京东小程序分析记录

:method: POST
:path: /search/getECLPOptimizationWaybillOrdersByKeyWord
:authority: lop-proxy.jd.com
:scheme: https
jexpress-trace-id: gpw6ddavgm42vyed
referer: https://service.vapp.jd.com/ao0f5c7f4df74ea1b6/1/page-frame.html
access: WX-XCX
cookie: pt_key=AAJf4GXNADDMHCbtaO0bDiPfemCoVBtrQ2mUx3sbgEZo2wNBlQGpyrINb5zJMP16Djl4luv05n4; pin=204457913-139479;
clientinfo: {"appName":"c2c","client":"m"}
jexpress-report-time: 1608542143704
app-key: jexpress
source-client: 1
version: 1607586045000
accept: application/json, text/plain, */*
appparams: {"appid":158,"ticket_type":"m"}
lop-dn: logistics-mrd.jd.com
biz-type: service-monitor
x-requested-with: XMLHttpRequest
event-id: jokoxxdezxmgmk9p
charset: utf-8
user-agent: Mozilla/5.0 (Linux; Android 8.1.0; Nexus 6P Build/OPM7.181205.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.101 Mobile Safari/537.36
content-type: application/json
content-length: 184
accept-encoding: gzip

[{"entrance":"WX-XCX","client":"1","apiVersion":"1.0.0","source":4,"productType":"7","keyWord":"1356","userPin":"$cooMrdGatewayUid$","cePageUtil":{"curPage":1,"pageSize":10},"type":0}]

{
  "code": 1,
  "message": "调用成功",
  "resultCode": 1
}

接下来就得看看请求中的参数是怎么生成的，那么就得找到小程序的代码。继续抓包分析，找到拉取小程序包的请求

:method: GET
:path: https://api.m.jd.com/client.action?functionId=jdaInfos&body=%7B%22app_id%22%3A%22ao0f5c7f4df74ea1b6%22%2C%22host_id%22%3A%22jd00e7c795ae0f4648%22%2C%22type%22%3A%221%22%7D&clientVersion=9.3.2&build=86083&client=android&d_brand=Huawei&d_model=Nexus6P&osVersion=8.1.0&screen=2392*1440&partner=jlhdqj07&aid=38f24112fc4556ef&oaid=&eid=eidAbb5241210bl5440c29f72cab10921423cb54c66a48a44e0c6e4chAyMDwJ4BRe9jA5FkhfCNdFi6HTqfHaqRhKDciy5GgIyjOv9uKFw6RQ5FBa4&sdkVersion=27&lang=zh_CN&uuid=38f24112fc4556ef&area=1_2800_0_0&networkType=wifi&wifiBssid=unknown&uts=0f31TVRjBSufcOdW01OUSJV1fBBD6myjpQL%2BgPAzs%2BmQs7oEZxwemitdpxNxNQRWGI1eEcixuoFMa6FJIXciQg0kdhAFZ3V3zz19BuJP8uqDz7QTHieHPukV9FpDndSQr5otDHd%2BnpuiO1X%2F4M8%2FidRvm%2Bc7lHkhlUAA%2FfCVTn15ChYSm50%2Fl8VVUrPlui%2FZJjXY7otMjGcE2RNJP8si7A%3D%3D&st=1608541634456&sign=591ec2e054e1da92d01d3f318ba04c5f&sv=101
:authority: api.m.jd.com
:scheme: https
cookie: pin=204457913-139479;wskey=AAJf4GWiAECdYRySB0fGUDDjC9X_8uRb7V1gLc4M2w7CMLuzUVzP149Mj9dkQcqfjs5_zbjczIDMEfbt6UEIJaPn7uQA9qE2;whwswswws=g6FFf+eoo9CPn9cP3lzKHL9IOizFbFoUG/iW1w4HCZ2yS+0kAXZS+yVXbtdt3wVOC;unionwsws={"devicefinger":"eidA24da812326segWMbzFqdTZu5htwI9SVztIFjHULfKMs\/KlnjlWHnDBV06jDHU+k8U29n5qTQUUtowW8qyMo\/fWWkKJWgYcViRxg2u4Sl1sBVGatQ","jmafinger":"g6FFf+eoo9CPn9cP3lzKHL9IOizFbFoUG\/iW1w4HCZ2yS+0kAXZS+yVXbtdt3wVOC"};
charset: UTF-8
accept-encoding: br,gzip,deflate
jdc-backup: pin=204457913-139479;wskey=AAJf4GWiAECdYRySB0fGUDDjC9X_8uRb7V1gLc4M2w7CMLuzUVzP149Mj9dkQcqfjs5_zbjczIDMEfbt6UEIJaPn7uQA9qE2;whwswswws=g6FFf+eoo9CPn9cP3lzKHL9IOizFbFoUG/iW1w4HCZ2yS+0kAXZS+yVXbtdt3wVOC;unionwsws={"devicefinger":"eidA24da812326segWMbzFqdTZu5htwI9SVztIFjHULfKMs\/KlnjlWHnDBV06jDHU+k8U29n5qTQUUtowW8qyMo\/fWWkKJWgYcViRxg2u4Sl1sBVGatQ","jmafinger":"g6FFf+eoo9CPn9cP3lzKHL9IOizFbFoUG\/iW1w4HCZ2yS+0kAXZS+yVXbtdt3wVOC"};
cache-control: no-cache
user-agent: okhttp/3.12.1

{
  "code": "0",
  "error": null,
  "result": null,
  "data": {
    "configJson": "{\"sameTask\":\"0\",\"shareUrl\":\"https://mini-app-static.jd.com/apps/mpshare/index.html\"}",
    "app_permission": {
      "native_permission": "0"
    },
    "vendor": {
      "vendorName": "京东物流"
    },
    "version": {
      "version_name": "1.3.2",
      "package_url": "http://storage.360buyimg.com/jda-test/jdd6bab64657b13e86/7799/1608029629.jdapkg?Expires=1608546634&AccessKey=WVQDkmK3HMQRhHZg&Signature=bBqdJDe7oy%2Fv6K4oTXOGVcPs0mk%3D",
      "build": "82",
      "type": "1",
      "zip_url": ""
    },
    "info": {
      "service_phone": "950616",
      "owner_name": "京东物流",
      "name": "京东快递",
      "description": "为客户提供时效快、信息准、质量稳、服务好的快递收派服务",
      "logo": "https://img10.360buyimg.com/jdminiapp/jfs/t1/128438/5/10044/7146/5f3b3393Ed81256b5/f164e59d84ba8e8e.png",
      "hostId": "jd00e7c795ae0f4648",
      "app_id": "ao0f5c7f4df74ea1b6",
      "is_collection": "0",
      "service_email": "",
      "channel_key": null,
      "chartered_url": "https://mp-static.jd.com/businessLicense.html?appId=ao0f5c7f4df74ea1b6"
    },
    "setting": {
      "domain": {
        "network": []
      },
      "category": "京东物流"
    }
  }
}

从返回可以看出，京东提供了两种小程序的包，zip格式和package格式，但没有提供zip包的下载路径。

小程序包的下载链接是 http://storage.360buyimg.com/jda-test/jdd6bab64657b13e86/7799/1608029629.jdapkg?Expires=1608546634&AccessKey=WVQDkmK3HMQRhHZg&Signature=bBqdJDe7oy%2Fv6K4oTXOGVcPs0mk%3D

下载下来之后查看文件格式，不是常用的zip、tar等格式，猜测可能是自定义的格式。

➜ Downloads file 1608029629.jdapkg

1608029629.jdapkg: data

搜索关键字 “manto” ，查看代码逻辑，初步定位到这个 “com.jingdong.manto.pkg.a.a” 类。

对解析代码还原之后，可以看到对应的html和js文件。

代码地址： https://github.com/FishMan132/ParseJdapkg

公众号：

编辑于 2021-01-05 12:04

逆向工程

安卓逆向