这个代码有一个bug,如果输入较长的一个段落,会报错error:998,我怀疑是sign值发生了变化,短句的sign和长句的sign的生成不同,但是初学js逆向,也不知道怎么解决,网上找了很久也没解决,如果解决了的朋友,可以在评论说出自己的解决办法~~~目标链接
网页分析
进入目标网页,F12进行抓包,我们可以看到form表单一项,只有sign值是不断发生变化的,其他的值要不是固定不变的,要不是我们要翻译的句子。我们的任务就是js逆向分析获取sign的值,如图:
通过搜索我们可以看到sign的值是由js生成,点击搜索到的第926行进入之后,我们可以看到sign值是y(n)的值,在这里打个断点,重新执行一下翻译,我们可以看到,网页执行到此处停下,n的值是我们要翻译的句子,我们只要把y(n)这个函数所在的js代码找到就行了,如图:
当代码执行到我们打的断点停下时,我们可以看到y(n)的值是由e®函数传递的,所以我们只要找到e®函数就行了,如图:
我们把e®所在的函数全部复制到js调试工具,会提示i未定义,我们再次搜索i,会发现i是一个固定的值,我们手动定义一个i就行了,如图:
代码
js代码
var i = "320305.131321201";
function a(r) {
if (Array.isArray(r)) {
for (var o = 0,
t = Array(r.length); o < r.length; o++) t[o] = r[o];
return t
}
return Array.from(r)
}
function n(r, o) {
for (var t = 0; t < o.length - 2; t += 3) {
var a = o.charAt(t + 2);
a = a >= "a" ? a.charCodeAt(0) - 87 : Number(a),
a = "+" === o.charAt(t + 1) ? r >>> a: r << a,
r = "+" === o.charAt(t) ? r + a & 4294967295 : r ^ a
}
return r
}
function e(r) {
var o = r.match(/[\uD800-\uDBFF][\uDC00-\uDFFF]/g);
if (null === o) {
var t = r.length;
t > 30 && (r = "" + r.substr(0, 10) + r.substr(Math.floor(t / 2) - 5, 10) + r.substr( - 10, 10))
} else {
for (var e = r.split(/[\uD800-\uDBFF][\uDC00-\uDFFF]/), C = 0, h = e.length, f = []; h > C; C++)"" !== e[C] && f.push.apply(f, a(e[C].split(""))),
C !== h - 1 && f.push(o[C]);
var g = f.length;
g > 30 && (r = f.slice(0, 10).join("") + f.slice(Math.floor(g / 2) - 5, Math.floor(g / 2) + 5).join("") + f.slice( - 10).join(""))
}
var u = void 0,
l = "" + String.fromCharCode(103) + String.fromCharCode(116) + String.fromCharCode(107);
u = null !== i ? i: (i = window[l] || "") || "";
for (var d = u.split("."), m = Number(d[0]) || 0, s = Number(d[1]) || 0, S = [], c = 0, v = 0; v < r.length; v++) {
var A = r.charCodeAt(v);
128 > A ? S[c++] = A: (2048 > A ? S[c++] = A >> 6 | 192 : (55296 === (64512 & A) && v + 1 < r.length && 56320 === (64512 & r.charCodeAt(v + 1)) ? (A = 65536 + ((1023 & A) << 10) + (1023 & r.charCodeAt(++v)), S[c++] = A >> 18 | 240, S[c++] = A >> 12 & 63 | 128) : S[c++] = A >> 12 | 224, S[c++] = A >> 6 & 63 | 128), S[c++] = 63 & A | 128)
}
for (var p = m,
F = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(97) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(54)), D = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(51) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(98)) + ("" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(102)), b = 0; b < S.length; b++) p += S[b],
p = n(p, F);
return p = n(p, D),
p ^= s,
0 > p && (p = (2147483647 & p) + 2147483648),
p %= 1e6,
p.toString() + "." + (p ^ m)
}
//////////////////////
function getword(word) {
return e(word);
}
python代码
import requests
import execjs,re
from tkinter import *
def get_sign(word):
with open('bdfy.js','r') as f:
js_code = f.read()
sign = execjs.compile(js_code).call("getword",word)
return sign
def transLate():
query = t.get('0.0',"end")
sign = get_sign(query)
url = 'https://fanyi.baidu.com/v2transapi'
headers = {
'content-type': 'application/x-www-form-urlencoded; charset=UTF-8',
'cookie':'BAIDUID=A374868D2709BD4B7B32F51FE5EF7748:FG=1; BIDUPSID=A374868D2709BD4B7B32F51FE5EF7748; PSTM=1543134337; REALTIME_TRANS_SWITCH=1; FANYI_WORD_SWITCH=1; HISTORY_SWITCH=1; SOUND_SPD_SWITCH=1; SOUND_PREFER_SWITCH=1; MCITY=-308%3A; BDUSS=0ydS10SE5qaFk2alc1eXBpeH5SaE9uUWdIU2twbWxUV3FVQ1FzSkhDZE5ZcjllRVFBQUFBJCQAAAAAAAAAAAEAAAB2yGk4zMfUstS1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE3Vl15N1ZdeSE; BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; H_PS_PSSID=1460_31326_21099_31254_31427_31270_31464_30823_26350_31164_31471; cflag=13%3A3; delPer=0; PSINO=1; Hm_lvt_64ecd82404c51e03dc91cb9e8c025574=1588787845,1588787862,1588838974,1588839024; Hm_lpvt_64ecd82404c51e03dc91cb9e8c025574=1588839024; __yjsv5_shitong=1.0_7_61f8c953a760786750130eafff78f0411940_300_1588839025122_114.247.184.164_6f8a9a1b; yjs_js_security_passport=987f3e527ca80bc72ec67079680585edb18217d3_1588839025_j', 'origin': 'https://fanyi.baidu.com',
'referer': 'https://fanyi.baidu.com/?aldtype=16047',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36',
'x-requested-with': 'XMLHttpRequest',
}
pattern = '[\u4e00-\u9fa5]'
result = re.findall(pattern,query)
if len(result)>0:
params = {
'from': ' zh',
'to': ' en',
}
data = {
'from': 'zh',
'to': 'en',
'query': query,
'transtype': 'translang',
'simple_means_flag': '3',
'sign': sign,
'token': 'd0dbf4c3abf81cbca9fa23053d3ed86e',
'domain': 'common',
}
else:
params = {
'from': 'en',
'to': 'zh',
}
data = {
'from': 'en',
'to': 'zh',
'query': query,
'transtype': 'translang',
'simple_means_flag': '3',
'sign': sign,
'token': 'd0dbf4c3abf81cbca9fa23053d3ed86e',
'domain': 'common',
}
response = requests.post(url,data=data,headers=headers,params=params)
response = response.json()
try:
response = str(response['trans_result']['data'][0]['dst'])
response = str(response)
t1.insert('end',response)
except:
t1.insert('end',"我还在学习中,暂时翻译不出~~~")
def clear_text():
t.delete('0.0',"end")
t1.delete('0.0',"end")
if __name__ == '__main__':
# 创建窗口
root = Tk()
# 标题
root.title('小生翻译')
# 窗口大小,中间的是小写的x,而不 是乘号
root.geometry('600x300')
# 窗口的初始位置
root.geometry('+400+300')
# 标签的控件
label = Label(root, text='仅支持中英文互翻', font=('华文行楷', 20), fg='blue')
# grid pack place
label.grid(row=0, column=0)
# 输入框
t = Text(root, height=4)
# 设置输入框的位置
t.grid(row=1, column=0)
# 点击按钮
button = Button(root, text='翻译', font=('微软雅黑', 20), command=transLate) # 调用函数
# 设置点击按钮的位置
button.grid(row=2, column=0)
button1 = Button(root, text='清空', font=('微软雅黑', 20),command=clear_text) # 调用函数
# 设置点击按钮的位置
button1.grid(row=3, column=0)
# 输入框
t1 = Text(root, height=4)
# 设置输入框的位置
t1.grid(row=4, column=0)
# 消息循环,可以理解为显示窗口
root.mainloop()
执行结果
如果bug有同学解决了,欢迎在评论区分享!!