",
        "depCountryType": 1,
        "depTips": "",
        "icon": "weather_small/qingtian",
        "temper": "18°/30°",
        "desc": "多云转晴",
        "delayStatusColor": "",
        "delayStatus": "",
        "circum": 0
      },
      {
        "arrivalTimezone": 28800,
        "arrivalCode": "PVG",
        "arrivalPlanTimestamp": 1464137400,
        "arrivalEstimateTimestamp": 1464137400,
        "arrivalActualTimestamp": 0,
        "reachExit": "",
        "baggageTurntable": "36",
        "arrivalTerminal": "T2",
        "isStop": 0,
        "isForceLanding": "0",
        "arrival": "上海",
        "flightStatusCode": 0,
        "awayBridge": "",
        "arrAirport": "上海浦东",
        "arrCountry": "中国",
        "arrCountryType": 1,
        "arrTips": "",
        "icon": "weather_small/duoyun",
        "temper": "21°/27°",
        "desc": "多云转小雨",
        "delayStatusColor": "",
        "delayStatus": "",
        "circum": 0
      }
    ],
    "preFlight": {
      "code": 1,
      "tips": "有前序"
    },
    "airplane": {
      "airplaneModels": "空客  A330-243",
      "airplaneAge": "0.3年",
      "wifi": 0,
      "cabinImg": "http://cdn.feeyo.com/aimg/airline/HU/Airbus330-200_iphones.png",
      "airplaneImg": "http://cdn.feeyo.com/plane/B5979_HU_.jpg?k=948458d0dfce820f",
      "cabinThumb": "http://cdn.feeyo.com/fimg/app/cabin/yn/330.png",
      "AircraftNumber": "B5979",
      "food": "--",
      "foodCode": -1,
      "wikiH5": "",
      "checkinCode": 1,
      "checkinTips": "",
      "checkinEndTime": 1464121800,
      "checkinStartTime": 1464062400,
      "checkinH5": "http://app.veryzhun.com/airline/checkin/?airline=HU"
    },
    "modelSort": [
      1,
      2,
      3,
      4,
      5,
      6,
      7,
      8
    ],
    "pushMeg": {
      "title": "",
      "msg": "",
      "newNum": 0
    },
    "h5": {
      "postCircum": "http://app.veryzhun.com/h5/specialCase?fnum=HU7609&dep=PEK&arr=PVG&date=2016-05-25&depAirport=%E5%8C%97%E4%BA%AC%E9%A6%96%E9%83%BD&arrAirport=%E4%B8%8A%E6%B5%B7%E6%B5%A6%E4%B8%9C&uid=1331985&device=0",
      "hotelSearch": "http://app.veryzhun.com/hotel/search?dep=PEK&arr=PVG&fnum=HU7609&timezone=28800&arrPlan=1464137400&arrEst=1464137400&arrAct=0&feeyomarketing=inner",
      "transferService": "http://app.veryzhun.com/h5/usecar?dep=PEK&arr=PVG&fnum=HU7609&timezone=28800&arrPlanTime=1464137400&arrActualTime=0&depPlanTime=1464129000&depActualTime=0&isStop=0&status=0&feeyomarketing=inner"
    }
  }
}

# 签名算法

示例(加密字符串就不公开了):

import hashlib

params={
    "appType": "1",
    "arr": "PVG",
    "channelID": "itunes",
    "date": "2016-05-25",
    "dep": "PEK",
    "device": "0",
    "deviceID": "xxx",
    "fnum": "HU7609",
    "fromCare": "1",
    "isVip": "0",
    "isYn": "0",
    "language": "ch",
    "notShowAdIds": "",
    "token": "xxx",
    "uid": "xxx",
    "uniqueID": "xxx",
    "version": "3.7.3",
}

def signature(params):
    str_list = []
    for k,v in params.items():
        str_list.append(k+'='+v)
    str_list.sort()
    sig_str = '&'.join(str_list)
    m = hashlib.md5()
    m.update(sig_str + 'faxxx440')
    params['signature'] = m.hexdigest()
    return params

总结

整个过程并不复杂:

  1. 抓包获取HTTP请求
  2. 反编译APK获取加密算法
  3. 根据HTTP请求和加密算法整理文档

给到飞常准的建议:

  1. API的请求可以切换到HTTPS,明文传输可泄漏用户隐私
  2. APK软件包混淆加密一下吧
  3. API接口添加一些限制,测试下来只要签名正确好像可以随意查询航班信息
2016/5/25 0:3 上午 posted in  安全