某安网别逆向,一不小心就......

小明是一个喜欢在网上冲浪的年轻人,有一天他发现自己的浏览历史被一个神秘网站所掌握。他决定追踪这个网站,最终发现了一个逆向cookie的方法。于是小明开始了他的行动——他开始了一场刺激的冒险,试图找出那个神秘的网站,并摧毁他的逆向cookie技术。这是一场令人兴奋的旅程,让小明不仅仅是拯救了自己的隐私,还成为了一个网络安全的英雄。(故事情节虚构😂) 


一、前言介绍

前言:在现代互联网中,cookie成为了网站管理的重要工具。某些网站会对cookie进行加密,以加强数据的安全性和保密性。然而,逆向加密算法并不是一件简单的事情。本文将探讨如何逆向某安网站的cookie加密参数,向读者介绍这一过程中所涉及的技术和工具,并提供详细的步骤和示例代码,以帮助读者更好地理解和掌握Cookie加密的原理与实现。

二、网站分析

1、首先打开我们本次分析的网址,通过curl复制请求信息,截图如下:

图片

2、将刚刚Copy as cURL的信息粘贴到curl在线工具中转换为Python代码,截图如下:

图片

3、复制上面的代码到pycharm工具中,运行代码后,截图如下所示:

图片

4、很显然,网站可以正常访问。我们将cookie去掉后,再次运行代码,截图如下所示:

图片

5、观察上图,我们发现网站不能够正常展示了。紧接着,我们一起分析下cookie中的参数都有哪些吧!经过测试,以下参数会影响网站首页正常展示:

  • __jsluid_s

  • __jsl_clearance_s

说明:接下来让我们通过技术手段去分析这些参数如何生成,并能够正常访问该网站吧。

三、参数分析

1、我们将pycharm中cookie全部清空,再次发送请求包,此刻注意观察接口状态码,截图如下所示:

图片

总结:得到状态码信息后,如果我们想要通过代码去重现浏览器的请求,则需要浏览器清除cookie后,捕获网站的请求栈则即可分析出cookie中的加密值是如何生成的。

2、接下来,我们使用EditThisCookie插件清空该网站cookie,截图如下所示:

图片

3、执行清空cookie命令后,要确保当前网站cookie信息如下图所示即可:

图片

4、接下来我们打开开发者工具,捕获新的请求,重现cookie加载获取过程,截图如下所示:

图片

5、观察第一个521状态码的请求,分析下Response、Request信息,截图如下所示:

图片

总结:我们在第一个index.html请求中发现了__jsluid_s参数,该参数是通过Response Headers中的SetCookie返回的。但是我们在第一个index.html的Response中并没有看到pycharm中的那些js代码,此刻我比较疑惑;接下来我们一起分析下第二个521请求。

6、我们观察第二个521状态的请求,分析Response、Request信息,截图如下所示:

图片

环节总结:此刻我们发现Request请求头中两个参数都已经填充,我们点击Response栏目,发现依旧为空,此刻我更加好奇,这些参数是如何自己填充进去的?于是我想到了,想看看正常请求成功后,index.html的堆栈信息吧。response体中空数据截图如下:

图片

7、接下来,我们查看200状态码的index.html的请求信息,截图如下所示:

图片

总结:我们发现200状态码的请求和刚刚第二次521状态码请求中的cookie参数是一致的,哦不对,仔细观察,发现__jsl_clearance_s参数还是不一样的。那么200状态这次请求,他到底中间进行了哪些运算呢?

8、接下来,我们输出一下该请求堆栈截图,如下所示:

图片

总结:很明显,这个堆栈信息和我们刚刚看到的两个521请求、1个200请求刚好对应,可我们观察发现,该堆栈信息都是html页面返回给我们的,而并不像往常一样是通过js文件计算生成的。而我们在两次521请求的页面中,看不到任何response信息,cookie的参数到底如何计算的呢?接下来,我们进入重要环节。

9、先给浏览器设置代理,然后使用charles工具分析该网站,捕获完整请求,我们这么做的目的是怀疑浏览器把response的响应内容给提前拦截了,而我们使用charles,能看到完整的信息,再次捕获请求后,截图如下所示:

图片

总结:哈哈,果然不出我所料,这不就是pycharm中,我们执行看到的response内容吗?那么我们看看第二个521请求的代码内容是什么。截图如下:

图片

总结:经过分析,我们发现第二个521请求的response内容也是一段js代码,总算有点思路了。参数分析环节浪费时间太多了,接下来我们进入算法还原环节去实现js代码还原吧。

四、算法还原

1、先把第一个521请求的内容粘贴出来,复制到浏览器Console界面执行,截图如下所示:

图片

总结:好家伙,这不就是第二个请求的__jsl_clearance_s参数么?那么我们接下来编辑下代码,使用python发包获取第二次521请求的响应内容吧。

2、我们先对第一次521请求发包,然后组装请求并进行第二次发包,完整代码如下:

  def get_first_cookies(self) -> Dict[str, str]:
        response = self.session.get(url=self.url, headers=self.headers)
        pattern = re.compile('<script>document\.cookie=(.*?);location', re.S)
        js = re.findall(pattern, response.text)[0]
        jsl_clearance_s = execjs.eval(js).split(';')[0]
        first_cookies = jsl_clearance_s.split("=")
        cookies = {
            "__jsl_clearance_s": first_cookies[1],
            "__jsluid_s": response.cookies.get("__jsluid_s"),
        }
        return cookies

    def get_second_cookies(self, first_cookies: Dict[str, str]):
        response = requests.get(url=self.url, headers=self.headers, cookies=first_cookies)
        print(response.text)

3、代码运行后,我们在pycharm中查看信息,截图如下:

图片

总结:完美啊,这不就是刚刚charles工具中看到的代码么?那么接下来我们将js代码整理出来,进行分析并还原吧。

4、复制response返回的js代码到Console界面执行,截图如下所示:

图片

5、代码运行后,我发现network中,index.html请求立马全部重新发了一次包,截图如下:

图片

总结:此刻可以肯定,这段js代码有点类似与瑞数类型的网站,我们想要看到网站首页,就要对这段js代码进行还原。

6、复制代码并创建index.js文件,截图如下所示:

图片

总结:我的第一感觉,这个代码混淆好厉害啊,本来想着使用AST解除混淆,但是想想也就600多行代码,不用绝招了,直接开干。

7、在js代码最后,我发现了一个重要信息,截图如下:

图片

总结:这个go函数方法,我们在前面的index.html的状态码为200请求堆栈中见到过。现在整个流程一下子一目了然了,接下来,我们只需要还原这个go方法,然后将获取的json数据传递进去进行加密计算就能完成对这个网站的还原。

8、为了还原js代码,我们对js代码进行补环境,这个过程有点棘手,补环境截图如下:

图片

图片

总结:这里我也没啥技巧,缺啥补啥,环境补完后,运行代码,截图如下图所示:

图片

9、不说废话,直接附上补完环境后的完整JS代码:

window = global;
window.navigator = {
    "userAgent": 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36'
}
window.document = {
    "referrer": "https://xxx/index.html",

}
window.location = {
    "ancestorOrigins": {},
    "href": "https://xxxx/index.html",
    "origin": "https://xxxx",
    "protocol": "https:",
    "host": "xxxxx",
    "hostname": "xxxx",
    "port": "",
    "pathname": "/index.html",
    "search": "",
    "hash": ""
}
var _0x39ca = ['wqwHwq/Dng==', 'wo7Dh8KHw6I=', 'PsK1QjE=', 'w60iwpMJ', 'CsOaw5zCiw==', 'IcOAw5DChQ==', 'VMKzCcOq', 'c8KUw6tu', 'w4psL00=', 'wq4sf8OZ', 'w6bDpCku', 'R8OkIUA=', 'wqlkJ8OQ', 'w6bCj8OTw60=', 'dCBKwqQ=', 'woJQRGY=', 'wo9GMsOB', 'T8Ohbz8=', 'w41cw7PDtQ==', 'KMOOwq1o', 'wp1dw6RJ', 'J8K4w6/Dig==', 'w5NKNsK+', 'w5sEwqF7', 'TXUbWg==', 'wrDDmsK6w4w=', 'woTCm15l', 'w7NbwqoY', 'V8OSLFo=', 'EAHDhcK8', 'J2phKw==', 'wpEjYsO4', 'wqJBe2E=', 'w6hUw6rDnQ==', 'w4UPwp4C', 'ES99wpo=', 'wrkPwqBC', 'wrDDhCDDpQ==', 'wqpXWkU=', 'Lz/Di8KJ', 'csK4ICA=', 'K8Oaw7TChQ==', 'wrfDlsKRw4g=', 'wpUIQhg=', 'w7luJWA=', 'wo4ZwoZQ', 'w7hPJXM=', 'JsKJTMKi', 'w5zDuAoo', 'DMKAwpbCgA==', 'VUZcw5A=', 'OVPDtcKj', 'wogewrlO', 'DMOAwr1i', 'woPDgmM1', 'wpjCvEsO', 'FVLDqMKw', 'AUzDv8Ow', 'J8KRVyU=', 'w7tHOcKT', 'QsKaE8Or', 'w5VnD3Y=', 'w7HDqgvDiA==', 'WsKCDBE=', 'wr7Di8Kuw5g=', 'D0lrwrI=', 'DMKxwpnCjw==', 'wqcTwqXDtg==', 'Yg/CjSk=', 'wr3Dm17Dsw==', 'H8OHw4sh', 'w70wwqlB', 'wrYgwqdZ', 'wq4zwrhg', 'O8KUw7PDhw==', 'wr3Cvnd2', 'w6RPGcKE', 'eW0CZQ==', 'SMKNEsOh', 'wpXCpWHCnw==', 'WkTCv3s=', 'DC3DsMKO', 'YWZ7w5A=', 'w5Baw6RI', 'w5fDojsu', 'CitDwoY=', 'w7/CisO0w6c=', 'w67DhTdk', 'wpdtCMOf', 'QsKwB8Oa', 'wpgAwqXDiA==', 'eMKPBMOm', 'L8OAw5rCjg==', 'wpvDoFMP', 'ZlglUA==', 'RRFOwoE=', 'wq7DqcKQw6o=', 'GijDjcKo', 'w6lTw4TDkA==', 'wrhBVGw=', 'wo4mwo7Dmg==', 'wobDlsKrw4s=', 'wobCsUww', 'QsKIG8O4', 'w6PCvsOZw4A=', 'GDfDlMKq', 'Pk3Do8KJ', 'WsKQEA==', 'wo1sS2w=', 'ZRrCpyY=', 'wrAowqNq', 'ZTvCmRI=', 'wo3DnwvDmA==', 'w5kZwqJ3', 'E8O/w73Cgg==', 'w5ZBwqQH', 'wrjDtnw5', 'CMOVw5DCjQ==', 'woN+LsOL', 'wrjDlyLDrQ==', 'wo3Dh8Kgw7o=', 'wq3Cm0PCsw==', 'wrDCr1hq', 'wpvDgQHDgw==', 'ccO+L0M=', 'H2zDicK4', 'HsKRwrDCqA==', 'J8KVZ8K9', 'w4vClMO8w4c=', 'B8OSD8KV', 'SsKew5FR', 'Pl3DvcKu', 'a2R5w6c=', 'wovCsGEE', 'GsKTwrRl', 'Pytlwr4=', 'w7UHw70M', 'wpvCkH5e', 'fsK/CAI=', 'w5vDuyvDgw==', 'T8KPD8OG', 'w7h6A8Kq', 'OCFGwoM=', 'G8Kzw7TDkQ==', 'bMKww5N6', 'UDDCsAc=', 'w4U/w44K', 'V8OZehw=', 'AUrDv8O0', 'woNgBsOy', 'w6QvwqQm', 'YsKXw4NN', 'PcKZw67DmA==', 'wqU3wrvDuQ==', 'AsKxeA4=', 'IsOPwoNg', 'A2N8LA==', 'djrCqxU=', 'PcKGBcOi', 'YsOow545', 'Pxlpwp0=', 'IsKXwpPCig==', 'fUTCuMK+', 'wpfDucKJw7M=', 'H3tHwqM=', 'Yl0PTw==', 'wopQX1I=', 'wosQwpBb', 'F8KYwrU9', 'C8KIwrpn', 'CsKVwpVp', 'NMKwby8=', 'w6dVAMKH', 'CMKxwrrCiw==', 'wqw1wpXDnQ==', 'w4EBwoc=', 'X8KLw51v', 'wo7CrFAm', 'wocqd8Ov', 'w4nCvcOUw5M=', 'wpvDsFAO', 'wq9zG8O2', 'w7XDvS0B', 'LERvEg==', 'w4YMwoRZ', 'w5YBw6g4', 'w4TCjMOrw5I=', 'YsKBw5pQ', 'fMOXUhY=', 'LsK+w6fDvA==', 'wrDDsTTDlw==', 'wqzDr38W', 'AcOHw6DCgA==', 'wq7DlsK4w6U=', 'w6Zyf8OU', 'aGJWw4A=', 'Z8O7UQ==', 'dll7w6Q=', 'wqxROMO9', 'DQ9pwpg=', 'IiTDp8K2', 'XcKVw75a', 'VMOjPUI=', 'OERz', 'fsKbw5Z2', 'wrLCm0DCtA==', 'NTHDm8Kr', 'wrLDgD7Dsw==', 'e8OOwo3Cnw==', 'CcKYX8KT', 'SsKmw59q', 'woRCeFg=', 'AMKsw4DDtg==', 'wp8fwqLDqg==', 'wrc5Fg4=', 'w5F7IcKO', 'ektTw4U=', 'Oj9dwq4=', 'w67DoScP', 'HlRkwos=', 'w6lSwocI', 'dcKEw6FW', 'wpDCgGwu', 'w7/Dmg0C', 'wpxNTU8=', 'ecOfGkU=', 'c01bw7M=', 'B3Njwr8=', 'wrDDplbCkg==', 'LcKrYCM=', 'w752LsKb', 'I8OpwodV', 'RQVEwrs=', 'Fm/Dg8KE', 'wqvCn302', 'BRRmwoI=', 'KU7DrMKu', 'w7Ysw7oy', 'XMOVfDE=', 'w4fDtxkT', 'w4wxTkY=', 'wpbCgmcA', 'P8KVwr7Cgg==', 'w5HDvTTDkQ==', 'wrsfcSA=', 'BU19Hg==', 'w57DqQBM', 'w7hqwqUp', 'wog7woXDlw==', '6K2H5rGx6amH6K6r', 'wrnDrDgu', 'wqkgwpI=', 'w4Eawql3', 'EcOiE8K7', 'w6zDoynDjw==', 'w7sQwoxo', 'KMOuTFw=', 'w7oHfUw=', 'PMKNVxk=', 'YTFIwpM=', 'Uh3Do34=', 'LMKeRcK8', 'w6skN8KI', 'OcKowrDCiw==', 'ccOOG1w=', 'w6jCvGo3', 'wrnCjMK+wpo=', 'XQNMwpk=', 'wogLwqBK', 'w6EtRk0=', 'wrZnSUU=', 'w4EqQ1o=', 'GMKCwoTChw==', 'w5jDjSnDpw==', 'wrcQwox0', 'wrnCt2Jr', 'woo6X8OW', 'I8OEwqhp', 'QsOyK0s=', 'wo3ChU86', 'wp90HsOQ', 'N8Kdw4nDoA==', 'IcKeX8K5', 'WMK6DsOI', 'LcKawpzCnw==', 'w75NBHg=', 'UsKJw7Fw', 'w7YBwo4P', 'csK+w4ps', 'a8KBw5hw', 'w77Cq1HDnQ==', 'wpbCvEsP', 'woFGNMOf', 'wqU1wpfDmw==', 'w6x/Y8Ox', 'w5FpKcKd', 'XBnCswU=', 'L8OWI8Kd', 'w6scwqxg', 'wrQNfsOL', 'f2w+fw==', 'ER7DrcKj', 'TMKmw797', 'woFLblM=', 'X8KTw4p2', 'WMK2w4Rc', 'VsO2w7bDrw=='];
(function (_0x35faff, _0x39ca66) {
    var _0x348da6 = function (_0x19bbf7) {
        while (--_0x19bbf7) {
            _0x35faff['push'](_0x35faff['shift']());
        }
    };
    _0x348da6(++_0x39ca66);
}(_0x39ca, 0x146));
var _0x348d = function (_0x35faff, _0x39ca66) {
    _0x35faff = _0x35faff - 0x0;
    var _0x348da6 = _0x39ca[_0x35faff];
    if (_0x348d['vXrXzl'] === undefined) {
        (function () {
            var _0x599304 = function () {
                var _0x460dd1;
                try {
                    _0x460dd1 = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
                } catch (_0xebd55) {
                    _0x460dd1 = window;
                }
                return _0x460dd1;
            };
            var _0xa30b95 = _0x599304();
            var _0x3b85b0 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
            _0xa30b95['atob'] || (_0xa30b95['atob'] = function (_0x538592) {
                var _0x8b27de = String(_0x538592)['replace'](/=+$/, '');
                var _0x406019 = '';
                for (var _0x42a791 = 0x0, _0x357eae, _0x495e41, _0x13d4a9 = 0x0; _0x495e41 = _0x8b27de['charAt'](_0x13d4a9++); ~_0x495e41 && (_0x357eae = _0x42a791 % 0x4 ? _0x357eae * 0x40 + _0x495e41 : _0x495e41, _0x42a791++ % 0x4) ? _0x406019 += String['fromCharCode'](0xff & _0x357eae >> (-0x2 * _0x42a791 & 0x6)) : 0x0) {
                    _0x495e41 = _0x3b85b0['indexOf'](_0x495e41);
                }
                return _0x406019;
            });
        }());
        var _0x347c19 = function (_0x1a4caf, _0x39334e) {
            var _0x513065 = [], _0x3ae5bc = 0x0, _0x30f95a, _0x5a71d6 = '', _0xa0c4d5 = '';
            _0x1a4caf = atob(_0x1a4caf);
            for (var _0xc10171 = 0x0, _0x292b42 = _0x1a4caf['length']; _0xc10171 < _0x292b42; _0xc10171++) {
                _0xa0c4d5 += '%' + ('00' + _0x1a4caf['charCodeAt'](_0xc10171)['toString'](0x10))['slice'](-0x2);
            }
            _0x1a4caf = decodeURIComponent(_0xa0c4d5);
            var _0x3cbf1d;
            for (_0x3cbf1d = 0x0; _0x3cbf1d < 0x100; _0x3cbf1d++) {
                _0x513065[_0x3cbf1d] = _0x3cbf1d;
            }
            for (_0x3cbf1d = 0x0; _0x3cbf1d < 0x100; _0x3cbf1d++) {
                _0x3ae5bc = (_0x3ae5bc + _0x513065[_0x3cbf1d] + _0x39334e['charCodeAt'](_0x3cbf1d % _0x39334e['length'])) % 0x100;
                _0x30f95a = _0x513065[_0x3cbf1d];
                _0x513065[_0x3cbf1d] = _0x513065[_0x3ae5bc];
                _0x513065[_0x3ae5bc] = _0x30f95a;
            }
            _0x3cbf1d = 0x0;
            _0x3ae5bc = 0x0;
            for (var _0x4354b3 = 0x0; _0x4354b3 < _0x1a4caf['length']; _0x4354b3++) {
                _0x3cbf1d = (_0x3cbf1d + 0x1) % 0x100;
                _0x3ae5bc = (_0x3ae5bc + _0x513065[_0x3cbf1d]) % 0x100;
                _0x30f95a = _0x513065[_0x3cbf1d];
                _0x513065[_0x3cbf1d] = _0x513065[_0x3ae5bc];
                _0x513065[_0x3ae5bc] = _0x30f95a;
                _0x5a71d6 += String['fromCharCode'](_0x1a4caf['charCodeAt'](_0x4354b3) ^ _0x513065[(_0x513065[_0x3cbf1d] + _0x513065[_0x3ae5bc]) % 0x100]);
            }
            return _0x5a71d6;
        };
        _0x348d['TrRvFr'] = _0x347c19;
        _0x348d['cvxCUg'] = {};
        _0x348d['vXrXzl'] = !![];
    }
    var _0x19bbf7 = _0x348d['cvxCUg'][_0x35faff];
    if (_0x19bbf7 === undefined) {
        if (_0x348d['qceoVq'] === undefined) {
            _0x348d['qceoVq'] = !![];
        }
        _0x348da6 = _0x348d['TrRvFr'](_0x348da6, _0x39ca66);
        _0x348d['cvxCUg'][_0x35faff] = _0x348da6;
    } else {
        _0x348da6 = _0x19bbf7;
    }
    return _0x348da6;
};

function hash(_0x18974e) {
    var _0x51ab30 = {};
    _0x51ab30[_0x348d('0xac', 'yolJ') + 'f'] = function (_0x5580cb, _0x354d0a) {
        return _0x5580cb & _0x354d0a;
    };
    _0x51ab30[_0x348d('0x47', 'ENm)') + 'x'] = function (_0x4f5197, _0x140fdd) {
        return _0x4f5197 & _0x140fdd;
    };
    _0x51ab30[_0x348d('0x10d', '0]K5') + 'P'] = function (_0x22e5c5, _0x176022) {
        return _0x22e5c5 >> _0x176022;
    };
    _0x51ab30[_0x348d('0x3f', 'U5T%') + 'W'] = function (_0x29d063, _0x528a7b) {
        return _0x29d063 | _0x528a7b;
    };
    _0x51ab30[_0x348d('0xce', 'kPfA') + 'M'] = function (_0x4f4b70, _0x15bd55) {
        return _0x4f4b70 & _0x15bd55;
    };
    _0x51ab30[_0x348d('0x17', 'TYI#') + 'f'] = _0x348d('0x1', '@[DX') + _0x348d('0x3d', '$po5') + _0x348d('0x4c', 'U5T%') + _0x348d('0x95', 'ZSd[') + _0x348d('0x32', 'S3^t') + '|3';
    _0x51ab30[_0x348d('0x127', '(FPo') + 's'] = function (_0x5bc0e3, _0x2b2643) {
        return _0x5bc0e3(_0x2b2643);
    };
    _0x51ab30[_0x348d('0x36', 'bxDh') + 'W'] = function (_0x389136, _0x2c174c, _0x4d35b4, _0x3cde50) {
        return _0x389136(_0x2c174c, _0x4d35b4, _0x3cde50);
    };
    _0x51ab30[_0x348d('0xd6', 'G#nw') + 'z'] = function (_0x2ea63f, _0xea95d8, _0x4e476d) {
        return _0x2ea63f(_0xea95d8, _0x4e476d);
    };
    _0x51ab30[_0x348d('0x118', 'YMlY') + 'e'] = function (_0xba7891, _0x44055f) {
        return _0xba7891 - _0x44055f;
    };
    _0x51ab30[_0x348d('0x3', 'nU59') + 'a'] = _0x348d('0x3e', '[HWx') + 'u';
    _0x51ab30[_0x348d('0x106', 'zRV7') + 'c'] = function (_0x423f15, _0x1df435) {
        return _0x423f15 >>> _0x1df435;
    };
    _0x51ab30[_0x348d('0x94', 'bxDh') + 'R'] = function (_0x29604d, _0x18dbaa) {
        return _0x29604d << _0x18dbaa;
    };
    _0x51ab30[_0x348d('0x23', 'yolJ') + 'H'] = function (_0x3fec90, _0x45852b) {
        return _0x3fec90 & _0x45852b;
    };
    _0x51ab30[_0x348d('0xd', 'AGXa') + 'u'] = function (_0x454b18, _0x2b7c6f) {
        return _0x454b18 ^ _0x2b7c6f;
    };
    _0x51ab30[_0x348d('0xe2', 'Rtgy') + 'Y'] = function (_0x43e4d5, _0x312ff2) {
        return _0x43e4d5 & _0x312ff2;
    };
    _0x51ab30[_0x348d('0x37', 'zRV7') + 'E'] = function (_0x202ada, _0x473fce) {
        return _0x202ada ^ _0x473fce;
    };
    _0x51ab30[_0x348d('0xc9', 'hqry') + 'i'] = function (_0x4f54c4, _0x1118cb, _0x50b680) {
        return _0x4f54c4(_0x1118cb, _0x50b680);
    };
    _0x51ab30[_0x348d('0x4e', '[HWx') + 'N'] = function (_0x52d636, _0x4f2c48) {
        return _0x52d636 ^ _0x4f2c48;
    };
    _0x51ab30[_0x348d('0xb3', 'orhZ') + 'y'] = function (_0x4b896c, _0x429cdd) {
        return _0x4b896c ^ _0x429cdd;
    };
    _0x51ab30[_0x348d('0x122', 'm%Fh') + 'S'] = function (_0x699e77, _0x454fcf, _0x50b106) {
        return _0x699e77(_0x454fcf, _0x50b106);
    };
    _0x51ab30[_0x348d('0x12d', '!jdL') + 'g'] = function (_0x43c165, _0x254562, _0x3f242e) {
        return _0x43c165(_0x254562, _0x3f242e);
    };
    _0x51ab30[_0x348d('0x46', '^J5D') + 'l'] = function (_0x27b453, _0x3f7f8b, _0xee8f32) {
        return _0x27b453(_0x3f7f8b, _0xee8f32);
    };
    _0x51ab30[_0x348d('0xc7', 'nr&J') + 'K'] = function (_0x123905, _0x51f7a2) {
        return _0x123905 >> _0x51f7a2;
    };
    _0x51ab30[_0x348d('0x1d', 'nr&J') + 'a'] = function (_0x3dbfe6, _0x156cf8) {
        return _0x3dbfe6 < _0x156cf8;
    };
    _0x51ab30[_0x348d('0x4f', 'qo6P') + 'i'] = _0x348d('0xc3', '%6S(') + _0x348d('0x10f', '1oFq') + _0x348d('0xf3', 'orhZ') + _0x348d('0xbd', 'w!2h') + _0x348d('0x33', 'NRJ5') + _0x348d('0x8b', 'fe9y') + _0x348d('0x40', '@[DX') + _0x348d('0x81', '[HWx') + _0x348d('0xf6', 'nr&J') + _0x348d('0xd1', '1oFq');
    _0x51ab30[_0x348d('0xff', 'bxDh') + 'c'] = _0x348d('0x8f', 'G#nw') + _0x348d('0xe3', 'yolJ') + _0x348d('0x18', 'AGXa') + _0x348d('0x26', '[HWx') + _0x348d('0xf7', '^caq') + '|3';
    _0x51ab30[_0x348d('0x52', '^caq') + 'i'] = function (_0x2e3fbc, _0x459a52) {
        return _0x2e3fbc + _0x459a52;
    };
    _0x51ab30[_0x348d('0x7', 'bgHV') + 'Y'] = function (_0x5b01bd, _0x53e886, _0x42734b) {
        return _0x5b01bd(_0x53e886, _0x42734b);
    };
    _0x51ab30[_0x348d('0xcb', 'GVpO') + 'Q'] = function (_0x2a2687, _0x481e4e) {
        return _0x2a2687 - _0x481e4e;
    };
    _0x51ab30[_0x348d('0x2c', 'FnP1') + 'T'] = function (_0x531f1a, _0x457369, _0xe685b1) {
        return _0x531f1a(_0x457369, _0xe685b1);
    };
    _0x51ab30[_0x348d('0x2d', 'TYI#') + 'E'] = function (_0x5a2557, _0xe02cbf, _0x53ebe7) {
        return _0x5a2557(_0xe02cbf, _0x53ebe7);
    };
    _0x51ab30[_0x348d('0xae', '^caq') + 'F'] = function (_0xc77f12, _0x5a54b2) {
        return _0xc77f12(_0x5a54b2);
    };
    _0x51ab30[_0x348d('0xe0', '1oFq') + 'C'] = function (_0x32b68a, _0x23ca71, _0x12013d) {
        return _0x32b68a(_0x23ca71, _0x12013d);
    };
    _0x51ab30[_0x348d('0x9d', 'NRJ5') + 'I'] = function (_0x2f0545, _0xf3e878) {
        return _0x2f0545 - _0xf3e878;
    };
    _0x51ab30[_0x348d('0x3c', 'S3^t') + 's'] = function (_0x2ad770, _0x18f93e) {
        return _0x2ad770 << _0x18f93e;
    };
    _0x51ab30[_0x348d('0x61', 'yolJ') + 'n'] = function (_0x154e20, _0x19ddcd) {
        return _0x154e20 / _0x19ddcd;
    };
    _0x51ab30[_0x348d('0x111', '3X1r') + 'd'] = function (_0x5e115f, _0x4aea4a) {
        return _0x5e115f % _0x4aea4a;
    };
    _0x51ab30[_0x348d('0xec', 'jBZD') + 'u'] = function (_0x3904e8, _0x596e42) {
        return _0x3904e8 < _0x596e42;
    };
    _0x51ab30[_0x348d('0xdc', 'nr&J') + 'o'] = function (_0x8fc0e6, _0x34e21e) {
        return _0x8fc0e6 > _0x34e21e;
    };
    _0x51ab30[_0x348d('0x116', 'fe9y') + 'j'] = function (_0x15b5ae, _0x4c75c8) {
        return _0x15b5ae >> _0x4c75c8;
    };
    _0x51ab30[_0x348d('0xef', 'm%Fh') + 'a'] = function (_0x36c10c, _0x4db2b7) {
        return _0x36c10c | _0x4db2b7;
    };
    _0x51ab30[_0x348d('0x72', 'GVpO') + 'A'] = function (_0x46611e, _0x48b6c5) {
        return _0x46611e | _0x48b6c5;
    };
    _0x51ab30[_0x348d('0xea', 'fe9y') + 'U'] = function (_0x49ae41, _0x5e8868) {
        return _0x49ae41 & _0x5e8868;
    };
    _0x51ab30[_0x348d('0x88', 'ZSd[') + 'J'] = _0x348d('0x8c', '(95B') + _0x348d('0xe1', '01z4') + _0x348d('0xd5', 'ylod') + _0x348d('0x43', '!jdL');
    _0x51ab30[_0x348d('0x130', '3X1r') + 'K'] = _0x348d('0x44', 'GVpO') + _0x348d('0xed', 'FnP1') + _0x348d('0x131', 'FVwu') + _0x348d('0x103', 'kPfA');
    _0x51ab30[_0x348d('0xa7', '!jdL') + 'y'] = function (_0x1a4c99, _0x58fa19) {
        return _0x1a4c99 - _0x58fa19;
    };
    _0x51ab30[_0x348d('0x10e', 'NRJ5') + 'v'] = function (_0x5de6e5, _0xb380de) {
        return _0x5de6e5 % _0xb380de;
    };
    _0x51ab30[_0x348d('0x67', 'bgHV') + 'g'] = function (_0x49d76d, _0x342565) {
        return _0x49d76d >> _0x342565;
    };
    _0x51ab30[_0x348d('0xbf', '(FPo') + 'O'] = function (_0x33b5c5, _0x25f286) {
        return _0x33b5c5 * _0x25f286;
    };
    _0x51ab30[_0x348d('0x6f', '(FPo') + 'z'] = function (_0x5f4645, _0x257a5c) {
        return _0x5f4645 - _0x257a5c;
    };
    _0x51ab30[_0x348d('0x114', 'nU59') + 'z'] = function (_0xb9c259, _0x1bdb2d) {
        return _0xb9c259 % _0x1bdb2d;
    };
    _0x51ab30[_0x348d('0xa9', 'eB[$') + 'Q'] = function (_0x2d2380, _0x119681, _0x341741) {
        return _0x2d2380(_0x119681, _0x341741);
    };
    _0x51ab30[_0x348d('0x1e', 'EKre') + 'C'] = function (_0x565986, _0x5b6cee) {
        return _0x565986(_0x5b6cee);
    };
    _0x51ab30[_0x348d('0xb7', 'kPfA') + 't'] = function (_0x31224e, _0x1d109e) {
        return _0x31224e * _0x1d109e;
    };
    var _0x255a4b = _0x51ab30;
    var _0xf3f8f4 = 0x8;
    var _0x44611d = 0x0;

    function _0x3a38c9(_0x339416, _0x52ed08) {
        var _0x1e38c7 = _0x255a4b[_0x348d('0x31', '$po5') + 'f'](_0x339416, 0xffff) + _0x255a4b[_0x348d('0x6a', 'G#nw') + 'x'](_0x52ed08, 0xffff);
        var _0x31c034 = _0x255a4b[_0x348d('0x5c', '$po5') + 'P'](_0x339416, 0x10) + (_0x52ed08 >> 0x10) + (_0x1e38c7 >> 0x10);
        return _0x255a4b[_0x348d('0x53', 'GVpO') + 'W'](_0x31c034 << 0x10, _0x255a4b[_0x348d('0xaf', 'hKNx') + 'M'](_0x1e38c7, 0xffff));
    }

    function _0x533e87(_0x4fa225, _0x36b4cd) {
        var _0x350bfb = {};
        _0x350bfb[_0x348d('0xde', 'GVpO') + 'F'] = _0x255a4b[_0x348d('0xb2', 'U5T%') + 'f'];
        _0x350bfb[_0x348d('0x83', '4Hrm') + 'z'] = function (_0x50aac9, _0x80e62) {
            return _0x255a4b[_0x348d('0x1a', 'bxDh') + 's'](_0x50aac9, _0x80e62);
        };
        _0x350bfb[_0x348d('0x7f', '@[DX') + 'i'] = function (_0x240aa7, _0x34c5f6, _0x521d74) {
            return _0x240aa7(_0x34c5f6, _0x521d74);
        };
        _0x350bfb[_0x348d('0xd7', 'GVpO') + 'r'] = function (_0x3a6e45, _0x57c944, _0x4682f9) {
            return _0x3a6e45(_0x57c944, _0x4682f9);
        };
        _0x350bfb[_0x348d('0x6d', '!jdL') + 'J'] = function (_0x10bd90, _0x1a4416, _0x4542db, _0x35b6a0) {
            return _0x255a4b[_0x348d('0xe4', 'hqry') + 'W'](_0x10bd90, _0x1a4416, _0x4542db, _0x35b6a0);
        };
        _0x350bfb[_0x348d('0xa5', 'jBZD') + 'R'] = function (_0x3e6816, _0x34252a) {
            return _0x3e6816 < _0x34252a;
        };
        _0x350bfb[_0x348d('0x113', 'hKNx') + 'V'] = function (_0x1e3fa9, _0x8151e9) {
            return _0x1e3fa9 + _0x8151e9;
        };
        _0x350bfb[_0x348d('0x48', '^J5D') + 'i'] = function (_0x30b8c0, _0x3422e7, _0x3fc438) {
            return _0x255a4b[_0x348d('0xfe', '1oFq') + 'z'](_0x30b8c0, _0x3422e7, _0x3fc438);
        };
        _0x350bfb[_0x348d('0x9e', 'GVpO') + 'f'] = function (_0x33ad9a, _0x5a8cd6) {
            return _0x33ad9a - _0x5a8cd6;
        };
        _0x350bfb[_0x348d('0x57', 'G#nw') + 'S'] = function (_0x51fc1a, _0xd039ea) {
            return _0x255a4b[_0x348d('0x85', 'zRV7') + 'e'](_0x51fc1a, _0xd039ea);
        };
        var _0x4e6a4f = _0x350bfb;
        if (_0x255a4b[_0x348d('0xab', '$)5g') + 'a'] === _0x348d('0x11b', 'NRJ5') + 'W') {
            var _0x3e5461 = _0x4e6a4f[_0x348d('0x6', 'TYI#') + 'F'][_0x348d('0x12c', 'orhZ') + 't']('|');
            var _0x2a707c = 0x0;
            while (!![]) {
                switch (_0x3e5461[_0x2a707c++]) {
                    case'0':
                        d = c;
                        continue;
                    case'1':
                        T2 = _0x3a38c9(_0x4e6a4f[_0x348d('0x4b', 'yP5J') + 'z'](_0x1a4bce, a), _0x2b4d2c(a, b, c));
                        continue;
                    case'2':
                        g = f;
                        continue;
                    case'3':
                        a = _0x4e6a4f[_0x348d('0xd2', 'm%Fh') + 'i'](_0x3a38c9, T1, T2);
                        continue;
                    case'4':
                        b = a;
                        continue;
                    case'5':
                        c = b;
                        continue;
                    case'6':
                        f = e;
                        continue;
                    case'7':
                        T1 = _0x3a38c9(_0x3a38c9(_0x3a38c9(_0x4e6a4f[_0x348d('0x20', 'G#nw') + 'r'](_0x3a38c9, h, _0x4e6a4f[_0x348d('0x80', 'eB[$') + 'z'](_0x167b3f, e)), _0x4e6a4f[_0x348d('0xf4', 'EKre') + 'J'](_0xb393ef, e, f, g)), K[j]), W[j]);
                        continue;
                    case'8':
                        h = g;
                        continue;
                    case'9':
                        e = _0x3a38c9(d, T1);
                        continue;
                    case'10':
                        if (_0x4e6a4f[_0x348d('0x101', 'YMlY') + 'R'](j, 0x10)) W[j] = m[_0x4e6a4f[_0x348d('0x14', '[HWx') + 'V'](j, i)]; else W[j] = _0x4e6a4f[_0x348d('0x65', 'TYI#') + 'r'](_0x3a38c9, _0x4e6a4f[_0x348d('0x74', 'Brcn') + 'i'](_0x3a38c9, _0x4e6a4f[_0x348d('0xfd', 'EKre') + 'i'](_0x3a38c9, _0x4ea376(W[_0x4e6a4f[_0x348d('0xf5', 'kPfA') + 'f'](j, 0x2)]), W[_0x4e6a4f[_0x348d('0x2e', 'ylod') + 'S'](j, 0x7)]), _0x275b5d(W[_0x4e6a4f[_0x348d('0x105', '3X1r') + 'S'](j, 0xf)])), W[j - 0x10]);
                        continue;
                }
                break;
            }
        } else {
            return _0x255a4b[_0x348d('0x99', 'nU59') + 'c'](_0x4fa225, _0x36b4cd) | _0x255a4b[_0x348d('0xc1', 'zRV7') + 'R'](_0x4fa225, 0x20 - _0x36b4cd);
        }
    }

    function _0x1e132e(_0x4970f3, _0x2f9888) {
        return _0x4970f3 >>> _0x2f9888;
    }

    function _0xb393ef(_0x544eb0, _0x4f8666, _0x1b87a4) {
        return _0x255a4b[_0x348d('0xcc', 'nr&J') + 'H'](_0x544eb0, _0x4f8666) ^ _0x255a4b[_0x348d('0x4d', '^caq') + 'H'](~_0x544eb0, _0x1b87a4);
    }

    function _0x2b4d2c(_0x49a82a, _0x263c37, _0x53bedb) {
        return _0x255a4b[_0x348d('0x121', '^caq') + 'u'](_0x255a4b[_0x348d('0x128', '01z4') + 'Y'](_0x49a82a, _0x263c37) ^ _0x255a4b[_0x348d('0x76', 'bgHV') + 'Y'](_0x49a82a, _0x53bedb), _0x263c37 & _0x53bedb);
    }

    function _0x1a4bce(_0x2c5e0d) {
        return _0x255a4b[_0x348d('0x5b', 'bxDh') + 'E'](_0x255a4b[_0x348d('0x8d', 'Brcn') + 'E'](_0x533e87(_0x2c5e0d, 0x2), _0x533e87(_0x2c5e0d, 0xd)), _0x255a4b[_0x348d('0x78', '1oFq') + 'i'](_0x533e87, _0x2c5e0d, 0x16));
    }

    function _0x167b3f(_0x28595e) {
        return _0x255a4b[_0x348d('0x120', 'ENm)') + 'N'](_0x255a4b[_0x348d('0x11e', 'NRJ5') + 'y'](_0x533e87(_0x28595e, 0x6), _0x533e87(_0x28595e, 0xb)), _0x533e87(_0x28595e, 0x19));
    }

    function _0x275b5d(_0x2c9464) {
        return _0x255a4b[_0x348d('0x108', '^J5D') + 'y'](_0x255a4b[_0x348d('0x126', '^J5D') + 'S'](_0x533e87, _0x2c9464, 0x7) ^ _0x533e87(_0x2c9464, 0x12), _0x1e132e(_0x2c9464, 0x3));
    }

    function _0x4ea376(_0x52465c) {
        return _0x255a4b[_0x348d('0x7e', '$po5') + 'y'](_0x533e87(_0x52465c, 0x11), _0x255a4b[_0x348d('0xda', '@[DX') + 'g'](_0x533e87, _0x52465c, 0x13)) ^ _0x255a4b[_0x348d('0xa4', 'Rtgy') + 'l'](_0x1e132e, _0x52465c, 0xa);
    }

    function _0x433ab7(_0x1e0fb4, _0x5d2f70) {
        var _0x8cc3f8 = new Array(0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0xfc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x6ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2);
        var _0x541d06 = new Array(0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19);
        var _0x295ee3 = new Array(0x40);
        var _0x34bf1b, _0x53c533, _0x4d7983, _0x10c28f, _0x56e11c, _0x2cf5c7, _0x3f4858, _0x2eb53d, _0x4e51d8,
            _0x5d53ce;
        var _0x1e1699, _0x3aa3c1;
        _0x1e0fb4[_0x255a4b[_0x348d('0x45', '3X1r') + 'K'](_0x5d2f70, 0x5)] |= _0x255a4b[_0x348d('0xc0', 'AGXa') + 'R'](0x80, _0x255a4b[_0x348d('0x8a', '$po5') + 'e'](0x18, _0x5d2f70 % 0x20));
        _0x1e0fb4[_0x255a4b[_0x348d('0xa', '[HWx') + 'R'](_0x5d2f70 + 0x40 >> 0x9, 0x4) + 0xf] = _0x5d2f70;
        for (var _0x4e51d8 = 0x0; _0x255a4b[_0x348d('0x119', 'yP5J') + 'a'](_0x4e51d8, _0x1e0fb4[_0x348d('0x8e', 'EKre') + 'th']); _0x4e51d8 += 0x10) {
            var _0x48ca56 = _0x255a4b[_0x348d('0x16', 'w!2h') + 'i'][_0x348d('0x2b', '1oFq') + 't']('|');
            var _0xa15470 = 0x0;
            while (!![]) {
                switch (_0x48ca56[_0xa15470++]) {
                    case'0':
                        _0x541d06[0x4] = _0x3a38c9(_0x56e11c, _0x541d06[0x4]);
                        continue;
                    case'1':
                        _0x541d06[0x3] = _0x3a38c9(_0x10c28f, _0x541d06[0x3]);
                        continue;
                    case'2':
                        _0x541d06[0x6] = _0x255a4b[_0x348d('0xd8', 'Brcn') + 'l'](_0x3a38c9, _0x3f4858, _0x541d06[0x6]);
                        continue;
                    case'3':
                        for (var _0x5d53ce = 0x0; _0x5d53ce < 0x40; _0x5d53ce++) {
                            var _0x5da90d = _0x255a4b[_0x348d('0x7b', 'Brcn') + 'c'][_0x348d('0x4', 'jBZD') + 't']('|');
                            var _0x3ed8ab = 0x0;
                            while (!![]) {
                                switch (_0x5da90d[_0x3ed8ab++]) {
                                    case'0':
                                        _0x3f4858 = _0x2cf5c7;
                                        continue;
                                    case'1':
                                        if (_0x5d53ce < 0x10) _0x295ee3[_0x5d53ce] = _0x1e0fb4[_0x255a4b[_0x348d('0x89', 'Rtgy') + 'i'](_0x5d53ce, _0x4e51d8)]; else _0x295ee3[_0x5d53ce] = _0x3a38c9(_0x255a4b[_0x348d('0x5f', 'w!2h') + 'Y'](_0x3a38c9, _0x3a38c9(_0x4ea376(_0x295ee3[_0x255a4b[_0x348d('0x3a', 'yP5J') + 'Q'](_0x5d53ce, 0x2)]), _0x295ee3[_0x255a4b[_0x348d('0xdd', '%6S(') + 'Q'](_0x5d53ce, 0x7)]), _0x255a4b[_0x348d('0x11c', 'AGXa') + 's'](_0x275b5d, _0x295ee3[_0x5d53ce - 0xf])), _0x295ee3[_0x5d53ce - 0x10]);
                                        continue;
                                    case'2':
                                        _0x4d7983 = _0x53c533;
                                        continue;
                                    case'3':
                                        _0x34bf1b = _0x3a38c9(_0x1e1699, _0x3aa3c1);
                                        continue;
                                    case'4':
                                        _0x10c28f = _0x4d7983;
                                        continue;
                                    case'5':
                                        _0x1e1699 = _0x3a38c9(_0x255a4b[_0x348d('0xdb', 'eB[$') + 'Y'](_0x3a38c9, _0x255a4b[_0x348d('0x2a', '01z4') + 'Y'](_0x3a38c9, _0x255a4b[_0x348d('0x28', 'nU59') + 'T'](_0x3a38c9, _0x2eb53d, _0x167b3f(_0x56e11c)), _0xb393ef(_0x56e11c, _0x2cf5c7, _0x3f4858)), _0x8cc3f8[_0x5d53ce]), _0x295ee3[_0x5d53ce]);
                                        continue;
                                    case'6':
                                        _0x3aa3c1 = _0x255a4b[_0x348d('0x132', 'qo6P') + 'E'](_0x3a38c9, _0x255a4b[_0x348d('0x12f', 'AGXa') + 'F'](_0x1a4bce, _0x34bf1b), _0x2b4d2c(_0x34bf1b, _0x53c533, _0x4d7983));
                                        continue;
                                    case'7':
                                        _0x56e11c = _0x3a38c9(_0x10c28f, _0x1e1699);
                                        continue;
                                    case'8':
                                        _0x2cf5c7 = _0x56e11c;
                                        continue;
                                    case'9':
                                        _0x53c533 = _0x34bf1b;
                                        continue;
                                    case'10':
                                        _0x2eb53d = _0x3f4858;
                                        continue;
                                }
                                break;
                            }
                        }
                        continue;
                    case'4':
                        _0x541d06[0x0] = _0x3a38c9(_0x34bf1b, _0x541d06[0x0]);
                        continue;
                    case'5':
                        _0x34bf1b = _0x541d06[0x0];
                        continue;
                    case'6':
                        _0x541d06[0x2] = _0x255a4b[_0x348d('0x6e', 'fe9y') + 'E'](_0x3a38c9, _0x4d7983, _0x541d06[0x2]);
                        continue;
                    case'7':
                        _0x541d06[0x1] = _0x255a4b[_0x348d('0xbe', 'O0pG') + 'E'](_0x3a38c9, _0x53c533, _0x541d06[0x1]);
                        continue;
                    case'8':
                        _0x2cf5c7 = _0x541d06[0x5];
                        continue;
                    case'9':
                        _0x2eb53d = _0x541d06[0x7];
                        continue;
                    case'10':
                        _0x10c28f = _0x541d06[0x3];
                        continue;
                    case'11':
                        _0x53c533 = _0x541d06[0x1];
                        continue;
                    case'12':
                        _0x56e11c = _0x541d06[0x4];
                        continue;
                    case'13':
                        _0x541d06[0x7] = _0x3a38c9(_0x2eb53d, _0x541d06[0x7]);
                        continue;
                    case'14':
                        _0x3f4858 = _0x541d06[0x6];
                        continue;
                    case'15':
                        _0x541d06[0x5] = _0x255a4b[_0x348d('0x84', '0]K5') + 'C'](_0x3a38c9, _0x2cf5c7, _0x541d06[0x5]);
                        continue;
                    case'16':
                        _0x4d7983 = _0x541d06[0x2];
                        continue;
                }
                break;
            }
        }
        return _0x541d06;
    }

    function _0x2ecdbe(_0x581fc6) {
        var _0x31c6c5 = Array();
        var _0x9816b5 = _0x255a4b[_0x348d('0x9d', 'NRJ5') + 'I'](0x1 << _0xf3f8f4, 0x1);
        for (var _0x1dfe33 = 0x0; _0x255a4b[_0x348d('0xad', 'w!2h') + 'a'](_0x1dfe33, _0x581fc6[_0x348d('0x11a', '[HWx') + 'th'] * _0xf3f8f4); _0x1dfe33 += _0xf3f8f4) {
            _0x31c6c5[_0x1dfe33 >> 0x5] |= _0x255a4b[_0x348d('0xc2', 'ENm)') + 's'](_0x581fc6[_0x348d('0x9f', 'YMlY') + _0x348d('0xfc', '%6S(') + 'At'](_0x255a4b[_0x348d('0x6b', 'EKre') + 'n'](_0x1dfe33, _0xf3f8f4)) & _0x9816b5, 0x18 - _0x255a4b[_0x348d('0x30', 'ENm)') + 'd'](_0x1dfe33, 0x20));
        }
        return _0x31c6c5;
    }

    function _0x5ebc0f(_0x4a3744) {
        var _0x17ff73 = new RegExp('\x0a', 'g');
        _0x4a3744 = _0x4a3744[_0x348d('0x70', 'G#nw') + _0x348d('0xb1', 'eB[$')](_0x17ff73, '\x0a');
        var _0x5aae16 = '';
        for (var _0x218d22 = 0x0; _0x255a4b[_0x348d('0xc6', 'Brcn') + 'u'](_0x218d22, _0x4a3744[_0x348d('0xc4', 'nU59') + 'th']); _0x218d22++) {
            var _0x337590 = _0x4a3744[_0x348d('0x38', 'bgHV') + _0x348d('0x10c', '4Hrm') + 'At'](_0x218d22);
            if (_0x337590 < 0x80) {
                _0x5aae16 += String[_0x348d('0x64', '$)5g') + _0x348d('0x98', 'FVwu') + _0x348d('0xe5', 'ENm)')](_0x337590);
            } else if (_0x255a4b[_0x348d('0x5d', '$)5g') + 'o'](_0x337590, 0x7f) && _0x337590 < 0x800) {
                _0x5aae16 += String[_0x348d('0x60', 'hqry') + _0x348d('0x8', 'hqry') + _0x348d('0x0', 'ZSd[')](_0x255a4b[_0x348d('0x86', 'ENm)') + 'j'](_0x337590, 0x6) | 0xc0);
                _0x5aae16 += String[_0x348d('0x64', '$)5g') + _0x348d('0x117', 'jBZD') + _0x348d('0x13', 'AGXa')](_0x255a4b[_0x348d('0x10', 'Brcn') + 'a'](_0x255a4b[_0x348d('0x12e', 'py]l') + 'Y'](_0x337590, 0x3f), 0x80));
            } else {
                _0x5aae16 += String[_0x348d('0x12b', 'kPfA') + _0x348d('0xd3', 'nU59') + _0x348d('0x41', 'nr&J')](_0x255a4b[_0x348d('0x92', 'yP5J') + 'A'](_0x255a4b[_0x348d('0xca', '(FPo') + 'j'](_0x337590, 0xc), 0xe0));
                _0x5aae16 += String[_0x348d('0x3b', '^J5D') + _0x348d('0xc5', 'U5T%') + _0x348d('0x5a', '$po5')](_0x255a4b[_0x348d('0xf0', 'py]l') + 'U'](_0x255a4b[_0x348d('0x11d', '0]K5') + 'j'](_0x337590, 0x6), 0x3f) | 0x80);
                _0x5aae16 += String[_0x348d('0x49', 'w!2h') + _0x348d('0xaa', 'zRV7') + _0x348d('0x13', 'AGXa')](_0x255a4b[_0x348d('0x34', 'jBZD') + 'A'](_0x337590 & 0x3f, 0x80));
            }
        }
        return _0x5aae16;
    }

    function _0x4ec834(_0x267d4a) {
        var _0x39a464 = _0x44611d ? _0x255a4b[_0x348d('0x10b', '(FPo') + 'J'] : _0x255a4b[_0x348d('0x91', 'ylod') + 'K'];
        var _0x32460f = '';
        for (var _0x1babeb = 0x0; _0x1babeb < _0x267d4a[_0x348d('0xf8', 'py]l') + 'th'] * 0x4; _0x1babeb++) {
            _0x32460f += _0x255a4b[_0x348d('0x124', 'w!2h') + 'i'](_0x39a464[_0x348d('0x27', 'm%Fh') + 'At'](_0x267d4a[_0x255a4b[_0x348d('0x15', 'FnP1') + 'j'](_0x1babeb, 0x2)] >> _0x255a4b[_0x348d('0xee', '%6S(') + 'y'](0x3, _0x255a4b[_0x348d('0x51', 'ENm)') + 'v'](_0x1babeb, 0x4)) * 0x8 + 0x4 & 0xf), _0x39a464[_0x348d('0x109', 'EKre') + 'At'](_0x255a4b[_0x348d('0xea', 'fe9y') + 'U'](_0x267d4a[_0x255a4b[_0x348d('0xeb', '1oFq') + 'g'](_0x1babeb, 0x2)] >> _0x255a4b[_0x348d('0xb0', 'U5T%') + 'O'](_0x255a4b[_0x348d('0x50', 'AGXa') + 'z'](0x3, _0x255a4b[_0x348d('0x54', '^J5D') + 'z'](_0x1babeb, 0x4)), 0x8), 0xf)));
        }
        return _0x32460f;
    }

    _0x18974e = _0x5ebc0f(_0x18974e);
    return _0x4ec834(_0x255a4b[_0x348d('0xd0', 'ylod') + 'Q'](_0x433ab7, _0x255a4b[_0x348d('0xa2', '3X1r') + 'C'](_0x2ecdbe, _0x18974e), _0x255a4b[_0x348d('0xcd', 'AGXa') + 't'](_0x18974e[_0x348d('0xb6', '0]K5') + 'th'], _0xf3f8f4)));
};

function go(_0x5cea20) {
    var _0x19ceb1 = {};
    _0x19ceb1[_0x348d('0x59', 'AGXa') + 'R'] = _0x348d('0x9a', 'EKre') + 'i';
    _0x19ceb1[_0x348d('0x75', '@[DX') + 'm'] = function (_0x241cf8, _0xd2c906) {
        return _0x241cf8 < _0xd2c906;
    };
    _0x19ceb1[_0x348d('0xdf', 'EKre') + 'H'] = function (_0x5b0ba5, _0x2799b7) {
        return _0x5b0ba5 != _0x2799b7;
    };
    _0x19ceb1[_0x348d('0x71', 'U5T%') + 'h'] = function (_0x370d9d, _0x11a897) {
        return _0x370d9d !== _0x11a897;
    };
    _0x19ceb1[_0x348d('0x2f', 'EKre') + 'K'] = _0x348d('0x104', 'GVpO') + 'A';
    _0x19ceb1[_0x348d('0x19', '01z4') + 'l'] = function (_0x44efce, _0x6a1f54) {
        return _0x44efce < _0x6a1f54;
    };
    _0x19ceb1[_0x348d('0x115', '$po5') + 'V'] = function (_0x109193, _0x5e7c21) {
        return _0x109193 + _0x5e7c21;
    };
    _0x19ceb1[_0x348d('0xbb', '[HWx') + 'f'] = function (_0xb576bc, _0x24c17c) {
        return _0xb576bc >>> _0x24c17c;
    };
    _0x19ceb1[_0x348d('0x123', '4Hrm') + 'B'] = function (_0x1be6ab, _0x6821d3) {
        return _0x1be6ab << _0x6821d3;
    };
    _0x19ceb1[_0x348d('0xcf', 'U5T%') + 'g'] = function (_0x19f152, _0x5ebfb1) {
        return _0x19f152 - _0x5ebfb1;
    };
    _0x19ceb1[_0x348d('0x87', 'm%Fh') + 'r'] = function (_0x4bc5cd, _0xca45e4) {
        return _0x4bc5cd + _0xca45e4;
    };
    _0x19ceb1[_0x348d('0x7a', 'nU59') + 'q'] = _0x348d('0x11f', 'zRV7') + _0x348d('0xf1', '$po5') + '\x20/';
    _0x19ceb1[_0x348d('0x56', '[HWx') + 'h'] = _0x348d('0x79', '^J5D') + 'A';
    _0x19ceb1[_0x348d('0x39', 'nU59') + 'U'] = function (_0x1d5ecb, _0x2045f0) {
        return _0x1d5ecb(_0x2045f0);
    };
    _0x19ceb1[_0x348d('0xd4', 'ZSd[') + 'b'] = _0x348d('0x5e', 'jBZD') + 'q';
    var _0x92a453 = _0x19ceb1;

    function _0x32e6e3() {
        if (_0x348d('0x6c', 'O0pG') + 'j' === _0x92a453[_0x348d('0xb4', 'Brcn') + 'R']) {
            return;
        } else {
            var _0x5afd8f = window[_0x348d('0x82', '3X1r') + _0x348d('0x9b', 'ENm)') + 'r'][_0x348d('0xa0', '!jdL') + _0x348d('0x62', 'w!2h') + 't'],
                _0x39bd45 = [_0x348d('0xb9', 'NRJ5') + _0x348d('0x9c', '4Hrm')];
            for (var _0x1a5e00 = 0x0; _0x92a453[_0x348d('0x25', 'G#nw') + 'm'](_0x1a5e00, _0x39bd45[_0x348d('0x1f', 'U5T%') + 'th']); _0x1a5e00++) {
                if (_0x92a453[_0x348d('0x10a', '01z4') + 'H'](_0x5afd8f[_0x348d('0xe9', 'jBZD') + _0x348d('0xb8', 'Rtgy')](_0x39bd45[_0x1a5e00]), -0x1)) {
                    return !![];
                }
            }
            if (window[_0x348d('0xf2', 'O0pG') + _0x348d('0x69', 'kPfA') + _0x348d('0x58', '^J5D')] || window[_0x348d('0x55', '!jdL') + _0x348d('0x21', 'bxDh')] || window[_0x348d('0x102', 'ZSd[') + _0x348d('0xbc', '$)5g')] || window[_0x348d('0x107', 'O0pG') + _0x348d('0xb', 'Rtgy') + 'r'][_0x348d('0x1b', '01z4') + _0x348d('0x12a', 'nr&J') + 'r'] || window[_0x348d('0x112', 'ENm)') + _0x348d('0x100', 'bgHV') + 'r'][_0x348d('0xb5', '[HWx') + _0x348d('0x1c', 'O0pG') + _0x348d('0x11', 'bxDh') + _0x348d('0x66', 'S3^t') + 'e'] || window[_0x348d('0xf9', 'bxDh') + _0x348d('0x22', 'ZSd[') + 'r'][_0x348d('0xfb', 'AGXa') + _0x348d('0x77', 'FnP1') + _0x348d('0x7c', 'zRV7') + _0x348d('0xd9', 'G#nw') + _0x348d('0xc', 'YMlY')]) {
                return !![];
            }
        }
    };
    if (_0x32e6e3()) {
        return;
    }
    var _0x5ec855 = new Date();

    function _0x4a5800(_0x487efe, _0x389ac6) {
        var _0x246487 = _0x5cea20[_0x348d('0x93', 'AGXa') + 's'][_0x348d('0x29', '^J5D') + 'th'];
        for (var _0xcf6732 = 0x0; _0x92a453[_0x348d('0x63', 'orhZ') + 'm'](_0xcf6732, _0x246487); _0xcf6732++) {
            if (_0x92a453[_0x348d('0x90', '^caq') + 'h'](_0x348d('0xa8', '0]K5') + 'A', _0x92a453[_0x348d('0x7d', 'NRJ5') + 'K'])) {
                return !![];
            } else {
                for (var _0x5aad4f = 0x0; _0x92a453[_0x348d('0x9', 'kPfA') + 'l'](_0x5aad4f, _0x246487); _0x5aad4f++) {
                    var _0x4ddf38 = _0x92a453[_0x348d('0xa6', '@[DX') + 'V'](_0x389ac6[0x0], _0x5cea20[_0x348d('0xfa', '%6S(') + 's'][_0x348d('0x4a', 'yolJ') + 'tr'](_0xcf6732, 0x1)) + _0x5cea20[_0x348d('0xc8', 'ylod') + 's'][_0x348d('0xba', 'S3^t') + 'tr'](_0x5aad4f, 0x1) + _0x389ac6[0x1];
                    if (hash(_0x4ddf38) == _0x487efe) {
                        return _0x4ddf38;
                    }
                }
            }
        }
    };
    var _0x7ef8a3 = _0x4a5800(_0x5cea20['ct'], _0x5cea20[_0x348d('0xe8', 'ENm)')]);
    return _0x7ef8a3;
};

const data = {
    "bts": ["1680689291.03|0|wOcr", "3TzkKwfJAARP6mGt0%2FYOQ%3D"],
    "chars": "FbrIrYPARG11IQIDgBSMuI",
    "ct": "d1559831de206f2384083e9f0a4f391778996e6607e50b0c08ca11d098336b64",
    "ha": "md5",
    "tn": "__jsl_clearance_s",
    "vt": "3600",
    "wt": "1500"
};

function getCookies(_0x238288) {
    var __jsl_clearance_s = go(_0x238288)
    return {'__jsl_clearance_s': __jsl_clearance_s};
};
cookies = getCookies(data);
console.log(cookies);

10、接下来编辑python代码,调用刚刚写好的js代码,输出截图如下:

图片

总结:此刻首页截图完美输出内容,就在我以为本次逆向已经结束的时刻,我再发送多次请求,结果翻车了,有的请求还是返回如下截图:

图片

11、经过分析后,我定位到了问题,每次521第二次请求返回的json数据中,会携带当前参数执行sha1、md5、sha256等方式的加密标记,截图如下:

图片

12、问题定位后,我们只需要将所有的加密方法实现一下即可,最后完整js加密部分代码如下图所示:(可以在上面js代码中替换这块加密即可)

图片

13、最后附上python完整代码,相关敏感参数已经过滤:

# -*- coding: utf-8 -*-
# --------------------------------------
# @author : 逆向与爬虫的故事
# @time   : 2023.04.05 19:49:44
# --------------------------------------
import json
import re
from typing import Dict

import execjs
import requests
from requests import Session
from parsel import Selector


class GovSpider(object):

    def __init__(self):
        self.url: str = "https://xxxx/index.html"
        self.headers: Dict[str, str] = {
            'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
            'Accept-Language': 'zh-CN,zh;q=0.9',
            'Cache-Control': 'no-cache',
            'Connection': 'keep-alive',
            'Pragma': 'no-cache',
            'Sec-Fetch-Dest': 'document',
            'Sec-Fetch-Mode': 'navigate',
            'Sec-Fetch-Site': 'none',
            'Sec-Fetch-User': '?1',
            'Upgrade-Insecure-Requests': '1',
            'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36',
            'sec-ch-ua': '"Google Chrome";v="111", "Not(A:Brand";v="8", "Chromium";v="111"',
            'sec-ch-ua-mobile': '?0',
            'sec-ch-ua-platform': '"macOS"',
        }
        self.session: Session = requests.Session()
        self.js = self.js_load()

    def js_load(self):
        with open('encrypt.js', 'r', encoding='utf-8') as f:
            jsl_js = f.read()
            result = execjs.compile(jsl_js)
        return result

    def get_cookies(self) -> Dict[str, str]:
        first_cookies = self.get_first_cookies()
        cookies = self.get_second_cookies(first_cookies)
        return cookies

    def get_first_cookies(self) -> Dict[str, str]:
        response = self.session.get(url=self.url, headers=self.headers)
        pattern = re.compile('<script>document\.cookie=(.*?);location', re.S)
        js = re.findall(pattern, response.text)[0]
        jsl_clearance_s = execjs.eval(js).split(';')[0]
        first_cookies = jsl_clearance_s.split("=")
        cookies = {
            "__jsl_clearance_s": first_cookies[1],
            "__jsluid_s": response.cookies.get("__jsluid_s"),
        }
        return cookies

    def get_second_cookies(self, first_cookies: Dict[str, str]):
        response = requests.get(url=self.url, headers=self.headers, cookies=first_cookies)
        data_str = re.findall(';go\((.*?)\)</script>', response.text)[0]
        data = json.loads(data_str)
        cookies = self.js.call('getCookies', data)
        cookies['__jsluid_s'] = first_cookies['__jsluid_s']
        return cookies

    def start_requests(self):
        cookies = self.get_cookies()
        res = self.session.get(url=self.url, headers=self.headers, cookies=cookies)
        res.encoding = 'utf-8'
        response = Selector(res.text)
        print(response.xpath("//text()").extract())


if __name__ == '__main__':
    cs = GovSpider()
    cs.start_requests()

总结:本篇文章分析到这里就结束了,我们已经能够还原该网站cookie加密参数了,小明遇到的难题我们已经完美解决,整篇文章字数有点多,感谢大家耐心观看❤️

五、思路总结

回顾整个分析流程,本次难点主要概括为以下几点:

  • 如何快速确定加密参数

  • 合理使用各种分析工具

  • Js代码补环境及运行成功

  • Python代码流程输出

  • 对混淆的Js代码还原分析

  • 熟练掌握加密方法及运算

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值