阿里滑块验证码版本227破解(2)

已于 2023-12-26 22:21:12 修改
阅读量3k 收藏 14
点赞数 18
文章标签: javascript 前端 html
于 2023-12-26 21:49:15 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/htia/article/details/135231739
版权

手动破解227版本的验证码是可行的,但是如果阿里每三个月更新一个版本,手动破解劳心费力。所以应该考虑自动破解。在fireyejs.js 文件中,o是一个功能,例如o=30是初始化,会发布几个对外函数,

r.push(723562350,523762464,2,1),
i(14,2,-1),Me=r.pop(),
xe[Me]=function()
{return 227},
Me="ge",Me+="tFY",
xe[Me+="Token"]=function(e){var o;return i(40,e)},
Me=(Me="nekoTdiUteg").split("").reverse().join(""),
xe[Me]=function(e){var o;return i(6,e)},
Me="re",Me+="setS",
xe[Me+="A"]=function(){i(29)}

o如果确定,接下来就是li的数值决定switch(31&li),再接下来的switch是ci,mi,这些都是根据li确定的,可以把整个代码分割为如下的结构:

根据当前的li就可以确定一个很小的代码块,再根据当前li运行到最后必须给li赋值以进行下一步运算,就可以确定当前li运行后的精确代码,

下面是o=30,o=25,o=40时提取的代码,粗糙,有大神可以一起合作,实现每次阿里更新版本,程序2小时内生成最新的破解代码。

ci = window,
Qo = s,
Yo = void 0,
mo = void 0,
li = (wo = o),
uo = (uo = "tcejbo").split("").reverse().join(""),
li = (co = typeof wo !== uo),
mo = void 0,
wo = mo,
mo = +o === o,
=o),
mo = void 0 === Yo,
wo = +o === o,
r.push(4, 3071828176897, 2, 1),
i(14, 2, -1),
uo = r.pop(),
co = uo,
uo = "",
So = "b",
Je = So += "ind",
So = "\u0219\u020c\u021b\u020f\u0206\u021b\u0204\u0208\u0207\u020a\u020c",
Ye = "",
we = 0,
we = (Y = P * fe)), Ce < _.length, Re = 262 ^ _.charCodeAt(Ce), ue += String.fromCharCode(Re), Ce++, li = (qe = (qe = (Oo = (P = P <= 27) + (fe = 9 == fe)) * Oo) >= (Y = P * fe)), Ce < _.length, Re = 262 ^ _.charCodeAt(Ce), ue += String.fromCharCode(Re), Ce++, li = (qe = (qe = (Oo = (P = P <= 27) + (fe = 9 == fe)) * Oo) >= (Y = P * fe)), Ce < _.length, Re = 262 ^ _.charCodeAt(Ce), ue += String.fromCharCode(Re), Ce++, li = (qe = (qe = (Oo = (P = P <= 27) + (fe = 9 == fe)) * Oo) >= (Y = P * fe)), ue += "ppen", ue += "d", ue += "Ch", Vo = ue += "ild", ue = "yx", ue += "o", ue += "rPo", ue = (ue += "n").split("").reverse().join(""), ho = ue, ue = "\u0330\u032c\u032c\u0328\u032b\u0362\u0377\u0377", Mo = "", ao = 0, ao - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Eo++, Eo - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Eo++, Eo - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Eo++, Eo - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Io = 428 ^ To.charCodeAt(Uo), vo += String.fromCharCode(Io), Uo++, Uo > 24), Q = 255 & (Pe = Co >> 16), le = 255 & (Pe = Co >> 8), Pe = 255 & Co, Te.push(ve, Q, le, Pe), Co = Ao = Te, Ao = void 0, Te = oo, oo = [], ve = 255 & (Pe = Te >> 24), Pe = Te >> 16, Q = 255 & Pe, le = 255 & (Pe = Te >> 8), Pe = 255 & Te, oo.push(ve, Q, le, Pe), oo = Ao = oo, Ao = Co.concat(oo), Me = Ao, Ko[48] = Me, Ko[5] = [], Ko[57] = [], oo = xe(), Me = oo[co](36), oo = Me[Re](2), Me = xe(), xe = Me[co](36), Me = xe[Re](2), Ko[6] = oo + Me, Ko[89] = 0, Ko[16] = 0, Ko[58] = 0, Ko[30] = 0, Ko[46] = -1, Ko[51] = -1, Ko[22] = uo, Ko[56] = {},
oo = void 0, xe = 0, Me = po;
var Ai = Ko;Ai[95] = 0, Ai[60] = 0, r.push(3384268058261, 1, 2), i(14, 2, -1), Ao = r.pop(), Co = Ao, Ao = "\u0148\u016a\u0167\u0170\u0171", Te = "", Pe = 0, Pe1, Me[32] = 2, globalOpt[ho], oo = void 0, Me = Ko, Te = (xe = po)[So], li = Te, ve = "\u0226\u0243\u0237\u0272\u021c\u0268\u021a\u0273\u0216\u0265", Q = "", le = 0, Z = 0, Z = (Y = P * fe)), Ce < _.length, _ = ue, ue = "sr", Ce = ue += "c", li = q, q = 30 === o, ue = "s", ue += "ub", ue += "stri", Re = ue += "ng", ue = "r", ue += "ota", ue += "giva", ue += "n", ue = ue.split("").reverse().join(""), _e = ue, r.push(83190, 56046782639, 2, 2), i(14, 2, -1), ue = r.pop(), ne = ue, ue = (ue = "yarrA").split("").reverse().join(""), me = ue, ue = "Ob", ue += "j", Qe = ue += "ect", ue = "R", ue += "egE", jo = ue += "xp", ue = (ue = "ytreporPenifed").split("").reverse().join(""), so = ue, ue = "ro", ue = (ue += "rrE").split("").reverse().join(""), He = ue, ue = (ue = "teg").split("").reverse().join(""), Ro = ue, ue = "cd", ue += "c_", ue += "adoQ", ue += "poas", ue += "nfa76pfc", ue += "Z", ue += "Lmcfl_Sym", ze = ue += "bol", ue = (ue = "tnemucod").split("").reverse().join(""), ei = ue, r.push(14645503911, 4408175443116, 2, 1), i(14, 2, -1), ue = r.pop(), Wo = ue, ue = "SC", ue += "RIP", zo = ue += "T", ue = "s", ue += "etT", ue += "im", ue += "e", _o = ue += "out", ue = "g", ue += "et", ue += "El", ue += "em", ue += "entsBy", Ho = ue += "TagName", ue = "HE", Fo = ue += "AD", ue = "a", ue += "ppen", ue += "d", ue += "Ch", Vo = ue += "ild", ue = "yx", ue += "o", ue += "rPo", ue = (ue += "n").split("").reverse().join(""), ho = ue, ue = "\u0330\u032c\u032c\u0328\u032b\u0362\u0377\u0377", Mo = "", ao = 0, ao - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Eo++, Eo - 216, No = Ke.charCodeAt(Eo), vo = No ^ Lo, Lo = No, To += String.fromCharCode(vo), li = Oo, Eo++, Eo - 185, yo = po, po = "b", $o = po += "lur", po = "__", po += "w", po += "xj", po += "s_env", po += "ironm", po += "ent", li = Y, Bo = po, po = "m", po += "in", po += "i", Jo = po += "program", po = "fe", po = (po += "rh").split("").reverse().join(""), ni = po, po = (po = "raelc").split("").reverse().join(""), ri = po, po = "r", po += "e", di = po += "place", r.push(4103, 3334310427378, 51291557964, 3, 2), i(14, 2, -1), po = r.pop(), ti = po, po = (po = "elyts").split("").reverse().join(""), ai = po, li = q, Ko = Qo, oo = (po = ci)[ge], xe = oo[Oe], oo = "fy", oo += "g", oo += "lobal", oo += "op", oo += "t", Me = window[oo], Me = {},
n = Me, globalOpt = n, oo = new po[ie], Ko[93] = +oo, oo = Ko[93], Me = void 0, Te = 0 | (Co = (Ao = oo) / (oo = 4294967296)), oo = Ao - (Co = Te * oo), Ao = void 0, Co = Te, Te = [], ve = 255 & (Pe = Co >> 24), Q = 255 & (Pe = Co >> 16), le = 255 & (Pe = Co >> 8), Pe = 255 & Co, Te.push(ve, Q, le, Pe), Co = Ao = Te, Ao = void 0, Te = oo, oo = [], ve = 255 & (Pe = Te >> 24), Pe = Te >> 16, Q = 255 & Pe, le = 255 & (Pe = Te >> 8), Pe = 255 & Te, oo.push(ve, Q, le, Pe), oo = Ao = oo, Ao = Co.concat(oo), Me = Ao, Ko[48] = Me, Ko[5] = [], Ko[57] = [], oo = xe(), Me = oo[co](36), oo = Me[Re](2), Me = xe(), xe = Me[co](36), Me = xe[Re](2), Ko[6] = oo + Me, Ko[89] = 0, Ko[16] = 0, Ko[58] = 0, Ko[30] = 0, Ko[46] = -1, Ko[51] = -1, Ko[22] = uo, Ko[56] = {},
oo = void 0, xe = 0, Me = po;
var Ai = Ko;Ai[95] = 0, Ai[60] = 0, r.push(3384268058261, 1, 2), i(14, 2, -1), Ao = r.pop(), Co = Ao, Ao = "\u0148\u016a\u0167\u0170\u0171", Te = "", Pe = 0, Pe1, Me[32] = 2, globalOpt[ho], oo = void 0, Me = Ko, Te = (xe = po)[So], li = Te, ve = "\u0226\u0243\u0237\u0272\u021c\u0268\u021a\u0273\u0216\u0265", Q = "", le = 0, Z = 0, Z(A = (qe = 199 | (Y = U !== q)) << 24)), ve(A = (qe = 199 | (Y = U !== q)) << 24)), ve(qe <<= 24)), Z - 254, le[40] = new xe[ie], li = qe, xe = le[35], oe = i[Je], li = oe, oe = i[Je](0, xe[co] = oe, xe = le[40], le = i[Je], li = le, le = i[Je](0, xe[co] = le, li = O, Q = void 0, A = (Y = (bo = bo > 11) * bo) + (A = (fe = so instanceof Object) * fe), Y = (Oo = !ee) * Oo, P = (qe |= 13) * qe, P = Y + P, P *= A, A = (Y = bo * Oo) + (A = fe * qe), li = (bo = P >= (A *= A)), xe = !oo, oo = "\u0195\u0198\u018f\u018d\u018f\u0194", Co = "", Q = 0, Q = (A = qe * Y)), pe = oe, pe = le[oo], li = (fe = (bo = (P = (Y = 16 != Y) + (Oo = Ee instanceof Object)) * P) >= (A = 2 * (P = Y * Oo))), mi < 12 ? (oe = pe), oe = le[lo] == le, pe = oe, oe = pe, xe = Q, i(18), Me = Ko, Te = (xe = po)[ei], r.push(748918169294, 48888119508, 2, 0), i(14, 2, -1), ve = r.pop(), Q = Te[ve], li = (Te = Q), Te = Q[Ce], ve = Te, Te = xe[So], li = Te, Q = xe[So], Te
最低0.47元/天 解锁文章
novacolas
关注
阿里滑块验证码版本227破解(4)
htia的专栏
12-26 2475
亚洲最大电商阿里,为了防扒数据,做出了巨大的努力,越是遮遮掩掩,越要把他的衣服扒光了,与一众兄弟分享。这样的混淆造成了整个函数运行的规律化,可以在这个js文件的i函数开始和 switch (31 & li)之间做很多工作,例如把每一步运行的变量保存下来存储到文件中慢慢研究。一次验证需要li运行5万次以上,所以直接存储会导致文件过大,可以考虑把字符串放进一个集合中,每个字符串只出现一次,相同的字符串指向相同的指针,可以大大减轻保存变量时的资源消耗。再写一个保存文件的函数。
某里227逆向分析
最新发布
qq_35249586的博客
09-07 1107
阿里227逆向分析
阿里滑块通杀X82YX5SECua算法方法python例子.zip
09-04
阿里云滑动验证对接例子,2021.9.4更新,稳定
【ali滑块227逆向思路分享
weixin_44862184的博客
12-22 6643
最近某里滑块更新到了227版本,借此机会简单分享下逆向思路。(水文一篇)
阿里227滑块分析
yinyunan1210的专栏
08-16 710
最近做hkexpress出票时,遇到了阿里验证码,界面看上去挺简单,逆向起来还挺麻烦,这里简单记录下步骤和注意点。
[已成功破解] 阿里 taobao 滑条验证码 x5sec解密 slidedata参数
u013010088的博客
02-16 8884
[已成功破解] 阿里 taobao 滑条验证码 x5sec解密 slidedata参数
阿里滑块验证码版本227破解(1)
htia的专栏
12-26 2888
阿里滑块 227版本 破解
阿里滑块验证码版本227版本破解(3)
htia的专栏
12-26 4018
这是一个手动分析记录,考虑到这样的操作劳心费力,所以改成程序自动破解。故本文档不完整,分享给兄弟们作为参考,其中的破解代码已经验证过,可以直接拷贝粘贴用。
淘宝滑块
weixin_43268350的博客
12-11 1721
public void Huakuaiyanzheng(IWebDriver driver) { int jici = 0; while (WaitElement(driver, By.ClassName("nc-lang-cnt"), 2000)) { //记录判断验证次数 if (jici > 10) { .
JS实现阿里滑动验证码破解
大华的程序人生
08-25 2231
其中滑块按钮和滑动div的id可能要根据场景做出修改,dx,dy也可能要做出调整。console.log('拖动结束执行逻辑');
JS实现阿里云滑动验证码破解
qq_36752481的博客
02-24 5701
//使用联通测试网址 http://upay.10010.com/npfwap/npfMobWap/bankcharge/index.html?version function fuck10010(){ btn=document.querySelector(".button"); mousedown = document.createEvent("MouseEvents"); rect = btn.getBoundingClientRect(); x = rect.x||r.
淘宝滑动验证码
06-02
淘宝滑动验证码
淘宝商品爬虫, selenium破解滑块验证(目前可用)
06-22
淘宝商品爬虫, selenium破解滑块验证(目前可用)
阿里滑块验证码版本227变量采集
12-26
每一步的变量采集到文件中,可以慢慢研究
Python 爬虫模拟登陆,破解滑块验证码_pyautogui 阿里滑块
m0_63102527的博客
04-27 846
print(“账户名密码不匹配!”, result)# pyautogui库操作鼠标指针。# 获取模块的url路径。print(“异常!# 从网页上获取组件。
阿里227滑块记录
weixin_44110940的博客
07-03 1263
最近在研究阿里滑块的逆向,当访问接口速度过快或者频繁的时候就会出现这时候需要需要把验证过了才能继续请求。在网上搜罗了一圈,大概的解决思路就是通过还原出算法,用协议去请求滑块的接口,拿到验证成功后的x5sec放到业务接口去请求才行但是这个方法需要的时间和成本比较高,有没有什么通用的解决思路呢?继续研究发现可以通过自动化框架来完成这一操作。
puppeteer破解阿里h5滑动验证码
阳光下的小树
03-15 9549
阅读流程 前沿 效果 代码 滑动中的两个关键点 总结 前言 说到滑动验证码,大家想到的就是通过无头浏览器,模拟手势滑动。但是这个过程有两个重要的点。突破了这两个点,滑动验证码就可以很轻松的绕过了。shi 效果 话不多说,直接上代码。 var puppeteer = require('puppeteer') const devices = require('puppeteer/Devic...
淘宝滑动验证码研究
cuoban的学习空间
04-14 7064
引言 悠闲的时候,总会去找些事做做。前些天在登录淘宝的时候,发现了滑动验证码,虽然已经不是什么新事物,但还是产生了很大的兴趣。   传统的字符输入验证码,变为了滑动验证码,这一看就是产品大师的手笔啊,不知道申请专利没有。 这种“情感化”的验证码设计,可破解度高不高呢?如果是可破解度高,那就真是验证码的一次革命变新了。还是让我先了解一下滑动验证码的资料吧! 没有Google就百度,搜一搜,
android阿里滑块验证码,在Android App中接入HTML5滑块验证
05-23
要在Android App中接入HTML5滑块验证,你需要进行以下步骤: 1. 在Android App中嵌入WebView组件用于加载HTML5页面。 2. 在HTML5页面中引入阿里滑块验证码的JS SDK,并初始化验证码。 3. 在Android App中实现WebView的相关回调方法,以便在WebView中与JS交互。 下面是一个简单的实现示例: 1. 在布局文件中添加WebView组件 ``` <WebView android:id="@+id/web_view" android:layout_width="match_parent" android:layout_height="match_parent" /> ``` 2. 在Activity中加载HTML5页面,并初始化验证码 ``` public class MainActivity extends AppCompatActivity { private WebView mWebView; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); mWebView = findViewById(R.id.web_view); mWebView.getSettings().setJavaScriptEnabled(true); mWebView.setWebViewClient(new WebViewClient() { @Override public void onPageFinished(WebView view, String url) { super.onPageFinished(view, url); // 初始化阿里滑块验证SDK view.loadUrl("javascript:window.initSlideVerify()"); } }); mWebView.loadUrl("file:///android_asset/index.html"); } // 与JS交互的回调方法 @Override public boolean onKeyDown(int keyCode, KeyEvent event) { if (keyCode == KeyEvent.KEYCODE_BACK && mWebView.canGoBack()) { mWebView.goBack(); return true; } return super.onKeyDown(keyCode, event); } } ``` 3. 在HTML5页面中引入阿里滑块验证码的JS SDK,并初始化验证码 ``` <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>滑块验证Demo</title> <script src="https://g.alicdn.com/sd/slide/0.1.4/slide.min.js"></script> </head> <body> <div id="verify-wrap"></div> <script> window.initSlideVerify = function() { var slideVerify = new SlideVerify('#verify-wrap', { mode: 'pop', vOffset: 5, barSize: { width: '100%', height: '50px' }, ready: function() { console.log('滑块验证组件初始化成功!'); }, success: function() { console.log('滑块验证通过!'); // TODO: 在JS中向Android发送验证通过的消息 } }); }; </script> </body> </html> ``` 这样就可以在Android App中接入HTML5滑块验证了。需要注意的是,在JS中向Android发送消息需要通过WebView的`addJavascriptInterface()`方法实现,具体可参考Android官方文档。
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

novacolas

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值