微软WindowsPhone固件服务器抓包

2016-02-11

今晚抓了WindowsDeviceRecoveryTool的查询包,提交内容如下:
{"api-version":"1","condition":["default"],"query":{"manufacturerHardwareModel":"RM-978","manufacturerHardwareVariant":"059V976","manufacturerName":"Microsoft","manufacturerProductLine":"Lumia","packageClass":"Public","packageType":"Firmware"},"response":null}
提交地址:http://api.swrepository.com/rest-api/discovery/1/package 得到回复(部分):
 
"softwarePackages" : [ {
 "manufacturerHardwareModel" : [ "RM-978" ],
 "customerName" : null,
 "files" : [ {
 "fileSize" : 5921,
 "fileType" : "FLASH_VPL",
 "fileName" : "RM978_059V976_02040.00021.15235.50003_122.vpl",
 "checksum" : [ {
 "value" : "u1/N3GRWxljbcy7KLr8nMQ==",
 "type" : "MD5"
 } ]
 }, {
 "fileSize" : 476,
 "fileType" : "FLASH_SIGNATURE",
 "fileName" : "RM978_059V976_02040.00021.15235.50003_122.signature.bin",
 "checksum" : [ {
 "value" : "xECVS/+uwTdG3LoKGXdWLw==",
 "type" : "MD5"
 } ]
 } ],
 "packageType" : "Firmware",
 "manufacturerVariantName" : null,
 "packageSubRevision" : "122",
 "packageSubtitle" : null,
 "packageDescription" : null,
 "manufacturerModelName" : null,
 "manufacturerPackageId" : null,
 "id" : "602c44ba-a9f8-442c-8862-8edb3fb69085",
 "manufacturerHardwareVariant" : [ "059V976" ],
 "operatorName" : null,
 "packageRevision" : "02040.00021.15235.50003",
 "packageState" : "Completed",
 "packageTitle" : "RM-978 VAR APAC CN UNICOM",
 "manufacturerName" : "Microsoft",
 "manufacturerPlatformId" : null,
 "extendedAttributes" : null,
 "manufacturerProductLine" : "Lumia",
 "packageClass" : [ "Repair", "Public" ]
 } ]
 }
fileSize是文件大小byte,fileName是文件名,checksum是校检数据,这里默认提供的都是md5
然后下面这个地址是查询下载地址的api,这个api提取的文件下载地址有效时间只有24小时,是动态提取,API如下:
http://api.swrepository.com/rest-api/discovery/1/package/**602c44ba-a9f8-442c-8862-8edb3fb69085**/file/**RM978_059V976_02040.00021.15235.50003_122.signature.bin**/urls

其中,红色加粗字体部分为GUID(全局唯一标识符),在查询返回的json的根节点的“id”属性中包含,蓝色加粗部分表示文件名,由查询回复的js中的fileName提供。

根节点还有其它信息,比如包列表,工厂代码,包版本号等。
通过访问此API,得到如下回复:
{
 "fileSize" : 476,
 "url" : "https://softwarerepo.blob.core.windows.net/softwarerepo/602c44ba-a9f8-442c-8862-8edb3fb69085/RM978_059V976_02040.00021.15235.50003_122.signature.bin?sp=r&sr=b&sv=2014-02-14&se=2016-02-12T12%3A51%3A53Z&sig=fVxoIi1WPJdLsy9iGQdtETtQa0rWDrAKaeNaBG7bu%2BU%3D",
 "alternateUrl" : null,
 "checksum" : [ {
 "value" : "xECVS/+uwTdG3LoKGXdWLw==",
 "type" : "MD5"
 } ]
 }
现在得到的这个url就是该文件的实际下载地址,有效期只有24小时。
关于具体细节仍在研究中,这里放出部分结果仅供参考。