目录
1.解包app.asar
- 安装node.js
npm install asar -g
- 解包:
asar extract xxx.asar xxx_dir
- 打包 :
asar pack xxx_dir xxx.asar
2.分析main.node模块
定位main
main-->加载解密atom.js
AES_256_CBC
解密atom.js
'''
import base64
import os
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad,pad
'''
#version 1.3.6
aeskey=[0x78, 0x18, 0xB7, 0x7E, 0x5F, 0xB1, 0x4D, 0x40, 0x52, 0x11, 0x43, 0xE2, 0xAC, 0x5A, 0x15, 0xC1,
0x7A, 0x48, 0x97, 0x00, 0x41, 0x43, 0x1F, 0xF7, 0x6E, 0x6E, 0xA7, 0xD5, 0x7C, 0x66, 0x94, 0xA1]
aesiv=[0x79, 0xD9, 0xA0, 0x9F, 0x39, 0xF9, 0xBA, 0x2F, 0xE4, 0x25, 0xF7, 0x9A, 0x66, 0x21, 0xC5, 0x86]
def decrypto_file(fname:str):
enc_b64=b''
with open(fname, 'rb') as f:
enc_b64=f.read()
with open(fname+'2.out','wb') as f:
dec_bs=base64.b64decode(enc_b64)
# dec_bs=pad(dec_bs,16,'pkcs7')
xpad=len(dec_bs)%16
if xpad:
dec_bs=dec_bs[:-xpad]
aesdecrypto = AES.new(key=bytes(aeskey), mode=AES.MODE_CBC, iv=bytes(aesiv) )
bs=aesdecrypto.decrypt(dec_bs)
bs=unpad(bs,16, 'pkcs7')
f.write(bs)
修改package.json
修改package.json中main选项,直接指向atom.js,以后不再需要app.asar,删除app.asar(或者修改后缀)
Typora1.3.6\resources\package.json
"main": "app/atom.js",
Typora1.3.6\resources\app\ package.json
"main": "atom.js",
运行、排错
运行程序 报错未定义
“scheme”、“entry”
继续分析main.node获悉,解密atom.js后调用napi_set_named_property处理了未定义
main_1800AF230-->处理未定义错误
set_undef_180023520
修改atom.js
接下来就可以充分发挥想象力了