声明:
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
补环境部分代码
!(() => {
"use strict";
const $toString = Function.toString;
const myFunction_toString_symbol = Symbol('('.concat('', ')_', (Math.random() + '').toString(36)));
const myToString = function () {
return typeof this == 'function' && this[myFunction_toString_symbol] || $toString.call(this);
};
function set_native(func, key, value) {
Object.defineProperty(func, key, {
"enumerable": false,
"configurable": true,
"writable": true,
"value": value
})
};
delete Function.prototype['toString']; //删除原型链上的toString
set_native(Function.prototype, "toString", myToString); //自己定义个getter方法
set_native(Function.prototype.toString, myFunction_toString_symbol, "function toString() { [native code] }"); //套个娃 保护一下我们定义的toString 否则就暴露了
this.func_set_natvie = (func) => {
set_native(func, myFunction_toString_symbol, `function ${myFunction_toString_symbol, func.name || ''}() { [native code] }`);
}; //导出函数到globalThis
}).call(this);
const XMLHttpRequest = require('xhr2');
Window = function Window() {
throw new TypeError('Illegal constructor')
};
this.func_set_natvie(Window);
Window.prototype.PERSISTENT = 1
Window.prototype.TEMPORARY = 0
send: function send() {
}
Navigator = function Navigator() {
throw new TypeError('Illegal constructor')
};
this.func_set_natvie(Navigator);
window = global
Object.defineProperties(Window.prototype, {
[Symbol.toStringTag]: {
value: 'Window',
configurable: true
}
})
Object.defineProperties(Navigator.prototype, {
[Symbol.toStringTag]: {
value: 'Navigator',
configurable: true
}
})
window.__proto__ = Window.prototype
window.DataView = function DataView() {
console.log('window.DataView', arguments)
};
this.func_set_natvie(DataView);
window.Notification = function Notification() {
console.log('window.Notification', arguments)
};
this.func_set_natvie(Notification);
location ={
}
okeys=Object.keys
Object.keys=function keys() {
temp=okeys.apply(this,arguments)
return temp
}
screen = {}
window.H5guardCount = 1
window.wPaths = []
setInterval = function () {
}
setTimeout = function () {
}
Navigator.toString = function toString() {
return 'function Navigator() { [native code] }'
};
this.func_set_natvie(Navigator.toString);
navigator = {}
navigator.__proto__ = Navigator.prototype
document.cookie = {}
window.sessionStorage = {}
window.localStorage.clear = function clear() {
var temp = Object.keys(this)
for (var i = 0; i < temp.length; i++) {
delete this[temp[i]];
}
};
window.sessionStorage.clear = function clear() {
var temp = Object.keys(this)
for (var i = 0; i < temp.length; i++) {
delete this[temp[i]];
}
};
window.localStorage.getItem = function getItem(key) {
return this[key]
};
window.sessionStorage.getItem = function getItem(key) {
return this[key]
};
window.localStorage.key = function key(index) {
return Object.keys(this)[index]
};
window.sessionStorage.key = function key(index) {
return Object.keys(this)[index]
};
window.localStorage.removeItem = function removeItem(key) {
delete this[key]
};
window.sessionStorage.removeItem = function removeItem(key) {
delete this[key]
};
window.localStorage.setItem = function setItem(key, value) {
this[key] = value
};
window.sessionStorage.setItem = function setItem(key, value) {
this[key] = value
};
window.fetchHooked = true
window.wDomains =[
]
window.name = ''
window.indexedDB = {}
window._phantom = undefined
window.phantom = undefined
window.callPhantom = undefined
navigator.plugins = [{name: "PDF Viewer"}, {name: "Chrome PDF Viewer"}, {name: "Chromium PDF Viewer"},
{name: "Microsoft Edge PDF Viewer"}, {name: "WebKit built-in PDF"}]
oph = Object.prototype.hasOwnProperty
Object.prototype.hasOwnProperty = function hasOwnProperty(val) {
if (val === 'webdriver') {
return false
}
return oph.apply(this, arguments)
document.body = {
appendChild: function appendChild() {
},
removeChild: function removeChild() {
},
scrollTop: 0
}
window.AudioContext = function AudioContext() {
console.log('window.AudioContext', arguments)
}
window.screenX = 0
window.screenY = 0
window.screenLeft = 0
window.screenTop = 0
window.parent = window
window.opener = null
window.frames = window
window.closed = false
window.customElements = {}
window.locationbar = {visible: true}
window.menubar = {visible: true}
window.personalbar = {visible: true}
window.scrollbars = {visible: true}
window.statusbar = {visible: true}
window.toolbar = {visible: true}
window.status = ''
window.frameElement = null
window.onsearch = null
window.external = {}
window.styleMedia = {type: "screen"}
window.isSecureContext = true