IOS逆向-更改常见算法脚本

最新推荐文章于 2025-03-17 22:51:27 发布
最新推荐文章于 2025-03-17 22:51:27 发布
阅读量2k 收藏 62
点赞数 89
CC 4.0 BY-SA版权
分类专栏: 2023 文章标签: 算法
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_41369057/article/details/131413050

堆栈打印:

	log('堆栈 from:\n' +Thread.backtrace(this.context, Backtracer.ACCURATE).map(DebugSymbol.fromAddress).join('\n') + '\n');

我们盲猜测算法后,可以直接使用:

frida-trace -UF -i CC_MD5 -i CC_SHA1

可以无限迭代, -i xxx ;

我们知道object-C 前两个参数,一个是类本身,一个是方法名,所以我们打印可以直接打印下标为2的值;

在这里插入图片描述
直接更改这个路径下的js文件,完善脚本;

C:\Users\xxx_handlers_\libcommonCrypto.dylib

CC_MD5.js

/*
 * Auto-generated by Frida. Please modify to match the signature of CC_MD5.
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call CC_MD5.
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
    log('CC_MD5() onEnter: ' + args[0].readCString(args[1].toInt32()));
	this.args2 = args[2];
  },

  /**
   * Called synchronously when about to return from CC_MD5.
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
	log('CC_MD5() onLeave: ' + hexdump(this.args2, {length: 16}));
  }
}

CC_SHA1.js

/*
 * Auto-generated by Frida. Please modify to match the signature of CC_SHA1.
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call CC_SHA1.
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
	log('CC_SHA1() onEnter: ' + args[0].readCString(args[1].toInt32()));
	this.args2 = args[2];
  },

  /**
   * Called synchronously when about to return from CC_SHA1.
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
	log('CC_SHA1() onLeave: ' + hexdump(this.args2, {length: 20}));
  }
}

SecKeyEncrypt RSA

frida-trace -UF -i CC_MD5 -i CC_SHA1 -i CCCrypt -i SecKeyEncrypt

在这里插入图片描述

/*
 * Auto-generated by Frida. Please modify to match the signature of SecKeyEncrypt.
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call SecKeyEncrypt.
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
	log('SecKeyEncrypt called from:\n' +
        Thread.backtrace(this.context, Backtracer.ACCURATE)
        .map(DebugSymbol.fromAddress).join('\n') + '\n');
	log('SecKeyEncrypt key: ' + hexdump(args[0]));
	log('SecKeyEncrypt padding: ' + (args[1]).toInt32());
	log('SecKeyEncrypt plainText: ' + (args[2]).readCString());
	log('SecKeyEncrypt plainTextSize: ' + (args[3]).toInt32());
	this.args4 = args[4];
	this.args5 = args[5];
  },

  /**
   * Called synchronously when about to return from SecKeyEncrypt.
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
	log('SecKeyEncrypt cipherText: ' + hexdump(this.args4, {length: 128}));
	log('SecKeyEncrypt cipherTextSize: ' + (this.args5).readInt());
  }
}



frida-trace -UF -m "-[NSData initWithContentsOfFile:]"

查看本地证书

/*
 * Auto-generated by Frida. Please modify to match the signature of SecKeyEncrypt.
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call SecKeyEncrypt.
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
	log('SecKeyEncrypt called from:\n' +
        Thread.backtrace(this.context, Backtracer.ACCURATE)
        .map(DebugSymbol.fromAddress).join('\n') + '\n');
	log('SecKeyEncrypt key: ' + hexdump(args[0]));
	log('SecKeyEncrypt padding: ' + (args[1]).toInt32());
	log('SecKeyEncrypt plainText: ' + (args[2]).readCString());
	log('SecKeyEncrypt plainTextSize: ' + (args[3]).toInt32());
	this.args4 = args[4];
	this.args5 = args[5];
  },

  /**
   * Called synchronously when about to return from SecKeyEncrypt.
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
	log('SecKeyEncrypt cipherText: ' + hexdump(this.args4, {length: 128}));
	log('SecKeyEncrypt cipherTextSize: ' + (this.args5).readInt());
  }
}

CCCrypt

/*
 * Auto-generated by Frida. Please modify to match the signature of CCCrypt.
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call CCCrypt.
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
	log('CC_MD5 called from:\n' +
        Thread.backtrace(this.context, Backtracer.ACCURATE)
        .map(DebugSymbol.fromAddress).join('\n') + '\n');
	log('CCCrypt() kCCEncrypt 0 or kCCDecrypt 1: ', args[0]);
    log('CCCrypt() CCAlgorithm: ', args[1]);
    log('CCCrypt() CCOptions 1/2: ', args[2]);
    log('CCCrypt() key: ', hexdump(args[3]));
    log('CCCrypt() keyLen: ', args[4]);
    log('CCCrypt() iv: ', hexdump(args[5]));
    log('CCCrypt() dataIn: ', hexdump(args[6]));
    log('CCCrypt() dataInLength: ', args[7]);
	this.args8 = args[8];
	this.args10 = args[10];
  },

  /**
   * Called synchronously when about to return from CCCrypt.
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
	log('CCCrypt() dataOut: ', hexdump(this.args8));
    log('CCCrypt() dataOutLen: ', hexdump(this.args10));
  }
}


CCCrypt
CCCryptorStatus CCCrypt(
 CCOperation op, /* kCCEncrypt 0,kCCDecrypt 1 */
CCAlgorithm alg, /* kCCAlgorithmAES128=0,kCCAlgorithmAES=0,kCCAlgorithmDES,kCCAlgorithm3DES,kCCAlgorithmCAST,kCCAlgorithmRC4,kCCAlgorithmRC2, kCCAlgorithmBlowfish */
CCOptions options, /* kCCOptionPKCS7Padding=1、kCCOptionECBMode=2 */
constvoid*key, 秘钥 jdiwjcnd
size_t keyLength, 秘钥长度,必须和选择的算法相匹配,不同的算法要求的秘钥长度不一样。可选值如下:
kCCKeySizeAES128 = 16,
kCCKeySizeAES192 = 24,
kCCKeySizeAES256 = 32,
kCCKeySizeDES = 8,
kCCKeySize3DES = 24,
kCCKeySizeMinCAST = 5,
kCCKeySizeMaxCAST = 16,
kCCKeySizeMinRC4 = 1,
kCCKeySizeMaxRC4 = 512,
kCCKeySizeMinRC2 = 1,
kCCKeySizeMaxRC2 = 128,
kCCKeySizeMinBlowfish = 8,
kCCKeySizeMaxBlowfish
constvoid*iv, /* optional initialization vector */ 加密使用的向量参数,CBC模式需要,16字节。ECB模式不需要。
原 始解释:初始向量,可选类型,用于CBC模式。如果存在,则必须与所选算法的块大小相同。如果选择了CBC模式(由于选项标志中没有任何模式位),并且没 有IV,将使用NULL(所有0)IV。如果使用ECB模式或选择了流密码算法,则忽略此操作。对于声音加密,总是使用随机数据初始化IV。
iv的创建有三种方式:
const Byte iv[] = {1,2,3,4,5,6,7,8};
const Byte iv[] = {0,1,2,3,4,5,6,7};
 
constvoid*dataIn, /* optional per op and alg */ 加解密的数据,const char *类型,使用字符串的UTF8String进行转换
size_tdataInLength, 数据的长度,类型size_t
void*dataOut, /* data RETURNED here */ 输出的数据,加密解密后的数据写在这里,
size_t dataOutAvailable, 输出数据时需要的可用空间大小。数据缓冲区的大小(字节)
size_t*dataOutMoved) 输出数据实际的大小。返回成功后,写入dataOut的字节数。如果由于提供的缓冲区空间不足而返回kCCBufferTooSmall,则在这里返回所需的缓冲区空间。

通过弹窗定位:

弹窗控件:

frida-trace -UF -m "*[UIAlertView *]"

修改js添加堆栈等操作打印

通过url

frida-trace -UF -m "+[NSURL URLWithString:]"

/*
 * Auto-generated by Frida. Please modify to match the signature of +[NSURL URLWithString:].
 * This stub is currently auto-generated from manpages when available.
 *
 * For full API reference, see: https://frida.re/docs/javascript-api/
 */

{
  /**
   * Called synchronously when about to call +[NSURL URLWithString:].
   *
   * @this {object} - Object allowing you to store state for use in onLeave.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {array} args - Function arguments represented as an array of NativePointer objects.
   * For example use args[0].readUtf8String() if the first argument is a pointer to a C string encoded as UTF-8.
   * It is also possible to modify arguments by assigning a NativePointer object to an element of this array.
   * @param {object} state - Object allowing you to keep state across function calls.
   * Only one JavaScript function will execute at a time, so do not worry about race-conditions.
   * However, do not use this to store function arguments across onEnter/onLeave, but instead
   * use "this" which is an object for keeping state local to an invocation.
   */
  onEnter(log, args, state) {
	console.log('CCCryptorCreate called from:\n' +
        Thread.backtrace(this.context, Backtracer.ACCURATE)
        .map(DebugSymbol.fromAddress).join('\n') + '\n');
	log(`+[NSURL URLWithString:]` + ObjC.Object(args[2]));
  },

  /**
   * Called synchronously when about to return from +[NSURL URLWithString:].
   *
   * See onEnter for details.
   *
   * @this {object} - Object allowing you to access state stored in onEnter.
   * @param {function} log - Call this function with a string to be presented to the user.
   * @param {NativePointer} retval - Return value represented as a NativePointer object.
   * @param {object} state - Object allowing you to keep state across function calls.
   */
  onLeave(log, retval, state) {
  }
}

frida demo:

var initWithMethod = ObjC.classes.XYHTTPRequest['+ initWithMethod:requestURL:requestParam:requestHeaderField:'];
Interceptor.attach(initWithMethod.implementation, {
    onEnter: function (args) {
        console.log('initWithMethod called from:\n' +
            Thread.backtrace(this.context, Backtracer.ACCURATE)
                .map(DebugSymbol.fromAddress).join('\n') + '\n');
        //console.log("args[2]: ", (args[2]));
        console.log("args[3]: ", ObjC.Object(args[3]));
        console.log("args[4]: ", ObjC.Object(args[4]));
        console.log("args[5]: ", ObjC.Object(args[5]));
    }, onLeave: function (retval) {

    }
});
iOS应用安全加固:防止逆向工程的10种方法
移动开发前沿的博客
05-28 1326
在当今数字化时代,iOS应用市场日益繁荣,但同时也面临着诸多安全威胁,其中逆向工程是一个较为严重的问题。逆向工程可能导致应用的核心代码、敏感信息被泄露,给开发者和用户带来巨大损失。本文的目的就是为iOS开发者提供一些有效的安全加固方法,帮助他们防止应用被逆向工程攻击,范围涵盖了从代码层面到运行环境层面的多种防护手段。本文首先会引入一个与应用安全相关的小故事,激发读者的兴趣。然后详细解释与逆向工程和安全加固相关的核心概念,用生活中的例子让大家更容易理解。
iOS安全和逆向系列教程 第9篇:iOS应用保护技术与对抗方法
一个自学不成材的程序员
03-02 955
iOS应用保护是开发者和逆向工程师之间的一场持续博弈。作为逆向工程师,了解这些保护技术及其对抗方法对于成功分析和修改应用至关重要。
iOS App逆向之:iOS应用砸壳技术
08-24 5324
相对于iOS平台,加壳的过程来自苹果官方。iOS砸壳是指逆向工程师将应用程序的加密保护剥离,还原成未加密的版本。通过这个过程,逆向工程师可以获得应用程序的原始二进制文件,从而更容易进行代码分析和修改。砸壳为逆向工程师提供了深入研究应用内部机制的能力,但同时也需要在法律和道德框架内操作。
iOS UIImage图片缩放性能对比
henry_lei的博客
11-24 576
前言 最近做挺多的图片处理,透视、缩放、拼接、裁剪、效果等等,那么今天就先来详细对比一下系统API处理缩放的性能,这样也好方便选择那种更优的方式来处理 GitHub地址:KJExtensionHandler | | 这里有一个iOS交流圈:891 488 181 不管你是大牛还是小白都欢迎入驻 ,分享BAT,阿里面试题、面试经验,讨论技术, 大家一起交流学习成长! 大致分为以下五种API: UIKit,画布 drawInRect: 和 UIGraphicsGetImageFromC
iOS安全】越狱iOS安装Frida | Frida使用 | 修改Frida-trace源码 | 常见报错
Juruo@Security
12-28 1万+
iOS安全】越狱iOS安装Frida | Frida使用 | 修改Frida-trace源码 报错 Failed to attach: module not found at "/usr/lib/libSystem.B.dylib"
iOS之某漫加密算法还原
我没有生来天赋异人,面对人潮人海只剩勤奋。
10-24 310
ios安全样本分析全流程
TK抓包协议分析:So层逆向
最新发布
2503_90751938的博客
03-17 1975
第三个参数是一个回调函数,这里他的返回值1表示成功,0表示失败,那我们手动把他Hook为0,让他不支持quic协议,实现降级。等,我们是为了解决抓包问题,那很有可能是在net目录下(network),那来搜索一下。开了抓包以后APP直接是网络无连接了,并且抓到的请求也是不正常的,下面我们就开始定位。看了半天感觉也没啥有用的东西,那下面我们整理一下已经有信息,来猜测一下,后续怎么进行。那可以猜测,我们真正需要Hook的那个函数也有可能是这样加载的,可以字符串搜索一下。
swift-iOS安全审计工具包一个用于iOS应用安全审计和iOS逆向工程的半自动工具
08-14
Swift-iOS安全审计工具包是针对iOS应用进行安全评估和逆向工程的半自动化工具集。这个工具包专为iOS开发者、安全研究员以及热衷于iOS应用安全的人员设计,旨在帮助他们更有效地识别和修复潜在的安全漏洞。下面将详细...
程序员移动开发中的iOS逆向.pdf
09-22
iOS逆向】是iOS移动开发中的一个重要领域,它涉及到对iOS应用的内部工作原理进行分析、调试和修改。在iOS开发中,逆向工程可以帮助开发者深入理解代码执行流程,解决一些难以通过常规方式调试的问题,例如理解第三...
iOS逆向工程笔记
dhq199023的博客
08-16 1705
Cycript是一款脚本语言,可以看作是Objective-JavaScript,它可以帮助我们轻松测试和验证函数效果。在越狱手机中可以通过注入方式在第三方应用中运行也可以用静态库的方式把cycript集成到自己的应用(MonkeyDev,可以给非越狱iOS第三方App写插件,但是权限受沙盒限制)在越狱手机中安装Cycript在Cydia上搜索Cycript进行安装Cycript使用(注入到第三方进程空间)注入Cycript模块到第三方进程//确认进程名或者进程PID1368??
这恐怕是学习Frida最详细的笔记了
热门推荐
成小新的博客
07-07 1万+
转载自Sakura的博客:https://eternalsakura13.com/2020/07/04/frida title: Frida Android hook categories: Android逆向 致谢 本篇文章学到的内容来自且完全来自r0ysue的知识星球,推荐一下(这个男人啥都会,还能陪你在线撩骚)。 Frida环境 https://github.com/frida/frida pyenv python全版本随机切换,这里提供macOS上的配置方法 brew update bre.
IDAPython脚本分享 - 自动在JNI_OnLoad下断点
小蓝人敌法的专栏
10-22 3074
自动在JNI_OnLoad下断点脚本背景 在Android逆向的过程中,一个很常见的场景就是我们需要分析So模块的JNI_OnLoad函数,每次我们使用IDA进行调试的时候,都要手动的找一次 libart.so(ART虚拟机)中调用JNI_OnLoad函数的位置,重复又麻烦,于是就用脚本把这个相对固定的过程用IDA Python脚本固化下来,提高效率,顺便跟大家分享一下。 脚本使用注意事项 IDA载
Backtrace 分析
qq_30427341的博客
06-25 5542
1. Java Backtrace从Java Backtrace, 我们可以知道当时Process 的虚拟机执行状态. Java Backtrace 依靠SignalCatcher 来抓取.Google default: SignalCatcher catchs SIGQUIT(3), and then print the java backtrace to /data/anr/trace.t...
backtrace-----打印进程异常退出时的堆栈信息
oria2006的专栏
11-30 947
#include #include "debug_trace.h" #define TRACE_SIZE 1024 static void trace_print(int signal_type) { int trace_id = -1; void *buffer[100]; char **info = NULL; trace_id = backtra
基于GNU、arm v7、threadx的backtrace
qq_14892521的博客
12-09 366
根据栈帧FP进行backtracethreadx会在任务调度前将sp指向申请的任务栈空间,任务栈空间可在链接脚本中指定。 随便写个例子如下: void func0() { int i = 6; i++; } void func1() { *(uint32_t *)0x80000000 = 1; //访问一块不在mpu范围内的内存会发生Abort func0(); } void func2() { f...
iOS Crash日志
weixin_30311605的博客
02-25 367
Understanding Crash Reports on iPhone OS https://developer.apple.com/videos/wwdc/2010/?id=317 http://www.cnblogs.com/smileEvday/p/Crash1.html http://www.cocoachina.com/industry/20130725/6677.html ...
backtrace 调试 代码执行的路径(调用栈)
敟當柒秒哋魚
05-21 626
直接贴代码: #include #include #include #include void myfunc3(void) { int j, nptrs; #define SIZE 100 void *buffer[100]; char **strings; nptrs = backtrace(buffer, SIZE); pr
巧用backtrace系列函数,在不具备gdb环境的Linux系统上大致定位段错误位置
lcw_202的专栏
12-23 3840
2010年8月24日DDD发表评论阅读评 论21: 段错误产生的原因简而言之,产生段错误就是访问了错误的内存段,一般是你没有权限,或者根本就不存在对应的物理内存, 尤其常见的是访问0地址.一旦一个程序发生了越界访问,系统就采取内存保护措施,并给那个程序发送 SIGSEGV信号,程序接到那个信号后就知道segmentation fault出现了。想对”段错误”有更详细的了解可以去阅读“Linux下的段错误产生的原因及调试方法” 这篇文章,本文的 内容基本是从那文章里提取出来的。2: SIGSEGV
苹果高级调试与逆向工程随书源码解析
### 知识点 ...结合以上内容,可以得知随书源码是学习和实践iOS高级调试与逆向工程的一个重要辅助工具,而整个资源覆盖了从底层汇编语言到高层脚本桥接,从调试器使用到运行时行为分析的广泛主题。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

Codeoooo

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值