目录
逆向地址—js逆向
抓包分析
在这里看到需要的结果,那么在看他需要什么加密参数
可以看到初步估计是sign的参数加密,那么打开 浏览器控制台,可以看到有输出,那么点进去看看是什么。
可以在这里到,他输出的位置正好是sign的加密位置
好了,接着回去看请求,分析加密。
在这里可以接着看到他在请求头中多了nonce,authtoken,tenant,timestamp这四个参数不是平常见到的
Js代码分析
现在进行参数来源分析:
v = a.a.getState().version,
y = a.a.getState().siteSource,
b = u.a.getSecretParam(t.sid, v),
w = Object.keys(t).filter(function(e) {
return "sid" != e && l.indexOf(e) < 0
}).map(function(e) {
return t[e]
}).join(""),
_ = u.a.sha1(b.srcKey + "" + (p && t.uid ? t.uid : "") + w + b.deviceID + (!p && t.uid ? t.uid : "") + y + (s ? m : "")),
这里进行简单的复原,
经过重复的测试,发现v的值和y的值是固定的,而b的则是每次都变化,定位js函数的位置
可以看到这是调用类似于MD5加密时间戳生成的,现在该w的值了,注意,这里连着进行3次加密,应该是发了不同的包,而经过测试发现在最后一次发包才是获取到数据的包。
所以在调试js的时候可以需要注意第三次的时候w与y这些值,现在还剩下m的值。
可以看到m在上面通过调用这个函数传入t.id和“siteToken”获取到的
追进去可以看到他是在获取getItem获取的,但是我在nodejs中调试的时候一直报错说没有getItem方法,终究是我的js基础不好啊,只能封装一个这个类了。有get那么肯定有set,往上滑了一下就看到了,那直接把这个拿下来就行,但是他竟然是带参数的那么只能把cookie清楚掉然后下断点看看了。
可以看到直接就能断到
顺着堆栈可以看到原来是发包后获取到的authtoken,可以看到这里是post请求并且也有sign这种加密参数,那么接着看r的来源。
直接点大function进去可以看到是属于i变量下的某些方法,那么直接把i变量拿下来,那么至此也就拿下来全部的加密流程了,下面进行复原。
Python代码
import execjs
import requests
host = "https://h5.newaircloud.com"
headers = {
'Host': 'h5.newaircloud.com',
'version': '1.0',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36',
'Content-Type': 'application/json;charset=UTF-8',
'Accept': 'application/json, text/plain, */*',
'Referer': 'https://h5.newaircloud.com/newsepaper/10257_134620_1596417_zgcjb.html',
'Accept-Language': 'zh-CN,zh;q=0.9'
}
def getJsCode(e, r="", t=""):
ctx = execjs.compile(open("demo.js", "r").read())
if e != "getJsCode":
res = ctx.call(e, r, t)
else:
res = ctx.call(e)
return res
def getauthoken():
res = getJsCode("getToken")
url = host + "/api/getAppToken"
head = res['headers']
headers['nonce'] = head['nonce']
headers['tenant'] = head['tenant']
headers['timestamp'] = head['timestamp']
data = '{"sid": "zgcjb",' \
f' "deviceID":"{res["params"]["deviceID"]}","source": 2, "sign":"{res["params"]["sign"]}" ' \
'}'
response = requests.post(url=url, headers=headers, data=data, verify=False)
m = response.json()['authtoken']
return m
def get(res, url, params):
head = res['headers']
headers['nonce'] = head['nonce']
headers['tenant'] = head['tenant']
headers['timestamp'] = head['timestamp']
headers['authtoken'] = head['authtoken']
response = requests.get(url=url, headers=headers, params=params, verify=False)
print(response.text)
return response.json()
def getresult(m,date):
t = {
"sid": "zgcjb",
"cid": 10257,
"date": "2023-08-16",
"version": 1
}
res = getJsCode("main", m, t)
params = {
"deviceID": res['deviceID'],
"source": res['source'],
"sign": res['sign'],
"sid": res['t']['sid'],
"cid": res['t']['cid'],
"date": res['t']['date'],
"version": res['t']['version']
}
url = f" {host}/api/getLayoutsDy?"
result = get(res=res, url=url, params=params)
layouts = result['layouts']
def main():
m = getauthoken()
getresult(m)
if __name__ == "__main__":
main()
Js代码复原
class Dictionary {
constructor() {
this.data = {};
}
setItem(key, value) {
this.data[key] = value;
}
removeItem(key, value) {
delete this.data[key];
}
getItem(key) {
return this.data[key];
}
getAllItems() {
return this.data;
}
}
var localStorage = new Dictionary();
var i = {
formatReadCound: function () {
var e = 0
, t = this;
return [].concat(Array.prototype.slice.call(arguments)).forEach(function (n) {
t.checkNumber(n) && (e += n)
}),
e > 9999 && (e = (e / 1e4).toFixed(1) + "\u4e07"),
e
},
checkNumber: function (e) {
return !!/^[+-]?\d+(\.\d+)?$|^$|^(\d+|\-){7,}$/.test(e)
},
urlComplementing: function (e) {
return e && e.indexOf("http") < 0 ? "http://" + e : e.indexOf("http") >= 0 ? e : ""
},
getSid: function (e) {
var t = "";
if (e.location.query.sid)
t = e.location.query.sid;
else {
var n = e.location.pathname;
if (n.indexOf("home") >= 0 || n.indexOf("detailArticle") >= 0 || n.indexOf("detailImage") >= 0 || n.indexOf("detailSpecial") >= 0 || n.indexOf("detailLive") >= 0 || n.indexOf("detail") >= 0 || n.indexOf("newsepaper") >= 0 || n.indexOf("politicsDetail") >= 0 || n.indexOf("noPremission") >= 0 || n.indexOf("politicsCreate") >= 0) {
var i = e.location.query.newsId || e.location.query.specialId || e.location.query.pageId || e.location.query.newsid
, o = e.location.pathname.split("/");
o[o.length - 1];
"html" == o[o.length - 1].split(".")[1] && (o = o[o.length - 1].split(".")[0],
i = o);
var a = i.split("_");
t = a[a.length - 1]
} else if (n.indexOf("column_view") >= 0) {
var s = e.location.query.newsid;
t = s.split("_")[1]
} else
t = ""
}
return new Promise(function (e, n) {
var i = window.location.hostname
, o = {};
t && (o.sid = t),
o.hostname = i,
r.a.getZhSid(o).then(function (t) {
t.data.success ? "1" == t.data.isShowNewPCWeb ? (r.a.setWebUrl(t.data.webUrl),
r.a.setWebInfo(t.data),
e(t.data.sid)) : n("\u79df\u6237\u6ca1\u6709\u7eed\u7ea6") : n("\u79df\u6237\u4e0d\u5b58\u5728")
})
}
)
},
getSidFromUrl: function (e) {
var t = "";
if (e.location.query.sid)
t = e.location.query.sid;
else {
var n = e.location.pathname;
if (n.indexOf("detailArticle") >= 0 || n.indexOf("detailImage") >= 0 || n.indexOf("detailSpecial") >= 0 || n.indexOf("detailLive") >= 0) {
var r = e.location.query.newsId || e.location.query.specialId || e.location.query.pageId
, i = r.split("_");
t = i[i.length - 1]
} else
t = ""
}
return t
},
getParameter: function (e) {
var t = window.location.search
, n = e.length
, r = t.indexOf(e);
if (-1 == r)
return "";
r += n + 1;
var i = t.indexOf("&", r);
return -1 == i ? t.substring(r) : t.substring(r, i)
},
getHashParameters: function () {
var e = (window.location.href || "").replace(/^\#/, "").split("&")
, t = {};
if (e.length > 0 && e[0].indexOf("?") >= 0) {
e[0] = e[0].split("?")[1];
for (var n = 0; n < e.length; n++) {
var r = e[n].split("=");
2 == r.length && (t[r[0]] = r[1])
}
}
return t
},
hasClass: function (e, t) {
return e.className.match(new RegExp("(\\s|^)" + t + "(\\s|$)"))
},
addClass: function (e, t) {
this.hasClass(e, t) || (e.className += " " + t)
},
removeClass: function (e, t) {
if (this.hasClass(e, t)) {
var n = new RegExp("(\\s|^)" + t + "(\\s|$)");
e.className = e.className.replace(n, "")
}
},
isDOMContains: function (e, t, n) {
if (e == t)
return !0;
if (!t || !t.nodeType || 1 != t.nodeType)
return !1;
if (e.contains)
return e.contains(t);
if (e.compareDocumentPosition)
return !!(16 & e.compareDocumentPosition(t));
for (var r = t.parentNode; r && r != n;) {
if (r == e)
return !0;
r = r.parentNode
}
return !1
},
localstorageCatch: function (e, t) {
var n = localStorage.getItem("localCatch");
n ? (n = JSON.parse(n),
n.defaultInfo.date = Date.now(),
n.defaultInfo.maxSize = 1048576) : n = {
defaultInfo: {
date: Date.now(),
size: 0,
maxSize: 1048576
}
};
var r = function () {
n[e] = {
date: Date.now(),
value: t
};
var r = o(JSON.stringify(n[e]));
if (n.defaultInfo.maxSize < r + n.defaultInfo.size) {
var i = Object.keys(n);
for (i = i.sort(function (e, t) {
var r = n[e];
return n[t].date - r.date
}); r + n.defaultInfo.size > n.defaultInfo.maxSize;) {
var a = i[i.length - 1];
n.defaultInfo.size -= o(JSON.stringify(n[a])),
delete n[a]
}
}
n.defaultInfo.size += r,
localStorage.setItem("localCatch", JSON.stringify(n))
}
, i = function () {
var t;
try {
t = n[e].value
} catch (e) {
t = null
}
return t
}
, o = function (e, t) {
var n, r, i, o = 0;
if ("utf-16" === (t = t ? t.toLowerCase() : "") || "utf16" === t)
for (r = 0,
i = e.length; r < i; r++)
n = e.charCodeAt(r),
o += n <= 65535 ? 2 : 4;
else
for (r = 0,
i = e.length; r < i; r++)
n = e.charCodeAt(r),
o += n <= 127 ? 1 : n <= 2047 ? 2 : n <= 65535 ? 3 : 4;
return o
};
return {
set: r,
get: i
}
},
timeLocalStorage: {
age: 2592e6,
setAge: function (e) {
return this.age = e,
this
},
set: function (e, t) {
localStorage.removeItem(e);
var n = t instanceof Object
, r = (new Date).getTime()
, i = this.age;
if (!n) {
var o = t;
t = {},
t._value = o
}
return t._time = r,
t._age = r + i,
t._isObject = n,
localStorage.setItem(e, JSON.stringify(t)),
this
},
isExpire: function (e) {
var t = !0
, n = localStorage.getItem(e)
, r = (new Date).getTime();
return n && (n = JSON.parse(n),
t = r > n._age),
t
},
get: function (e) {
var t = this.isExpire(e)
, n = null;
return t || (n = localStorage.getItem(e),
n = JSON.parse(n),
n._isObject || (n = n._value)),
n
}
},
randomWord: function (e, t, n) {
var r = ""
, i = t
, o = ""
,
a = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"];
e && (i = Math.round(Math.random() * (n - t)) + t);
for (var s = 0; s < i; s++)
o = Math.round(Math.random() * (a.length - 1)),
r += a[o];
return r
},
dateFormat: function (e, t, n) {
Date.prototype.Format = function (e, t) {
var n = {
"M+": (t ? this.getUTCMonth() : this.getMonth()) + 1,
"d+": t ? this.getUTCDate() : this.getDate(),
"h+": t ? this.getUTCHours() : this.getHours(),
"m+": t ? this.getUTCMinutes() : this.getMinutes(),
"s+": t ? this.getUTCSeconds() : this.getSeconds(),
"q+": Math.floor(((t ? this.getUTCMonth() : this.getMonth()) + 3) / 3),
S: t ? this.getUTCMilliseconds() : this.getMilliseconds()
};
/(y+)/.test(e) && (e = e.replace(RegExp.$1, ((t ? this.getUTCFullYear() : this.getFullYear()) + "").substr(4 - RegExp.$1.length)));
for (var r in n)
new RegExp("(" + r + ")").test(e) && (e = e.replace(RegExp.$1, 1 == RegExp.$1.length ? n[r] : ("00" + n[r]).substr(("" + n[r]).length)));
return e
}
;
try {
return e.Format(t, n)
} catch (e) {
return console.log(e.stack),
null
}
},
getNetworkType: function () {
var e = navigator.userAgent
, t = e.match(/NetType\/\w+/) ? e.match(/NetType\/\w+/)[0] : "NetType/other";
t = t.toLowerCase().replace("nettype/", "");
var n;
switch (t) {
case "wifi":
n = "wifi";
break;
case "4g":
n = "4g";
break;
case "3g":
case "3gnet":
n = "3g";
break;
case "2g":
n = "2g";
break;
default:
n = "other"
}
return n
},
imgFormat: function (e) {
return {
sm: "?x-oss-process=image/resize,m_lfit,w_160,limit_0/auto-orient,1",
sm11: "?x-oss-process=image/resize,m_fill,w_160,h_160,limit_0/auto-orient,1",
sm43: "?x-oss-process=image/resize,m_fill,w_240,h_180,limit_0/auto-orient,1",
sm169: "?x-oss-process=image/resize,m_fill,w_240,h_135,limit_0/auto-orient,1",
md: "?x-oss-process=image/resize,m_lfit,w_480,limit_0/auto-orient,1",
md11: "?x-oss-process=image/resize,m_fill,w_480,h_480,limit_0/auto-orient,1",
md169: "?x-oss-process=image/resize,m_fill,w_480,h_270,limit_0/auto-orient,1",
md31: "?x-oss-process=image/resize,m_fill,w_480,h_160,limit_0/auto-orient,1",
md32: "?x-oss-process=image/resize,m_fill,w_480,h_320,limit_0/auto-orient,1",
md43: "?x-oss-process=image/resize,m_fill,w_480,h_360,limit_0/auto-orient,1",
md41: "?x-oss-process=image/resize,m_fill,w_480,h_120,limit_0/auto-orient,1",
md34: "?x-oss-process=image/resize,m_fill,w_150,h_200,limit_0/auto-orient,1/quality,q_100",
lg: "?x-oss-process=image/resize,m_lfit,w_720,limit_0/auto-orient,1",
lg169: "?x-oss-process=image/resize,m_fill,w_720,h_405,limit_0/auto-orient,1",
lg43: "?x-oss-process=image/resize,m_fill,w_720,h_540,limit_0/auto-orient,1",
lg31: "?x-oss-process=image/resize,m_fill,w_720,h_240,limit_0/auto-orient,1",
lg32: "?x-oss-process=image/resize,m_fill,w_720,h_480,limit_0/auto-orient,1",
lg11: "?x-oss-process=image/resize,m_fill,w_720,h_720,limit_0/auto-orient,1",
webp: "?x-oss-process=image/auto-orient,1/quality,q_50/format,webp",
q50: "?x-oss-process=image/auto-orient,1/quality,q_50"
}[e]
},
isSupportWebp: function () {
try {
return 0 === document.createElement("canvas").toDataURL("image/webp", .5).indexOf("data:image/webp")
} catch (e) {
return !1
}
},
myBrowser: function () {
var e = navigator.userAgent;
if (e.indexOf("Edge") > -1)
return "Edge";
if (e.indexOf("compatible") > -1 && e.indexOf("MSIE") > -1 && !t)
return "IE";
var t = e.indexOf("Opera") > -1;
return t ? "Opera" : e.indexOf("Firefox") > -1 ? "FF" : e.indexOf("Chrome") > -1 ? "Chrome" : e.indexOf("Safari") > -1 ? "Safari" : void 0
},
md5: function (e) {
function t(e, t) {
return e << t | e >>> 32 - t
}
function n(e, t) {
var n, r, i, o, a;
return i = 2147483648 & e,
o = 2147483648 & t,
n = 1073741824 & e,
r = 1073741824 & t,
a = (1073741823 & e) + (1073741823 & t),
n & r ? 2147483648 ^ a ^ i ^ o : n | r ? 1073741824 & a ? 3221225472 ^ a ^ i ^ o : 1073741824 ^ a ^ i ^ o : a ^ i ^ o
}
function r(e, t, n) {
return e & t | ~e & n
}
function i(e, t, n) {
return e & n | t & ~n
}
function o(e, t, n) {
return e ^ t ^ n
}
function a(e, t, n) {
return t ^ (e | ~n)
}
function s(e, i, o, a, s, c, u) {
return e = n(e, n(n(r(i, o, a), s), u)),
n(t(e, c), i)
}
function c(e, r, o, a, s, c, u) {
return e = n(e, n(n(i(r, o, a), s), u)),
n(t(e, c), r)
}
function u(e, r, i, a, s, c, u) {
return e = n(e, n(n(o(r, i, a), s), u)),
n(t(e, c), r)
}
function l(e, r, i, o, s, c, u) {
return e = n(e, n(n(a(r, i, o), s), u)),
n(t(e, c), r)
}
function f(e) {
var t, n, r = "", i = "";
for (n = 0; n <= 3; n++)
t = e >>> 8 * n & 255,
i = "0" + t.toString(16),
r += i.substr(i.length - 2, 2);
return r
}
var p, d, h, m, g, v, y, b, w, _ = Array();
for (e = function (e) {
e = e.replace(/\r\n/g, "\n");
for (var t = "", n = 0; n < e.length; n++) {
var r = e.charCodeAt(n);
r < 128 ? t += String.fromCharCode(r) : r > 127 && r < 2048 ? (t += String.fromCharCode(r >> 6 | 192),
t += String.fromCharCode(63 & r | 128)) : (t += String.fromCharCode(r >> 12 | 224),
t += String.fromCharCode(r >> 6 & 63 | 128),
t += String.fromCharCode(63 & r | 128))
}
return t
}(e),
_ = function (e) {
for (var t, n = e.length, r = n + 8, i = (r - r % 64) / 64, o = 16 * (i + 1), a = Array(o - 1), s = 0, c = 0; c < n;)
t = (c - c % 4) / 4,
s = c % 4 * 8,
a[t] = a[t] | e.charCodeAt(c) << s,
c++;
return t = (c - c % 4) / 4,
s = c % 4 * 8,
a[t] = a[t] | 128 << s,
a[o - 2] = n << 3,
a[o - 1] = n >>> 29,
a
}(e),
v = 1732584193,
y = 4023233417,
b = 2562383102,
w = 271733878,
p = 0; p < _.length; p += 16)
d = v,
h = y,
m = b,
g = w,
v = s(v, y, b, w, _[p + 0], 7, 3614090360),
w = s(w, v, y, b, _[p + 1], 12, 3905402710),
b = s(b, w, v, y, _[p + 2], 17, 606105819),
y = s(y, b, w, v, _[p + 3], 22, 3250441966),
v = s(v, y, b, w, _[p + 4], 7, 4118548399),
w = s(w, v, y, b, _[p + 5], 12, 1200080426),
b = s(b, w, v, y, _[p + 6], 17, 2821735955),
y = s(y, b, w, v, _[p + 7], 22, 4249261313),
v = s(v, y, b, w, _[p + 8], 7, 1770035416),
w = s(w, v, y, b, _[p + 9], 12, 2336552879),
b = s(b, w, v, y, _[p + 10], 17, 4294925233),
y = s(y, b, w, v, _[p + 11], 22, 2304563134),
v = s(v, y, b, w, _[p + 12], 7, 1804603682),
w = s(w, v, y, b, _[p + 13], 12, 4254626195),
b = s(b, w, v, y, _[p + 14], 17, 2792965006),
y = s(y, b, w, v, _[p + 15], 22, 1236535329),
v = c(v, y, b, w, _[p + 1], 5, 4129170786),
w = c(w, v, y, b, _[p + 6], 9, 3225465664),
b = c(b, w, v, y, _[p + 11], 14, 643717713),
y = c(y, b, w, v, _[p + 0], 20, 3921069994),
v = c(v, y, b, w, _[p + 5], 5, 3593408605),
w = c(w, v, y, b, _[p + 10], 9, 38016083),
b = c(b, w, v, y, _[p + 15], 14, 3634488961),
y = c(y, b, w, v, _[p + 4], 20, 3889429448),
v = c(v, y, b, w, _[p + 9], 5, 568446438),
w = c(w, v, y, b, _[p + 14], 9, 3275163606),
b = c(b, w, v, y, _[p + 3], 14, 4107603335),
y = c(y, b, w, v, _[p + 8], 20, 1163531501),
v = c(v, y, b, w, _[p + 13], 5, 2850285829),
w = c(w, v, y, b, _[p + 2], 9, 4243563512),
b = c(b, w, v, y, _[p + 7], 14, 1735328473),
y = c(y, b, w, v, _[p + 12], 20, 2368359562),
v = u(v, y, b, w, _[p + 5], 4, 4294588738),
w = u(w, v, y, b, _[p + 8], 11, 2272392833),
b = u(b, w, v, y, _[p + 11], 16, 1839030562),
y = u(y, b, w, v, _[p + 14], 23, 4259657740),
v = u(v, y, b, w, _[p + 1], 4, 2763975236),
w = u(w, v, y, b, _[p + 4], 11, 1272893353),
b = u(b, w, v, y, _[p + 7], 16, 4139469664),
y = u(y, b, w, v, _[p + 10], 23, 3200236656),
v = u(v, y, b, w, _[p + 13], 4, 681279174),
w = u(w, v, y, b, _[p + 0], 11, 3936430074),
b = u(b, w, v, y, _[p + 3], 16, 3572445317),
y = u(y, b, w, v, _[p + 6], 23, 76029189),
v = u(v, y, b, w, _[p + 9], 4, 3654602809),
w = u(w, v, y, b, _[p + 12], 11, 3873151461),
b = u(b, w, v, y, _[p + 15], 16, 530742520),
y = u(y, b, w, v, _[p + 2], 23, 3299628645),
v = l(v, y, b, w, _[p + 0], 6, 4096336452),
w = l(w, v, y, b, _[p + 7], 10, 1126891415),
b = l(b, w, v, y, _[p + 14], 15, 2878612391),
y = l(y, b, w, v, _[p + 5], 21, 4237533241),
v = l(v, y, b, w, _[p + 12], 6, 1700485571),
w = l(w, v, y, b, _[p + 3], 10, 2399980690),
b = l(b, w, v, y, _[p + 10], 15, 4293915773),
y = l(y, b, w, v, _[p + 1], 21, 2240044497),
v = l(v, y, b, w, _[p + 8], 6, 1873313359),
w = l(w, v, y, b, _[p + 15], 10, 4264355552),
b = l(b, w, v, y, _[p + 6], 15, 2734768916),
y = l(y, b, w, v, _[p + 13], 21, 1309151649),
v = l(v, y, b, w, _[p + 4], 6, 4149444226),
w = l(w, v, y, b, _[p + 11], 10, 3174756917),
b = l(b, w, v, y, _[p + 2], 15, 718787259),
y = l(y, b, w, v, _[p + 9], 21, 3951481745),
v = n(v, d),
y = n(y, h),
b = n(b, m),
w = n(w, g);
return (f(v) + f(y) + f(b) + f(w)).toLowerCase()
},
encodeUTF8: function (e) {
var t, n, r, i = [];
for (t = 0; t < e.length; t++)
(n = e.charCodeAt(t)) < 128 ? i.push(n) : n < 2048 ? i.push(192 + (n >> 6 & 31), 128 + (63 & n)) : ((r = 55296 ^ n) >> 10 == 0 ? (n = (r << 10) + (56320 ^ e.charCodeAt(++t)) + 65536,
i.push(240 + (n >> 18 & 7), 128 + (n >> 12 & 63))) : i.push(224 + (n >> 12 & 15)),
i.push(128 + (n >> 6 & 63), 128 + (63 & n)));
return i
},
sha1: function (e) {
var t, n, r, o = new Uint8Array(i.encodeUTF8(e)), a = 16 + (o.length + 8 >>> 6 << 4),
e = new Uint8Array(a << 2);
for (e.set(new Uint8Array(o.buffer)),
e = new Uint32Array(e.buffer),
r = new DataView(e.buffer),
t = 0; t < a; t++)
e[t] = r.getUint32(t << 2);
e[o.length >> 2] |= 128 << 24 - 8 * (3 & o.length),
e[a - 1] = o.length << 3;
var s = []
, c = [function () {
return f[1] & f[2] | ~f[1] & f[3]
}
, function () {
return f[1] ^ f[2] ^ f[3]
}
, function () {
return f[1] & f[2] | f[1] & f[3] | f[2] & f[3]
}
, function () {
return f[1] ^ f[2] ^ f[3]
}
]
, u = function (e, t) {
return e << t | e >>> 32 - t
}
, l = [1518500249, 1859775393, -1894007588, -899497514]
, f = [1732584193, -271733879, null, null, -1009589776];
for (f[2] = ~f[0],
f[3] = ~f[1],
t = 0; t < e.length; t += 16) {
var p = f.slice(0);
for (n = 0; n < 80; n++)
s[n] = n < 16 ? e[t + n] : u(s[n - 3] ^ s[n - 8] ^ s[n - 14] ^ s[n - 16], 1),
r = u(f[0], 5) + c[n / 20 | 0]() + f[4] + s[n] + l[n / 20 | 0] | 0,
f[1] = u(f[1], 30),
f.pop(),
f.unshift(r);
for (n = 0; n < 5; n++)
f[n] = f[n] + p[n] | 0
}
r = new DataView(new Uint32Array(f).buffer);
for (var t = 0; t < 5; t++)
f[t] = r.getUint32(t << 2);
return Array.prototype.map.call(new Uint8Array(new Uint32Array(f).buffer), function (e) {
return (e < 16 ? "0" : "") + e.toString(16)
}).join("")
},
getSecretParam: function (e, t) {
var n = i.md5(i.md5(e))
, r = i.randomWord(!1, 36)
, o = i.dateFormat(new Date, "yyyy-MM-ddThh:mm:ssZ", !0)
, a = localStorage.getItem("deviceID");
return a || (a = i.md5((new Date).getTime() + "deviceID"),
localStorage.setItem("deviceID", a)),
{
tenant: n,
nonce: r,
timestamp: o,
srcKey: n + r + o + t,
deviceID: a
}
},
parseArticleHtml: function (e) {
try {
var t = ["width", "height", "font-family", "text-indent", "padding-right", "padding-bottom", "padding-left", "padding-top", "text-transform", "font-size", "FONT-SIZE", "text-align", "margin", "padding", "line-height", "font", "font-weight", "font-family"]
, n = "";
e.replace(/<[^>]*>/gi, function (n, r) {
var i = n;
if (0 == n.indexOf("<img") && (i = i.replace(/[^&]width=/gi, " custom=")),
/<h[1-6]/gi.test(n))
i = i.replace(/font-size|font-family|line-height/gi, "custom");
else
for (var o = 0; o < t.length; o++) {
var a = i.toLowerCase();
if (a.indexOf(t[o]) >= 0)
if ("width" === t[o] || "height" === t[o]) {
var s = new RegExp("[^&]" + t[o], "gi");
i = i.replace(s, " custom")
} else {
var s = new RegExp(t[o], "gi");
i = i.replace(s, "custom")
}
}
i != n && (e = e.replace(n, i))
});
for (var r = e.split("<p"), i = 0; i < r.length; i++)
r[i] = r[i].replace(/>[\u3000]+/g, ">"),
r[i] = r[i].replace(/>[ ]+/g, ">"),
r[i] = r[i].replace(/>[\u3000]+/g, ">"),
r[i] = r[i].replace(/>( )+/g, ">"),
r[i] = r[i].replace(/>(\u3000| |( ))+/g, ">"),
0 == i ? n = r[i] : n += "<p class='my_p_style'" + r[i];
var o = /(u003C)[^(u003E)]+()/g;
n = n.replace(o, ""),
n = n.replace(/u003E/g, "")
} catch (e) {
console.log(e)
}
return n
}
};
var e = "zgcjb"
var v = "1.0"
function getToken() {
var t =v
,n = 2
, r = i.getSecretParam(e, t)
, z = i.sha1(r.srcKey + r.deviceID + "" + n);
return {
params: {
sid: e,
deviceID: r.deviceID,
source: n,
sign: z
},
headers: {
tenant: r.tenant,
nonce: r.nonce,
timestamp: r.timestamp,
version: t
}
}
}
function main(m, t) {
var l = [
"date",
"version"
]
var b = i.getSecretParam(e, v);
console.log(b);
var w = Object.keys(t).filter(function (e) {
return "sid" != e && l.indexOf(e) < 0
}).map(function (e) {
return t[e]
}).join("");
var y = 2;
var a = i.sha1(b.srcKey + "" + w + b.deviceID + y + m);
return {
deviceID: b.deviceID,
source: y,
sign: a,
t: t,
l: l,
headers: {
tenant: b.tenant,
authtoken: m,
nonce: b.nonce,
timestamp: b.timestamp,
},
}
}
小结
一开始看到webpack就发憷了,所以找了几天webpack如何调用某个函数,但是知道后面无意间看到崔老的案例,也是webpack是直接扣js的方法,这才想起来js逆向原本是扣js而不是调用js文件,所以已有一定要长个记性,不要上来就发憷不知道怎么办。
7万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
