js逆向之有道翻译:
分析思路:
https://fanyi.youdao.com/index.html#/
就两个动态变化的参数,第一个是 sign就是签名值,第二个是时间戳很简单
全局搜素sign,打断点,然后跳进去k函数
我们会发现前面发送请求得到的密文数据,但是浏览器会通过js转化为明文,所以我们还有继续。
首先我们要知道AES和DES加密是对称加密,也就是加密和解密是同一把钥匙,上面是先使用aes再使用base64
AES和DES一般来说需要 如下几个参数:
需要加密解密的数据 ,key(密钥),iv(值)
key="ydsecret://query/key/B*RGygVywfNBwpmBaZg*WT7SIOUP2T0C9WHMZN39j^DAdaZhAnxvGcCY6VYFwnHl"
iv="ydsecret://query/iv/C@lZe2YzHtZ2CYgaXKSVfsb7Y4QWHjITPPZ0nQp87fBeJ!Iv6v^6fvi2WN@bYpJ4"
它又对key,iv进行md5数据加密了,然后创建一个aes模型,然后再使用bs64,最后在转化为utf-8即可
代码实现:
import hashlib
import requests
from fake_useragent import UserAgent
import time
import base64
from Crypto.Cipher import AES
ua = UserAgent().chrome
headers = {
'User-Agent': ua
}
def spider1(word,sign,time):
cookies = {
'OUTFOX_SEARCH_USER_ID': '-2114031464@10.105.137.204',
'OUTFOX_SEARCH_USER_ID_NCOO': '104665582.8309858',
}
headers = {
'Accept': 'application/json, text/plain, */*',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Connection': 'keep-alive',
'Content-Type': 'application/x-www-form-urlencoded',
# 'Cookie': 'OUTFOX_SEARCH_USER_ID=-2114031464@10.105.137.204; OUTFOX_SEARCH_USER_ID_NCOO=104665582.8309858',
'Origin': 'https://fanyi.youdao.com',
'Referer': 'https://fanyi.youdao.com/',
'Sec-Fetch-Dest': 'empty',
'Sec-Fetch-Mode': 'cors',
'Sec-Fetch-Site': 'same-site',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36',
'sec-ch-ua': '"Chromium";v="118", "Google Chrome";v="118", "Not=A?Brand";v="99"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
}
data = {
'i': word,
'from': 'auto',
'to': '',
'dictResult': 'true',
'keyid': 'webfanyi',
'sign': sign,
'client': 'fanyideskweb',
'product': 'webfanyi',
'appVersion': '1.0.0',
'vendor': 'web',
'pointParam': 'client,mysticTime,product',
'mysticTime': str(time),
'keyfrom': 'fanyi.web',
'mid': '1',
'screen': '1',
'model': '1',
'network': 'wifi',
'abtest': '0',
'yduuid': 'abcdefg',
}
res = requests.post('https://dict.youdao.com/webtranslate', cookies=cookies, headers=headers, data=data).text
return res
def jiemi(text,key,iv):
key = hashlib.md5(key.encode(encoding='utf-8')).digest()
iv = hashlib.md5(iv.encode(encoding='utf-8')).digest()
# AES解密
aes_en = AES.new(key, AES.MODE_CBC, iv)
# 将已经加密的数据放进该方法
data_new = base64.urlsafe_b64decode(text)
# 参数准备完毕后,进行解密
result = aes_en.decrypt(data_new).decode('utf-8')
return result
if __name__ == '__main__':
key = "ydsecret://query/key/B*RGygVywfNBwpmBaZg*WT7SIOUP2T0C9WHMZN39j^DAdaZhAnxvGcCY6VYFwnHl"
iv = "ydsecret://query/iv/C@lZe2YzHtZ2CYgaXKSVfsb7Y4QWHjITPPZ0nQp87fBeJ!Iv6v^6fvi2WN@bYpJ4"
word = input("输入翻译元素")
tt=time.time()
# 获取js的时间戳
r = int(time.time()*1000)
t='fsdsogkndfokasodnaso'
d='fanyideskweb'
u='webfanyi'
data=f'client={d}&mysticTime={r}&product={u}&key={t}'
sign = hashlib.md5(data.encode("utf-8")).hexdigest()
result=spider1(word,sign,r)
print(result)
jiema=jiemi(result,key,iv)
print(jiema)