1.小程序解密
工具直接解密出来一个wxapkg包
2.反编译小程序
反编译出来用WS打开,或者用微信小程序开发工具打开
3.分析加密参数
4.转换Python代码实现AES加密
# coding: utf-8
# @Author: Ruan
# coding:utf-8
"""
Python-Version:python3.6+
依赖库: pycryptodemo (pip install pycryptodemo)
"""
import time
import base64
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
class TopCrypto:
"""
Top加密类
"""
key = "F3FBA721F9E9233D"
iv = "f74ae0290a9e4b64"
@staticmethod
def __encrypt_aes(plaintext, key, iv):
cipher = AES.new(key.encode(), AES.MODE_CBC, iv.encode())
ciphertext = cipher.encrypt(pad(plaintext.encode(), AES.block_size))
return base64.b64encode(ciphertext).decode()
@staticmethod
def __decrypt_aes(ciphertext, key, iv):
cipher = AES.new(key.encode(), AES.MODE_CBC, iv.encode())
ciphertext = base64.b64decode(ciphertext)
plaintext = unpad(cipher.decrypt(ciphertext), AES.block_size)
return plaintext.decode()
@classmethod
def enc(cls, url: str, tsp=None):
"""
Top加密函数
:param url: 请求的原URL(删除tssign参数就是原URL)
:param tsp: 是否指定tsp
:return: base64编码后的密文
"""
return cls.__encrypt_aes(f'tsmall#{int(time.time() * 1000) if not tsp else tsp}#{url.split("com.cn")[-1]}',
key=cls.key, iv=cls.iv)
@classmethod
def dec(cls, ciphertext):
"""
Top加密函数
:param ciphertext: 密文
:return: 解密后的字符串
"""
return cls.__decrypt_aes(ciphertext, key=cls.key, iv=cls.iv)
if __name__ == '__main__':
url = 'https://wxmall.topsports.com.cn/shopCommodity/queryShopCommodityDetail/c72ad4538cc0455395ca65af16a274a3'
enc_res = TopCrypto.enc(url)
print(f'{"加密结果".center(50,"*")}\n{enc_res}\n{"-"*55}\n')
print(f'{"解密结果".center(50,"*")}\n{TopCrypto.dec(enc_res)}\n{"-"*55}\n')
可以发现请求完全正常
911
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
