写错标题了，应该写解密hook的
Hook结果：
时间：2024-10-12 10:09:23
类名：com.fenbi.android.leo.imgsearch.sdk.utils.e
日志名称：c([B)
参数1
参数类型:[B
参数值：已自动编码字节集数据Base64:
y7KptyngpGugGo8zFqqJgI4JeauTmFnwn4mQw5c5V+x1i3OSrMjoFvQN4NZJwt+AdtBmdY5Mm02nNgpSLyUAHzrxuJdnOvvW9gjK3zCnbYXzxIsuuyal9+Iv5tkhKlOj/Vp4ADoeYazFJ5H0oT1acGGKMMS5xfK76RGykkQ+DVg3/DQOqh9Hn9B2pRzJCehkx64cqg+rhT4WV1iOhJjnjlbXnpp0Xq36IGW6XB/h8mUPliC+HKugTpBlyKnqKwcte9RBFQ96LwFhx3oqRWlxIb7Fu9HCKsPd0ZrHLGYRQCbWwnocdd7PGxtUzGoHxlFXXG28BjetiLmW4L0tDBlB9l+cNkN12LylDIxOgfs/eKwF5XLJgGNX3SprtY875g8ThxQ8SJkOx2jRUlqLBsIv4G7ZziXzvIiUXS8hqvncwfMiIkNJy/G1unZ5FN2Bxnw1zJnS3pHh923iqHLsiIXL1FlDelT+jwgq5kHPhQqoOWqM9orAmJQ32Lb1Q1tO2k9EWZyl8H6bBiAXJme7onQX6pDOjlbRA9YEYwTujZUC9l/+6qX8S+GNalGUd458Lzwr5gCYdMvCkI1nH1OywJhTeAEkt3BxkwykZjTaVpvq4HkKbAGJfqlrgfYz+783pViGGPhdWbFl2Q+dKVXMejBfucL9BzIJ6iiuObNRN48r4tFm4yTKaw==
返回结果类型:[B
返回结果值：已自动编码字节集数据Base64:
H4sIAAAAAAAAAMWVTWvUQBjHv8uc425eJ5NQhBI89KAtttWD9TAms9vodCbOTKxl2ZsVrGApWBCl4MHicXsXv02z+jGcTJOtRaFBpDmF/Od5+T3/PEwmoHi2kq0rAWIA7QiiKPSh60I38JCHgAW42iZiUxIdMAGlfq5kIPYCB/lehHzLSPfwDtH51dHBz9mb8++fq5OT6vh0/mFWvXtbHXzSVfALrLDYFFSHbStVyHg4pITf4ozmjAxGT1LOFGFqkDKjjzGlROwNncgNHRh4eGRj6KLB02IMLnquEZZhpkxJVlI6bVAf5izhJVMgdiwgCR1dCrYFNMSYqIRLtZHXzAjatpbJS7zzYLWe8Bo3Cp4zVTsA/ealmd21z7+dVq/3f3x8NT8+m8/eV1++VmeHOkWUlGzsFcT0f14SqXLOEgOohZQLQVKVNHzpguy3YAniRxOQZ0asUQ3AH3h1tjFR4zju1laai5QSu3afyd36A4LbjXnLjVAb1x7XXXTAY+2awqqUpptMRV6oNnBXcDZevyJdTgeS1btry/fvgKl1Aet0hYUtq9sbq9uVNWxZnSvGLl0Hu/QfYb3OW4AWtL056/8DbNAbbdCZ9q87e6NrADuz+i2s15uxYVdYv/+LC3VlXVyyjt/bFkRdYaMWNrx5Y3WJssiwIlnzc5tOfwFAWv+reQgAAA==
调用堆栈：
at qN.pu.ka.wOMKBb.TY.rwM.XposedBridge$LegacyApiSupport.handleBefore(Unknown Source:24)
at J.callback(Unknown Source:179)
at com.fenbi.android.leo.utils.r2.c(SourceFile:1)
at com.fenbi.android.leo.utils.r2.a(SourceFile:13)
at com.fenbi.android.leo.webapp.secure.commands.DataDecryptCommand$execute$1$decryptData$1.invokeSuspend(SourceFile:24)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(SourceFile:12)
at kotlinx.coroutines.u0.run(SourceFile:129)
at kotlinx.coroutines.internal.n$a.run(SourceFile:4)
at c50.j.run(SourceFile:3)
at kotlinx.coroutines.scheduling.CoroutineScheduler.P(SourceFile:1)
at kotlinx.coroutines.scheduling.CoroutineScheduler$c.d(SourceFile:15)
at kotlinx.coroutines.scheduling.CoroutineScheduler$c.p(SourceFile:29)
at kotlinx.coroutines.scheduling.CoroutineScheduler$c.run(SourceFile:1)
解密后对应JSON：{"pkIdStr":"609689746226253838","otherUser":{"userId":351843984,"userName":"告诉你坝啥是压力","avatarUrl":"https://leo-online.fbcontent.cn/leo-gallery/19271653af0a628.jpg","userPendantUrl":null},"otherWinCount":1,"selfWinCount":0,"targetCostTime":86000,"examVO":{"pkIdStr":"609689746226253838","pointId":64,"pointName":"20以内的数比大小","ruleType":0,"questionCnt":10,"correctCnt":0,"costTime":0,"questions":[{"id":0,"examId":609689746226253838,"content":"12\\circle0","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":1,"examId":609689746226253838,"content":"6\\circle2","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":2,"examId":609689746226253838,"content":"7\\circle10","answer":"<","userAnswer":null,"answers":["<"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":3,"examId":609689746226253838,"content":"18\\circle1","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":4,"examId":609689746226253838,"content":"18\\circle15","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":5,"examId":609689746226253838,"content":"1\\circle2","answer":"<","userAnswer":null,"answers":["<"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":6,"examId":609689746226253838,"content":"14\\circle3","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":7,"examId":609689746226253838,"content":"4\\circle0","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":8,"examId":609689746226253838,"content":"2\\circle14","answer":"<","userAnswer":null,"answers":["<"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"},{"id":9,"examId":609689746226253838,"content":"9\\circle7","answer":">","userAnswer":null,"answers":[">"],"status":0,"script":null,"wrongScript":null,"ruleType":"COMPARE"}],"updatedTime":0}}
最终数据以gzip解码，目前思路是反射调用方法解密在模拟输入答案或重新加密后直接发包
相较于xmexg/xyks#9的重新处理，hook这个传出的值我个人觉得更好