当前位置: 首页 > news >正文

【猿人学】web第一届 第16题 js-逆向 windows蜜罐 / webpack初体验

news 2025/8/26 12:03:46

数据接口分析

加密参数还原

查看数据接口对应的 window.request 栈

转换:

p_s = Date['parse'](new Date)['toString']();
var r = {}
r['page'] = window['page']
r.m = btoa(p_s)
r.t = p_s

未改写过的值:

改写过的值:

还原加密参数

btoa 方法

python 代码

import requests
import execjsheaders = {"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36",
}
cookies = {"sessionid": "你的sessionid",
}def call_js(file_name, func_name, *args):with open(file_name, mode='r', encoding='utf-8') as f:js_code = execjs.compile(f.read())return js_code.call(func_name, *args)def send_match16(page_):url = "https://match.yuanrenxue.cn/api/match/16"sdk = call_js('16.js', 'sdk')params = {"page": f"{page_}","m": sdk['m'],"t": sdk["t"]}response = requests.get(url, headers=headers, cookies=cookies, params=params)print(response.json())return response.json()['data']if __name__ == '__main__':nums = 0for page in range(1, 6):nums_list = send_match16(page)for num in nums_list:nums += num['value']print('page: ', page, 'nums: ', nums)

js代码:

let p_s = Date['parse'](new Date)['toString']();
function d(e) {for (var o = "1|3|0|4|2|5"['split']("|"), a = 0; ; ) {switch (o[a++]) {case "0":var s = l['length'];continue;case "1":e = e || 32;continue;case "2":for (i = 0; i < e; i++)c += l['charAt'](Math['floor'](Math.random() * s));continue;case "3":var l = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';continue;case "4":var c = "";continue;case "5":return c}break}
}
function btoa(e) {let f = "U9876543210zyxwvutsrqpomnlkjihgfdecbaZXYWVUTSRQPONABHICESQWK2Fi+9876543210zyxwvutsrqpomnlkjihgfdecbaZXYWVUTSRQPONABHICESQWK2Fi"if (/([^\u0000-\u00ff])/.test(e)) throw new Error("INVALID_CHARACTER_ERR");for (l = 0, c = [], void 0; l < e["length"];) {var o;var a;var s;var l;var c;switch (a = e["charCodeAt"](l), s = l % 6) {case 0:c["push"](f["charAt"](a >> 2));break;case 1:c["push"](f["charAt"]((2 & o) << 3 | a >> 4));break;case 2:c["push"](f["charAt"]((15 & o) << 2 | a >> 6));c["push"](f["charAt"](a & 63));break;case 3:c["push"](f["charAt"](a >> 3));break;case 4:c.push(f["charAt"]((o & 4) << 6 | a >> 6));break;case 5:c["push"](f["charAt"]((o & 15) << 4 | a >> 8));c.push(f.charAt(a & 63));}o = a;l++;}0 == s ? "FAVYf" === "LVZVH" || (c["push"](f["charAt"]((o & 3) << 4)), c.push("FM")) : s == 1 && (c["push"](f["charAt"]((15 & o) << 2)), c["push"]("K"))return d(15) + md5(c["join"]("")) + d(10);
}
function md5(e) {function o(e, n) {for (o = "3|6|1|4|7|5|0|2"["split"]("|"), a = 0, void 0;;) {var r;var o;var a;switch (o[a++]) {case "0":for (var d = 0; d < e.length; d += 16)for (p = "14|67|61|30|43|57|4|9|24|10|56|55|13|12|60|53|21|54|69|41|26|49|71|11|35|68|33|42|28|6|36|51|8|0|65|18|38|15|20|45|44|19|37|22|27|25|34|1|2|39|40|47|62|29|23|64|46|5|3|50|31|63|48|52|59|66|70|58|16|32|7|17"["split"]("|"), h = 0, void 0;;) {var p;var h;switch (p[h++]) {case "0":w = l(w, b, x, T, e[d + 2], 9, -51403784);continue;case "1":x = u(x, T, w, b, e[d + 6], 23, 76029189);continue;case "2":b = u(b, x, T, w, e[d + 9], 4, -640364487);continue;case "3":T = c(T, w, b, x, e[d + 10], 15, -1051523);continue;case "4":T = s(T, w, b, x, e[d + 2], 17, 606105819);continue;case "5":w = c(w, b, x, T, e[d + 3], 10, -1894446606);continue;case "6":w = l(w, b, x, T, e[d + 14], 9, -1019803690);continue;case "7":T = f(T, v);continue;case "8":b = l(b, x, T, w, e[d + 13], 5, -1444681467);continue;case "9":x = s(x, T, w, b, e[d + 3], 22, -1044525330);continue;case "10":w = s(w, b, x, T, e[d + 5], 12, 1200080426);continue;case "11":x = l(x, T, w, b, e[d + 0], 20, -373897302);continue;case "12":w = s(w, b, x, T, e[d + 9], 12, -1958435417);continue;case "13":b = s(b, x, T, w, e[d + 8], 7, 1770035416);continue;case "14":var m = b;continue;case "15":w = u(w, b, x, T, e[d + 8], 11, -2022574463);continue;case "16":b = f(b, m);continue;case "17":w = f(w, g);continue;case "18":x = l(x, T, w, b, e[d + 12], 20, -1921207734);continue;case "19":w = u(w, b, x, T, e[d + 4], 11, 1272893353);continue;case "20":T = u(T, w, b, x, e[d + 11], 16, 1839030562);continue;case "21":b = s(b, x, T, w, e[d + 12], 7, 1804550682);continue;case "22":x = u(x, T, w, b, e[d + 10], 23, -1094730640);continue;case "23":T = c(T, w, b, x, e[d + 14], 15, -1416354905);continue;case "24":b = s(b, x, T, w, e[d + 4], 7, -176418897);continue;case "25":w = u(w, b, x, T, e[d + 0], 11, -358537222);continue;case "26":b = l(b, x, T, w, e[d + 1], 5, -165796510);continue;case "27":b = u(b, x, T, w, e[d + 13], 4, 681279174);continue;case "28":b = l(b, x, T, w, e[d + 9], 5, 568446438);continue;case "29":w = c(w, b, x, T, e[d + 7], 10, 11261161415);continue;case "30":var g = w;continue;case "31":b = c(b, x, T, w, e[d + 8], 6, 1873313359);continue;case "32":x = f(x, y);continue;case "33":T = l(T, w, b, x, e[d + 15], 14, -660478335);continue;case "34":T = u(T, w, b, x, e[d + 3], 16, -722881979);continue;case "35":b = l(b, x, T, w, e[d + 5], 5, -701520691);continue;case "36":T = l(T, w, b, x, e[d + 3], 14, -187363961);continue;case "37":T = u(T, w, b, x, e[d + 7], 16, -155497632);continue;case "38":b = u(b, x, T, w, e[d + 5], 4, -378558);continue;case "39":w = u(w, b, x, T, e[d + 12], 11, -421815835);continue;case "40":T = u(T, w, b, x, e[d + 15], 16, 530742520);continue;case "41":x = s(x, T, w, b, e[d + 15], 22, 1236531029);continue;case "42":x = l(x, T, w, b, e[d + 4], 20, -405537848);continue;case "43":b = s(b, x, T, w, e[d + 0], 7, -680976936);continue;case "44":b = u(b, x, T, w, e[d + 1], 4, -1530992060);continue;case "45":x = u(x, T, w, b, e[d + 14], 23, -35311556);continue;case "46":b = c(b, x, T, w, e[d + 12], 6, 1700485571);continue;case "47":x = u(x, T, w, b, e[d + 2], 23, -995338651);continue;case "48":T = c(T, w, b, x, e[d + 6], 15, -1560198380);continue;case "49":w = l(w, b, x, T, e[d + 6], 9, -1069501632);continue;case "50":x = c(x, T, w, b, e[d + 1], 21, -2054922799);continue;case "51":x = l(x, T, w, b, e[d + 8], 20, 1163531501);continue;case "52":x = c(x, T, w, b, e[d + 13], 21, 1309151649);continue;case "53":x = s(x, T, w, b, e[d + 11], 22, -1990404162);continue;case "54":w = s(w, b, x, T, e[d + 13], 12, -40341101);continue;case "55":x = s(x, T, w, b, e[d + 7], 22, -45705983);continue;case "56":T = s(T, w, b, x, e[d + 6], 17, -1473231341);continue;case "57":w = s(w, b, x, T, e[d + 1], 12, -389564586);continue;case "58":x = c(x, T, w, b, e[d + 9], 21, -343485551);continue;case "59":b = c(b, x, T, w, e[d + 4], 6, -145523070);continue;case "60":T = s(T, w, b, x, e[d + 10], 17, -42063);continue;case "61":var v = T;continue;case "62":b = c(b, x, T, w, e[d + 0], 6, -198630844);continue;case "63":w = c(w, b, x, T, e[d + 15], 10, -30611744);continue;case "64":x = c(x, T, w, b, e[d + 5], 21, -57434055);continue;case "65":T = l(T, w, b, x, e[d + 7], 14, 1735328473);continue;case "66":w = c(w, b, x, T, e[d + 11], 10, -1120210379);continue;case "67":var y = x;continue;case "68":w = l(w, b, x, T, e[d + 10], 9, 38016083);continue;case "69":T = s(T, w, b, x, e[d + 14], 17, -1502002290);continue;case "70":T = c(T, w, b, x, e[d + 2], 15, 718787259);continue;case "71":T = l(T, w, b, x, e[d + 11], 14, 643717713);continue;}break;}continue;case "1":var b = 1732584193;continue;case "2":return Array(b, x, T, w);case "3":e[n >> 5] |= 128 << n % 32;continue;case "4":var x = -271733879;continue;case "5":var w = 271733878;continue;case "6":e[(n + 64 >>> 9 << 4) + 14] = n;continue;case "7":var T = -1732584194;continue;}break;}}function a(e, n, r, o, a, s) {return f(d(f(f(n, e), f(o, s)), a), r);}function s(e, n, r, o, s, l, u) {return a(n & r | ~n & o, e, n, s, l, u);}function l(e, n, r, o, s, l, u) {return a(n & o | r & ~o, e, n, s, l, u);}function u(e, n, r, o, s, l, u) {return a(n ^ r ^ o, e, n, s, l, u);}function c(e, n, r, o, s, l, u) {return a(r ^ (n | ~o), e, n, s, l, u);}function f(e, n) {var o = (65535 & e) + (n & 65535);var a = (e >> 16) + (n >> 16) + (o >> 16);return a << 16 | o & 65535;}function d(e, n) {return e << n | e >>> 32 - n;}function p(e) {for (r = Array(), o = (1 << 16) - 1, a = 0, void 0; a < e["length"] * 16; a += 16) {var n;var r;var o;var a;r[a >> 5] |= (e["charCodeAt"](a / 16) & o) << a % 32;}return r;}function h(e) {for (r = "0123456789abcdef", o = "", a = 0, void 0; a < e["length"] * 4; a++) {var n;var r;var o;var a;o += r["charAt"](15 & e[a >> 2] >> a % 4 * 8 + 4) + r["charAt"](15 & e[a >> 2] >> a % 4 * 8);}return o;}return function (e) {return h(o(p(e), 16 * e["length"]));}(e);
}// 定义 sdk 方便 python 调用
function sdk(){return {m: btoa(p_s),t: p_s}
}

结果:

http://www.dtcms.com/a/350624.html

相关文章:

  • 通过C#上位机串口写入和读取浮点数到stm32实战5(通过串口读取bmp280气压计的数值并在上位机显示)
  • java 并发编程八股-多线程篇
  • 【已解决】统信UOS安装后没有有线网络,缺少Chengdu Haiguang IC Design Co., Ltd. 10 Gb Ethernet网卡驱动
  • 支付宝直连商户,自动处理支付交易投诉,支持多支付宝应用
  • 【VS2022】背景设置详细教程(背景透明)
  • AI 时代“驯导师”职业发展方向探究
  • 用AI生成的一个BadgerDB的管理工具
  • 深入剖析Hugging Face Transformers中的KV Cache
  • Element plus日期选择器从今天开始、时间跨度为3天
  • 【Android 16】Android W 的冻结机制框架层分析
  • 茶艺实训室建设方案:打造沉浸式茶文化教学空间
  • SAVITECH盛微先进SAVIAUDIO音频解码芯片方案与应用
  • Chromium 源码中的单例管理:LazyInstance 与 NoDestructor 的深入解析与实战对比
  • vscode(MSVC)进行c++开发的时,在debug时查看一个eigen数组内部的数值
  • uniapp安卓真机调试问题解决总结
  • redis----list详解
  • C# 相机内存复用(减少图像采集耗时)以及行数复用
  • 自定义树形构造器
  • python项目实战 3D宠物狗
  • 关于传统的JavaWeb(Servlet+Mybatis)项目部署Tomcat后的跨域问题解决方案
  • MM-2025 | 北航双无人机协作助力视觉语言导航!AeroDuo:基于空中双机系统的无人机视觉语言导航
  • 简述mysql中索引类型有哪些,以及对数据库的性能的影响?
  • JBL音响代理——河北正娱科技的声学精品工程
  • 网络编程-HTTP
  • 插曲 - 为什么光速不变
  • 【代码】洛谷P3391 【模板】文艺平衡树(FHQ Treap)
  • 低质量视频变高清AI:告别模糊,重现清晰画质
  • chrome插件开发(二)
  • vue家教预约平台设计与实现(代码+数据库+LW)
  • 驱动-热插拔-Netlink广播监听内核状态