1, Target
Previously introduced Public network ip update scheme of android real machine signature However, many friends left a message saying that there is no public ip in their ADSL, so they can't play.
To solve this problem, another solution is to use frp intranet penetration, but it is not very stable in the actual use process.
sekiro, which we will introduce today, is an Android Private API exposure framework based on long links and code injection.
The workflow is as follows:
- The client establishes a long connection with the server through TCP
- user sends http request to server
- The server forwards the request to the client through TCP according to the parameters of the http request sent by the user
- The client receives the request and responds to the server
- The server returns the request received from the client to the user
2, Steps
Install the server first
git clone https://github.com/virjar/sekiro.git
Execute the compile command in the current directory:/ gradlew sekiro-server:bootJar
It can be found in sekiro server / build / LIBS / sekiro server-0.0.1-snapshot Jar find the jar package of all in one
Use the command Java - jar sekiro-server-0.0.1-snapshot Jar to start the server
Tip: under Linux, the following commands can be used to execute in the background
nohup java -jar sekiro-server-0.0.1-SNAPSHOT.jar >/dev/null 2>&1 &
. description
The server side is in sekiro server / SRC / main / resources / application Three server ports can be configured in properties, and the three ports need to be opened at the entrance and exit of the main server security policy
#Port occupied by tomcat server.port=5602 #Port occupied by long link service natServerPort=5600 # Port occupied by asynchronous http natHttpServerPort=5601 # Port occupied by websocket webSocketServerPort=5603
Call selfclient.selfclient if necessary Start (string serverhost, int serverport, final string ClientID, string group)
App part
In app build Gradle adds dependency implementation 'com virjar:sekiro-api:1.0.1’
import java.util.UUID; import com.virjar.sekiro.api.SekiroClient; import com.virjar.sekiro.api.SekiroRequest; import com.virjar.sekiro.api.SekiroRequestHandler; import com.virjar.sekiro.api.SekiroResponse; // connect sekiro //Server host String testHost = "111.121.132.157"; //Client ID String clientId = "googleEx" //Interface group name String groupName = "myTestApp"; //Exposed interface name String actionName = "getsign"; //Take the classloader // ClassLoader clzLoaderNet = loadPackageParam.classLoader; //Connect to the server and register the handler for processing SekiroClient.start(testHost, clientId, groupName) .registerHandler(actionName, new SekiroRequestHandler(){ @Override public void handleRequest(SekiroRequest sekiroRequest, SekiroResponse sekiroResponse){ // sekiroResponse.success(" now:"+System.currentTimeMillis()+ " your param1:" + sekiroRequest.getString("param1")); //When the server assigns a task, the logic is processed here and the result is returned to the server, which then returns it to the caller Class<?> clz = XposedHelpers.findClass("com.example.administrator.adddemo.MainActivity", loadPackageParam.classLoader); int arg1 = sekiroRequest.getInt("arg1"); int arg2 = sekiroRequest.getInt("arg2"); Log.i(TAG, String.format("arg1 : %d, arg2 : %d", arg1, arg2)); Object result = XposedHelpers.callStaticMethod(clz, "Add", arg1, arg2); Log.i(TAG, "result : " + result); sekiroResponse.success(result); } }); // end
TIP: More than one file was found with OS independent path
//build. Add wrong path to android {} in gradle packagingOptions { exclude 'META-INF/DEPENDENCIES' exclude 'META-INF/INDEX.LIST' exclude ('META-INF/io.netty.versions.properties') }
Try to see if it's normal
http://111.121.132.157:5602/groupList Display all groups registered in the current system
{"status":0,"message":null,"data":["myTestApp"],"clientId":null,"ok":true}
http://111.121.132.157:5602/natChannelStatus?group=myTestApp Show which mobile phones have been registered under a specific group.
{"status":0,"message":null,"data":{"enable":["googleEx"],"disable":[]},"clientId":null,"ok":true}
Call getsign interface of myTestApp interface group. Parameters param1 and get/post are supported
http://111.121.132.157:5601/asyncInvoke?group=myTestApp&action=getsign¶m1=testparam1
{"clientId":"googleEx","data":" now:1618384502944 your param1:testparam1","ok":true,"status":0}
3, Summary
For higher-order applications of Sekiro, please refer to the introduction in the author's github. Basically, 1-2 mobile phones can handle the work. Just get a public network ip by yourself. If the scale goes up, scheduling and load balancing are needed, Sekiro will be of great use.
When we were young, we all imagined that we were superheroes with masks. Who ever thought that when we grew up, we would become passers-by when monsters appeared.
TIP: the only purpose of this article is to learn more reverse skills and ideas. If someone uses this technology to carry out illegal business and obtain benefits, the legal responsibility is borne by the operator, which has nothing to do with this article and the author. The code projects involved in this article can be taken by the friends of Fenfei, Welcome to join the knowledge planet to learn and explore technology. If you have any questions, you can add me wx: fenfei331 to discuss them.
WeChat official account: flair safety, latest technology dry cargo push in real time