Step‑by‑Step Reconstruction of Mini‑Program/Web Encryption Authentication Bypass Cases

This article presents six complete penetration‑testing cases that expose and bypass encryption‑based authentication in mini‑programs and web endpoints. Each case shows how the author discovers the protected parameter, decompiles the source, locates the cryptographic routine, reproduces the signature or encryption algorithm, and finally crafts scripts to achieve privilege escalation, data enumeration, or account takeover.

Case 1 – Hawk‑based MAC authentication

The login request contains personalid, ts, nonce and a mac header. By searching the decompiled code for mac, the author finds the object o that aggregates these fields and the call e.crypto.calculateMac("header", s, o). The calculateMac function builds a normalized string, selects the hash algorithm (SHA‑1 or SHA‑256), and computes an HMAC which is Base64‑encoded. The author reproduces the process in Python, generating the same MAC and using it to enumerate over 70 000+ personal IDs.

var o = {
    ts: a,
    nonce: i.nonce || e.utils.randomString(6),
    method: n,
    resource: r.resource,
    host: r.host,
    port: r.port,
    hash: i.hash,
    ext: i.ext,
    app: i.app,
    dlg: i.dlg
};
var c = e.crypto.calculateMac("header", s, o);
var h = 'Hawk id="' + s.id + '",ts="' + o.ts + '",nonce="' + o.nonce + '",mac="' + c + '"';

Case 2 – MD5‑based request signing

A reservation API uses a personCode parameter. The request is signed with a MD5 digest that concatenates the API path, a timestamp, and the URL without query parameters. The author extracts the digest logic, reproduces it in Python, and shows that the signature can be forged once the timestamp is controlled.

digest = t.hexMD5("/".concat(n, "/") + u + s).toUpperCase();

Case 3 – RSA encryption of passwords

The web login page uses a fixed password "111111" but encrypts it with RSA before transmission. By inspecting the JavaScript, the author identifies the public modulus (1024‑bit) and exponent (0x10001). Using the JSEncrypt library, the password is encrypted, and the ciphertext length is verified.

var encrypt = new JSEncrypt();
encrypt.setPublicKey(privatKey);
var encrypted = encrypt.encrypt(username);

Case 4 – RSA key leakage and admin account takeover

A captured packet reveals the RSA public key. The attacker uses the same encryption routine to encrypt the admin username, obtains a valid login token, and extracts thousands of user records.

Case 5 – AES‑CBC‑ZERO encryption of user data

When updating user address information, the request body is encrypted with AES‑CBC‑ZERO using a static key and IV ( UKU0m5xBbOa/Lz==). The author sets breakpoints, captures the plaintext, and modifies the grid value, then re‑encrypts and sends the altered packet, confirming a successful update.

Case 6 – Additional AES‑CBC usage

Another endpoint stores user information in a field called

yhgrid</>. The same AES‑CBC‑ZERO scheme is applied. By decoding, editing, and re‑encoding the ciphertext, the attacker changes the stored grid value.

Across all six scenarios the author emphasizes that encryption does not equal security. Weak key management, predictable nonces, insufficient timestamp validation, and the ability to fully reverse‑engineer the cryptographic code render the authentication mechanisms ineffective.

Source: 亿人安全