知乎x-zse-86参数破解

最新推荐文章于 2024-08-14 16:56:01 发布
最新推荐文章于 2024-08-14 16:56:01 发布
阅读量1.1k 收藏 3
点赞数 1
文章标签: js
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_49077792/article/details/113694689
版权

知乎x-zse-86参数加密过程

// 这段代码就可以看出x-zse-86就是E,E=y.signature,所以把y找出来即可。
 var v = o.ZSE_83_VERSION.web
                  , m = s.xZst81
                  , O = null;
                try {
                    var g = (0,
                    r.getDC0Cookie)()
                      , y = (0,
                    i.default)(t, h.body, {
                        zse83: v,
                        dc0: g,
                        xZst81: m
                    })
                      , E = y.signature;
                    O = y.source,
                    m && b.set("x-zst-81", m),
                    b.set("x-zse-83", v),
                    b.set("x-zse-86", "2.0_" + E)
                }

在y处打断点进入加密函数

function(e, t, n) {
    "use strict";
    t.__esModule = !0,
    t.default = function(e, t, n) {
        var a = n.zse83
          , c = n.dc0
          , s = n.xZst81
          , u = (0,
        i.stripUrlOrigin)(e)
          , l = (0,
        i.bodyToString)(t)
          , d = [a, u, c, (0,
        i.shouldSignBody)(l) && l, s].filter(Boolean).join("+");
        return {
            source: d,
            signature: (0,
            o.default)((0,
            r.default)(d))
        }

很明显了,d是auc三个字符串用+拼接起来的,传给r.default函数(也就是下面的第一段js代码),得到结果传给o.default函数(也就是下面第二段js代码),就能得出最后的x-zse-86的结果。

// a = "3_2.0";
// c = 'AHDY1EeR6xCPTmMYY4bhnbqflIw6LWiOimc=|1583466574"';
// e = "/api/v4/members/Germey/followees?include=data%5B*%5D.answer_count%2Carticles_count%2Cgender%2Cfollower_count%2Cis_followed%2Cis_following%2Cbadge%5B%3F(type%3Dbest_answerer)%5D.topics&offset=20&limit=20";
// u = e;
// d = '3_2.0+/api/v4/members/Germey/followees?include=data%5B*%5D.answer_count%2Carticles_count%2Cgender%2Cfollower_count%2Cis_followed%2Cis_following%2Cbadge%5B%3F(type%3Dbest_answerer)%5D.topics&offset=20&limit=20+"AHDY1EeR6xCPTmMYY4bhnbqflIw6LWiOimc=|1583466574"';

// 这段js代码是参数d加密的代码。

function i(e, t) {
    var n = (65535 & e) + (65535 & t);
    return (e >> 16) + (t >> 16) + (n >> 16) << 16 | 65535 & n
}

function a(e, t, n, r, o, a) {
    return i((c = i(i(t, e), i(r, a))) << (s = o) | c >>> 32 - s, n);
    var c, s
}

function c(e, t, n, r, o, i, c) {
    return a(t & n | ~t & r, e, t, o, i, c)
}

function s(e, t, n, r, o, i, c) {
    return a(t & r | n & ~r, e, t, o, i, c)
}

function u(e, t, n, r, o, i, c) {
    return a(t ^ n ^ r, e, t, o, i, c)
}

function l(e, t, n, r, o, i, c) {
    return a(n ^ (t | ~r), e, t, o, i, c)
}

function d(e, t) {
    var n, r, o, a, d;
    e[t >> 5] |= 128 << t % 32,
        e[14 + (t + 64 >>> 9 << 4)] = t;
    var f = 1732584193
        , p = -271733879
        , h = -1732584194
        , b = 271733878;
    for (n = 0; n < e.length; n += 16)
        r = f,
            o = p,
            a = h,
            d = b,
            f = c(f, p, h, b, e[n], 7, -680876936),
            b = c(b, f, p, h, e[n + 1], 12, -389564586),
            h = c(h, b, f, p, e[n + 2], 17, 606105819),
            p = c(p, h, b, f, e[n + 3], 22, -1044525330),
            f = c(f, p, h, b, e[n + 4], 7, -176418897),
            b = c(b, f, p, h, e[n + 5], 12, 1200080426),
            h = c(h, b, f, p, e[n + 6], 17, -1473231341),
            p = c(p, h, b, f, e[n + 7], 22, -45705983),
            f = c(f, p, h, b, e[n + 8], 7, 1770035416),
            b = c(b, f, p, h, e[n + 9], 12, -1958414417),
            h = c(h, b, f, p, e[n + 10], 17, -42063),
            p = c(p, h, b, f, e[n + 11], 22, -1990404162),
            f = c(f, p, h, b, e[n + 12], 7, 1804603682),
            b = c(b, f, p, h, e[n + 13], 12, -40341101),
            h = c(h, b, f, p, e[n + 14], 17, -1502002290),
            f = s(f, p = c(p, h, b, f, e[n + 15], 22, 1236535329), h, b, e[n + 1], 5, -165796510),
            b = s(b, f, p, h, e[n + 6], 9, -1069501632),
            h = s(h, b, f, p, e[n + 11], 14, 643717713),
            p = s(p, h, b, f, e[n], 20, -373897302),
            f = s(f, p, h, b, e[n + 5], 5, -701558691),
            b = s(b, f, p, h, e[n + 10], 9, 38016083),
            h = s(h, b, f, p, e[n + 15], 14, -660478335),
            p = s(p, h, b, f, e[n + 4], 20, -405537848),
            f = s(f, p, h, b, e[n + 9], 5, 568446438),
            b = s(b, f, p, h, e[n + 14], 9, -1019803690),
            h = s(h, b, f, p, e[n + 3], 14, -187363961),
            p = s(p, h, b, f, e[n + 8], 20, 1163531501),
            f = s(f, p, h, b, e[n + 13], 5, -1444681467),
            b = s(b, f, p, h, e[n + 2], 9, -51403784),
            h = s(h, b, f, p, e[n + 7], 14, 1735328473),
            f = u(f, p = s(p, h, b, f, e[n + 12], 20, -1926607734), h, b, e[n + 5], 4, -378558),
            b = u(b, f, p, h, e[n + 8], 11, -2022574463),
            h = u(h, b, f, p, e[n + 11], 16, 1839030562),
            p = u(p, h, b, f, e[n + 14], 23, -35309556),
            f = u(f, p, h, b, e[n + 1], 4, -1530992060),
            b = u(b, f, p, h, e[n + 4], 11, 1272893353),
            h = u(h, b, f, p, e[n + 7], 16, -155497632),
            p = u(p, h, b, f, e[n + 10], 23, -1094730640),
            f = u(f, p, h, b, e[n + 13], 4, 681279174),
            b = u(b, f, p, h, e[n], 11, -358537222),
            h = u(h, b, f, p, e[n + 3], 16, -722521979),
            p = u(p, h, b, f, e[n + 6], 23, 76029189),
            f = u(f, p, h, b, e[n + 9], 4, -640364487),
            b = u(b, f, p, h, e[n + 12], 11, -421815835),
            h = u(h, b, f, p, e[n + 15], 16, 530742520),
            f = l(f, p = u(p, h, b, f, e[n + 2], 23, -995338651), h, b, e[n], 6, -198630844),
            b = l(b, f, p, h, e[n + 7], 10, 1126891415),
            h = l(h, b, f, p, e[n + 14], 15, -1416354905),
            p = l(p, h, b, f, e[n + 5], 21, -57434055),
            f = l(f, p, h, b, e[n + 12], 6, 1700485571),
            b = l(b, f, p, h, e[n + 3], 10, -1894986606),
            h = l(h, b, f, p, e[n + 10], 15, -1051523),
            p = l(p, h, b, f, e[n + 1], 21, -2054922799),
            f = l(f, p, h, b, e[n + 8], 6, 1873313359),
            b = l(b, f, p, h, e[n + 15], 10, -30611744),
            h = l(h, b, f, p, e[n + 6], 15, -1560198380),
            p = l(p, h, b, f, e[n + 13], 21, 1309151649),
            f = l(f, p, h, b, e[n + 4], 6, -145523070),
            b = l(b, f, p, h, e[n + 11], 10, -1120210379),
            h = l(h, b, f, p, e[n + 2], 15, 718787259),
            p = l(p, h, b, f, e[n + 9], 21, -343485551),
            f = i(f, r),
            p = i(p, o),
            h = i(h, a),
            b = i(b, d);
    return [f, p, h, b]
}

function f(e) {
    var t, n = "", r = 32 * e.length;
    for (t = 0; t < r; t += 8)
        n += String.fromCharCode(e[t >> 5] >>> t % 32 & 255);
    return n
}

function p(e) {
    var t, n = [];
    for (n[(e.length >> 2) - 1] = void 0,
             t = 0; t < n.length; t += 1)
        n[t] = 0;
    var r = 8 * e.length;
    for (t = 0; t < r; t += 8)
        n[t >> 5] |= (255 & e.charCodeAt(t / 8)) << t % 32;
    return n
}

function h(e) {
    var t, n, r = "";
    for (n = 0; n < e.length; n += 1)
        t = e.charCodeAt(n),
            r += "0123456789abcdef".charAt(t >>> 4 & 15) + "0123456789abcdef".charAt(15 & t);
    return r
}

function b(e) {
    return unescape(encodeURIComponent(e))
}

function v(e) {
    return function (e) {
        return f(d(p(e), 8 * e.length))
    }(b(e))
}

function m(e, t) {
    return function (e, t) {
        var n, r, o = p(e), i = [], a = [];
        for (i[15] = a[15] = void 0,
             o.length > 16 && (o = d(o, 8 * e.length)),
                 n = 0; n < 16; n += 1)
            i[n] = 909522486 ^ o[n],
                a[n] = 1549556828 ^ o[n];
        return r = d(i.concat(p(t)), 512 + 8 * t.length),
            f(d(a.concat(r), 640))
    }(b(e), b(t))
}

function O(e, t, n) {
    return t ? n ? m(t, e) : h(m(t, e)) : n ? v(e) : h(v(e))
}

function get_enc_sign(d) {
    return O(d);
}

console.log(get_enc_sign('3_2.0+/api/v4/members/Germey/followees?include=data%5B*%5D.answer_count%2Carticles_count%2Cgender%2Cfollower_count%2Cis_followed%2Cis_following%2Cbadge%5B%3F(type%3Dbest_answerer)%5D.topics&offset=20&limit=20+"AHDY1EeR6xCPTmMYY4bhnbqflIw6LWiOimc=|1583466574"'));

下面这段代码是获取最终x-zse-86参数的js代码:有个地方有个atob加密,要改成window.atob,再改成nodejs,不然会报错。

// 把js改成nodejs
const jsdom = require("jsdom");
const { JSDOM } = jsdom;
const dom = new JSDOM(`<!DOCTYPE html><p>Hello world</p>`);
window = dom.window;
document = window.document;
XMLHttpRequest = window.XMLHttpRequest;

var exports = {};  // 这里要var一个exports

function t(e) {
    return (t = "function" == typeof Symbol && "symbol" == typeof Symbol.A ? function (e) {
                return typeof e
            }
            : function (e) {
                return e && "function" == typeof Symbol && e.constructor === Symbol && e !== Symbol.prototype ? "symbol" : typeof e
            }
    )(e)
}

Object.defineProperty(exports, "__esModule", {
    value: !0
});
var A = "2.0"
    , __g = {};

function s() {
}

function i(e) {
    this.t = (2048 & e) >> 11,
        this.s = (1536 & e) >> 9,
        this.i = 511 & e,
        this.h = 511 & e
}

function h(e) {
    this.s = (3072 & e) >> 10,
        this.h = 1023 & e
}

function a(e) {
    this.a = (3072 & e) >> 10,
        this.c = (768 & e) >> 8,
        this.n = (192 & e) >> 6,
        this.t = 63 & e
}

function c(e) {
    this.s = e >> 10 & 3,
        this.i = 1023 & e
}

function n() {
}

function e(e) {
    this.a = (3072 & e) >> 10,
        this.c = (768 & e) >> 8,
        this.n = (192 & e) >> 6,
        this.t = 63 & e
}

function o(e) {
    this.h = (4095 & e) >> 2,
        this.t = 3 & e
}

function r(e) {
    this.s = e >> 10 & 3,
        this.i = e >> 2 & 255,
        this.t = 3 & e
}

s.prototype.e = function (e) {
    e.o = !1
}
    ,
    i.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                e.r[this.s] = this.i;
                break;
            case 1:
                e.r[this.s] = e.k[this.h]
        }
    }
    ,
    h.prototype.e = function (e) {
        e.k[this.h] = e.r[this.s]
    }
    ,
    a.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                e.r[this.a] = e.r[this.c] + e.r[this.n];
                break;
            case 1:
                e.r[this.a] = e.r[this.c] - e.r[this.n];
                break;
            case 2:
                e.r[this.a] = e.r[this.c] * e.r[this.n];
                break;
            case 3:
                e.r[this.a] = e.r[this.c] / e.r[this.n];
                break;
            case 4:
                e.r[this.a] = e.r[this.c] % e.r[this.n];
                break;
            case 5:
                e.r[this.a] = e.r[this.c] == e.r[this.n];
                break;
            case 6:
                e.r[this.a] = e.r[this.c] >= e.r[this.n];
                break;
            case 7:
                e.r[this.a] = e.r[this.c] || e.r[this.n];
                break;
            case 8:
                e.r[this.a] = e.r[this.c] && e.r[this.n];
                break;
            case 9:
                e.r[this.a] = e.r[this.c] !== e.r[this.n];
                break;
            case 10:
                e.r[this.a] = t(e.r[this.c]);
                break;
            case 11:
                e.r[this.a] = e.r[this.c] in e.r[this.n];
                break;
            case 12:
                e.r[this.a] = e.r[this.c] > e.r[this.n];
                break;
            case 13:
                e.r[this.a] = -e.r[this.c];
                break;
            case 14:
                e.r[this.a] = e.r[this.c] < e.r[this.n];
                break;
            case 15:
                e.r[this.a] = e.r[this.c] & e.r[this.n];
                break;
            case 16:
                e.r[this.a] = e.r[this.c] ^ e.r[this.n];
                break;
            case 17:
                e.r[this.a] = e.r[this.c] << e.r[this.n];
                break;
            case 18:
                e.r[this.a] = e.r[this.c] >>> e.r[this.n];
                break;
            case 19:
                e.r[this.a] = e.r[this.c] | e.r[this.n];
                break;
            case 20:
                e.r[this.a] = !e.r[this.c]
        }
    }
    ,
    c.prototype.e = function (e) {
        e.Q.push(e.C),
            e.B.push(e.k),
            e.C = e.r[this.s],
            e.k = [];
        for (var t = 0; t < this.i; t++)
            e.k.unshift(e.f.pop());
        e.g.push(e.f),
            e.f = []
    }
    ,
    n.prototype.e = function (e) {
        e.C = e.Q.pop(),
            e.k = e.B.pop(),
            e.f = e.g.pop()
    }
    ,
    e.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                e.u = e.r[this.a] >= e.r[this.c];
                break;
            case 1:
                e.u = e.r[this.a] <= e.r[this.c];
                break;
            case 2:
                e.u = e.r[this.a] > e.r[this.c];
                break;
            case 3:
                e.u = e.r[this.a] < e.r[this.c];
                break;
            case 4:
                e.u = e.r[this.a] == e.r[this.c];
                break;
            case 5:
                e.u = e.r[this.a] != e.r[this.c];
                break;
            case 6:
                e.u = e.r[this.a];
                break;
            case 7:
                e.u = !e.r[this.a]
        }
    }
    ,
    o.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                e.C = this.h;
                break;
            case 1:
                e.u && (e.C = this.h);
                break;
            case 2:
                e.u || (e.C = this.h);
                break;
            case 3:
                e.C = this.h,
                    e.w = null
        }
        e.u = !1
    }
    ,
    r.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                for (var t = [], n = 0; n < this.i; n++)
                    t.unshift(e.f.pop());
                e.r[3] = e.r[this.s](t[0], t[1]);
                break;
            case 1:
                for (var r = e.f.pop(), o = [], i = 0; i < this.i; i++)
                    o.unshift(e.f.pop());
                e.r[3] = e.r[this.s][r](o[0], o[1]);
                break;
            case 2:
                for (var a = [], c = 0; c < this.i; c++)
                    a.unshift(e.f.pop());
                e.r[3] = new e.r[this.s](a[0], a[1])
        }
    }
;
var k = function (e) {
    for (var t = 66, n = [], r = 0; r < e.length; r++) {
        var o = 24 ^ e.charCodeAt(r) ^ t;
        n.push(String.fromCharCode(o)),
            t = o
    }
    return n.join("")
};

function Q(e) {
    this.t = (4095 & e) >> 10,
        this.s = (1023 & e) >> 8,
        this.i = 1023 & e,
        this.h = 63 & e
}

function C(e) {
    this.t = (4095 & e) >> 10,
        this.a = (1023 & e) >> 8,
        this.c = (255 & e) >> 6
}

function B(e) {
    this.s = (3072 & e) >> 10,
        this.h = 1023 & e
}

function f(e) {
    this.h = 4095 & e
}

function g(e) {
    this.s = (3072 & e) >> 10
}

function u(e) {
    this.h = 4095 & e
}

function w(e) {
    this.t = (3840 & e) >> 8,
        this.s = (192 & e) >> 6,
        this.i = 63 & e
}

function G() {
    this.r = [0, 0, 0, 0],
        this.C = 0,
        this.Q = [],
        this.k = [],
        this.B = [],
        this.f = [],
        this.g = [],
        this.u = !1,
        this.G = [],
        this.b = [],
        this.o = !1,
        this.w = null,
        this.U = null,
        this.F = [],
        this.R = 0,
        this.J = {
            0: s,
            1: i,
            2: h,
            3: a,
            4: c,
            5: n,
            6: e,
            7: o,
            8: r,
            9: Q,
            10: C,
            11: B,
            12: f,
            13: g,
            14: u,
            15: w
        }
}

Q.prototype.e = function (e) {
    switch (this.t) {
        case 0:
            e.f.push(e.r[this.s]);
            break;
        case 1:
            e.f.push(this.i);
            break;
        case 2:
            e.f.push(e.k[this.h]);
            break;
        case 3:
            e.f.push(k(e.b[this.h]))
    }
}
    ,
    C.prototype.e = function (A) {
        switch (this.t) {
            case 0:
                var t = A.f.pop();
                A.r[this.a] = A.r[this.c][t];
                break;
            case 1:
                var s = A.f.pop()
                    , i = A.f.pop();
                A.r[this.c][s] = i;
                break;
            case 2:
                var h = A.f.pop();
                A.r[this.a] = eval(h)
        }
    }
    ,
    B.prototype.e = function (e) {
        e.r[this.s] = k(e.b[this.h])
    }
    ,
    f.prototype.e = function (e) {
        e.w = this.h
    }
    ,
    g.prototype.e = function (e) {
        throw e.r[this.s]
    }
    ,
    u.prototype.e = function (e) {
        var t = this
            , n = [0];
        e.k.forEach((function (e) {
                n.push(e)
            }
        ));
        var r = function (r) {
            var o = new G;
            return o.k = n,
                o.k[0] = r,
                o.v(e.G, t.h, e.b, e.F),
                o.r[3]
        };
        r.toString = function () {
            return "() { [native code] }"
        }
            ,
            e.r[3] = r
    }
    ,
    w.prototype.e = function (e) {
        switch (this.t) {
            case 0:
                for (var t = {}, n = 0; n < this.i; n++) {
                    var r = e.f.pop();
                    t[e.f.pop()] = r
                }
                e.r[this.s] = t;
                break;
            case 1:
                for (var o = [], i = 0; i < this.i; i++)
                    o.unshift(e.f.pop());
                e.r[this.s] = o
        }
    }
    ,
    G.prototype.D = function (e) {
        for (var t = window.atob(e), n = t.charCodeAt(0) << 8 | t.charCodeAt(1), r = [], o = 2; o < n + 2; o += 2)
            r.push(t.charCodeAt(o) << 8 | t.charCodeAt(o + 1));
        this.G = r;
        for (var i = [], a = n + 2; a < t.length;) {
            var c = t.charCodeAt(a) << 8 | t.charCodeAt(a + 1)
                , s = t.slice(a + 2, a + 2 + c);
            i.push(s),
                a += c + 2
        }
        this.b = i
    }
    ,
    G.prototype.v = function (e, t, n) {
        for (t = t || 0,
                 n = n || [],
                 this.C = t,
                 "string" == typeof e ? this.D(e) : (this.G = e,
                     this.b = n),
                 this.o = !0,
                 this.R = Date.now(); this.o;) {
            var r = this.G[this.C++];
            if ("number" != typeof r)
                break;
            var o = Date.now();
            if (500 < o - this.R)
                return;
            this.R = o;
            try {
                this.e(r)
            } catch (e) {
                this.U = e,
                this.w && (this.C = this.w)
            }
        }
    }
    ,
    G.prototype.e = function (e) {
        var t = (61440 & e) >> 12;
        new this.J[t](e).e(this)
    }
    ,
(new G).v("AxjgB5MAnACoAJwBpAAAABAAIAKcAqgAMAq0AzRJZAZwUpwCqACQACACGAKcBKAAIAOcBagAIAQYAjAUGgKcBqFAuAc5hTSHZAZwqrAIGgA0QJEAJAAYAzAUGgOcCaFANRQ0R2QGcOKwChoANECRACQAsAuQABgDnAmgAJwMgAGcDYwFEAAzBmAGcSqwDhoANECRACQAGAKcD6AAGgKcEKFANEcYApwRoAAxB2AGcXKwEhoANECRACQAGAKcE6AAGgKcFKFANEdkBnGqsBUaADRAkQAkABgCnBagAGAGcdKwFxoANECRACQAGAKcGKAAYAZx+rAZGgA0QJEAJAAYA5waoABgBnIisBsaADRAkQAkABgCnBygABoCnB2hQDRHZAZyWrAeGgA0QJEAJAAYBJwfoAAwFGAGcoawIBoANECRACQAGAOQALAJkAAYBJwfgAlsBnK+sCEaADRAkQAkABgDkACwGpAAGAScH4AJbAZy9rAiGgA0QJEAJACwI5AAGAScH6AAkACcJKgAnCWgAJwmoACcJ4AFnA2MBRAAMw5gBnNasCgaADRAkQAkABgBEio0R5EAJAGwKSAFGACcKqAAEgM0RCQGGAYSATRFZAZzshgAtCs0QCQAGAYSAjRFZAZz1hgAtCw0QCQAEAAgB7AtIAgYAJwqoAASATRBJAkYCRIANEZkBnYqEAgaBxQBOYAoBxQEOYQ0giQKGAmQABgAnC6ABRgBGgo0UhD/MQ8zECALEAgaBxQBOYAoBxQEOYQ0gpEAJAoYARoKNFIQ/zEPkAAgChgLGgkUATmBkgAaAJwuhAUaCjdQFAg5kTSTJAsQCBoHFAE5gCgHFAQ5hDSCkQAkChgBGgo0UhD/MQ+QACAKGAsaCRQCOYGSABoAnC6EBRoKN1AUEDmRNJMkCxgFGgsUPzmPkgAaCJwvhAU0wCQFGAUaCxQGOZISPzZPkQAaCJwvhAU0wCQFGAUaCxQMOZISPzZPkQAaCJwvhAU0wCQFGAUaCxQSOZISPzZPkQAaCJwvhAU0wCQFGAkSAzRBJAlz/B4FUAAAAwUYIAAIBSITFQkTERwABi0GHxITAAAJLwMSGRsXHxMZAAk0Fw8HFh4NAwUABhU1EBceDwAENBcUEAAGNBkTGRcBAAFKAAkvHg4PKz4aEwIAAUsACDIVHB0QEQ4YAAsuAzs7AAoPKToKDgAHMx8SGQUvMQABSAALORoVGCQgERcCAxoACAU3ABEXAgMaAAsFGDcAERcCAxoUCgABSQAGOA8LGBsPAAYYLwsYGw8AAU4ABD8QHAUAAU8ABSkbCQ4BAAFMAAktCh8eDgMHCw8AAU0ADT4TGjQsGQMaFA0FHhkAFz4TGjQsGQMaFA0FHhk1NBkCHgUbGBEPAAFCABg9GgkjIAEmOgUHDQ8eFSU5DggJAwEcAwUAAUMAAUAAAUEADQEtFw0FBwtdWxQTGSAACBwrAxUPBR4ZAAkqGgUDAwMVEQ0ACC4DJD8eAx8RAAQ5GhUYAAFGAAAABjYRExELBAACWhgAAVoAQAg/PTw0NxcQPCQ5C3JZEBs9fkcnDRcUAXZia0Q4EhQgXHojMBY3MWVCNT0uDhMXcGQ7AUFPHigkQUwQFkhaAkEACjkTEQspNBMZPC0ABjkTEQsrLQ==");

function b(e) {
    return __g._encrypt(e);
};
console.log(b('90a3b116796deca8a7ea6fe2c9396a14'));
一根大木头
关注
知乎APP - X-Zse-96
mamenqi_csdn的博客
04-29 694
知乎APP - X-Zse-96
某乎x-zse-96
李玺
12-08 3248
知乎x-zse-96,做一下分析和记录
知乎搜索信息获取(x-zse-96)参数JS逆向破解
AngrySnack的博客
02-17 2009
网站:aHR0cHM6Ly93d3cuemhpaHUuY29tLw== 1、网页抓包分析,找到返回数据接口与加密参数 可以看到search_v3这个就是返回参数的接口,复制对应的cURL(base)到postman进行重新请求 通过重复测试可以知道只需要三个参数就能获取到数据(x-zse-96、x-zse-93、cookie),其中x-zse-93为固定值、cookie为身份认证信息,只有x-zse-96为动态变化,下滑数据也能得到新的请求信息,验证x-zse-96为动态参数 2、加密参数破解 老一套
太久没更新了 今天简单分享一下x-zst-81和cookie里面的__zse_ck
最新发布
2301_79397585的博客
08-14 732
看下这个函数 (0,tJ(ti).encrypt)(ty()(tp)) 先看ty()(tp) 先加密这个然后再传入(0,tJ(ti).encrypt)方法里面 看下下面运行结果 先把拼接其他的tp 然后md5了一下然后encrypt方法里面。下面是运行结果 因为调用__g._encrypt(encodeURIComponent(tt))函数每一回的值都不一样 所以我们这里固定一下 代码也放在这里了 下面是调用结果。最终发现没有这么简单 这里就不说了 直接到纯算吧 下面是需要补的环境。
知乎最新x_zse_96
weixin_50699509的博客
06-29 1433
最新知乎搜索接口
知乎x-zse-96 文件头 JS解密
03-07
知乎x-zse-96 文件头 JS解密
知乎x-zse-96 参数补环境
zhp980121的博客
02-20 3462
知乎参数x-zse-96逆向 知乎x-zse-96参数补环境破解 新版知乎破解 3.0版本知乎逆向 3.0 x-zse-96参数逆向 某大厂资讯逆向
【2022-08-11】知乎x-zse-96参数分析
不愿意透露姓名的网友
07-28 699
进入某乎,然后进行搜索,抓包找到搜索接口然后看请求头,发现除了携带cookie,还有携带其他三个参数再次访问其他搜索词,发现只有x-zse-96是变化的,其他两个可以固定,因此我们来分析一下。
知乎x-zse-96算法分析
记录一些web逆向的过程
01-12 258
知乎x-zse-9算法分析
知乎关键词搜索分析x-zse-96,x-zse-93,x-zst-81
忆阳的博客
11-08 1245
到这里,我们进行调试(发现两次不是一样的加密结果)一般都是加了随机时间。tips :x_zst_81可以不变。接口:www.zhihu.com/api/v4/search_v3。s 是 x_zse_93+api_ur+d_c0+x_zst_81。第一步,找到搜索的API (校验的headers里的东西)第二步,找到需要修改的参数,其实就是要动下面三个地方。分析:通过关键字找js代码,打上断点如截图,目标网址链接->>>
某乎X-Zse-96(xzse96)分析
往日情怀酿作酒
07-06 975
今天通过知乎的一个参数,来学习逆向的新思路,希望大家能有所掌握。通过知乎这个,虽然这个没有逆向,大家肯定也能想到,都有随机值了,怎么可能逆向呢?但是我们能学到补环境的很多知识!
知乎 v2.1.1
01-12
知乎 大小:6.28MB 版本:2.1.1 适用系统:Android 2.2以上 开发者:知乎 应用简介 知乎是一个真实的网络问答社区,各行各业的精英在这里分享彼此的专业知识、经验、见解,社区氛围友好、理性、认真。 (感谢酷友果壳网的发现)为 Android 用户量身定制的功能设计:– 集阅读、搜索、问答于一身,功能完整– 超越浏览器访问知乎的速度,节省流量– 遵守 Android 4.0 设计规范,操作方便– 私信,新回答,评论都可及时收到推送通知– 支持系统层分享,可抵达手机里任意应用– 随时可点击进入搜索,实时产生搜索结果–「随机看」发现惊喜内容,总有你不懂的事– 更舒适的「收藏」,轻松实现「稍后阅读」
某乎x-zse-96参数分析详解
05-28 3593
知乎的首页加密就这一个,流程比较简单,带大家全流程逆向x-zse-96这个参数 网址:aHR0cHM6Ly93d3cuemhpaHUuY29tLw== 篇幅较长,坐稳发车咯!
[JS逆向] 知乎x-zse-96参数分析详解
weixin_46874932的博客
11-23 2446
某乎的加密参数
最新版(2021年1月)知乎x-zse-86 2.0版本加密破解分析 爬虫 破解反爬思路
weixin_40303822的博客
02-22 411
https://blog.csdn.net/qq_27859693/article/details/113202582?utm_medium=distribute.pc_relevant.none-task-blog-BlogCommendFromMachineLearnPai2-2.control&dist_request_id=1072784a-a776-46c4-ad3a-3ae679e1b2a2&depth_1-utm_source=distribute.pc_relevant.no
某乎参数x-zse-96逆向分析
qlyb_lv的博客
01-05 1545
新年第一篇:从搜索页面中发现headers有一个参数是必须携带的:x-zse-96。 虽然网上有很多介绍的,不过只有自己动手才能让自己成长。 全局搜索发现只有一个地方,非常完美~~(快捷键Ctrl+Shift+F) ·再次从这个js文件中搜索x-zse-96,发现有二个,可以打上断点,下拉文章数据,发现会在这个位置断住,根据截图箭头顺序,分析发现加密位置 鼠标放a()(l()(s))上面,会自动...
关于知乎搜索页面x-zes-96解密思路方法
weixin_41863471的博客
04-28 762
(本文图片请放大查看) 一、找到主要加密参数,看到为 x-zes-96; 二、查到加密函数位置 步骤如图所示,需要注意局部搜索有两个 x-zes-96 参数,在这里花了几小时,才发现有第2个新的加密位置;注意这里是第2个。(基础不劳就是坑多,注意细心) 三、分析加密过程 据以下各图的顺序分析加密的各个环节,对相关的加密字母/函数打上断点: 1、找到signature为主要加密的函数; 2、分析 s 的构成,观察到s是一个字符串; 3、查看f ( )是怎样对s起作用的,(这里猜测他是一个.
知乎zse96算法 -- python实现
qq_40360069的博客
01-06 639
知乎zse96算法python实现
某乎x-zse-96最新参数破解
weixin_50699509的博客
02-28 3426
JavaScript逆向的过程中最大的乐趣就是一步一步的靠近真相时喜悦的心情。这种情绪所产生的多巴胺不亚于跑个8公里后的舒畅,甚至之前有段时间我每天都在逆向,犹豫频繁的分泌多巴胺而上瘾。言归正传,最近的某乎更新了一下加密参数,本着学习最新知识的心态、抱着技术进步的学习想法,忍痛含泪的就把某乎给逆向了。...
知乎x-zse-96.zip
09-09
知乎x-zse-96.zip 是一个文件的命名格式,并不能准确判断这个文件的内容。一般来说,知乎是中国知名的在线问答平台,主要内容涵盖各个领域的知识分享、问题解答和意见交流等。x-zse-96.zip 则可能是一个压缩文件,以...
评论 5
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值