巨量算数x-bogus _signatrue msToken解密

已于 2024-04-14 21:45:01 修改
阅读量961 收藏 4
点赞数 10
分类专栏: 逆向 文章标签: javascript 爬虫
于 2024-04-01 11:57:41 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_47459180/article/details/137223526
版权

前言:

        巨量算数解密的话跟抖音及其类似,基本的数据请求没啥特别突出的,跟大家分析下!可以理解为抖音xb的进阶版,具体xb的解决方案可以翻翻以前的博客,所以巨量的xb我就简化讲解

        可以了解到正常的数据访问返回的接口里面会有三个参数,一个个来。需要注意的是魔改和签名参数,x-bougs长度是28,signatrue长度是147,mstoken可以用python还原,忽略不计。

ctrl+shift+f进行全局搜索x-bogus,进入到js界面然后跟栈找到图片的加密位置,打上后面的断点!刷新平台进入加密参数追踪。。

    function _0x4d83e6(_0x2a5467, _0xbe4f85) {
        return ('undefined' == typeof window ? global : window)['_$webrt_1670312749']('484e4f4a403f524300022233a3a39d898c52006000000000000007fa1b0002012c1d00921b000b191b000b02402217000a1c1b000b1926402217000c1c1b000b190200004017002646000306000e271f001b000200021d00920500121b001b000b031b000b19041d0092071b000b0401220117000b1c1b000b051e012d1700131b00201d006f1b000b06260a0000101c1b000b07260a0000101c1b001b000b081e012e1d00931b001b000b091e00081d00941b0048021d009c1b001b000b1d1d009d1b0048401d00d31b001b000b031b000b18041d00d51b001b000b0a221e012f241b000b031b000b0a221e012f241b000b200a000110040a0001101d00d71b001b000b0a221e012f241b000b031b000b0a221e012f241b000b1a0a000110040a0001101d00d91b000b0b1e00151e01300117002d1b000b0b1e001502000025001d11221e006924131e004e02013102006b1a020200000a000210001d01301b001b000b0c1e00101d00da1b000b232217000e1c211b000b23430201323e1700151b001b000b23221e0130240a0000101d00da1b001b000b0d261b000b1c1b000b1b0a0002101d00db1b001b000b0e261b000b241b000b230a0002101d00dd1b001b000b0f261b000b250200200a0002101d00e11b001b000b0a221e012f241b000b031b000b26040a0001101d00e21b001b000b101a00221e00dc240a0000104903e82b1d00e51b001b000b11260a0000101d00e61b001b000b1f1d00e81b001b000b1c4901002b1d00f01b001b000b1c4901002c1d00f61b001b000b1b1d00f71b001b000b21480e191d00f91b001b000b21480f191d00fc1b001b000b22480e191d00fe1b001b000b22480f191d00ff1b001b000b27480e191d01011b001b000b27480f191d01331b001b000b284818344900ff2f1d01341b001b000b284810344900ff2f1d01351b001b000b284808344900ff2f1d01361b001b000b284800344900ff2f1d01371b001b000b294818344900ff2f1d01381b001b000b294810344900ff2f1d01391b001b000b294808344900ff2f1d013a1b001b000b294800344900ff2f1d013b1b001b000b2a1b000b2b311b000b2c311b000b2d311b000b2e311b000b2f311b000b30311b000b31311b000b32311b000b33311b000b34311b000b35311b000b36311b000b37311b000b38311b000b39311b000b3a311b000b3b311d013c1b004900ff1d013d1b001b000b12261b000b2a1b000b2c1b000b2e1b000b301b000b321b000b341b000b361b000b381b000b3a1b000b3c1b000b2b1b000b2d1b000b2f1b000b311b000b331b000b351b000b371b000b391b000b3b0a0013101d013e1b001b000b0e261b000b131b000b3d041b000b3e0a0002101d013f1b001b000b14261b000b1e1b000b3d1b000b3f0a0003101d01401b001b000b15261b000b400200240a0002101d01411b000b410000014200016a20393939393939393939393939393939393939393939393939393939393939393901670e3b3a3936313a0f2d302f3a2d2b2602363b06103d353a3c2b083b3a3d2a38383a2d073a31293c303b3a03383a2b073c30312c30333a0739362d3a3d2a380a302a2b3a2d08363b2b370a3631313a2d08363b2b370b302a2b3a2d173a3638372b0b3631313a2d173a3638372b092a2c3a2d1e383a312b0b2b301330283a2d1c3e2c3a0736313b3a271039083a333a3c2b2d3031092a313b3a3936313a3b092f2d302b302b262f3a082b300c2b2d363138043c3e3333072f2d303c3a2c2c1004303d353a3c2b7f2f2d303c3a2c2c0206303d353a3c2b052b362b333a0431303b3a016201690168022c6f411e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706053e3d3c3b3a393837363534333231302f2e2d2c2b2a29282726256f6e6d6c6b6a69686766747062022c6e411b343b2f38376b05142c0e1d676f70123929286c6907166e0d6d6a74080a1e331a366811133d302e060b100f2a2532193515312d2627661709183c3e0c2b1c3a62022c6d411b343b2f38376b05142c0e1d676f70123929286c6907166e0d6d6a72080a1e331a366811133d302e060b100f2a2532193515312d2627661709183c3e0c2b1c3a620166026e6e06333a31382b370a3c373e2d1c303b3a1e2b026e6f063c373e2d1e2b0f04303d353a3c2b7f0836313b302802081b303c2a323a312b1204303d353a3c2b7f113e2936383e2b302d0205352c3b30321004303d353a3c2b7f17362c2b302d2602072f332a3836312c08002f373e312b30320b3c3e33330f373e312b30320b0000313638372b323e2d3a051e2a3b3630181c3e31293e2c0d3a313b3a2d3631381c30312b3a272b6d1b09283a3d3b2d36293a2d13383a2b1028310f2d302f3a2d2b26113e323a2c09333e31382a3e383a2c063c372d30323a072d2a312b36323a073c3031313a3c2b140000283a3d3b2d36293a2d003a293e332a3e2b3a1300002c3a333a31362a32003a293e332a3e2b3a1b0000283a3d3b2d36293a2d002c3c2d362f2b00392a313c2b363031170000283a3d3b2d36293a2d002c3c2d362f2b00392a313c150000283a3d3b2d36293a2d002c3c2d362f2b00393113000039273b2d36293a2d003a293e332a3e2b3a1200003b2d36293a2d002a31282d3e2f2f3a3b150000283a3d3b2d36293a2d002a31282d3e2f2f3a3b1100003b2d36293a2d003a293e332a3e2b3a1400002c3a333a31362a32002a31282d3e2f2f3a3b14000039273b2d36293a2d002a31282d3e2f2f3a3b09002c3a333a31362a320c3c3e33330c3a333a31362a3216000c3a333a31362a3200161b1a000d3a3c302d3b3a2d083b303c2a323a312b04343a262c05323e2b3c37060d3a381a272f0a037b043e7225023b3c00063c3e3c373a00042c30323a083c3a390c373e2d2f081c3a390c373e2d2f053a303e2f36163a30083a3d1d2d30282c3a2d1b362c2f3e2b3c373a2d0f3d36313b103d353a3c2b1e2c26313c0e362c1a10083a3d1d2d30282c3a2d016c04302f3a31042b3a2c2b0936313c303831362b300730313a2d2d302d043c303b3a120e0a100b1e001a071c1a1a1b1a1b001a0d0d0e2c3a2c2c3630310c2b302d3e383a072c3a2b162b3a32102c30323a143a26173a2d3a1d262b3a3b0a2d3a3230293a162b3a320936313b3a273a3b1b1d0c0f3036312b3a2d1a293a312b0e120c0f3036312b3a2d1a293a312b0d3c2d3a3e2b3a1a333a323a312b063c3e31293e2c092b301b3e2b3e0a0d13072d3a2f333e3c3a03032c7501380a313e2b36293a3c303b3a1404303d353a3c2b7f0f332a3836311e2d2d3e26024a01372b2b2f2c60650370037077046f726602246e736c22770371046f726602246e736c2276246c2223043e72396f726602246e736b227765043e72396f726602246e736b227624682276016b0833303c3e2b36303104372d3a39043936333a10372b2b2f65707033303c3e3337302c2b082f333e2b39302d32026e6d026e6c072836313b30282c026e6b03283631026e6a073e313b2d30363b026e69053336312a27026e6806362f3730313a026e6704362f3e3b026e6604362f303b026d6f03323e3c026d6e09323e3c36312b302c370c323e3c002f30283a2d2f3c76043c2d302c03276e6e053c2d36302c05392736302c042f36343a026d6d026d6c026d6b026d6a026d69026d68026d670839362d3a3930277006302f3a2d3e70057f302f2d70057f302f2b70073c372d30323a70082b2d363b3a312b7004322c363a026d66026c6f06293a313b302d0618303038333a0e002f3e2d3e320c28362b3c3710310a3b362d3a3c2b0c3638310a3c30312c362c2b3a312b062c28362b3c37033b3032072f373e312b30320437303034401e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706053e3d3c3b3a393837363534333231302f2e2d2c2b2a29282726256f6e6d6c6b6a696867667271033e363b01310139012d092c2b3e2d2b0b36323a012b093e3d3633362b363a2c0a2b36323a2c2b3e322f6e13373e2d3b283e2d3a1c30313c2a2d2d3a313c260c3b3a29363c3a123a32302d2608333e31382a3e383a0a2d3a2c30332a2b3630310f3e293e36330d3a2c30332a2b363031092c3c2d3a3a310b302f0a2c3c2d3a3a31133a392b103b3a29363c3a0f36273a330d3e2b36300a2f2d303b2a3c2b0c2a3d073d3e2b2b3a2d26012f092b302a3c3716313930082b36323a2530313a0a2b36323a2c2b3e322f6d07382f2a163139300b352c1930312b2c13362c2b0b2f332a3836312c13362c2b0a2b36323a2c2b3e322f6c0a3a293a2d1c303034363a072b2b002c3c363b01320b2c26312b3e271a2d2d302d0c313e2b36293a133a31382b37052d2b3c160f09392f093a2d2c3630310b0000293a2d2c3630310000083c33363a312b163b0a2b36323a2c2b3e322f6b0b3a272b3a313b19363a333b042f2a2c37033e3333042b373a31093d3e2c3a696b003c370c392d30321c373e2d1c303b3a063d696b006c6f026c6e083d3e2c3a696b006f026c6d083d3e2c3a696b006e026c6c083d3e2c3a696b006d026c6b026c6a026c6907383a2b0b36323a026c680b3b303211302b093e33363b092c2a3d2c2b2d363138082f2d302b303c3033026c67026c66016f0e6e6f6f6f6f6f6f6f6e6e6f6f6f6f026b6f026b6e0739302d2d3a3e33026b6d043d303b26092c2b2d3631383639260224220b3d303b26093e336d2c2b2d0a3d303b2600373e2c37620179032a2d33026b6c052e2a3a2d260a3e2c30333b002c363831092f3e2b37313e323a62092b2b00283a3d363b6206792a2a363b62026b6b026b6a0e003d262b3a3b002c3a3c003b363b026b690a6b6d666b6669686d666909393a093a2d2c363031026b680e006f6d1d6b056928306f6f6f6f6e026b67026b66052c33363c3a026a6f070c1a1c1611191003313028092b36323a2c2b3e322f05393330302d062d3e313b30320f383a2b0b0b083a3d1c303034363a2c052b2b28363b082b2b00283a3d363b072b2b083a3d163b0b2b2b00283a3d363b00296d092b2b083a3d363b096d072d2a31313631380539332a2c37083230293a13362c2b062c2f33363c3a063d3a1230293a093c33363c3413362c2b073d3a1c33363c340c343a263d303e2d3b13362c2b0a3d3a143a263d303e2d3b0b3e3c2b36293a0c2b3e2b3a0b2836313b30280c2b3e2b3a032c0b32052b2d3e3c34082a31362b0b36323a033e3c3c0a2a31362b1e32302a312b083d3a373e2936302d07322c380b262f3a0328161b073e363b13362c2b0b2f2d36293e3c2612303b3a063c2a2c2b3032063e2c2c3638310f081a1d001b1a09161c1a001611191004352c30310a2d3a383630311c303139092d3a2f302d2b0a2d33043a27362b090772120c720c0b0a1d0c0772120c720f1e0613101e1b206f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f6f203b6b6e3b673c3b6667396f6f3d6d6f6b3a66676f6f6666673a3c39676b6d683a0129062a3d3c303b3a063b3a3c303b3a042b2d3632210104032c032a191a191903271e6f02742304032c032a191a191903271e6f02747b062c2b2d363138026a6e026a6d026a6c026a6b026a6a026a69026a68026a67026a6602696f02696e02696d02696c02696b02696a', [, , void (-0x5 * 0x61f + -0x1a49 + 0x38e4), void (0x13ec + -0x175f + 0x1 * 0x373) !== _0x1430f8 ? _0x1430f8 : void (0x4 * 0x384 + -0xf8 * -0x1b + -0x2838), void (-0x1280 + 0x110f + 0x171) !== _0x3de085 ? _0x3de085 : void (-0x2 * 0x10bf + 0x5 * 0x34c + 0x7 * 0x26e), void (-0xbf * 0x32 + 0x4 * -0xf4 + 0x2 * 0x148f) !== _0x885054 ? _0x885054 : void (-0x3 * -0xbfe + 0x1 * 0xbcd + -0x1c5 * 0x1b), void (-0x19d * -0x13 + -0x2e7 + 0xc0 * -0x25) !== _0x1f626a ? _0x1f626a : void (-0x2f * 0xa5 + 0x1bae + 0x29d), void (-0x1d68 + 0x1 * -0x7e1 + 0x2549) !== _0x391b00 ? _0x391b00 : void (-0x1629 + -0xa57 + 0x1 * 0x2080), void (0xd72 + 0x2 * -0xcbf + 0x404 * 0x3) !== _0x515d8a ? _0x515d8a : void (-0x126 + 0x5d5 * 0x1 + -0x4af), void (0x3e5 * -0x1 + -0x8 * 0x9d + -0x3 * -0x2ef) !== _0x5e2c6f ? _0x5e2c6f : void (0xd7d * 0x2 + -0xd46 + 0x6da * -0x2), void (-0x283 * -0x3 + -0x1 * 0x26c3 + 0x1f3a) !== _0x31041a ? _0x31041a : void (0x7d * -0x2b + -0x63d * 0x6 + 0x3a6d), 'undefined' != typeof String ? String : void (0x83b + 0x118f + -0x19ca), 'undefined' != typeof navigator ? navigator : void (0xfc9 + -0x212 * 0x2 + -0xba5), void (-0x1cbd + -0xc0 * 0x1d + 0x327d) !== _0x565b5c ? _0x565b5c : void (-0x1d4b * -0x1 + 0x20bb + -0x3e06), void (-0x1 * 0x22a3 + 0x9 * -0x1f9 + 0x3464) !== _0x34ef24 ? _0x34ef24 : void (0x230b * -0x1 + -0x2341 + 0x464c), void (0x97c + -0x76f + -0x20d) !== _0x822177 ? _0x822177 : void (-0x161 * -0x1a + -0x3e1 + -0x1ff9), 'undefined' != typeof Date ? Date : void (-0x2f * 0x15 + -0x1 * 0x2126 + 0x2501 * 0x1), void (-0x22fb + -0x1 * 0x1e95 + -0x4190 * -0x1) !== _0x2db5d8 ? _0x2db5d8 : void (-0x355 * -0x1 + -0x1 * 0x355 + 0x0), void (-0x13b + 0xd * -0x1fe + 0x56d * 0x5) !== _0x526879 ? _0x526879 : void (-0x13 * 0x116 + -0x1449 + 0x28eb), void (-0x1df3 * -0x1 + -0x1135 + 0xe9 * -0xe) !== _0x2994c2 ? _0x2994c2 : void (0xec * 0x4 + 0x71d + -0xacd), void (-0x25b3 + -0x1 * 0x1557 + 0x21 * 0x1ca) !== _0x532699 ? _0x532699 : void (-0x7 * -0x2 + 0xcb8 + -0xa * 0x147), void (0x26d * -0x2 + 0x21f2 + -0x1c * 0x10a) !== _0x2230a5 ? _0x2230a5 : void (0x7 * -0x48d + -0x127 * -0x7 + 0xa * 0x261), , _0x4d83e6, _0x2a5467, _0xbe4f85]);
    }

第一个参数是msToken

第二个是空值

两个值都确定基本加密方法之后就补下环境,详细看之前的博客!

然后就是_signatrue签名参数加密

进入函数生成的位置,可以控制台输出一下这三个参数。

 function _0x2657c0(_0x473950, _0x1b0964, _0x2974e1) {
        return ('undefined' == typeof window ? global : window)['_$webrt_1670312749']('484e4f4a403f524300273630d387815d789d5d3c0000000000000a301b000200d025004a1800483f2f1f001b000b02221e00d12418001800481a3a1700084841160025180048343a17000848471600181800483e3a17000b48004804291600084800481129280a000110001d009d1b000200d22500331b000b1e1f06180618004818340418061800481234042818061800480c340428180618004806340428180618000428001d00d31b000200d42500151b0018001d009c1b000b1f180048023404001d00d51b000200d62500211b000b1d481c331800480435301f061b0018001d009c1b000b1f180604001d00d71b000200d825001e1b000b1f1b000b1d481a33180048063530041b000b1e18000428001d00d91b0048001d009c1b0048001d00da1b0048001d00db1b001b000b031a00221e00dc240a0000104903e82b4800351d00dd1b001b000b041e00de01221700431c1b000b05261b000b052648001b000b25020000280a0002101b000b061e0071221e00df241b000b061e00e01e00284802280a0001100a0002104a0000fff12c1d00db1b001b000b251b000b244a0000fff12a31480035221e00162448020a0001101d00e11b001b000b261d00e21b000b261e00284820391700221b001b000b26221e00df241b000b261e00284820290a0001101d00e21600451b000b261e002848203a1700380200001f0048001f01180148201b000b261e0028293a17001318000200e3281f0018012d1f0116ffe31b0018001b000b27281d00e21b000200e41b000b27281d00da1b001b000b07261b000b2348020a0002101d00da1b001b000b052648001b000b23020000280a0002101d00e51b001b000b08260a0000101d00e61b000b290200a11b000b1c0200e73e17000712160004200d1b000200001d00e81b000b1a1e00e92217001c1c1b000b09221e00ea241b000b1a1e00e90a0001100200eb4017007a48001f011b000b1a1e00ec1700371b000b0a2648001b000b09221e00ea241b000b0b261b000b1a1e00e91b000b1a1e00ec0a0002100a0001100a0002101f011600291b000b0a2648001b000b09221e00ea241b000b0c1b000b1a1e00e9040a0001100a0002101f011b000200ed1801280200ee281d00e81b001b000b0d1b000b1a1e00ef041d00f01b001b000b1a1e00f117001e1b000b0e221e00f2241b000b2b1b000b1a1e00f10a0002101600071b000b2b1d00f01b001b000b2a1b000b0f1b000b2b04281d00e81b001b000b2a0200f3281b000b101b000b1a1e00ef04280200ee281d00e81b001b000b2a0200f4280200f5281d00e81b001b000b111b000b29041d00f61b001b000b041e00de012217000d1c1b000b12260a0000101d00f71b001b000b041e00de012217001e1c1b000b131e00f822011700111c1b000b141b000b150200c304041d00f91b001b000b201b000b23041b000b211b000b231400fa2b48003504281b000b221b000b2d1b000b233104281b000b201b000b05261b000b281b000b041e00de012217000b1c1b000b161e0010221e0016240a0000100a0002104a0000fff12c4810331b000b05261b000b281b000b2a020000280a0002104a0000fff12c3004281b000b211b000b2c4808331b000b041e00fb480433301b000b233104281b000b1f1b000b2404281d00fc1b000b224800041c1b000b2e1700111b001b000b2f1b000b2e281d00fc1b000200fd1b000b2f281d00fe1b001b000b0a2648001b000b300a000210221e00162448100a0001101d00ff1b001b000b31221e0100241b000b311e00284802291b000b311e00280a0002101d01011b001b000b301b000b32281d00fe1b000b300000010200016a20393939393939393939393939393939393939393939393939393939393939393901670e3b3a3936313a0f2d302f3a2d2b2602363b06103d353a3c2b083b3a3d2a38383a2d073a31293c303b3a03383a2b073c30312c30333a0739362d3a3d2a380a302a2b3a2d08363b2b370a3631313a2d08363b2b370b302a2b3a2d173a3638372b0b3631313a2d173a3638372b092a2c3a2d1e383a312b0b2b301330283a2d1c3e2c3a0736313b3a271039083a333a3c2b2d3031092a313b3a3936313a3b092f2d302b302b262f3a082b300c2b2d363138043c3e3333072f2d303c3a2c2c1004303d353a3c2b7f2f2d303c3a2c2c0206303d353a3c2b052b362b333a0431303b3a016201690168022c6f411e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706053e3d3c3b3a393837363534333231302f2e2d2c2b2a29282726256f6e6d6c6b6a69686766747062022c6e411b343b2f38376b05142c0e1d676f70123929286c6907166e0d6d6a74080a1e331a366811133d302e060b100f2a2532193515312d2627661709183c3e0c2b1c3a62022c6d411b343b2f38376b05142c0e1d676f70123929286c6907166e0d6d6a72080a1e331a366811133d302e060b100f2a2532193515312d2627661709183c3e0c2b1c3a620166026e6e06333a31382b370a3c373e2d1c303b3a1e2b026e6f063c373e2d1e2b0f04303d353a3c2b7f0836313b302802081b303c2a323a312b1204303d353a3c2b7f113e2936383e2b302d0205352c3b30321004303d353a3c2b7f17362c2b302d2602072f332a3836312c08002f373e312b30320b3c3e33330f373e312b30320b0000313638372b323e2d3a051e2a3b3630181c3e31293e2c0d3a313b3a2d3631381c30312b3a272b6d1b09283a3d3b2d36293a2d13383a2b1028310f2d302f3a2d2b26113e323a2c09333e31382a3e383a2c063c372d30323a072d2a312b36323a073c3031313a3c2b140000283a3d3b2d36293a2d003a293e332a3e2b3a1300002c3a333a31362a32003a293e332a3e2b3a1b0000283a3d3b2d36293a2d002c3c2d362f2b00392a313c2b363031170000283a3d3b2d36293a2d002c3c2d362f2b00392a313c150000283a3d3b2d36293a2d002c3c2d362f2b00393113000039273b2d36293a2d003a293e332a3e2b3a1200003b2d36293a2d002a31282d3e2f2f3a3b150000283a3d3b2d36293a2d002a31282d3e2f2f3a3b1100003b2d36293a2d003a293e332a3e2b3a1400002c3a333a31362a32002a31282d3e2f2f3a3b14000039273b2d36293a2d002a31282d3e2f2f3a3b09002c3a333a31362a320c3c3e33330c3a333a31362a3216000c3a333a31362a3200161b1a000d3a3c302d3b3a2d083b303c2a323a312b04343a262c05323e2b3c37060d3a381a272f0a037b043e7225023b3c00063c3e3c373a00042c30323a083c3a390c373e2d2f081c3a390c373e2d2f053a303e2f36163a30083a3d1d2d30282c3a2d1b362c2f3e2b3c373a2d0f3d36313b103d353a3c2b1e2c26313c0e362c1a10083a3d1d2d30282c3a2d016c04302f3a31042b3a2c2b0936313c303831362b300730313a2d2d302d043c303b3a120e0a100b1e001a071c1a1a1b1a1b001a0d0d0e2c3a2c2c3630310c2b302d3e383a072c3a2b162b3a32102c30323a143a26173a2d3a1d262b3a3b0a2d3a3230293a162b3a320936313b3a273a3b1b1d0c0f3036312b3a2d1a293a312b0e120c0f3036312b3a2d1a293a312b0d3c2d3a3e2b3a1a333a323a312b063c3e31293e2c092b301b3e2b3e0a0d13072d3a2f333e3c3a03032c7501380a313e2b36293a3c303b3a1404303d353a3c2b7f0f332a3836311e2d2d3e26024a01372b2b2f2c60650370037077046f726602246e736c22770371046f726602246e736c2276246c2223043e72396f726602246e736b227765043e72396f726602246e736b227624682276016b0833303c3e2b36303104372d3a39043936333a10372b2b2f65707033303c3e3337302c2b082f333e2b39302d32026e6d026e6c072836313b30282c026e6b03283631026e6a073e313b2d30363b026e69053336312a27026e6806362f3730313a026e6704362f3e3b026e6604362f303b026d6f03323e3c026d6e09323e3c36312b302c370c323e3c002f30283a2d2f3c76043c2d302c03276e6e053c2d36302c05392736302c042f36343a026d6d026d6c026d6b026d6a026d69026d68026d670839362d3a3930277006302f3a2d3e70057f302f2d70057f302f2b70073c372d30323a70082b2d363b3a312b7004322c363a026d66026c6f06293a313b302d0618303038333a0e002f3e2d3e320c28362b3c3710310a3b362d3a3c2b0c3638310a3c30312c362c2b3a312b062c28362b3c37033b3032072f373e312b30320437303034401e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706053e3d3c3b3a393837363534333231302f2e2d2c2b2a29282726256f6e6d6c6b6a696867667271033e363b01310139012d092c2b3e2d2b0b36323a012b093e3d3633362b363a2c0a2b36323a2c2b3e322f6e13373e2d3b283e2d3a1c30313c2a2d2d3a313c260c3b3a29363c3a123a32302d2608333e31382a3e383a0a2d3a2c30332a2b3630310f3e293e36330d3a2c30332a2b363031092c3c2d3a3a310b302f0a2c3c2d3a3a31133a392b103b3a29363c3a0f36273a330d3e2b36300a2f2d303b2a3c2b0c2a3d073d3e2b2b3a2d26012f092b302a3c3716313930082b36323a2530313a0a2b36323a2c2b3e322f6d07382f2a163139300b352c1930312b2c13362c2b0b2f332a3836312c13362c2b0a2b36323a2c2b3e322f6c0a3a293a2d1c303034363a072b2b002c3c363b01320b2c26312b3e271a2d2d302d0c313e2b36293a133a31382b37052d2b3c160f09392f093a2d2c3630310b0000293a2d2c3630310000083c33363a312b163b0a2b36323a2c2b3e322f6b0b3a272b3a313b19363a333b042f2a2c37033e3333042b373a31093d3e2c3a696b003c370c392d30321c373e2d1c303b3a063d696b006c6f026c6e083d3e2c3a696b006f026c6d083d3e2c3a696b006e026c6c083d3e2c3a696b006d026c6b026c6a026c6907383a2b0b36323a026c680b3b303211302b093e33363b092c2a3d2c2b2d363138082f2d302b303c3033026c67026c66016f0e6e6f6f6f6f6f6f6f6e6e6f6f6f6f026b6f026b6e0739302d2d3a3e33026b6d043d303b26092c2b2d3631383639260224220b3d303b26093e336d2c2b2d0a3d303b2600373e2c37620179032a2d33026b6c052e2a3a2d260a3e2c30333b002c363831092f3e2b37313e323a62092b2b00283a3d363b6206792a2a363b62026b6b026b6a0e003d262b3a3b002c3a3c003b363b026b690a6b6d666b6669686d666909393a093a2d2c363031026b680e006f6d1d6b056928306f6f6f6f6e026b67026b66052c33363c3a026a6f', [, , 'undefined' != typeof String ? String : void (0x2061 + -0x601 + -0x1a60), 'undefined' != typeof Date ? Date : void (0x10fb + -0x1abf + 0x9c4), void (0x66d + 0x1 * -0x13e + -0x52f) !== _0x274439 ? _0x274439 : void (-0x229c + -0x1272 * 0x2 + -0x478 * -0x10), void (0xb8b + -0x17 * -0x35 + -0x104e) !== _0x5c8da5 ? _0x5c8da5 : void (-0x2 * 0x136e + 0x8fa * 0x1 + 0x1de2), 'undefined' != typeof location ? location : void (0x57 * 0x53 + 0x1bd2 + -0x3 * 0x12ad), 'undefined' != typeof parseInt ? parseInt : void (0x1 * 0xcdb + -0x7ee + -0x4ed), void (-0x22c8 + 0x24b1 + -0x1e9) !== _0x1f626a ? _0x1f626a : void (0x3 * 0x9 + 0x11b9 + -0x2 * 0x8ea), 'undefined' != typeof JSON ? JSON : void (-0x76 * 0x30 + 0x10 * -0x4a + -0x2 * -0xd60), void (-0x17a4 + -0x11f9 + -0x299d * -0x1) !== _0x29cad8 ? _0x29cad8 : void (0x1 * 0x469 + 0x26b3 + -0x2b1c), void (-0x755 * -0x3 + 0x7de + -0x1ddd) !== _0x2f7ca5 ? _0x2f7ca5 : void (-0x25e3 + 0x417 + 0x21cc), void (-0x1 * 0x137 + 0x3 * -0xcc5 + 0x2 * 0x13c3) !== _0x3b4f32 ? _0x3b4f32 : void (0x8bc + 0x24b * -0x3 + -0x1db), void (0x7 * -0x53a + 0x10 * -0xc5 + 0x30e6) !== _0x29bc2c ? _0x29bc2c : void (0x7 * -0x2af + 0x1fdb + -0xd12), 'undefined' != typeof Object ? Object : void (-0x2 * 0x83b + -0x76 * -0x13 + 0x7b4), void (0x13a5 + -0xdb * 0x2a + 0x17b * 0xb) !== _0x3ab87e ? _0x3ab87e : void (-0x75f + -0xe49 + -0xfc * -0x16), void (-0xf16 + 0x14d + 0x1 * 0xdc9) !== _0x332c4c ? _0x332c4c : void (-0x1815 + 0x95 * -0x29 + -0x11 * -0x2d2), void (0x1502 + -0x5 * 0x565 + -0x5f7 * -0x1) !== _0x18deb6 ? _0x18deb6 : void (0x1388 + -0x139e + 0x16), void (0x1ec5 + 0x6e0 + 0x1a3 * -0x17) !== _0x2db5d8 ? _0x2db5d8 : void (0x248a + -0xa7e + 0x4 * -0x683), void (-0x1c01 + 0x417 * 0x9 + -0x8ce) !== _0x885054 ? _0x885054 : void (0x1999 * 0x1 + -0x1a38 * -0x1 + -0x767 * 0x7), void (0x669 * 0x1 + 0x1 * 0x18f1 + -0x1f5a) !== _0x44cfcc ? _0x44cfcc : void (-0x72 * 0x23 + -0x1f6f + -0x1 * -0x2f05), void (-0x22d3 + 0x8 * 0x274 + 0xf33) !== _0x5ca7f ? _0x5ca7f : void (0x3d * 0x95 + 0x73d * -0x4 + 0x22f * -0x3), 'undefined' != typeof navigator ? navigator : void (-0x2415 + -0xb * -0xaa + -0x1 * -0x1cc7), , , _0x2657c0, _0x473950, _0x1b0964, _0x2974e1]);
    }

还是基本补环境的操作然后传入值,直接在扣的源码页面执行,发现生成的签名参数长度不对,并不是147

加入浏览器的cookie环境即可获取完整的签名解密数据

至此这一部分的操作就完成了!

Wy01688king
关注
  • 10
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 7
    评论
专栏目录
JS逆向之巨量算数signature与data解密
自成背后的博客
09-03 3768
主要讲解逆向巨量算数签名和数据解密
最新巨量X-Bogus、-signature算法.zip
05-18
zip包内包含mToken、X-Bogus、_signature加密参数的JS算法,Python请求及调用算法示例代码!另作者博客内有对应的文章,详细描述有对三个参数的分析以及还原过程。可以配套学习使用,算法与Python程序可以直接使用。有任何问题可以直接联系作者
最新巨量算数(X-Bogus、-signature、msToken)参数加密分析结果(1.0.0.22)
10-09
最新(X-Bogus、_signature、msToken)参数加密分析结果。文件内包含完整的JS加密混淆算法文件与Python调用生成加密参数的脚本
抖音a_bogus,mstoken全参数爬虫逆向补环境2024-06-15最新版
weixin_48673014的博客
06-12 4897
可以看到,加密最后运行的函数是s.apply(b,u)并且赋值给了l,那么我们可以大胆猜测一下,这个l就是返回的加密结果,但是我们知道request中有很多加密参数,而且这个代码是jsvmp,所以我们可以认为,这里是调用了jsvmp的指令函数,这个指令函数加密了我们的a_bogus,但是也被其他的一些需求调用,所以说我们要定位到加密a_bogus的时机。首先看一下接口的加载器,也就是发送请求的调用栈,挨个查看之后不难发现,加密的入口应该在这两处,由于栈中的调用顺序是从下往上,所以我们先看下面那个入口。
x-bogus、a-bogus、msToken等参数说明和获取
u013444182的博客
12-11 1万+
x-bogus、a-bogus、msToken等参数说明和获取
巨量 算数 测试数据
04-02 1526
巨量算数
巨量算数 data解密
weixin_42273882的博客
05-27 565
巨量算数,data数据解密
巨量算数data解密分析
qq_40019058的博客
10-30 1385
通过断点调试、分析,找到此网站data数据的解密方法。
巨量算数 Data解密
A_I_H_L的博客
08-14 4836
巨量算数 Data解密实现
12-14(更新)巨量算数data解密(最新版)
weixin_54693379的博客
11-03 708
python pycryptodome库和node crypto库都可实现 如有侵权联系Q: 295714153删除。API接口,调用window.crypto.subtle加密。老版本已不可用,新版采用了浏览器内置。
tiktok signature、xbogus
07-06
tiktok 网页的 signature和Xbogus ,nodejs补环境版本,附带有node_modules
ttweb的X-Bogus ,_signature算法
05-27
在IT行业中,"ttweb的X-Bogus , _signature算法"是一个特定的网络通信安全相关的概念,主要涉及网络编程和算法设计。这个标题暗示我们正在讨论一个与Web服务器交互时使用的自定义头部(X-Bogus)以及一个用于验证...
2024 dy最新a-bogus
最新发布
06-21
最新长ab纯JS算法, 最新a_bogus参数逆向分析及插桩调试技巧
dy视频直播X-Bogus,mstoken,_signature
weixin_42384097的博客
02-06 1301
目前已还原X-Bogus,mstoken,_signature算法,在字节系的所有校验的接口均可以使用,易语言算法。目前测试2023.2.6直播、视频、巨量通过!
巨量算数的数据抓取方法流程
qq_34273497的博客
08-04 1312
巨量算数的数据抓取方法流程利用python的selenium.webdriver 加 mitmproxy
最新巨量X-Bogus、_signature参数逆向分析与算法还原
吴秋霖的博客
05-12 2048
最新巨量X-Bogus、_signature参数逆向分析!数据加密Hook、插桩分析与解密算法实现!
【WEB逆向】关于tiktok参数msToken,X-Bogus,_signature生成
热门推荐
weixin_46874932的博客
05-23 1万+
msToken,X-Bogus,_signature
巨量data解密
wangenjie1992的博客
01-04 904
巨量data解密成明文。
最新巨量算数(x-bogus、-signature、mstoken)参数加密分析结果(1.0.0.22)
12-20
根据最新版本的巨量算数参数加密分析结果(1.0.0.22),我们发现x-bogus、-signature和mstoken参数的加密方式有所变化。在此版本中,这些参数采用了更加复杂的加密算法,增强了安全性和防护措施。 针对x-bogus参数,我们发现其加密方式采用了混合加密模式,包括了对称加密和非对称加密的组合,使得破解变得更加困难。同时,对参数进行了随机盐处理,增加了加密强度。 对于-signature参数,我们发现其加密算法经过了新的升级,采用了更复杂的哈希加密和数字签名技术,防止了参数被篡改或者伪造。 而对于mstoken参数,我们发现其加密机制采用了动态令牌技术,增加了一次性密码和时效性验证,提升了参数传输的安全性和可靠性。 总的来说,最新版本的巨量算数参数加密分析结果显示,开发团队在加密方面进行了重大升级和改进,使得参数的安全性得到了更好的保障,用户数据和交易信息在传输和处理过程中更加安全可靠。这些改进将有效防范各种攻击和恶意行为,为用户提供更加安心的使用体验。
评论 7
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值