逆向日期:2024.02.07
使用工具:Node.js
加密方法:未知 / md5标准库
文章全程已做去敏处理!!! 【需要做的可联系我】
可使用AES进行解密处理(
直接解密即可):在线AES加解密工具
1、打开某某网站(请使用文章开头的AES在线工具解密):IVeclZzxeEg7g4s+Nn4oJbUa7mjTvD/i0OHGk+xthBwspcZpLIRX6PPSoTS2tPk99MVmmi/5xRdFphfysQn7Wg==
2、打开网站后,打开控制台,然后向下翻到底部
3、哎幺,废了二牛之力,终于找着了,他这里是将要翻页的字典值给转了字符串,然后进行的加密,废话不多说,直接跟栈进去,我们先一个一个来,先把【c.d】给搞定
4、找到了,直接扣,扣到本地后,直接运行
5、哎呀,报错了,你看报错显示的是什么,他说【_u_e】没定义,就是没找到这个参数,那我们接着去原网站代码里扣,缺什么扣什么,全都给他扣下来
6、扣完了,运行,哎幺,不报错了,接下来去扣【c.c】
7、又扣完了,【c.d】对应【e2】,【c.c】对应【e1】,我们在控制台输出一下,然后把字符串拿到本地在加密一下,看两个结果,哎幺,一样的,妥了,成功了,【payload】的生成方法解决了,开始模拟生成【sig】的值
8、【sig】的获取方法更简单,就是在【payload】的基础上,在加密一下,行吧,我们直接去扣【c.e】的值
9、当我进去后,发现sig是通过标准md5加密的,【t】相当于【payload】值,,而【_p】是一个固定的参数值,这还不简单吗,直接调用本地库
10、扣完代码后,运行对比结果,妥了 我会将代码打包好可直接调用
【附上源码】
为防止二次编辑或对该网站的原创保护,只能将源代码进行混淆展示。
npm install crypto-js --save // 安装本地包
// 安装 crypto-js 包
// npm install crypto-js --save
const CryptoJS = require('crypto-js')
var _0x29e5=['wqvCjmzCjsOkwqE=','w7TCt8KBwoAhRcKVwqhLwoI=','w5rCjMO0XMOmw44Lwqd8wqE=','MsOlw6kjIBLCt1vDqsKp','wrNcCBrDtAwQwoZKw589w7Y=','RsKdDQbDuHLDqsOe','wqtFwo/CkMKQfSwVwpfDv8KfIw==','w6xaa8OQw7M0C8OTw7tnw6R0','J3LCqBfDoV0=','PsOow4zCilAAwrkhwrLDlA==','JC1b','wrZGBgXDthA=','KH/CpwLDlEE=','w77CjcK8MxDClk9tcMKmMAo=','f8ORBMKrDzVJ','fMO7wpRKYA0=','OXVCQHbDo3fDrFzChkk=','w5wMIcKcQSBdNsKZYcKqOA==','djvClsK3wovDskfDjsKNw6w=','VsKHMMKdLB/DkMKtwp7DqQ==','RRMuwq5qwpgwwpFUIcKVM8OUXMKvRMOhwpPDolXCixDDgMKgwpQcwr9eNl9sVADCm3jCgMKdEEnCtsOswqvDqsOtw47DvTF5w4zCjmFxBsK5XwvDu8KzYcO7RMKqwqHCvzI='];(function(_0x12ed33,_0x29e511){var _0x124d21=function(_0x1a463c){while(--_0x1a463c){_0x12ed33['push'](_0x12ed33['shift']());}};_0x124d21(++_0x29e511);}(_0x29e5,0xb3));var _0x124d=function(_0x12ed33,_0x29e511){_0x12ed33=_0x12ed33-0x0;var _0x124d21=_0x29e5[_0x12ed33];if(_0x124d['vgJUea']===undefined){(function(){var _0x5903ef=function(){var _0x34d687;try{_0x34d687=Function('return\x20(function()\x20'+'{}.constructor(\x22return\x20this\x22)(\x20)'+');')();}catch(_0x30274){_0x34d687=window;}return _0x34d687;};var _0x28fdde=_0x5903ef();var _0x1bd3e9='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';_0x28fdde['atob']||(_0x28fdde['atob']=function(_0x2da3ba){var _0x2aa453=String(_0x2da3ba)['replace'](/=+$/,'');var _0x3e0cfb='';for(var _0x1dc912=0x0,_0x43c5fd,_0x236617,_0x514df9=0x0;_0x236617=_0x2aa453['charAt'](_0x514df9++);~_0x236617&&(_0x43c5fd=_0x1dc912%0x4?_0x43c5fd*0x40+_0x236617:_0x236617,_0x1dc912++%0x4)?_0x3e0cfb+=String['fromCharCode'](0xff&_0x43c5fd>>(-0x2*_0x1dc912&0x6)):0x0){_0x236617=_0x1bd3e9['indexOf'](_0x236617);}return _0x3e0cfb;});}());var _0x32d4b9=function(_0x206e5a,_0xd8ca26){var _0x47c29f=[],_0x1a0cee=0x0,_0x464952,_0x45e193='',_0x24aaad='';_0x206e5a=atob(_0x206e5a);for(var _0xe5d2be=0x0,_0x141546=_0x206e5a['length'];_0xe5d2be<_0x141546;_0xe5d2be++){_0x24aaad+='%'+('00'+_0x206e5a['charCodeAt'](_0xe5d2be)['toString'](0x10))['slice'](-0x2);}_0x206e5a=decodeURIComponent(_0x24aaad);var _0x109ffe;for(_0x109ffe=0x0;_0x109ffe<0x100;_0x109ffe++){_0x47c29f[_0x109ffe]=_0x109ffe;}for(_0x109ffe=0x0;_0x109ffe<0x100;_0x109ffe++){_0x1a0cee=(_0x1a0cee+_0x47c29f[_0x109ffe]+_0xd8ca26['charCodeAt'](_0x109ffe%_0xd8ca26['length']))%0x100;_0x464952=_0x47c29f[_0x109ffe];_0x47c29f[_0x109ffe]=_0x47c29f[_0x1a0cee];_0x47c29f[_0x1a0cee]=_0x464952;}_0x109ffe=0x0;_0x1a0cee=0x0;for(var _0x574cf8=0x0;_0x574cf8<_0x206e5a['length'];_0x574cf8++){_0x109ffe=(_0x109ffe+0x1)%0x100;_0x1a0cee=(_0x1a0cee+_0x47c29f[_0x109ffe])%0x100;_0x464952=_0x47c29f[_0x109ffe];_0x47c29f[_0x109ffe]=_0x47c29f[_0x1a0cee];_0x47c29f[_0x1a0cee]=_0x464952;_0x45e193+=String['fromCharCode'](_0x206e5a['charCodeAt'](_0x574cf8)^_0x47c29f[(_0x47c29f[_0x109ffe]+_0x47c29f[_0x1a0cee])%0x100]);}return _0x45e193;};_0x124d['ejVMAi']=_0x32d4b9;_0x124d['UjShrZ']={};_0x124d['vgJUea']=!![];}var _0x1a463c=_0x124d['UjShrZ'][_0x12ed33];if(_0x1a463c===undefined){if(_0x124d['snFFDe']===undefined){_0x124d['snFFDe']=!![];}_0x124d21=_0x124d['ejVMAi'](_0x124d21,_0x29e511);_0x124d['UjShrZ'][_0x12ed33]=_0x124d21;}else{_0x124d21=_0x1a463c;}return _0x124d21;};var _keyStr=_0x124d('0x9','#cVQ'),_p='W5D80NFZHAYB8EUI2T649RT2MNRMVE2O';function _u_e(_0x2578b3){if(null==_0x2578b3)return null;_0x2578b3=_0x2578b3[_0x124d('0x3','A)Th')](/\r\n/g,'\x0a');for(var _0x4f9b08='',_0x2df097=0x0;_0x2df097<_0x2578b3[_0x124d('0x4','^[WB')];_0x2df097++){var _0x50dcfe=_0x2578b3[_0x124d('0xd','99k7')](_0x2df097);_0x50dcfe<0x80?_0x4f9b08+=String[_0x124d('0x11','0v8C')](_0x50dcfe):_0x50dcfe>0x7f&&_0x50dcfe<0x800?(_0x4f9b08+=String[_0x124d('0xe','0iss')](_0x50dcfe>>0x6|0xc0),_0x4f9b08+=String['fromCharCode'](0x3f&_0x50dcfe|0x80)):(_0x4f9b08+=String[_0x124d('0x2','Jq$0')](_0x50dcfe>>0xc|0xe0),_0x4f9b08+=String[_0x124d('0x10','i#XG')](_0x50dcfe>>0x6&0x3f|0x80),_0x4f9b08+=String[_0x124d('0x6','6Tjt')](0x3f&_0x50dcfe|0x80));}return _0x4f9b08;}function e2(_0x3d32f1){if(null==(_0x3d32f1=_u_e(_0x3d32f1)))return null;for(var _0x1d2c8d='',_0x24ce9c=0x0;_0x24ce9c<_0x3d32f1[_0x124d('0x12','snZq')];_0x24ce9c++){var _0x51fe88=_p[_0x124d('0xb','96Dz')](_0x24ce9c%_p['length']);_0x1d2c8d+=String['fromCharCode'](_0x3d32f1[_0x124d('0x13','h7i#')](_0x24ce9c)^_0x51fe88);}return _0x1d2c8d;}function e1(_0x25935c){if(null==_0x25935c)return null;for(var _0x39c524,_0x2ee94b,_0x986467,_0x5df775,_0xf38d59,_0x1b31a8,_0x52ae9c,_0x22cad5='',_0x22d7d1=0x0;_0x22d7d1<_0x25935c['length'];)_0x5df775=(_0x39c524=_0x25935c[_0x124d('0xc','&gdS')](_0x22d7d1++))>>0x2,_0xf38d59=(0x3&_0x39c524)<<0x4|(_0x2ee94b=_0x25935c[_0x124d('0x8','bmPN')](_0x22d7d1++))>>0x4,_0x1b31a8=(0xf&_0x2ee94b)<<0x2|(_0x986467=_0x25935c[_0x124d('0x7','3ula')](_0x22d7d1++))>>0x6,_0x52ae9c=0x3f&_0x986467,isNaN(_0x2ee94b)?_0x1b31a8=_0x52ae9c=0x40:isNaN(_0x986467)&&(_0x52ae9c=0x40),_0x22cad5=_0x22cad5+_keyStr[_0x124d('0x0','0iss')](_0x5df775)+_keyStr[_0x124d('0xa','GTwV')](_0xf38d59)+_keyStr[_0x124d('0x1','snZq')](_0x1b31a8)+_keyStr['charAt'](_0x52ae9c);return _0x22cad5;}function MD5(_0x3166ea){return CryptoJS[_0x124d('0x14','Bm[A')](_0x3166ea)[_0x124d('0xf','qn*n')]();}function sig(_0xe9b271){return MD5(_0xe9b271+_p)[_0x124d('0x5','PS%H')]();}function payload_sig(_0x1eb7ac){payload=e1(e2(_0x1eb7ac));sig=sig(payload);return{'payload':payload,'sig':sig};}
console.log(payload_sig('{"sort":1,"start":120,"limit":20}'))