Geeks, please accept the hero post of 2021 Microsoft x Intel hacking contest>>> 
First of all
Several references are provided
Official document of wechat enterprise number detailed description of encryption and decryption scheme:
https://work.weixin.qq.com/api/doc#10127
Online solution: mcrypt in symmetric decryption code of wechat applet is abandoned by php7.1
http://www.ptbird.cn/mcrypt-wxxcx-php7.html
Solution on the Internet — wechat applet user information decryption php7:
http://www.thinkphp.cn/code/3141.html
And then
Tell you where there are holes in these plans:
Since the official document of wechat enterprise number says that aeskey adopts the CBC mode of AES, can you make it clear whether it is 128, 256 or
The OpenSSL encryption and decryption methods used in the online solution cases are all aes-128-cbc. In fact, wechat does not know when to use aes-256-cbc
When the two small pits meet, they will form a big pit
Purpose of this paper
Avoid more people stepping on the pit
Finally
OpenSSL with PHP_ Decrypt user manual
http://php.net/manual/zh/function.openssl-decrypt.php
Similar Posts:
- WeChat develops official account or small program menu 45064: no permission to use weapp in menu rid:XXXXXXX
- Wechat applet decrypts encrypteddata error: pad block corrupted solution
- DOTNET Run AES-GCM Program ON MACOS (ERROR ALGORITHM ‘AESGCM’ IS NOT SUPPORTED ON THIS PLATFORM)
- Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted sign…
- ProXmoX VE Update apt-get update Error [How to Solve]
- Phpmailer’s solution to extension missing: OpenSSL error
- Install wechat, chrome, etc. on Ubuntu 16.04
- Solution to the error of video codec open failed prompted by TechSmith Camtasia Studio 9 screen recording software
- Openeuler: How to Install OpenSSL
- [Solved] Error-Javascript: Uncaught Error: Malformed UTF-8 data at Object.stringify (crypto-js.js:478) at W…