- 精华
- 阅读权限
- 30
- 好友
- 相册
- 分享
- 听众
- 收听
- 注册时间
- 2021-4-18
- 在线时间
- 小时
- 最后登录
- 1970-1-1
|
发表于 2025-4-3 12:05:41
|
显示全部楼层
本帖最后由 zoujing081 于 2025-4-3 12:16 编辑
我用deepseek搞了几天把那个实名认证的给破了,要用APKtoolM对客户端进行反编译,然后修改2个文件里的实名认证的代码一个是文件smali/com/baidu/platformsdk/account/authenticate/AuthenticateH5Controller$JSBridge.smali里的方法.method public onRealNameAuthResult(Ljava/lang/String;)V,节省时间就用搜索找文件名和方法,修改完这个方法后每次登录都要输入姓名和身份证号验证(姓名随便输入2个中文就行,身份证号18个1都行)一个是文件smali/com/baidu/bdgame/sdk/obf/kx.smali里的.method private a(Landroid/content/Context;Lorg/json/JSONObject;)V,修改完这个方法后只需要第一次输入完姓名和身份证,后续就能一直免除实名认证
第一个文件的替换代码:.method public onRealNameAuthResult(Ljava/lang/String;)V
.locals 4
.param p1, "json" # Ljava/lang/String;
.annotation runtime Landroid/webkit/JavascriptInterface;
.end annotation
.prologue
.line 264
new-instance v1, Lorg/json/JSONObject;
invoke-direct {v1}, Lorg/json/JSONObject;-><init>()V
.line 265
.local v1, "fakeResponse":Lorg/json/JSONObject;
:try_start_0
const-string v2, "ResultCode"
const-string v3, "0" # 强制成功状态码
invoke-virtual {v1, v2, v3}, Lorg/json/JSONObject;->put(Ljava/lang/String;Ljava/lang/Object;)Lorg/json/JSONObject;
.line 266
const-string v2, "BaiduOauthID"
const-string v3, "bypass_123456" # 伪造ID
invoke-virtual {v1, v2, v3}, Lorg/json/JSONObject;->put(Ljava/lang/String;Ljava/lang/Object;)Lorg/json/JSONObject;
.line 267
const-string v2, "IsEnterCashier"
const-string v3, "1"
invoke-virtual {v1, v2, v3}, Lorg/json/JSONObject;->put(Ljava/lang/String;Ljava/lang/Object;)Lorg/json/JSONObject;
.line 268
const-string v2, "IsRealNameAuth"
const-string v3, "1" # 强制已实名状态
invoke-virtual {v1, v2, v3}, Lorg/json/JSONObject;->put(Ljava/lang/String;Ljava/lang/Object;)Lorg/json/JSONObject;
.line 270
new-instance v0, Lcom/baidu/bdgame/sdk/obf/ag;
invoke-direct {v0}, Lcom/baidu/bdgame/sdk/obf/ag;-><init>()V
.line 271
.local v0, "authResult":Lcom/baidu/bdgame/sdk/obf/ag;
const-string v2, "BaiduOauthID"
invoke-virtual {v1, v2}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v0, v2}, Lcom/baidu/bdgame/sdk/obf/ag;->e(Ljava/lang/String;)V
.line 272
iget-object v2, p0, Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller$JSBridge;->this$0:Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;
invoke-static {v2}, Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;->access$400(Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v0, v2}, Lcom/baidu/bdgame/sdk/obf/ag;->c(Ljava/lang/String;)V
.line 273
const-string v2, "IsEnterCashier"
invoke-virtual {v1, v2}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v0, v2}, Lcom/baidu/bdgame/sdk/obf/ag;->b(Ljava/lang/String;)V
.line 274
const-string v2, "IsRealNameAuth"
invoke-virtual {v1, v2}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v0, v2}, Lcom/baidu/bdgame/sdk/obf/ag;->d(Ljava/lang/String;)V
.line 275
iget-object v2, p0, Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller$JSBridge;->this$0:Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;
invoke-static {v2}, Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;->access$500(Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller;)Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller$a;
move-result-object v2
invoke-interface {v2, v0}, Lcom/baidu/platformsdk/account/authenticate/AuthenticateH5Controller$a;->a(Lcom/baidu/bdgame/sdk/obf/ag;)V
:try_end_0
.catch Ljava/lang/Exception; {:try_start_0 .. :try_end_0} :catch_0
.line 279
.end local v0 # "authResult":Lcom/baidu/bdgame/sdk/obf/ag;
:goto_0
return-void
.line 276
:catch_0
move-exception v2
goto :goto_0
.end method
第二个文件的替换代码:.method private a(Landroid/content/Context;Lorg/json/JSONObject;)V
.locals 4
.prologue
.line 537
:try_start_0
invoke-static {}, Lcom/baidu/bdgame/sdk/obf/ku;->a()Lcom/baidu/bdgame/sdk/obf/ku;
move-result-object v0
const/4 v1, 0x0
invoke-virtual {v0, v1}, Lcom/baidu/bdgame/sdk/obf/ku;->e(Z)V
invoke-virtual {v0, v1}, Lcom/baidu/bdgame/sdk/obf/ku;->f(Z)V
invoke-virtual {v0, v1}, Lcom/baidu/bdgame/sdk/obf/ku;->g(Z)V
goto :goto_0
:try_end_0
.catch Ljava/lang/Exception; {:try_start_0 .. :try_end_0} :catch_0
.line 551
:catch_0
move-exception v0
invoke-virtual {v0}, Ljava/lang/Exception;->printStackTrace()V
.line 554
:goto_0
return-void
.end method
这2个文件替换完之后再用APKtoolM重新编译,你再把原来安装好的客户端卸载了,重新安装编译后的客户端就能进游戏了,里面有些技能skill和时装dress有问题,包括田仲上阵会闪退的问题(主要是时装对应的luax文件缺失,然后修改时装对应的技能id,穿透或者减伤,需要复制其他正常的luax文件,然后修改为田仲得时装技能id),要改全得去服务端里qsmy文件夹去改
|
|
楼主: 反派龙套
