post请求,请求头信息被加密
response返回数据被加密
1:首先搞请求头data加密,还是直接搜索
搞定加密的参数
f={
"body": {
"loginMethod": "1",
"name": "17756236589",
"password": "132456789"
},
"head": {
"userCode": null,
"channelCode": "101",
"transTime": (new Date).getTime(),
"transToken": "",
"customerId": null,
"transSerialNumber": ""
}
}
console.log(JSON.stringify(f))
js源码:
const aes = require('crypto-js');//crypto是加密md5的,这里是aes加密
function newEncrypt (l) {
var n = aes .enc.Utf8.parse("7wzKai3JXektzcXr")
, t = aes .enc.Utf8.parse("7wzKai3JXektzcXr")
, e = aes .enc.Utf8.parse(l)
, a = aes .AES.encrypt(e, n, {
iv: t,
mode: aes .mode.CBC,
padding: aes .pad.Pkcs7
});
return aes .enc.Base64.stringify(a.ciphertext)
}
f={
"body": {
"loginMethod": "1",
"name": "17756236589",
"password": "132456789"
},
"head": {
"userCode": null,
"channelCode": "101",
"transTime": (new Date).getTime(),
"transToken": "",
"customerId": null,
"transSerialNumber": ""
}
}
json_data=JSON.stringify(f)
console.log(newEncrypt(json_data))
注意crypto是加密md5的,这里是aes加密
2: response返回数据被加密
encryctReturns的处理
在这里我们要做的操作是解密;
可以看到,在把密文传过来以后,替换了一些符合,然后扔给g.newDecoto函数进行解密
成功
function newDecoto(l) {
var n = aes.enc.Base64.parse(l)
, t = aes.enc.Utf8.parse("8Zzwx6fffJ4nHFGY")
, e = aes.enc.Utf8.parse("8Zzwx6fffJ4nHFGY")
, a = aes.lib.CipherParams.create({
ciphertext: n
});
return aes.AES.decrypt(a, t, {
iv: e,
mode: aes.mode.CBC,
padding:aes.pad.Pkcs7
}).toString(aes.enc.Utf8)
}
miwei='6It+gMU0gvpHmI4LDEAnWOKTFJVE3ng2iZKhHLDdyaVJ10jIrcLuvULoabJX+V2z6v/VvV9MziI/\n8VsODLn2cawTUIqw1r2V9rXNxXC7qxJNUPQjKFuhFYpqqswO+7bImbKojXXJY3SADDcbT+4osVe2\nES6Ik+1/4qkHgvHI+/JqbC0C1mU44GLVVfAaV7EwanNgaXzOOCddVOObE45oii1KC8KnzA+mjz44\nCVwoI8Vo77akPAN/tUA0e+ZUF7MRs5p1j1FNqVbhoWfEui25Zfl2jNNGj+igPATn9xAaUBcU+OHi\nK2ER2X0qMERHR0OA'
n = miwei.replace(/[\r\n]/g, "")
console.log(newDecoto(n))
完整代码:
const aes = require('crypto-js');//crypto是加密md5的,这里是aes加密
function newEncrypt (l) {
var n = aes .enc.Utf8.parse("7wzKai3JXektzcXr")
, t = aes .enc.Utf8.parse("7wzKai3JXektzcXr")
, e = aes .enc.Utf8.parse(l)
, a = aes .AES.encrypt(e, n, {
iv: t,
mode: aes .mode.CBC,
padding: aes .pad.Pkcs7
});
return aes .enc.Base64.stringify(a.ciphertext)
}
f={
"body": {
"loginMethod": "1",
"name": "17756236589",
"password": "132456789"
},
"head": {
"userCode": null,
"channelCode": "101",
"transTime": (new Date).getTime(),
"transToken": "",
"customerId": null,
"transSerialNumber": ""
}
}
function newDecoto(l) {
var n = aes.enc.Base64.parse(l)
, t = aes.enc.Utf8.parse("8Zzwx6fffJ4nHFGY")
, e = aes.enc.Utf8.parse("8Zzwx6fffJ4nHFGY")
, a = aes.lib.CipherParams.create({
ciphertext: n
});
return aes.AES.decrypt(a, t, {
iv: e,
mode: aes.mode.CBC,
padding:aes.pad.Pkcs7
}).toString(aes.enc.Utf8)
}
miwei='6It+gMU0gvpHmI4LDEAnWOKTFJVE3ng2iZKhHLDdyaVJ10jIrcLuvULoabJX+V2z6v/VvV9MziI/\n8VsODLn2cawTUIqw1r2V9rXNxXC7qxJNUPQjKFuhFYpqqswO+7bImbKojXXJY3SADDcbT+4osVe2\nES6Ik+1/4qkHgvHI+/JqbC0C1mU44GLVVfAaV7EwanNgaXzOOCddVOObE45oii1KC8KnzA+mjz44\nCVwoI8Vo77akPAN/tUA0e+ZUF7MRs5p1j1FNqVbhoWfEui25Zfl2jNNGj+igPATn9xAaUBcU+OHi\nK2ER2X0qMERHR0OA'
n = miwei.replace(/[\r\n]/g, "")
json_data=JSON.stringify(f)
console.log(newEncrypt(json_data))
console.log(newDecoto(n))