From 38a770161abca92c96866e7673f661ab7fc8fbb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=B2=81=E6=A0=91=E4=BA=BA?= Date: Wed, 18 Sep 2024 01:35:40 +0100 Subject: [PATCH] [xmly] docs: added notes about the format --- um_crypto/xmly/Readme.MD | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 um_crypto/xmly/Readme.MD diff --git a/um_crypto/xmly/Readme.MD b/um_crypto/xmly/Readme.MD new file mode 100644 index 0000000..ef1298e --- /dev/null +++ b/um_crypto/xmly/Readme.MD @@ -0,0 +1,22 @@ +# 喜马拉雅文件格式 + +## 安卓端 + +前 `0x400` 字节混淆,打乱顺序 + xor 固定密钥。 + +## PC 端 + +Electron 调用 node 的 `crypto` 层加密,完事后扔原生层(旧版)/Wasm(新版)再处理一遍。 + +其它人的逆向过程: + +- [喜马拉雅 xm 文件解密逆向分析 [Electron]][xm_zh] | [存档][xm_zh_archive] +- [Reversing WebAssembly with pure guesswork - Ximalaya xm encryption (英文, 内容更多)][xm_en] | [存档][xm_en_archive] + +[xm_zh]: https://www.aynakeya.com/articles/ctf/xi-ma-la-ya-xm-wen-jian-jie-mi-ni-xiang-fen-xi/ + +[xm_zh_archive]: https://web.archive.org/web/2023/https://www.aynakeya.com/articles/ctf/xi-ma-la-ya-xm-wen-jian-jie-mi-ni-xiang-fen-xi/ + +[xm_en]: https://www.aynakeya.com/articles/ctf/reverse-with-puring-guessing-ximalaya/ + +[xm_en_archive]: https://web.archive.org/web/2023/https://www.aynakeya.com/articles/ctf/reverse-with-puring-guessing-ximalaya/