mirror of
https://gitee.com/liuxioabin/fengketrade.git
synced 2026-04-17 21:03:17 +08:00
153 lines
5.3 KiB
PHP
153 lines
5.3 KiB
PHP
<?php
|
||
/**
|
||
* 建行参数解密测试脚本
|
||
*
|
||
* 用法:
|
||
* php addons/shopro/test/test_decrypt.php
|
||
*/
|
||
|
||
// 手动加载phpseclib(避免触发FastAdmin/ThinkPHP初始化)
|
||
spl_autoload_register(function ($class) {
|
||
$prefix = 'phpseclib3\\';
|
||
$base_dir = __DIR__ . '/../../../vendor/phpseclib/phpseclib/phpseclib/';
|
||
|
||
$len = strlen($prefix);
|
||
if (strncmp($prefix, $class, $len) !== 0) {
|
||
return;
|
||
}
|
||
|
||
$relative_class = substr($class, $len);
|
||
$file = $base_dir . str_replace('\\', '/', $relative_class) . '.php';
|
||
|
||
if (file_exists($file)) {
|
||
require $file;
|
||
}
|
||
});
|
||
|
||
echo "========================================\n";
|
||
echo " 建行参数解密测试工具\n";
|
||
echo "========================================\n\n";
|
||
|
||
// 测试参数(来自你的URL)
|
||
$ccbParamSJ = 'WmRMaDdYbUJ5MFl3Ymg5Wk8xL2xwL2k1WkxzMy9kRzdVbTZQMkNIVExudjAvZjRZcUQ1REVFR2JKalVKS3N2SDlzaEIrc3ljdkc3YnRVdE5WalRldlVQRWJSMEo0NndxSjZaMXVYYTlMMFhZRFJvdWcwb3lyL0t1dFEzcjdlOWwxaTBEamh5TS92SG5wOWN3S0Mzd1I2SXZPNnRZYS95bzlTZWVYT3BTVWJjU25JQ2JyUUp4WVdzam9zSXZnek5jKy9oVEwyN0wvQk1wUnJnRWtUdFM3NHdQd0txY3dNUXQ4SzRtMEhwTTc1UHRHcVpPTVRDRUpEVjR6RDdqUll2UURaN21yZnFDaG9od3RFUkhOcGNud2Nib2NjTDlsRjR4Rk44TWo4WmJFYzVqWWpYeHRENE1aMmJuMWY2RThuSVlVcVJBR096STllWm9JN1h1eG54RXhad2szalc3RWYvZHRkb1FZTEVRL3VzTHNkdWFBa0RVRURFaVRtSVVJY1R4dm5kODlYODVnV3JvR1pOY2N1aXhVdXBSYzJBYWlUSk81WG9EeGRkei9QVTVoMEJLNUZTK3MwNWRmTk9jbU5jcTB5SWdLWWMwbkxGem9nMVVscHc4bzVKRzNDWEFvTksyam1kT1k5Z04yQjRJc2RneVhhQ1V5QnNrSGJUSmt0VU8=';
|
||
|
||
echo "输入参数:\n";
|
||
echo "ccbParamSJ 长度: " . strlen($ccbParamSJ) . "\n\n";
|
||
|
||
// 从.env文件读取Service ID
|
||
$envFile = __DIR__ . '/../../../.env';
|
||
$serviceId = 'YS44000009001853'; // 默认值
|
||
|
||
if (file_exists($envFile)) {
|
||
$envContent = file_get_contents($envFile);
|
||
if (preg_match('/service_id\s*=\s*(.+)/i', $envContent, $matches)) {
|
||
$serviceId = trim($matches[1]);
|
||
}
|
||
}
|
||
|
||
echo "Service ID: {$serviceId}\n";
|
||
echo "DES密钥(前8位): " . substr($serviceId, 0, 8) . "\n\n";
|
||
|
||
// 执行解密
|
||
echo "========================================\n";
|
||
echo "开始解密...\n";
|
||
echo "========================================\n\n";
|
||
|
||
try {
|
||
// 第一次 BASE64 解码
|
||
echo "步骤1: 第一次BASE64解码\n";
|
||
$firstDecode = base64_decode($ccbParamSJ);
|
||
if ($firstDecode === false) {
|
||
die("错误: 第一次BASE64解码失败\n");
|
||
}
|
||
echo " 解码成功,长度: " . strlen($firstDecode) . "\n";
|
||
echo " 内容预览: " . substr($firstDecode, 0, 50) . "...\n\n";
|
||
|
||
// 第二次 BASE64 解码
|
||
echo "步骤2: 第二次BASE64解码\n";
|
||
$secondDecode = base64_decode($firstDecode);
|
||
if ($secondDecode === false) {
|
||
die("错误: 第二次BASE64解码失败\n");
|
||
}
|
||
echo " 解码成功,长度: " . strlen($secondDecode) . "\n";
|
||
echo " 十六进制预览: " . bin2hex(substr($secondDecode, 0, 32)) . "...\n\n";
|
||
|
||
// DES 解密
|
||
echo "步骤3: DES解密(尝试不同的密钥)\n";
|
||
|
||
// 使用phpseclib进行DES-ECB解密
|
||
if (!class_exists('\phpseclib3\Crypt\DES')) {
|
||
die("错误: phpseclib未安装,请运行: composer require phpseclib/phpseclib\n");
|
||
}
|
||
|
||
// 尝试不同的密钥
|
||
$possibleKeys = [
|
||
substr($serviceId, 0, 8), // serviceId前8位
|
||
substr($serviceId, -8), // serviceId后8位
|
||
'YS440000', // 固定密钥
|
||
'12345678', // 测试密钥
|
||
];
|
||
|
||
$decrypted = false;
|
||
$validKey = '';
|
||
|
||
foreach ($possibleKeys as $testKey) {
|
||
echo " 尝试密钥: {$testKey}\n";
|
||
|
||
$cipher = new \phpseclib3\Crypt\DES('ecb');
|
||
$cipher->setKey($testKey);
|
||
$cipher->disablePadding();
|
||
|
||
$result = $cipher->decrypt($secondDecode);
|
||
|
||
// 验证解密结果是否合理(检查是否包含可见字符)
|
||
if ($result !== false && !empty($result)) {
|
||
// 尝试移除填充
|
||
$textLength = strlen($result);
|
||
$pad = ord($result[$textLength - 1]);
|
||
|
||
// 填充值应该在1-8之间
|
||
if ($pad >= 1 && $pad <= 8) {
|
||
$unpadded = substr($result, 0, -1 * $pad);
|
||
|
||
// 检查是否像URL参数(包含=或&)
|
||
if (strpos($unpadded, '=') !== false || strpos($unpadded, '&') !== false) {
|
||
$decrypted = $unpadded;
|
||
$validKey = $testKey;
|
||
echo " ✓ 找到正确密钥!\n";
|
||
break;
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
if ($decrypted === false || empty($decrypted)) {
|
||
die("\n错误: 所有密钥都无法正确解密\n");
|
||
}
|
||
|
||
$desKey = $validKey;
|
||
|
||
echo " 解密成功,长度: " . strlen($decrypted) . "\n";
|
||
echo " 解密内容: {$decrypted}\n\n";
|
||
|
||
// 解析参数
|
||
echo "步骤4: 解析参数\n";
|
||
parse_str($decrypted, $params);
|
||
echo " 解析结果:\n";
|
||
foreach ($params as $key => $value) {
|
||
echo " {$key} = {$value}\n";
|
||
}
|
||
|
||
echo "\n========================================\n";
|
||
echo "✅ 解密成功!\n";
|
||
echo "========================================\n";
|
||
|
||
} catch (\Exception $e) {
|
||
echo "\n========================================\n";
|
||
echo "❌ 解密失败!\n";
|
||
echo "========================================\n";
|
||
echo "错误信息: " . $e->getMessage() . "\n";
|
||
echo "错误行号: " . $e->getLine() . "\n";
|
||
echo "错误文件: " . $e->getFile() . "\n";
|
||
}
|