声明
本文仅供学习参考,请勿用于其他途径,违者后果自负!
前言
目标网站:aHR0cHM6Ly93d3cuOTc3OTlmLmNvbTo5OTAwLw==
接口:https://www.97799f.com:9900/entrance/login.json?k=Y2FkZWIjMGNjNGJhNjVlMDVhNGU4YTk1N2I3YjU2Nzc4YWMxMWMqMjkxNTI=
参数分析
今天分析的是一个login包中的请求参数k的生成。这个k的值经过多次测试是不变的,但是这一串我们看不懂就肯定是加密了。
打上xhr断点,重新登陆。发现断点已经断下。
顺着堆栈找,一层层的向下翻就可以就可以找到。
在这里进行了一个ajax的请求,可以看到url后有一个 k=_this.fingerprint
.
也就是说这个指纹就是我们需要的参数k的值。
搜索后发现只有三处。
最可疑的地方在这里,上面流程控制走完后,在这里进行一个base64的加密。
此处打上断点,刷新页面。
console中输出。
这一串的生成逻辑也很简单,switch语句中的条件不同,进入到不同的分支中。
可以看到fcacheType
的值是B,走到B这个分支。简单修改后加密逻辑如下:
secretCode = handleCode(md5(fp), 'en', '+', 0, 5) + '#' + fp + '*' + handleCode(sha256(fp), 'int', '-', 0, 5);
md5和sha256都可以使用现成的库,剩下的就是handleCode这个函数。
直接拿下,没有任何问题。
最后代码奉上。
window = global;
const btoa = require('btoa')
var ERROR = "input is invalid type"
, WINDOW = "object" == typeof window
, root = WINDOW ? window : {};
root.JS_SHA256_NO_WINDOW && (WINDOW = !1);
var WEB_WORKER = !WINDOW && "object" == typeof self
, NODE_JS = !root.JS_SHA256_NO_NODE_JS && "object" == typeof process && process.versions && process.versions.node;
NODE_JS ? root = global : WEB_WORKER && (root = self);
var COMMON_JS = !root.JS_SHA256_NO_COMMON_JS && "object" == typeof module && module.exports
, AMD = "function" == typeof define && define.amd
, ARRAY_BUFFER = !root.JS_SHA256_NO_ARRAY_BUFFER && "undefined" != typeof ArrayBuffer
, HEX_CHARS = "0123456789abcdef".split("")
, EXTRA = [-2147483648, 8388608, 32768, 128]
, SHIFT = [24, 16, 8, 0]
,
K = [1116352408, 1899447441, 3049323471, 3921009573, 961987163, 1508970993, 2453635748, 2870763221, 3624381080, 310598401, 607225278, 1426881987, 1925078388, 2162078206, 2614888103, 3248222580, 3835390401, 4022224774, 264347078, 604807628, 770255983, 1249150122, 1555081692, 1996064986, 2554220882, 2821834349, 2952996808, 3210313671, 3336571891, 3584528711, 113926993, 338241895, 666307205, 773529912, 1294757372, 1396182291, 1695183700, 1986661051, 2177026350, 2456956037, 2730485921, 2820302411, 3259730800, 3345764771, 3516065817, 3600352804, 4094571909, 275423344, 430227734, 506948616, 659060556, 883997877, 958139571, 1322822218, 1537002063, 1747873779, 1955562222, 2024104815, 2227730452, 2361852424, 2428436474, 2756734187, 3204031479, 3329325298]
, OUTPUT_TYPES = ["hex", "array", "digest", "arrayBuffer"]
, blocks = [];
!root.JS_SHA256_NO_NODE_JS && Array.isArray || (Array.isArray = function (e) {
return "[object Array]" === Object.prototype.toString.call(e)
}
),
!ARRAY_BUFFER || !root.JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW && ArrayBuffer.isView || (ArrayBuffer.isView = function (e) {
return "object" == typeof e && e.buffer && e.buffer.constructor === ArrayBuffer
}
);
var createOutputMethod = function (t, r) {
return function (e) {
return new Sha256(r, !0).update(e)[t]()
}
}
, createMethod = function (e) {
var t = createOutputMethod("hex", e);
(t = NODE_JS ? nodeWrap(t, e) : t).create = function () {
return new Sha256(e)
}
,
t.update = function (e) {
return t.create().update(e)
}
;
for (var r = 0; r < OUTPUT_TYPES.length; ++r) {
var i = OUTPUT_TYPES[r];
t[i] = createOutputMethod(i, e)
}
return t
}
, nodeWrap = function (method, is224) {
var crypto = eval("require('crypto')")
, Buffer = eval("require('buffer').Buffer")
, algorithm = is224 ? "sha224" : "sha256"
, nodeMethod = function (e) {
if ("string" == typeof e)
return crypto.createHash(algorithm).update(e, "utf8").digest("hex");
if (null == e)
throw new Error(ERROR);
return e.constructor === ArrayBuffer && (e = new Uint8Array(e)),
Array.isArray(e) || ArrayBuffer.isView(e) || e.constructor === Buffer ? crypto.createHash(algorithm).update(new Buffer(e)).digest("hex") : method(e)
};
return nodeMethod
}
, createHmacOutputMethod = function (r, i) {
return function (e, t) {
return new HmacSha256(e, i, !0).update(t)[r]()
}
}
, createHmacMethod = function (t) {
var r = createHmacOutputMethod("hex", t);
r.create = function (e) {
return new HmacSha256(e, t)
}
,
r.update = function (e, t) {
return r.create(e).update(t)
}
;
for (var e = 0; e < OUTPUT_TYPES.length; ++e) {
var i = OUTPUT_TYPES[e];
r[i] = createHmacOutputMethod(i, t)
}
return r
};
function Sha256(e, t) {
t ? (blocks[0] = blocks[16] = blocks[1] = blocks[2] = blocks[3] = blocks[4] = blocks[5] = blocks[6] = blocks[7] = blocks[8] = blocks[9] = blocks[10] = blocks[11] = blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0,
this.blocks = blocks) : this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0],
e ? (this.h0 = 3238371032,
this.h1 = 914150663,
this.h2 = 812702999,
this.h3 = 4144912697,
this.h4 = 4290775857,
this.h5 = 1750603025,
this.h6 = 1694076839,
this.h7 = 3204075428) : (this.h0 = 1779033703,
this.h1 = 3144134277,
this.h2 = 1013904242,
this.h3 = 2773480762,
this.h4 = 1359893119,
this.h5 = 2600822924,
this.h6 = 528734635,
this.h7 = 1541459225),
this.block = this.start = this.bytes = this.hBytes = 0,
this.finalized = this.hashed = !1,
this.first = !0,
this.is224 = e
}
function HmacSha256(e, t, r) {
var i = typeof e;
if ("string" == i) {
for (var n, a = [], o = e.length, h = 0, s = 0; s < o; ++s)
(n = e.charCodeAt(s)) < 128 ? a[h++] = n : (n < 2048 ? a[h++] = 192 | n >> 6 : (n < 55296 || 57344 <= n ? a[h++] = 224 | n >> 12 : (n = 65536 + ((1023 & n) << 10 | 1023 & e.charCodeAt(++s)),
a[h++] = 240 | n >> 18,
a[h++] = 128 | n >> 12 & 63),
a[h++] = 128 | n >> 6 & 63),
a[h++] = 128 | 63 & n);
e = a
} else {
if ("object" != i)
throw new Error(ERROR);
if (null === e)
throw new Error(ERROR);
if (ARRAY_BUFFER && e.constructor === ArrayBuffer)
e = new Uint8Array(e);
else if (!(Array.isArray(e) || ARRAY_BUFFER && ArrayBuffer.isView(e)))
throw new Error(ERROR)
}
64 < e.length && (e = new Sha256(t, !0).update(e).array());
var l = []
, c = [];
for (s = 0; s < 64; ++s) {
var u = e[s] || 0;
l[s] = 92 ^ u,
c[s] = 54 ^ u
}
Sha256.call(this, t, r),
this.update(c),
this.oKeyPad = l,
this.inner = !0,
this.sharedMemory = r
}
Sha256.prototype.update = function (e) {
if (!this.finalized) {
var t, r = typeof e;
if ("string" != r) {
if ("object" != r)
throw new Error(ERROR);
if (null === e)
throw new Error(ERROR);
if (ARRAY_BUFFER && e.constructor === ArrayBuffer)
e = new Uint8Array(e);
else if (!(Array.isArray(e) || ARRAY_BUFFER && ArrayBuffer.isView(e)))
throw new Error(ERROR);
t = !0
}
for (var i, n, a = 0, o = e.length, h = this.blocks; a < o;) {
if (this.hashed && (this.hashed = !1,
h[0] = this.block,
h[16] = h[1] = h[2] = h[3] = h[4] = h[5] = h[6] = h[7] = h[8] = h[9] = h[10] = h[11] = h[12] = h[13] = h[14] = h[15] = 0),
t)
for (n = this.start; a < o && n < 64; ++a)
h[n >> 2] |= e[a] << SHIFT[3 & n++];
else
for (n = this.start; a < o && n < 64; ++a)
(i = e.charCodeAt(a)) < 128 ? h[n >> 2] |= i << SHIFT[3 & n++] : (i < 2048 ? h[n >> 2] |= (192 | i >> 6) << SHIFT[3 & n++] : (i < 55296 || 57344 <= i ? h[n >> 2] |= (224 | i >> 12) << SHIFT[3 & n++] : (i = 65536 + ((1023 & i) << 10 | 1023 & e.charCodeAt(++a)),
h[n >> 2] |= (240 | i >> 18) << SHIFT[3 & n++],
h[n >> 2] |= (128 | i >> 12 & 63) << SHIFT[3 & n++]),
h[n >> 2] |= (128 | i >> 6 & 63) << SHIFT[3 & n++]),
h[n >> 2] |= (128 | 63 & i) << SHIFT[3 & n++]);
this.lastByteIndex = n,
this.bytes += n - this.start,
64 <= n ? (this.block = h[16],
this.start = n - 64,
this.hash(),
this.hashed = !0) : this.start = n
}
return 4294967295 < this.bytes && (this.hBytes += this.bytes / 4294967296 << 0,
this.bytes = this.bytes % 4294967296),
this
}
}
,
Sha256.prototype.finalize = function () {
var e, t;
this.finalized || (this.finalized = !0,
e = this.blocks,
t = this.lastByteIndex,
e[16] = this.block,
e[t >> 2] |= EXTRA[3 & t],
this.block = e[16],
56 <= t && (this.hashed || this.hash(),
e[0] = this.block,
e[16] = e[1] = e[2] = e[3] = e[4] = e[5] = e[6] = e[7] = e[8] = e[9] = e[10] = e[11] = e[12] = e[13] = e[14] = e[15] = 0),
e[14] = this.hBytes << 3 | this.bytes >>> 29,
e[15] = this.bytes << 3,
this.hash())
}
,
Sha256.prototype.hash = function () {
for (var e, t, r, i, n, a, o = this.h0, h = this.h1, s = this.h2, l = this.h3, c = this.h4, u = this.h5, d = this.h6, f = this.h7, p = this.blocks, g = 16; g < 64; ++g)
e = ((t = p[g - 15]) >>> 7 | t << 25) ^ (t >>> 18 | t << 14) ^ t >>> 3,
t = p[g - 2],
p[g] = p[g - 16] + e + p[g - 7] + ((t >>> 17 | t << 15) ^ (t >>> 19 | t << 13) ^ t >>> 10) << 0;
for (a = h & s,
g = 0; g < 64; g += 4)
this.first ? (l = this.is224 ? (r = 300032,
f = (t = p[0] - 1413257819) - 150054599 << 0,
t + 24177077 << 0) : (r = 704751109,
f = (t = p[0] - 210244248) - 1521486534 << 0,
t + 143694565 << 0),
this.first = !1) : (f = l + (t = f + ((c >>> 6 | c << 26) ^ (c >>> 11 | c << 21) ^ (c >>> 25 | c << 7)) + (c & u ^ ~c & d) + K[g] + p[g]) << 0,
l = t + ((e = (o >>> 2 | o << 30) ^ (o >>> 13 | o << 19) ^ (o >>> 22 | o << 10)) + ((r = o & h) ^ o & s ^ a)) << 0),
d = s + (t = d + ((f >>> 6 | f << 26) ^ (f >>> 11 | f << 21) ^ (f >>> 25 | f << 7)) + (f & c ^ ~f & u) + K[g + 1] + p[g + 1]) << 0,
s = t + ((e = (l >>> 2 | l << 30) ^ (l >>> 13 | l << 19) ^ (l >>> 22 | l << 10)) + ((i = l & o) ^ l & h ^ r)) << 0,
u = h + (t = u + ((d >>> 6 | d << 26) ^ (d >>> 11 | d << 21) ^ (d >>> 25 | d << 7)) + (d & f ^ ~d & c) + K[g + 2] + p[g + 2]) << 0,
h = t + ((e = (s >>> 2 | s << 30) ^ (s >>> 13 | s << 19) ^ (s >>> 22 | s << 10)) + ((n = s & l) ^ s & o ^ i)) << 0,
c = o + (t = c + ((u >>> 6 | u << 26) ^ (u >>> 11 | u << 21) ^ (u >>> 25 | u << 7)) + (u & d ^ ~u & f) + K[g + 3] + p[g + 3]) << 0,
o = t + ((e = (h >>> 2 | h << 30) ^ (h >>> 13 | h << 19) ^ (h >>> 22 | h << 10)) + ((a = h & s) ^ h & l ^ n)) << 0;
this.h0 = this.h0 + o << 0,
this.h1 = this.h1 + h << 0,
this.h2 = this.h2 + s << 0,
this.h3 = this.h3 + l << 0,
this.h4 = this.h4 + c << 0,
this.h5 = this.h5 + u << 0,
this.h6 = this.h6 + d << 0,
this.h7 = this.h7 + f << 0
}
,
Sha256.prototype.hex = function () {
this.finalize();
var e = this.h0
, t = this.h1
, r = this.h2
, i = this.h3
, n = this.h4
, a = this.h5
, o = this.h6
, h = this.h7
,
o = HEX_CHARS[e >> 28 & 15] + HEX_CHARS[e >> 24 & 15] + HEX_CHARS[e >> 20 & 15] + HEX_CHARS[e >> 16 & 15] + HEX_CHARS[e >> 12 & 15] + HEX_CHARS[e >> 8 & 15] + HEX_CHARS[e >> 4 & 15] + HEX_CHARS[15 & e] + HEX_CHARS[t >> 28 & 15] + HEX_CHARS[t >> 24 & 15] + HEX_CHARS[t >> 20 & 15] + HEX_CHARS[t >> 16 & 15] + HEX_CHARS[t >> 12 & 15] + HEX_CHARS[t >> 8 & 15] + HEX_CHARS[t >> 4 & 15] + HEX_CHARS[15 & t] + HEX_CHARS[r >> 28 & 15] + HEX_CHARS[r >> 24 & 15] + HEX_CHARS[r >> 20 & 15] + HEX_CHARS[r >> 16 & 15] + HEX_CHARS[r >> 12 & 15] + HEX_CHARS[r >> 8 & 15] + HEX_CHARS[r >> 4 & 15] + HEX_CHARS[15 & r] + HEX_CHARS[i >> 28 & 15] + HEX_CHARS[i >> 24 & 15] + HEX_CHARS[i >> 20 & 15] + HEX_CHARS[i >> 16 & 15] + HEX_CHARS[i >> 12 & 15] + HEX_CHARS[i >> 8 & 15] + HEX_CHARS[i >> 4 & 15] + HEX_CHARS[15 & i] + HEX_CHARS[n >> 28 & 15] + HEX_CHARS[n >> 24 & 15] + HEX_CHARS[n >> 20 & 15] + HEX_CHARS[n >> 16 & 15] + HEX_CHARS[n >> 12 & 15] + HEX_CHARS[n >> 8 & 15] + HEX_CHARS[n >> 4 & 15] + HEX_CHARS[15 & n] + HEX_CHARS[a >> 28 & 15] + HEX_CHARS[a >> 24 & 15] + HEX_CHARS[a >> 20 & 15] + HEX_CHARS[a >> 16 & 15] + HEX_CHARS[a >> 12 & 15] + HEX_CHARS[a >> 8 & 15] + HEX_CHARS[a >> 4 & 15] + HEX_CHARS[15 & a] + HEX_CHARS[o >> 28 & 15] + HEX_CHARS[o >> 24 & 15] + HEX_CHARS[o >> 20 & 15] + HEX_CHARS[o >> 16 & 15] + HEX_CHARS[o >> 12 & 15] + HEX_CHARS[o >> 8 & 15] + HEX_CHARS[o >> 4 & 15] + HEX_CHARS[15 & o];
return this.is224 || (o += HEX_CHARS[h >> 28 & 15] + HEX_CHARS[h >> 24 & 15] + HEX_CHARS[h >> 20 & 15] + HEX_CHARS[h >> 16 & 15] + HEX_CHARS[h >> 12 & 15] + HEX_CHARS[h >> 8 & 15] + HEX_CHARS[h >> 4 & 15] + HEX_CHARS[15 & h]),
o
}
,
Sha256.prototype.toString = Sha256.prototype.hex,
Sha256.prototype.digest = function () {
this.finalize();
var e = this.h0
, t = this.h1
, r = this.h2
, i = this.h3
, n = this.h4
, a = this.h5
, o = this.h6
, h = this.h7
,
o = [e >> 24 & 255, e >> 16 & 255, e >> 8 & 255, 255 & e, t >> 24 & 255, t >> 16 & 255, t >> 8 & 255, 255 & t, r >> 24 & 255, r >> 16 & 255, r >> 8 & 255, 255 & r, i >> 24 & 255, i >> 16 & 255, i >> 8 & 255, 255 & i, n >> 24 & 255, n >> 16 & 255, n >> 8 & 255, 255 & n, a >> 24 & 255, a >> 16 & 255, a >> 8 & 255, 255 & a, o >> 24 & 255, o >> 16 & 255, o >> 8 & 255, 255 & o];
return this.is224 || o.push(h >> 24 & 255, h >> 16 & 255, h >> 8 & 255, 255 & h),
o
}
,
Sha256.prototype.array = Sha256.prototype.digest,
Sha256.prototype.arrayBuffer = function () {
this.finalize();
var e = new ArrayBuffer(this.is224 ? 28 : 32)
, t = new DataView(e);
return t.setUint32(0, this.h0),
t.setUint32(4, this.h1),
t.setUint32(8, this.h2),
t.setUint32(12, this.h3),
t.setUint32(16, this.h4),
t.setUint32(20, this.h5),
t.setUint32(24, this.h6),
this.is224 || t.setUint32(28, this.h7),
e
}
,
HmacSha256.prototype = new Sha256,
HmacSha256.prototype.finalize = function () {
var e;
Sha256.prototype.finalize.call(this),
this.inner && (this.inner = !1,
e = this.array(),
Sha256.call(this, this.is224, this.sharedMemory),
this.update(this.oKeyPad),
this.update(e),
Sha256.prototype.finalize.call(this))
}
;
var fp = "0cc4ba65e05a4e8a957b7b56778ac11c";
function u(e, t) {
var r = (65535 & e) + (65535 & t);
return (e >> 16) + (t >> 16) + (r >> 16) << 16 | 65535 & r
}
function h(e, t, r, i, n, a) {
return u((a = u(u(t, e), u(i, a))) << (n = n) | a >>> 32 - n, r)
}
function d(e, t, r, i, n, a, o) {
return h(t & r | ~t & i, e, t, n, a, o)
}
function f(e, t, r, i, n, a, o) {
return h(t & i | r & ~i, e, t, n, a, o)
}
function p(e, t, r, i, n, a, o) {
return h(t ^ r ^ i, e, t, n, a, o)
}
function g(e, t, r, i, n, a, o) {
return h(r ^ (t | ~i), e, t, n, a, o)
}
function o(e, t) {
var r, i, n, a;
e[t >> 5] |= 128 << t % 32,
e[14 + (t + 64 >>> 9 << 4)] = t;
for (var o = 1732584193, h = -271733879, s = -1732584194, l = 271733878, c = 0; c < e.length; c += 16)
o = d(r = o, i = h, n = s, a = l, e[c], 7, -680876936),
l = d(l, o, h, s, e[c + 1], 12, -389564586),
s = d(s, l, o, h, e[c + 2], 17, 606105819),
h = d(h, s, l, o, e[c + 3], 22, -1044525330),
o = d(o, h, s, l, e[c + 4], 7, -176418897),
l = d(l, o, h, s, e[c + 5], 12, 1200080426),
s = d(s, l, o, h, e[c + 6], 17, -1473231341),
h = d(h, s, l, o, e[c + 7], 22, -45705983),
o = d(o, h, s, l, e[c + 8], 7, 1770035416),
l = d(l, o, h, s, e[c + 9], 12, -1958414417),
s = d(s, l, o, h, e[c + 10], 17, -42063),
h = d(h, s, l, o, e[c + 11], 22, -1990404162),
o = d(o, h, s, l, e[c + 12], 7, 1804603682),
l = d(l, o, h, s, e[c + 13], 12, -40341101),
s = d(s, l, o, h, e[c + 14], 17, -1502002290),
o = f(o, h = d(h, s, l, o, e[c + 15], 22, 1236535329), s, l, e[c + 1], 5, -165796510),
l = f(l, o, h, s, e[c + 6], 9, -1069501632),
s = f(s, l, o, h, e[c + 11], 14, 643717713),
h = f(h, s, l, o, e[c], 20, -373897302),
o = f(o, h, s, l, e[c + 5], 5, -701558691),
l = f(l, o, h, s, e[c + 10], 9, 38016083),
s = f(s, l, o, h, e[c + 15], 14, -660478335),
h = f(h, s, l, o, e[c + 4], 20, -405537848),
o = f(o, h, s, l, e[c + 9], 5, 568446438),
l = f(l, o, h, s, e[c + 14], 9, -1019803690),
s = f(s, l, o, h, e[c + 3], 14, -187363961),
h = f(h, s, l, o, e[c + 8], 20, 1163531501),
o = f(o, h, s, l, e[c + 13], 5, -1444681467),
l = f(l, o, h, s, e[c + 2], 9, -51403784),
s = f(s, l, o, h, e[c + 7], 14, 1735328473),
o = p(o, h = f(h, s, l, o, e[c + 12], 20, -1926607734), s, l, e[c + 5], 4, -378558),
l = p(l, o, h, s, e[c + 8], 11, -2022574463),
s = p(s, l, o, h, e[c + 11], 16, 1839030562),
h = p(h, s, l, o, e[c + 14], 23, -35309556),
o = p(o, h, s, l, e[c + 1], 4, -1530992060),
l = p(l, o, h, s, e[c + 4], 11, 1272893353),
s = p(s, l, o, h, e[c + 7], 16, -155497632),
h = p(h, s, l, o, e[c + 10], 23, -1094730640),
o = p(o, h, s, l, e[c + 13], 4, 681279174),
l = p(l, o, h, s, e[c], 11, -358537222),
s = p(s, l, o, h, e[c + 3], 16, -722521979),
h = p(h, s, l, o, e[c + 6], 23, 76029189),
o = p(o, h, s, l, e[c + 9], 4, -640364487),
l = p(l, o, h, s, e[c + 12], 11, -421815835),
s = p(s, l, o, h, e[c + 15], 16, 530742520),
o = g(o, h = p(h, s, l, o, e[c + 2], 23, -995338651), s, l, e[c], 6, -198630844),
l = g(l, o, h, s, e[c + 7], 10, 1126891415),
s = g(s, l, o, h, e[c + 14], 15, -1416354905),
h = g(h, s, l, o, e[c + 5], 21, -57434055),
o = g(o, h, s, l, e[c + 12], 6, 1700485571),
l = g(l, o, h, s, e[c + 3], 10, -1894986606),
s = g(s, l, o, h, e[c + 10], 15, -1051523),
h = g(h, s, l, o, e[c + 1], 21, -2054922799),
o = g(o, h, s, l, e[c + 8], 6, 1873313359),
l = g(l, o, h, s, e[c + 15], 10, -30611744),
s = g(s, l, o, h, e[c + 6], 15, -1560198380),
h = g(h, s, l, o, e[c + 13], 21, 1309151649),
o = g(o, h, s, l, e[c + 4], 6, -145523070),
l = g(l, o, h, s, e[c + 11], 10, -1120210379),
s = g(s, l, o, h, e[c + 2], 15, 718787259),
h = g(h, s, l, o, e[c + 9], 21, -343485551),
o = u(o, r),
h = u(h, i),
s = u(s, n),
l = u(l, a);
return [o, h, s, l]
}
function s(e) {
for (var t = "", r = 32 * e.length, i = 0; i < r; i += 8)
t += String.fromCharCode(e[i >> 5] >>> i % 32 & 255);
return t
}
function l(e) {
var t = [];
for (t[(e.length >> 2) - 1] = void 0,
i = 0; i < t.length; i += 1)
t[i] = 0;
for (var r = 8 * e.length, i = 0; i < r; i += 8)
t[i >> 5] |= (255 & e.charCodeAt(i / 8)) << i % 32;
return t
}
function i(e) {
for (var t, r = "0123456789abcdef", i = "", n = 0; n < e.length; n += 1)
t = e.charCodeAt(n),
i += r.charAt(t >>> 4 & 15) + r.charAt(15 & t);
return i
}
function r(e) {
return unescape(encodeURIComponent(e))
}
function n(e) {
return s(o(l(e = r(e)), 8 * e.length))
}
function a(e, t) {
return function (e, t) {
var r, i = l(e), n = [], a = [];
for (n[15] = a[15] = void 0,
16 < i.length && (i = o(i, 8 * e.length)),
r = 0; r < 16; r += 1)
n[r] = 909522486 ^ i[r],
a[r] = 1549556828 ^ i[r];
return t = o(n.concat(l(t)), 512 + 8 * t.length),
s(o(a.concat(t), 640))
}(r(e), r(t))
}
function t(e, t, r) {
return t ? r ? a(t, e) : i(a(t, e)) : r ? n(e) : i(n(e))
}
"function" == typeof define && define.amd ? define(function () {
return t
}) : "object" == typeof module && module.exports ? module.exports = t : e.md5 = t;
var md5 = t;
function handleCode(code, type, order, start, length) {
if (type !== 'mix') {
var str = type === 'en' ? 'AAAAAAAAAA' : '0000000000';
/* 補滿不足位數 */
var reg = type === 'en' ? /[0-9]/g : /\D/g;
if (order === '+') {
return code.replace(reg, '').concat(str).substr(start, length);
}
return (str + code).replace(reg, '').split('').reverse().join('').substr(start, length);
}
if (order === '+') {
return code.substr(start, length);
}
return code.split('').reverse().join('').substr(start, length);
}
sha256_str = new Sha256().update(fp)['hex']()
var secretCode = handleCode(md5(fp), 'en', '+', 0, 5) + '#' + fp + '*' + handleCode(sha256_str, 'int', '-', 0, 5);
console.log(btoa(secretCode));