js逆向解析
需要了解chrome调试工具以及断点测试以及简单的js代码
1,f12打开开发者工具,找到post请求的包v2transapi,找到post表单也就是from data
2,再输入一个新的词语进行翻译,查看data的变化,可知只有query和sign变化,因此了解sign是通过js函数加密的 我们需要找到此函数进行解析
3,搜索含有v2transapi的文件,找到index.js,搜索sign发现 sign是通过y函数生成,因此我们需要找到y函数
4,使用断点测试 再输入一个词语 找到y(n)函数
5,把代码提取下来 运行js代码发现少一个i的值和一个未定义的n函数 同样断点找到i的值 i=window[jdk]
6,通过python自带的execjs模块 运行js代码(可以将js代码保存到js文件中)完整js代码
var i = "320305.131321201";
function n(r, o) {
for (var t = 0; t < o.length - 2; t += 3) {
var a = o.charAt(t + 2);
a = a >= "a" ? a.charCodeAt(0) - 87 : Number(a),
a = "+" === o.charAt(t + 1) ? r >>> a : r << a,
r = "+" === o.charAt(t) ? r + a & 4294967295 : r ^ a
}
return r
}
function e(r) {
var o = r.match(/[\uD800-\uDBFF][\uDC00-\uDFFF]/g);
if (null === o) {
var t = r.length;
t > 30 && (r = "" + r.substr(0, 10) + r.substr(Math.floor(t / 2) - 5, 10) + r.substr(-10, 10))
} else {
for (var e = r.split(/[\uD800-\uDBFF][\uDC00-\uDFFF]/), C = 0, h = e.length, f = []; h > C; C++)
"" !== e[C] && f.push.apply(f, a(e[C].split(""))),
C !== h - 1 && f.push(o[C]);
var g = f.length;
g > 30 && (r = f.slice(0, 10).join("") + f.slice(Math.floor(g / 2) - 5, Math.floor(g / 2) + 5).join("") + f.slice(-10).join(""))
}
var u = void 0
, l = "" + String.fromCharCode(103) + String.fromCharCode(116) + String.fromCharCode(107);
u = null !== i ? i : (i = window[l] || "") || "";
for (var d = u.split("."), m = Number(d[0]) || 0, s = Number(d[1]) || 0, S = [], c = 0, v = 0; v < r.length; v++) {
var A = r.charCodeAt(v);
128 > A ? S[c++] = A : (2048 > A ? S[c++] = A >> 6 | 192 : (55296 === (64512 & A) && v + 1 < r.length && 56320 === (64512 & r.charCodeAt(v + 1)) ? (A = 65536 + ((1023 & A) << 10) + (1023 & r.charCodeAt(++v)),
S[c++] = A >> 18 | 240,
S[c++] = A >> 12 & 63 | 128) : S[c++] = A >> 12 | 224,
S[c++] = A >> 6 & 63 | 128),
S[c++] = 63 & A | 128)
}
for (var p = m, F = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(97) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(54)), D = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(51) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(98)) + ("" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(102)), b = 0; b < S.length; b++)
p += S[b],
p = n(p, F);
return p = n(p, D),
p ^= s,
0 > p && (p = (2147483647 & p) + 2147483648),
p %= 1e6,
p.toString() + "." + (p ^ m)
}
7,编写爬虫代码,实现语言自动检测,思路:语言自动检测需要一次请求,获得语言类型,地址:“https://fanyi.baidu.com/langdetect”
import requests
import execjs
def baidu_translate():
# 使用execjs库对js文件进行打开
n = input("请输入要翻译的文字:")
with open('baidufanyi.js', 'r', encoding='utf-8') as f:
ctx = execjs.compile(f.read())
sign = ctx.call('e', n)
# 设置请求数据 需要设置两个地址 先进行语言检测 再进行翻译
headers = {
"authority": "fanyi.baidu.com",
"method": "POST",
"path": "/v2transapi?from=zh&to=en",
"scheme": "https",
"accept": "*/*",
"accept-encoding": "gzip, deflate, br",
"accept-language": "zh-CN,zh;q=0.9",
"cache-control": "no-cache",
"content-length": "175",
"content-type": "application/x-www-form-urlencoded; charset=UTF-8",
"cookie": "BIDUPSID=7F7A8082A5896FBF0E702FF254C5750C; PSTM=1583119954; BAIDUID=7F7A8082A5896FBF99BDE3086206BA20:SL=0:NR=10:FG=1; REALTIME_TRANS_SWITCH=1; FANYI_WORD_SWITCH=1; SOUND_SPD_SWITCH=1; HISTORY_SWITCH=1; SOUND_PREFER_SWITCH=1; Hm_lvt_afd111fa62852d1f37001d1f980b6800=1591624223; BDUSS=BxYno4QkNHbnlTNXdXLW9uLXhZMjBBUDd4V1pUSFdxflJOcXFITHV3M1RXa3RmRVFBQUFBJCQAAAAAAAAAAAEAAABS02U6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPNI1~TzSNfYl; BDUSS_BFESS=BxYno4QkNHbnlTNXdXLW9uLXhZMjBBUDd4V1pUSFdxflJOcXFITHV3M1RXa3RmRVFBQUFBJCQAAAAAAAAAAAEAAABS02U6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPNI1~TzSNfYl; BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; BDRCVFR[feWj1Vr5u3D]=I67x6TjHwwYf0; delPer=0; PSINO=1; H_PS_PSSID=1447_32562_32536_31254_32046_32394_32407_32116_31709_26350_32506_32482; Hm_lvt_64ecd82404c51e03dc91cb9e8c025574=1596852466,1597470985,1597478224,1597483753; yjs_js_security_passport=b896127fb2a36cdacf281c2243c5de735dda7c93_1597483770_js; __yjsv5_shitong=1.0_7_b5930c99a8c92f36d97743445300664d0b15_300_1597483945070_106.46.64.91_216cc9e3; Hm_lpvt_64ecd82404c51e03dc91cb9e8c025574=1597484109",
"origin": "https://fanyi.baidu.com",
"pragma": "no-cache",
"referer": "https://fanyi.baidu.com/?aldtype=16047",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-origin",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) "
"Chrome/80.0.3987.122 Safari/537.36",
"x-requested-with": "XMLHttpRequest"}
lang_dect_url = "https://fanyi.baidu.com/langdetect" # 语言检测地址
translate_url = 'https://fanyi.baidu.com/v2transapi?from=zh&to=en' # 翻译地址
lang_dect_params = {"query": n} # 语言检测数据
lang = requests.post(lang_dect_url, headers=headers, data=lang_dect_params) # 请求语言检测地址
dect_lang = json.loads(lang.text)["lan"] # 获取语言类型
# 语言翻译数据 分为两种情况 汉译英 或者英译汉时有不同的请求数据 即from to 的不同
translate_params = {"from": "zh", "to": "en", "query": n, "simple_means_flag": "3", "sign": sign,
"token": "eeb8699f9bfe70826716e73f62ef28e8", "domain": "common"} if dect_lang == "zh" \
else {"from": "en", "to": "zh", "query": n, "simple_means_flag": "3", "sign": sign,
"token": "eeb8699f9bfe70826716e73f62ef28e8", "domain": "common"}
translate_response = requests.post(translate_url, headers=headers, data=translate_params) # 请求翻译地址
json_data = json.loads(translate_response.text)
result = json_data['trans_result']['data'][0]['dst']
print(result)
if __name__ == '__main__':
baidu_translate()