updaate aesIv for 1.2.2-dev

auto-analysis/version_download.py

@@ -0,0 +1,77 @@
+# -*- coding:utf-8 -*-
+"""
+@Author: Mas0n
+@File: version_download.py
+@Time: 2022/4/3 18:36
+@Desc: It's all about getting better.
+"""
+from loguru import logger as log
+import subprocess
+import os
+
+# Usage:
+# innoextract
+#
+BASE_DIR = os.path.dirname(__file__)
+
+DOWNLOAD_LINK = {
+    "win": {
+        "x86": "https://typora.io/windows/typora-setup-ia32.exe",
+        "x64": "https://typora.io/windows/typora-setup-x64.exe",
+        "arm": "https://typora.io/windows/typora-setup-arm64.exe",
+    },
+    "linux": {
+        "x64": "https://download.typora.io/linux/Typora-linux-x64.tar.gz",
+        "arm": "https://download.typora.io/linux/Typora-linux-arm64.tar.gz",
+    },
+}
+
+
+def download_file(from_link, to_path):
+    log.info(f"downloading from {from_link}")
+    subprocess.check_call(["wget", from_link, "-O", to_path])
+    log.info("ready extract package")
+    subprocess.check_call(["md5sum", "-b", to_path, ">", "LATEST_VERSION"])
+
+
+
+def patch_file(_key, _iv):
+    patch_file_path = os.path.join(BASE_DIR, "../typora.py")
+    fd = open(patch_file_path, "a")
+    content = fd.read()
+    content = content.replace("{AES_KEY}", f"b''.fromhex('{_key}')")
+    content = content.replace("{AES_IV}", f"b''.fromhex('{_iv}')")
+    fd.write(content)
+
+
+def win_x64_run():
+    from win.x64 import analysis
+    basedir = os.path.join(BASE_DIR, "win/x64")
+    link = DOWNLOAD_LINK["win"]["x64"]
+    download_path = os.path.join(basedir, os.path.basename(link))
+
+    download_file(link, download_path)
+    subprocess.check_call(["innoextract", download_path])
+    log.info("preparation stage completed")
+    main_node_path = os.path.join(basedir, "app/resources/app.asar.unpacked/main.node")
+    log.info("auto analysis start")
+    key, iv = analysis.get_aes_key_and_iv(main_node_path)
+    log.success("analysis done")
+    patch_file(key.hex(), iv.hex())
+    log.success("patch done")
+
+
+if __name__ == '__main__':
+    win_x64_run()
+
+    # hashString = open("LATEST_VERSION", "r").read()
+    # if hashString == "":
+    #     log.info("not history for typora version")
+    #     exit()
+
+    # basedir = os.path.dirname(__file__)
+    # for h1 in DOWNLOAD_LINK.keys():
+    #     h1dir = os.path.join(basedir, h1)
+    #     for h2 in DOWNLOAD_LINK.get(h1).keys():
+    #         h2dir = os.path.join(h1dir, h2)
+    #         print(h2dir)

auto-analysis/win/x64/analysis.py

@@ -0,0 +1,37 @@
+# -*- coding:utf-8 -*-
+"""
+@Author: Mas0n
+@Name: typora_win_x64_analysis
+@Time: 2022/4/3 18:26
+@Desc: It's all about getting better.
+"""
+import struct
+import r2pipe
+
+
+def get_aes_key_and_iv(file_path):
+    r = r2pipe.open(file_path)
+    # auto analysis
+    r.cmd("aaa")
+    # string "base64" x-cross reference
+    regex = r.cmdj("axtj @@ str.base64")
+    assert len(regex) == 1
+
+    func = regex[0]["fcn_name"]
+    # disasm func
+    r.cmd(f"s {func}")
+    asm = r.cmdj("pdfj")['ops']
+    assert len(asm) != 0
+
+    asm_regex = []
+    for body in asm:
+        if "=[4]" in body["esil"] and body['type'] == 'mov':
+            opcode, value = body["disasm"].split(", ")
+            asm_regex.append({"opcode": opcode, "value": value})
+
+    assert len(asm_regex) == 12
+
+    iv = struct.pack("<4L", *[int(asm_regex[i]['value'], 16) for i in range(4)])
+    key = struct.pack("<8L", *[int(asm_regex[i]['value'], 16) for i in range(4, 12)])
+    # print(key, iv)
+    return key, iv

typora.py

@@ -28,8 +28,8 @@ if DEBUG:
 else:
     log.add(sys.stderr, level="INFO")
 
-AES_KEY = struct.pack("<4Q", *[0x252A4C7BD0B85281, 0xA31BD92CE099F719, 0x13E283392646D82D, 0x118BDE501CF74120])
-AES_IV = struct.pack("<4L", *[0x33706964, 0x5387CDD2, 0xD05F336D, 0x53F82468])
+AES_KEY = {AES_KEY}
+AES_IV = {AES_IV}
 
 
 def _mkDir(_path):