@sskaje

By @sskaje
Link: https://sskaje.me/2017/09/df-dferh-01/

Google Play Store出现 DF-DFERH-01。
观察了一下，少劫持了.cn的几个google系域名，主要是 googleapis.cn。

当前的所有google域名列表：

1e100.net
466453.com
abc.xyz
admob.com
adsense.com
advertisercommunity.com
adwords.com
ai.google
android.com
appspot.com
blog.google
blogger.com
blogspot.com
blogspot.de
blogspot.hk
blogspot.jp
capitalg.com
chrome.cn
chrome.com
chrome.org
chromebook.com
chromecast.com
chromium.org
cobrasearch.com
com.google
domains.google
doubleclick.com
doubleclickbygoogle.com
duck.com
elgoog.im
feedburner.com
foofle.com
froogle.com
g.cn
g.co
ggoogle.com
ggpht.cn
ggpht.com
gmail.com
gmail.com.cn
gmodules.com
gogle.com
gogole.com
goo.gl
googel.com
googil.com
googl.com
google
google-analytics.com
google.ac
google.ad
google.ae
google.al
google.am
google.as
google.at
google.az
google.ba
google.be
google.bf
google.bg
google.bi
google.bj
google.bs
google.bt
google.by
google.ca
google.cat
google.cc
google.cd
google.cf
google.cg
google.ch
google.ci
google.cl
google.cm
google.cn
google.co
google.co.ao
google.co.bw
google.co.ck
google.co.cr
google.co.id
google.co.il
google.co.in
google.co.jp
google.co.ke
google.co.kr
google.co.ls
google.co.ma
google.co.mz
google.co.nz
google.co.th
google.co.tz
google.co.ug
google.co.uk
google.co.uz
google.co.ve
google.co.vi
google.co.za
google.co.zm
google.co.zw
google.com
google.com.af
google.com.ag
google.com.ai
google.com.ar
google.com.au
google.com.bd
google.com.bh
google.com.bn
google.com.bo
google.com.br
google.com.bz
google.com.co
google.com.cu
google.com.cy
google.com.do
google.com.ec
google.com.eg
google.com.et
google.com.fj
google.com.gh
google.com.gi
google.com.gt
google.com.hk
google.com.jm
google.com.kh
google.com.kw
google.com.lb
google.com.lc
google.com.ly
google.com.mm
google.com.mt
google.com.mx
google.com.my
google.com.na
google.com.ng
google.com.ni
google.com.np
google.com.om
google.com.pa
google.com.pe
google.com.pg
google.com.ph
google.com.pk
google.com.pr
google.com.py
google.com.qa
google.com.sa
google.com.sb
google.com.sg
google.com.sl
google.com.sv
google.com.tj
google.com.tr
google.com.tw
google.com.ua
google.com.uy
google.com.vc
google.com.vn
google.cv
google.cx
google.cz
google.de
google.dj
google.dk
google.dm
google.dz
google.ee
google.es
google.eu
google.fi
google.fm
google.fr
google.ga
google.ge
google.gf
google.gg
google.gl
google.gm
google.gp
google.gr
google.gy
google.hn
google.hr
google.ht
google.hu
google.ie
google.im
google.io
google.iq
google.is
google.it
google.je
google.jo
google.kg
google.ki
google.kz
google.la
google.li
google.lk
google.lt
google.lu
google.lv
google.md
google.me
google.mg
google.mk
google.ml
google.mn
google.ms
google.mu
google.mv
google.mw
google.ne
google.net
google.nf
google.nl
google.no
google.nr
google.nu
google.org
google.pl
google.pn
google.ps
google.pt
google.ro
google.rs
google.ru
google.rw
google.sc
google.se
google.sh
google.si
google.sk
google.sm
google.sn
google.so
google.sr
google.st
google.td
google.tg
google.tk
google.tl
google.tm
google.tn
google.to
google.tt
google.us
google.vg
google.vu
google.ws
googleadservices.com
googleapis.cn
googleapis.com
googleapps.com
googleapps.com.cn
googlearth.com
googlearth.com.cn
googlebot.com
googlecapital.com
googlecode.com
googlecommerce.com
googledrive.com
googledrive.com.cn
googlee.com
googleearth.cn
googleearth.com
googleearth.com.cn
googlemail.com
googlemail.com.cn
googlemaps.cn
googlemaps.com
googlemaps.com.cn
googlepagecreator.com
googleplay.com
googlescholar.cn
googlescholar.com
googlescholar.com.cn
googlesource.com
googlesyndication.cn
googlesyndication.com
googlesyndication.com.cn
googletagmanager.com
googletagservices.com
googleusercontent.cn
googleusercontent.com
googlevideo.cn
googlevideo.com
googlevideo.com.cn
googlr.com
goolge.com
gooogle.com
gstatic.cn
gstatic.com
gv.com
gvt0.com
gvt1.com
gvt2.com
gvt3.com
igoogle.com
keyhole.com
like.com
localguidesconnect.com
madewithcode.com
panoramio.com
picasa.com
urchin.com
waze.com
whatbrowser.org
withgoogle.com
youtu.be
youtube-nocookie.com
youtube.cn
youtube.com
youtubeeducation.com
youtubegaming.com
yt.be
ytimg.com

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

1e100.net

466453.com

abc.xyz

admob.com

adsense.com

advertisercommunity.com

adwords.com

ai.google

android.com

appspot.com

blog.google

blogger.com

blogspot.com

blogspot.de

blogspot.hk

blogspot.jp

capitalg.com

chrome.cn

chrome.com

chrome.org

chromebook.com

chromecast.com

chromium.org

cobrasearch.com

com.google

domains.google

doubleclick.com

doubleclickbygoogle.com

duck.com

elgoog.im

feedburner.com

foofle.com

froogle.com

g.cn

g.co

ggoogle.com

ggpht.cn

ggpht.com

gmail.com

gmail.com.cn

gmodules.com

gogle.com

gogole.com

goo.gl

googel.com

googil.com

googl.com

google

google-analytics.com

google.ac

google.ad

google.ae

google.al

google.am

google.as

google.at

google.az

google.ba

google.be

google.bf

google.bg

google.bi

google.bj

google.bs

google.bt

google.by

google.ca

google.cat

google.cc

google.cd

google.cf

google.cg

google.ch

google.ci

google.cl

google.cm

google.cn

google.co

google.co.ao

google.co.bw

google.co.ck

google.co.cr

google.co.id

google.co.il

google.co.in

google.co.jp

google.co.ke

google.co.kr

google.co.ls

google.co.ma

google.co.mz

google.co.nz

google.co.th

google.co.tz

google.co.ug

google.co.uk

google.co.uz

google.co.ve

google.co.vi

google.co.za

google.co.zm

google.co.zw

google.com

google.com.af

google.com.ag

google.com.ai

google.com.ar

google.com.au

google.com.bd

google.com.bh

google.com.bn

google.com.bo

google.com.br

google.com.bz

google.com.co

google.com.cu

google.com.cy

google.com.do

google.com.ec

google.com.eg

google.com.et

google.com.fj

google.com.gh

google.com.gi

google.com.gt

google.com.hk

google.com.jm

google.com.kh

google.com.kw

google.com.lb

google.com.lc

google.com.ly

google.com.mm

google.com.mt

google.com.mx

google.com.my

google.com.na

google.com.ng

google.com.ni

google.com.np

google.com.om

google.com.pa

google.com.pe

google.com.pg

google.com.ph

google.com.pk

google.com.pr

google.com.py

google.com.qa

google.com.sa

google.com.sb

google.com.sg

google.com.sl

google.com.sv

google.com.tj

google.com.tr

google.com.tw

google.com.ua

google.com.uy

google.com.vc

google.com.vn

google.cv

google.cx

google.cz

google.de

google.dj

google.dk

google.dm

google.dz

google.ee

google.es

google.eu

google.fi

google.fm

google.fr

google.ga

google.ge

google.gf

google.gg

google.gl

google.gm

google.gp

google.gr

google.gy

google.hn

google.hr

google.ht

google.hu

google.ie

google.im

google.io

google.iq

google.is

google.it

google.je

google.jo

google.kg

google.ki

google.kz

google.la

google.li

google.lk

google.lt

google.lu

google.lv

google.md

google.me

google.mg

google.mk

google.ml

google.mn

google.ms

google.mu

google.mv

google.mw

google.ne

google.net

google.nf

google.nl

google.no

google.nr

google.nu

google.org

google.pl

google.pn

google.ps

google.pt

google.ro

google.rs

google.ru

google.rw

google.sc

google.se

google.sh

google.si

google.sk

google.sm

google.sn

google.so

google.sr

google.st

google.td

google.tg

google.tk

google.tl

google.tm

google.tn

google.to

google.tt

google.us

google.vg

google.vu

google.ws

googleadservices.com

googleapis.cn

googleapis.com

googleapps.com

googleapps.com.cn

googlearth.com

googlearth.com.cn

googlebot.com

googlecapital.com

googlecode.com

googlecommerce.com

googledrive.com

googledrive.com.cn

googlee.com

googleearth.cn

googleearth.com

googleearth.com.cn

googlemail.com

googlemail.com.cn

googlemaps.cn

googlemaps.com

googlemaps.com.cn

googlepagecreator.com

googleplay.com

googlescholar.cn

googlescholar.com

googlescholar.com.cn

googlesource.com

googlesyndication.cn

googlesyndication.com

googlesyndication.com.cn

googletagmanager.com

googletagservices.com

googleusercontent.cn

googleusercontent.com

googlevideo.cn

googlevideo.com

googlevideo.com.cn

googlr.com

goolge.com

gooogle.com

gstatic.cn

gstatic.com

gv.com

gvt0.com

gvt1.com

gvt2.com

gvt3.com

igoogle.com

keyhole.com

like.com

localguidesconnect.com

madewithcode.com

panoramio.com

picasa.com

urchin.com

waze.com

whatbrowser.org

withgoogle.com

youtu.be

youtube-nocookie.com

youtube.cn

youtube.com

youtubeeducation.com

youtubegaming.com

yt.be

ytimg.com

DF-DFERH-01 by @sskaje: https://sskaje.me/2017/09/df-dferh-01/

By @sskaje
Link: https://sskaje.me/2017/08/unzip-with-lzfse-support/

LZFSE is a compression library introduced by Apple.

LZFSE is a Lempel-Ziv style data compression algorithm using Finite State Entropy coding. It targets similar compression rates at higher compression and decompression speed compared to deflate using zlib.

Github: https://github.com/lzfse/lzfse

Apple uses LZFSE compressing its ipa packages.
I downloaded an ipa directly from appstore, named like pre-thinned xxx .thinned.signed.dpkg.ipa, e.g. pre-thinned12345678.thinned.signed.dpkg.ipa

I tried to decompress this ipa, with unzip, 7-Zip on windows, many many other archiver management tools, all failed.

   skipping: Payload/.......  unsupported compression method 99

1	skipping: Payload/....... unsupported compression method 99

unsupported compression method 99

I integrated lzfse into unzip based on unzip-6.0.
Github: https://github.com/sskaje/unzip-lzfse

Steps:
1 Build and install lzfse

$ git clone https://github.com/lzfse/lzfse.git
$ cd lzfse
$ make
$ sudo make install

$ git clone https://github.com/lzfse/lzfse.git

$ cd lzfse

$ make

$ sudo make install

2 Build unzip-lzfse

$ git clone https://github.com/sskaje/unzip-lzfse
$ git checkout lzfse
$ cd unzip-lzfse
$ export LZFSE_PATH=/usr/local
$ make -f unix/Makefile all

$ git clone https://github.com/sskaje/unzip-lzfse

$ git checkout lzfse

$ cd unzip-lzfse

$ export LZFSE_PATH=/usr/local

$ make -f unix/Makefile all

3 test

$ ./unzip -d test ../pre-thinned12345678.thinned.signed.dpkg.ipa

1	$ ./unzip -d test ../pre-thinned12345678.thinned.signed.dpkg.ipa

Tested under macOS 10.12.6

unzip with lzfse support by @sskaje: https://sskaje.me/2017/08/unzip-with-lzfse-support/

@sskaje

DF-DFERH-01

Free iOS Developer Signing Certificate

unzip with lzfse support

SQLPro License Key

iOS AppStore in-App Purchase Hack