Sekiro + Xposed signature solution

A, goals,

Before the introduction of android real phone signature public IP update scheme, but there are many friends say that their home ADSL does not have public IP, that can not play.

To solve this problem, there is another solution to use FRP Intranet penetration to solve the problem, but it is not very stable in the actual use.

Sekiro is an Android Private API exposure framework based on long links and code injection.

Here’s how it works:

The client establishes a long-term connection with the server through TCP
The user sends an HTTP request to the server
The server forwards the HTTP request to the client through TCP based on the parameters of the request
The client receives the request and responds to the server
The server returns the request received from the client to the user

Second, the steps

Install the server first

Git clone github.com/virjar/seki…

Run the compile command in the current directory:./gradlew sekiro-server:bootJar

The all-in-one JAR package can be found in sekiro-server/build/libs/sekiro-server-0.0.1- snapshot.jar

To start the server, run the java-jar sekiro-server-0.0.1- snapshot. jar command

TIP: On Linux, you can run the following command in the background

Nohup Java -jar sekiro-server-0.0.1 -snapshot. jar >/dev/null 2>&1 &

illustrating

Server side in sekiro – server/SRC/main/resources/appliation. The properties can be configured in three server port, the main server security policy gateway need to open the three ports

Server. port=5602 # Long link service port= 5600 # Asynchronous HTTP port port= 5601 # WebSocket port webSocketServerPort=5603Copy the code

Start (String serverHost, int serverPort, Final String clientID, String Group) to connect to the server

App part

Implementation ‘com.virjar:sekiro-api:1.0.1’

import java.util.UUID;
import com.virjar.sekiro.api.SekiroClient;
import com.virjar.sekiro.api.SekiroRequest;
import com.virjar.sekiro.api.SekiroRequestHandler;
import com.virjar.sekiro.api.SekiroResponse;

// connect sekiro
// server host
String testHost = "111.121.132.157";
// Client id
String clientId = "googleEx"
// Name of the interface group
String groupName = "myTestApp";
// Name of the exposed interface
String actionName = "getsign";
/ / this
// ClassLoader clzLoaderNet = loadPackageParam.classLoader;
// Connect to the server and register the handler for processing
SekiroClient.start(testHost, clientId, groupName)
.registerHandler(actionName, new SekiroRequestHandler(){
		@Override
		public void handleRequest(SekiroRequest sekiroRequest, SekiroResponse sekiroResponse){
    // sekiroResponse.success(" now:"+System.currentTimeMillis()+ " your param1:" + sekiroRequest.getString("param1"));

    // When the server assigns a task, the logic is processed here and the result is returned to the server, which in turn returns it to the callerClass<? > clz = XposedHelpers.findClass("com.example.administrator.adddemo.MainActivity", loadPackageParam.classLoader);
	    int arg1  = sekiroRequest.getInt("arg1");
		int arg2  = sekiroRequest.getInt("arg2");
	    Log.i(TAG, String.format("arg1 : %d, arg2 : %d", arg1, arg2));
		Object result = XposedHelpers.callStaticMethod(clz, "Add", arg1, arg2);
    Log.i(TAG, "result : "+ result); sekiroResponse.success(result); }});// end
Copy the code

More than one file was found with OS Independent Path

// Build. Gradle android{} add path packagingOptions {exclude 'meta-inf /DEPENDENCIES' exclude' meta-INF/index.list ' exclude ('META-INF/io.netty.versions.properties') }Copy the code

Let’s see if it works.

http://111.121.132.157:5602/groupList shows the current all group, registered in the system

{"status":0,"message":null,"data":["myTestApp"],"clientId":null,"ok":true}
Copy the code

http://111.121.132.157:5602/natChannelStatus?group=myTestApp show a particular group, the registered mobile phone.

{"status":0,"message":null,"data":{"enable":["googleEx"],"disable":[]},"clientId":null,"ok":true}
Copy the code

Call myTestApp interface getsign interface, parameter param1, get/post is supported by http://111.121.132.157:5601/asyncInvoke? group=myTestApp&action=getsign&param1=testparam1

{"clientId":"googleEx","data":" now:1618384502944 your param1:testparam1","ok":true,"status":0}
Copy the code

Third, summary

More advanced Sekiro applications can be found on github. Basically 1-2 mobile phones can be done, their own public IP take a ok. If you scale up and you need scheduling and load balancing and things like that, Sekiro comes in handy.

When we were kids, we all imagined we were superheroes in masks, but when we grew up, we were passers-by running away from monsters.

TIP: The purpose of this article is only one is learning more backward techniques and train of thought, if anyone use this technology to get illegal commercial interests the legal liabilities are their operators, and the author and it doesn’t matter, this paper involves the knowledge of code project can go to my friends to fly star come undone, welcome to join star learn together to explore technology knowledge. Have a problem can add me WX: FENfei331 discussion.

Wechat public account: Fenfei safety, the latest technology dry goods real-time push

A, goals,

Second, the steps

Install the server first

App part

Let’s see if it works.

Third, summary

Related Posts

Advanced road | wonderful trip to the Window

Analyze the design and principle of MPAndroid-Chart

The Kotlin delegate pattern is used for Android development