共计 10634 个字符,预计需要花费 27 分钟才能阅读完成。
JS 逆向
出于对数据安全的考虑,一些网站 /APP 通常会对数据接口做加密处理。而分析这些接口的加密算法并实现模拟调用的过程就叫做「逆向」。
标准算法解密
- 确定 JS 是否存在混淆或者加密(eval)
- 定位解密位置
搜索 decrypt(
举例,目标网站地址如下:
[ppblock ex=” 请输入密码 ”]
福建省公共资源交易电子公共服务平台:https://ggzyfw.fujian.gov.cn/business/list
数据接口解密:
const cryptoJS = require('crypto-js')
function b(t) {var e = cryptoJS.enc.Utf8.parse('EB444973714E4A40876CE66BE45D5930'),
n = cryptoJS.enc.Utf8.parse('B5A8904209931867'),
a = cryptoJS.AES.decrypt(t, e, {
iv: n,
mode: cryptoJS.mode.CBC,
padding: cryptoJS.pad.Pkcs7,
})
return a.toString(cryptoJS.enc.Utf8)
}
const data = '密文'
console.log(b(data))[/ppblock]
搜索关键字
例如搜索:encrypt_data,示例网站地址如下:
[ppblock ex=” 请输入密码 ”]
企名片 - 科技创新服务平台:https://www.qimingpian.com/finosda/project/ainvestment
function decode(t) {var f = '/[\t\n\f\r]/g'
var l = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
var e = (t = String(t).replace(f, '')).length
e % 4 == 0 && (e = (t = t.replace(/==?$/, '')).length), (e % 4 == 1 || /[^+a-zA-Z0-9/]/.test(t)) && u('Invalid character: the string to be decoded is not correctly encoded.')
for (var n, r, i = 0, o = '', a = -1; ++a < e;) (r = l.indexOf(t.charAt(a))), (n = i % 4 ? 64 * n + r : r), i++ % 4 && (o += String.fromCharCode(255 & (n >> ((-2 * i) & 6))))
return o
}
function o(e, t, i, n, a, o) {var s, c, r, l, d, u, h, p, f, m, v, g, y, b, C = new Array(16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756), _ = new Array(-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344), w = new Array(520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584), k = new Array(8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928), x = new Array(256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080), T = new Array(536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312), A = new Array(2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154), N = new Array(268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696), $ = function(e) {for (var t, i, n, a = new Array(0,4,536870912,536870916,65536,65540,536936448,536936452,512,516,536871424,536871428,66048,66052,536936960,536936964), o = new Array(0,1,1048576,1048577,67108864,67108865,68157440,68157441,256,257,1048832,1048833,67109120,67109121,68157696,68157697), s = new Array(0,8,2048,2056,16777216,16777224,16779264,16779272,0,8,2048,2056,16777216,16777224,16779264,16779272), c = new Array(0,2097152,134217728,136314880,8192,2105344,134225920,136323072,131072,2228224,134348800,136445952,139264,2236416,134356992,136454144), r = new Array(0,262144,16,262160,0,262144,16,262160,4096,266240,4112,266256,4096,266240,4112,266256), l = new Array(0,1024,32,1056,0,1024,32,1056,33554432,33555456,33554464,33555488,33554432,33555456,33554464,33555488), d = new Array(0,268435456,524288,268959744,2,268435458,524290,268959746,0,268435456,524288,268959744,2,268435458,524290,268959746), u = new Array(0,65536,2048,67584,536870912,536936448,536872960,536938496,131072,196608,133120,198656,537001984,537067520,537004032,537069568), h = new Array(0,262144,0,262144,2,262146,2,262146,33554432,33816576,33554432,33816576,33554434,33816578,33554434,33816578), p = new Array(0,268435456,8,268435464,0,268435456,8,268435464,1024,268436480,1032,268436488,1024,268436480,1032,268436488), f = new Array(0,32,0,32,1048576,1048608,1048576,1048608,8192,8224,8192,8224,1056768,1056800,1056768,1056800), m = new Array(0,16777216,512,16777728,2097152,18874368,2097664,18874880,67108864,83886080,67109376,83886592,69206016,85983232,69206528,85983744), v = new Array(0,4096,134217728,134221824,524288,528384,134742016,134746112,16,4112,134217744,134221840,524304,528400,134742032,134746128), g = new Array(0,4,256,260,0,4,256,260,1,5,257,261,1,5,257,261), y = e.length > 8 ? 3 : 1, b = new Array(32 * y), C = new Array(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0), _ = 0, w = 0, k = 0; k < y; k++) {var x = e.charCodeAt(_++) << 24 | e.charCodeAt(_++) << 16 | e.charCodeAt(_++) << 8 | e.charCodeAt(_++)
, T = e.charCodeAt(_++) << 24 | e.charCodeAt(_++) << 16 | e.charCodeAt(_++) << 8 | e.charCodeAt(_++);
x ^= (n = 252645135 & (x >>> 4 ^ T)) << 4,
x ^= n = 65535 & ((T ^= n) >>> -16 ^ x),
x ^= (n = 858993459 & (x >>> 2 ^ (T ^= n << -16))) << 2,
x ^= n = 65535 & ((T ^= n) >>> -16 ^ x),
x ^= (n = 1431655765 & (x >>> 1 ^ (T ^= n << -16))) << 1,
x ^= n = 16711935 & ((T ^= n) >>> 8 ^ x),
n = (x ^= (n = 1431655765 & (x >>> 1 ^ (T ^= n << 8))) << 1) << 8 | (T ^= n) >>> 20 & 240,
x = T << 24 | T << 8 & 16711680 | T >>> 8 & 65280 | T >>> 24 & 240,
T = n;
for (var A = 0; A < C.length; A++)
C[A] ? (x = x << 2 | x >>> 26,
T = T << 2 | T >>> 26) : (x = x << 1 | x >>> 27,
T = T << 1 | T >>> 27),
T &= -15,
t = a[(x &= -15) >>> 28] | o[x >>> 24 & 15] | s[x >>> 20 & 15] | c[x >>> 16 & 15] | r[x >>> 12 & 15] | l[x >>> 8 & 15] | d[x >>> 4 & 15],
i = u[T >>> 28] | h[T >>> 24 & 15] | p[T >>> 20 & 15] | f[T >>> 16 & 15] | m[T >>> 12 & 15] | v[T >>> 8 & 15] | g[T >>> 4 & 15],
n = 65535 & (i >>> 16 ^ t),
b[w++] = t ^ n,
b[w++] = i ^ n << 16
}
return b
}(e), L = 0, S = t.length, z = 0, I = 32 == $.length ? 3 : 9;
p = 3 == I ? i ? new Array(0,32,2) : new Array(30,-2,-2) : i ? new Array(0,32,2,62,30,-2,64,96,2) : new Array(94,62,-2,32,64,2,30,-2,-2),
2 == o ? t += " " : 1 == o ? i && (r = 8 - S % 8,
t += String.fromCharCode(r, r, r, r, r, r, r, r),
8 === r && (S += 8)) : o || (t += "\0\0\0\0\0\0\0\0");
var B = ""
, F = "";
for (1 == n && (f = a.charCodeAt(L++) << 24 | a.charCodeAt(L++) << 16 | a.charCodeAt(L++) << 8 | a.charCodeAt(L++),
v = a.charCodeAt(L++) << 24 | a.charCodeAt(L++) << 16 | a.charCodeAt(L++) << 8 | a.charCodeAt(L++),
L = 0); L < S; ) {for (u = t.charCodeAt(L++) << 24 | t.charCodeAt(L++) << 16 | t.charCodeAt(L++) << 8 | t.charCodeAt(L++),
h = t.charCodeAt(L++) << 24 | t.charCodeAt(L++) << 16 | t.charCodeAt(L++) << 8 | t.charCodeAt(L++),
1 == n && (i ? (u ^= f,
h ^= v) : (m = f,
g = v,
f = u,
v = h)),
u ^= (r = 252645135 & (u >>> 4 ^ h)) << 4,
u ^= (r = 65535 & (u >>> 16 ^ (h ^= r))) << 16,
u ^= r = 858993459 & ((h ^= r) >>> 2 ^ u),
u ^= r = 16711935 & ((h ^= r << 2) >>> 8 ^ u),
u = (u ^= (r = 1431655765 & (u >>> 1 ^ (h ^= r << 8))) << 1) << 1 | u >>> 31,
h = (h ^= r) << 1 | h >>> 31,
c = 0; c < I; c += 3) {for (y = p[c + 1],
b = p[c + 2],
s = p[c]; s != y; s += b)
l = h ^ $[s],
d = (h >>> 4 | h << 28) ^ $[s + 1],
r = u,
u = h,
h = r ^ (_[l >>> 24 & 63] | k[l >>> 16 & 63] | T[l >>> 8 & 63] | N[63 & l] | C[d >>> 24 & 63] | w[d >>> 16 & 63] | x[d >>> 8 & 63] | A[63 & d]);
r = u,
u = h,
h = r
}
h = h >>> 1 | h << 31,
h ^= r = 1431655765 & ((u = u >>> 1 | u << 31) >>> 1 ^ h),
h ^= (r = 16711935 & (h >>> 8 ^ (u ^= r << 1))) << 8,
h ^= (r = 858993459 & (h >>> 2 ^ (u ^= r))) << 2,
h ^= r = 65535 & ((u ^= r) >>> 16 ^ h),
h ^= r = 252645135 & ((u ^= r << 16) >>> 4 ^ h),
u ^= r << 4,
1 == n && (i ? (f = u,
v = h) : (u ^= m,
h ^= g)),
F += String.fromCharCode(u >>> 24, u >>> 16 & 255, u >>> 8 & 255, 255 & u, h >>> 24, h >>> 16 & 255, h >>> 8 & 255, 255 & h),
512 == (z += 8) && (B += F,
F = "",
z = 0)
}
if (B = (B += F).replace(/\0*$/g, ""),
!i) {if (1 === o) {
var j = 0;
(S = B.length) && (j = B.charCodeAt(S - 1)),
j <= 8 && (B = B.substring(0, S - j))
}
B = decodeURIComponent(escape(B))
}
return B
}
function s(e) {return JSON.parse(o('5e5062e82f15fe4ca9d24bc5', decode(e), 0, 0, '012345677890123', 1))
}
const data = '密文'
console.log(s(data))[/ppblock]
搜索 JSON.parse(
示例网站地址如下:
[ppblock ex=” 请输入密码 ”]
烯牛数据:https://www.xiniudata.com/industry/newest?from=data
function d1(t) {
var e,
r,
n,
o,
i,
a,
c = '',
u = 0
var _keyStr = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='
for (t = t.replace(/[^A-Za-z0-9\+\/\=]/g, ''); u < t.length; )
(e = (_keyStr.indexOf(t.charAt(u++)) << 2) | ((o = _keyStr.indexOf(t.charAt(u++))) >> 4)),
(r = ((15 & o) << 4) | ((i = _keyStr.indexOf(t.charAt(u++))) >> 2)),
(n = ((3 & i) << 6) | (a = _keyStr.indexOf(t.charAt(u++)))),
(c += String.fromCharCode(e)),
64 != i && (c += String.fromCharCode(r)),
64 != a && (c += String.fromCharCode(n))
return c
}
function _u_d(t) {for (var e = '', r = 0, n = 0, o = 0, i = 0; r < t.length;)
(n = t.charCodeAt(r)) < 128
? ((e += String.fromCharCode(n)), r++)
: n > 191 && n < 224
? ((o = t.charCodeAt(r + 1)), (e += String.fromCharCode(((31 & n) << 6) | (63 & o))), (r += 2))
: ((o = t.charCodeAt(r + 1)), (i = t.charCodeAt(r + 2)), (e += String.fromCharCode(((15 & n) << 12) | ((63 & o) << 6) | (63 & i))), (r += 3))
return e
}
function d2(t) {for (var e = '', r = 0; r < t.length; r++) {
var _p = 'W5D80NFZHAYB8EUI2T649RT2MNRMVE2O'
var n = _p.charCodeAt(r % _p.length)
e += String.fromCharCode(t.charCodeAt(r) ^ n)
}
return (e = _u_d(e))
}
const l = '密文'
var d = d1(l),
y = d2(d)
console.log(JSON.parse(y))[/ppblock]
正文完
