想看电子书
继上次成功白嫖某杂志网站的杂志后,我又将魔爪伸向了电子书📚,先拿多看阅读开刀,稍后再尝试亚马逊和谷歌的电子书,因为他们的电子书都有DRM加密。
下载电子书
以这本三体全集为例,
通过开发Chrome开发者工具发现,这个页面发起了一个这样的Ajax请求:
GET /store/v0/web/book/03c87042015a40fcab962917bcdc1534
Host: http://www.duokan.com
{
"book": {
"size_l": 14561220,
"category_name": "科幻",
"ad": 0,
"weight": 1551,
"is_drm": 1,
"issued": "2018-11-01",
"has_change_log": true,
"new_price": 39.99,
"word_count": 921966,
"platforms": "Android\nKindle\nWeb",
"ad_time": 5,
"opf_md5": "5256cd81b7c93708aad7ba894a1ee092",
"quality": 90,
"ad_duration": 5,
"features": "",
"score_count": 213,
"trial_md5": "abc867a4fb6771dced3c03f2ee4edf34",
"right_id": 1316,
"title": "三体全集(读客经典文库 全三册)",
"ad_level": 1,
"main_tag": "雨果奖",
"paper_price": 0,
"editors": "",
"has_ad": 0,
"epub_md5": "e741a26eadfe07c7ec02e0f98c7da83e",
"content": "本套书包括《三体1》...",
"comment_count": 71,
"score": 9.29,
"epub": "http://book.read.duokan.com/mfsv2/download/fdsc3/p018Zs9ZHxGJ/elhuzBrqkJBDd.epub",
"sid": 184483,
"allow_free_read": 1,
"toc": "* 三体 1(读客经典文库)...",
"webreader": 1,
"size_s": 2678893,
"type": 0,
"afs": "%e4%b8%89%e4%bd%93%e5%85%a8%e9%9b%86%ef%bc%88%e8%af%bb%e5%ae%a2%e7%bb%8f%e5%85%b8%e6%96%87%e5%ba%93_%e5%85%a8%e4%b8%89%e5%86%8c%ef%bc%89",
"author_ids": [
"9828"
],
"updated": "2019-05-21",
"book_id": "03c87042015a40fcab962917bcdc1534",
"tags": "雨果奖\n太阳系\n神作\n尖端科技\n末日\n科幻\n人性\n宇宙\n人类命运\n文明\n小说\n文革\n里程碑",
"price": 98,
"revision": "20190521.1",
"opf": "http://content.read.duokan.com/mfsv2/download/fdsc3/p01BMVsZsKrc/2nRPKnY8J2x8a.epub",
"authors": "刘慈欣",
"categories": [
{
"sid": 14,
"category_id": "98412a3eed1f47c2a07099837d73df5c",
"label": "小说",
"child": {
"category_id": "a271e670cb0e11e1b8f300163e0060da",
"sid": 27,
"label": "科幻"
}
}
],
"support_linear": 1,
"vip_status": 0,
"trial_size": 5049575,
"rights": "读客文化股份有限公司",
"summary": "征服世界的中国科幻神作,中国人想象力的巅峰!",
"cover": "http://cover.read.duokan.com/mfsv2/download/fdsc3/p01ZhJ81EI7D/TIAveTa31m93b7.jpg!m",
"epub_size": 16858207,
"trial": "http://book.read.duokan.com/mfsv2/download/fdsc3/p01Sq7BkXEor/rwhtbtWZp3fZF.epub",
"illustrators": "",
"translators": "",
"identifier": "",
"limited_time": 0
},
"result": 0,
"v": 0
}其中epub字段就是电子书的下载地址,即http://book.read.duokan.com/mfsv2/download/fdsc3/p018Zs9ZHxGJ/elhuzBrqkJBDd.epub,将其下载后,使用支持zip压缩格式的解压工具将其解压,可以发现除了目录以外,其它页面都是乱码,下面👇我们来探索DRM解密。
怎么了解它的解密流程
涉及到解密,既然他要给epub文件移除DRM加密,首先肯定会下载epub这个文件,在web端显然不会有这个过程,这个过程发生在安卓和苹果客户端中,在web端中的内容是通过jsonp来获取的,考虑可行性,所以我准备反编译安卓客户端。
抓包
在反编译之前,我先通过Postman开启局域网代理,手机和电脑处于同一个局域网下面,手机📱设置代理,然后打开多看阅读的客户端,在个人中心的已购图书中,捕获到了下面的请求:
GET /store/v0/payment/book/list
Host www.duokan.com
{
"count": 41,
"items": [
{
"status": 2,
"update_time": 1551008181,
"ad": 1,
"title": "多看文库·长生殿",
"order_id": "xxxxxxxxxxxxxxxxxxxx",
"labels": [
"小说-->中国名著"
],
"cover": "http://cover.read.duokan.com/mfsv2/download/s010/p01ikAqwZDz2/PdbNqDocZ5Gbrt.jpg!s",
"editors": "",
"is_drm": 0,
"authors": "(清)洪昇",
"book_id": "220bf2f4be3041a9821e586fba097607",
"time": 1551008181,
"sid": 46895,
"webreader": 1,
"afs": "%e5%a4%9a%e7%9c%8b%e6%96%87%e5%ba%93%c2%b7%e9%95%bf%e7%94%9f%e6%ae%bf",
"type": "",
"epub": "http://book.read.duokan.com/mfsv2/download/fdsc3/p01OqcrQ5VRH/UNjMvBro5e7e4.epub",
"revision": "20181120.1"
},
...
]
}可以看到这个epub和从web端看到的是一致的(同一本书📚), 接下来反编译客户端
使用d2j-dexjar.sh反编译,得到一个jar包
sh d2j-dex2jar.sh -f DkReader_Duokan.apk接下来,使用jd-gui打开这个jar包
定位到com.duokan这个包名,查看对UI界面事件的处理,在多看阅读客户端中,个人中心的已购图书列表中有个下载按钮,依次为突破口,既然点击下载,那么下载完成后,势必会对epub文件解密
在对应的事件监听程序中我找到了Download方法,继续深入
Women who have had a dilation and curettage D C or cesarean delivery may have uterine scarring buying cialis online safe