目标网站:aHR0cDovL3ljLndzd2oubmV0L2Foc3h4L0xPTC9wdWJsaWMvcHVibGljLmh0bWw=
雨情专题,只为分析过程。
1.清空并点击左上角查询,出现如下很明显,打开是个post请求,并且有一堆加密参数,可以用xhr断点,当然也可以直接搜索关键字。下面用xhr断点来分析
2.增加xhr断点,点击查询,然后分析调用栈,发现此处参数已被加密,可以打断点看看
3.此处打上断点,清除xhr断点,点击查询,发现此时参数未加密
4.进入paramencode内部查看,打上断点
5.全速运行,发现被加密了
6.再全速运行,发现此时的参数就是左上角的查询参数
7.再全速运行,被加密了
8.进入加密函数,接下来就知道该怎么做了,人家说的很清楚了。
9.通过全局搜索paramEncode,经过多次调试发现有些参数是不变的,有些是可以我们人为设置的
经过以上分析:
//沃特水务-前端加密/解密工具
//1.引用
//2.实例化 var waterSecurity = new WaterSecurity()
//3.调用属性 waterSecurity.version
//4.调用加密方法 waterSecurity.encode(webCode);
//5.调用解密方法 waterSecurity.decode(webCode)
var WaterSecurity = function() {
this.init()
};
WaterSecurity.prototype = {
version: "2.1",
init: function() {
String.prototype.gblen = function() {
var len = 0;
for (var i = 0; i < this.length; i++)
if (this.charCodeAt(i) > 127 || this.charCodeAt(i) == 94)
len += 2;
else
len++;
return len
}
},
encode: function(data) {
this.print(data);
data += "";
if (data == "")
return "";
data = encodeURI(data).replace(/\+/g, "%2B");
var length = data.gblen();
if (length % 2 != 0)
data += "*";
this.print(data);
data = this.parityTransposition(data);
this.print(data);
var result = this.version + this.utf16to8(this.base64encode(data));
this.print(result);
return result
},
print: function(data) {},
parityTransposition: function(data) {
var newData = [];
for (var i = 0; i < data.length; i += 2) {
newData.push(data[i + 1]);
newData.push(data[i])
}
newData = newData.join("");
return newData
},
decode: function(data) {
data += "";
this.print(data);
if (data == "")
return "[]";
if (this.version) {
var versionS = data.substring(0, 3);
if (versionS !== this.version)
return alert("\u540e\u53f0\u7248\u672c\u4e0d\u4e00\u81f4\uff01");
data = data.substring(3, data.length)
}
var endTag = data.substring(data.length - 4);
var tagsStr = data.substring(data.indexOf(endTag));
var tags = new Array;
tagsStr = tagsStr.substring(4, tagsStr.length - 4);
var content = new Array;
for (var i = 0; 4 * i < tagsStr.length; i++) {
var tag = tagsStr.substr(i * 4, 4);
tags[i] = tag;
content[tag] = null
}
var positions = this.getTagsPosition(data, tags);
var index = 0;
for (var i = 0; i < positions.length; i++) {
var msg = data.substring(index, positions[i]);
var tag = data.substr(positions[i], 4);
content[tag] = msg;
index = positions[i] + 4
}
var result = "";
for (var i = 0; i < tags.length; i++)
result += content[tags[i]];
result = this.utf8to16(this.base64decode(result));
return result
},
getTagsPosition: function(data, tags) {
var positions = new Array;
for (i = 0; i < tags.length; i++)
positions[i] = data.indexOf(tags[i]);
return positions.sort(function(a, b) {
return a > b ? 1 : -1
})
},
base64EncodeChars: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
base64DecodeChars: new Array(-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1),
base64encode: function(str) {
var out, i, len;
var c1, c2, c3;
len = str.length;
i = 0;
out = "";
while (i < len) {
c1 = str.charCodeAt(i++) & 255;
if (i == len) {
out += this.base64EncodeChars.charAt(c1 >> 2);
out += this.base64EncodeChars.charAt((c1 & 3) << 4);
out += "\x3d\x3d";
break
}
c2 = str.charCodeAt(i++);
if (i == len) {
out += this.base64EncodeChars.charAt(c1 >> 2);
out += this.base64EncodeChars.charAt((c1 & 3) << 4 | (c2 & 240) >> 4);
out += this.base64EncodeChars.charAt((c2 & 15) << 2);
out += "\x3d";
break
}
c3 = str.charCodeAt(i++);
out += this.base64EncodeChars.charAt(c1 >> 2);
out += this.base64EncodeChars.charAt((c1 & 3) << 4 | (c2 & 240) >> 4);
out += this.base64EncodeChars.charAt((c2 & 15) << 2 | (c3 & 192) >> 6);
out += this.base64EncodeChars.charAt(c3 & 63)
}
return out
},
base64decode: function(str) {
var c1, c2, c3, c4;
var i, len, out;
len = str.length;
i = 0;
out = "";
while (i < len) {
do
c1 = this.base64DecodeChars[str.charCodeAt(i++) & 255];
while (i < len && c1 == -1);if (c1 == -1)
break;
do
c2 = this.base64DecodeChars[str.charCodeAt(i++) & 255];
while (i < len && c2 == -1);if (c2 == -1)
break;
out += String.fromCharCode(c1 << 2 | (c2 & 48) >> 4);
do {
c3 = str.charCodeAt(i++) & 255;
if (c3 == 61)
return out;
c3 = this.base64DecodeChars[c3]
} while (i < len && c3 == -1);if (c3 == -1)
break;
out += String.fromCharCode((c2 & 15) << 4 | (c3 & 60) >> 2);
do {
c4 = str.charCodeAt(i++) & 255;
if (c4 == 61)
return out;
c4 = this.base64DecodeChars[c4]
} while (i < len && c4 == -1);if (c4 == -1)
break;
out += String.fromCharCode((c3 & 3) << 6 | c4)
}
return out
},
utf16to8: function(str) {
var out, i, len, c;
out = "";
len = str.length;
for (i = 0; i < len; i++) {
c = str.charCodeAt(i);
if (c >= 1 && c <= 127)
out += str.charAt(i);
else if (c > 2047) {
out += String.fromCharCode(224 | c >> 12 & 15);
out += String.fromCharCode(128 | c >> 6 & 63);
out += String.fromCharCode(128 | c >> 0 & 63)
} else {
out += String.fromCharCode(192 | c >> 6 & 31);
out += String.fromCharCode(128 | c >> 0 & 63)
}
}
return out
},
utf8to16: function(str) {
var out, i, len, c;
var char2, char3;
out = "";
len = str.length;
i = 0;
while (i < len) {
c = str.charCodeAt(i++);
switch (c >> 4) {
case 0:
case 1:
case 2:
case 3:
case 4:
case 5:
case 6:
case 7:
out += str.charAt(i - 1);
break;
case 12:
case 13:
char2 = str.charCodeAt(i++);
out += String.fromCharCode((c & 31) << 6 | char2 & 63);
break;
case 14:
char2 = str.charCodeAt(i++);
char3 = str.charCodeAt(i++);
out += String.fromCharCode((c & 15) << 12 | (char2 & 63) << 6 | (char3 & 63) << 0);
break
}
}
return out
}
};
var waterSecurity = new WaterSecurity;2.扣出参数和调用加密函数,打印输出与密文一致。
var rwData = {
'name':'SelectRainMapData',
'btime':'202004280800',
'etime':'202004282000',
'rainlevel':'B:10,25,50,100,200,300',
'isoline':'N',
'heatRange':'50',
'stcdtype':'1,1,1,1,1,0',
'fresh':'0',
'points':'',
'waterEncode':'true'
}
function paramEncode(data) {
for (var i in data)
if (data[i] != "" || data[i] == 0)
data[i] = waterSecurity.encode(data[i]);
data.random = Math.random()
return data
}
console.log(paramEncode(rwData))3.调用解密函数
var data = '复制粘贴上图'
data = waterSecurity.decode(data);
console.log(data)
4.完成解密,最后可以对代码就行修改,方便python调用。
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
