mcrypt_ module_ The successful solution of open abandoned by php7.1

Geeks, please accept the hero post of 2021 Microsoft x Intel hacking contest>>>

First of all

Several references are provided

Official document of wechat enterprise number detailed description of encryption and decryption scheme:

Online solution: mcrypt in symmetric decryption code of wechat applet is abandoned by php7.1

Solution on the Internet — wechat applet user information decryption php7:

And then

Tell you where there are holes in these plans:

Since the official document of wechat enterprise number says that aeskey adopts the CBC mode of AES, can you make it clear whether it is 128, 256 or

The OpenSSL encryption and decryption methods used in the online solution cases are all aes-128-cbc. In fact, wechat does not know when to use aes-256-cbc

When the two small pits meet, they will form a big pit

Purpose of this paper

Avoid more people stepping on the pit


OpenSSL with PHP_ Decrypt user manual

Similar Posts: