刷题刷到一个ARC4加密的东西,记录一下
网络分析
首先查看网络抓包
发现是一堆乱码的东西,然后打上一个XHR断点跟一下,看一下是些什么东西
可以看到这一行就是加密的位置,其中Y是页码,最后的结果是就是我们需要的formdata
跟值
跟着堆栈向上找,发现
J[‘qromH’](j, -0xb31 + 0x53 * -0x42 + 0x4b1 * 0x7)
这一行代码是生成的一个随机值,把代码扣下来如下
function J_lzaCv(O, K) {
return O + K;
}
function J_MYXEs(O, K) {
return O * K;
}
function J_cRGWF(O, K) {
return O < K;
}
function j(y) {
let O = ''
, K = 'qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM';
for (let z = -0x17 * -0x195 + -0x5 * -0x6c7 + 0x202 * -0x23; J_cRGWF(z, y); z++) {
const o = new Uint32Array(0x186a + -0xf76 * 0x1 + -0x8f3);
// window['crypto']['getRandomValues'](o);
aaa = crypto.getRandomValues(o)
let d0 = o[-0xa0 * 0x1 + 0x220 + -0x180] / (-0x102ce1257 * -0x1 + 0x32a7 * 0x8c8e5 + -0x1bfc5d9bb * 0x1 + (-0x145 * -0x17 + 0x234 * 0x11 + -0x42a6));
O += K[Math['floor'](J_MYXEs(d0, 0x35b + -0x2e * -0x9c + 0x1f2f * -0x1))];
}
return J_lzaCv(O, 'f');
}
然后跟s函数
function s(y) {
var O = J['xEVab']['split']('|')
, K = -0xf18 + -0x11c2 + 0x20da;
while (!![]) {
switch (O[K++]) {
case '0':
var z = b('crypto-js');
continue;
case '1':
var o = J['YaKji'];
continue;
case '2':
return d1['toString']();
case '3':
var d0 = z['enc']['Utf8']['parse'](o);
continue;
case '4':
var d1 = z['RC4']['encrypt'](y, d0, {});
continue;
}
break;
}
}
发现是一个RC4的加密,但是他动力手脚,在最后tostring的时候改变了源代码
他执行了一个atob到此他的请求加密就解决完毕了
结果解密
他结果返回的是这样,接着跟代码发现是rc4的解密
到此分析完毕,直接上代码
完整代码
import json
import requests
from Crypto.Cipher import ARC4
def encrypt(data: str):
# 加密
key = "12345678912345678912345678912345"
rc4 = ARC4.new(key.encode())
aa = data.encode()
result = rc4.encrypt(aa)
return result
def decrypt(data):
# 解密
key = "12345678812345678912345678912345"
rc4 = ARC4.new(key.encode())
result = rc4.decrypt(data)
return result.decode()
headers = {
'authority': 'www.python-spider.com',
'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
'accept-language': 'zh-CN,zh;q=0.9',
'cache-control': 'no-cache',
'cookie': '',
'pragma': 'no-cache',
'referer': 'https://www.python-spider.com/challenge/',
'sec-ch-ua': '"Chromium";v="112", "Google Chrome";v="112", "Not:A-Brand";v="99"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
'sec-fetch-dest': 'document',
'sec-fetch-mode': 'navigate',
'sec-fetch-site': 'same-origin',
'sec-fetch-user': '?1',
'upgrade-insecure-requests': '1',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36'
}
url = 'https://www.python-spider.com/api/challenge63'
total = 0
for page in range(1, 101):
form_data = encrypt(data='IzEZwYOVNDEkTciiKnNLGvdXZJExXxfmCYsCtXYFvluhaGHxRIICecQFTcCZHEkAf{}'.format(page))
response = requests.post(url=url, headers=headers, data=form_data)
result = decrypt(response.content)
result = json.loads(result)
datas = result.get('data')
for data in datas:
value = data.get('value')
total += int(value)
print(f'page:{page} total:{total}')
print('total:{}'.format(total))
RC4加密解密
加密
def encrypt(data: str):
# 加密
key = "你的key"
rc4 = ARC4.new(key.encode())
aa = data.encode()
result = rc4.encrypt(aa)
return result
解密
def decrypt(data):
# 解密
key = "你的key"
rc4 = ARC4.new(key.encode())
result = rc4.decrypt(data)
return result.decode()
from Crypto.Cipher import ARC4