声明:本文只作学习研究,禁止用于非法用途,否则后果自负,如有侵权,请告知删除,谢谢!
MyToken网站code参数解密
简单的js逆向:
https://www.mytokencap.com
该页面只有code参数进行了加密,比较适合刚学习js逆向的同学
解决方案:
抓取数据加载接口
- 老方法,直接按f12打开开发者工具(这里使用chrome)。
- 清除原有数据信息。
- 点击市值榜。
- 点击今日涨幅。
- 点击进入加载的连接。
寻找参数加密方式
1.这里多次加重复加载页面,发现两个变量1:timestamp,2:code。可以看出一个是13位时间戳,另一个就是前端的加密参数了。
2.老方法 ctrl+shift+f,搜索code,一般加密的入口是第一个,我们点进去格式化,然后继续搜索code参数。
3. 搜到55个,不急慢慢找,咦,这个好像就是了,连其他参数都显示出来了
4. 打个断点,重新加载页面,可以看到code参数是由o生成的,生成方式r()(e + “9527” + e.substr(0, 6)),那么这个e是什么呢,当然不难看出就是时间戳,然后我们就要找r()这个方法,只要找到这个方法,那么code解密就能解决了。
5. 选一下r(),再点击进入这个函数,可能有点卡,耐心等待下。
6.加载出来后,可以看到生成出来的方法,那我们自己用python写是不可能的,扣他的js代码。
7.知道你们懒,我帮你们抠好了,让然直接拿来用是不行的,要稍微改一下。
function s(t, e) {
t.constructor == String ? t = e && "binary" === e.encoding ? stringToBytes(t) : i_stringToBytes(t) : o(t) ? t = Array.prototype.slice.call(t, 0) : Array.isArray(t) || (t = t.toString());
for (var r = bytesToWords(t), u = 8 * t.length, f = 1732584193, c = -271733879, l = -1732584194, h = 271733878, d = 0; d < r.length; d++)
r[d] = 16711935 & (r[d] << 8 | r[d] >>> 24) | 4278255360 & (r[d] << 24 | r[d] >>> 8);
r[u >>> 5] |= 128 << u % 32,
r[14 + (u + 64 >>> 9 << 4)] = u;
var p = _ff
, v = _gg
, y = _hh
, b = _ii;
for (d = 0; d < r.length; d += 16) {
var m = f
, g = c
, _ = l
, w = h;
c = b(c = b(c = b(c = b(c = y(c = y(c = y(c = y(c = v(c = v(c = v(c = v(c = p(c = p(c = p(c = p(c, l = p(l, h = p(h, f = p(f, c, l, h, r[d + 0], 7, -680876936), c, l, r[d + 1], 12, -389564586), f, c, r[d + 2], 17, 606105819), h, f, r[d + 3], 22, -1044525330), l = p(l, h = p(h, f = p(f, c, l, h, r[d + 4], 7, -176418897), c, l, r[d + 5], 12, 1200080426), f, c, r[d + 6], 17, -1473231341), h, f, r[d + 7], 22, -45705983), l = p(l, h = p(h, f = p(f, c, l, h, r[d + 8], 7, 1770035416), c, l, r[d + 9], 12, -1958414417), f, c, r[d + 10], 17, -42063), h, f, r[d + 11], 22, -1990404162), l = p(l, h = p(h, f = p(f, c, l, h, r[d + 12], 7, 1804603682), c, l, r[d + 13], 12, -40341101), f, c, r[d + 14], 17, -1502002290), h, f, r[d + 15], 22, 1236535329), l = v(l, h = v(h, f = v(f, c, l, h, r[d + 1], 5, -165796510), c, l, r[d + 6], 9, -1069501632), f, c, r[d + 11], 14, 643717713), h, f, r[d + 0], 20, -373897302), l = v(l, h = v(h, f = v(f, c, l, h, r[d + 5], 5, -701558691), c, l, r[d + 10], 9, 38016083), f, c, r[d + 15], 14, -660478335), h, f, r[d + 4], 20, -405537848), l = v(l, h = v(h, f = v(f, c, l, h, r[d + 9], 5, 568446438), c, l, r[d + 14], 9, -1019803690), f, c, r[d + 3], 14, -187363961), h, f, r[d + 8], 20, 1163531501), l = v(l, h = v(h, f = v(f, c, l, h, r[d + 13], 5, -1444681467), c, l, r[d + 2], 9, -51403784), f, c, r[d + 7], 14, 1735328473), h, f, r[d + 12], 20, -1926607734), l = y(l, h = y(h, f = y(f, c, l, h, r[d + 5], 4, -378558), c, l, r[d + 8], 11, -2022574463), f, c, r[d + 11], 16, 1839030562), h, f, r[d + 14], 23, -35309556), l = y(l, h = y(h, f = y(f, c, l, h, r[d + 1], 4, -1530992060), c, l, r[d + 4], 11, 1272893353), f, c, r[d + 7], 16, -155497632), h, f, r[d + 10], 23, -1094730640), l = y(l, h = y(h, f = y(f, c, l, h, r[d + 13], 4, 681279174), c, l, r[d + 0], 11, -358537222), f, c, r[d + 3], 16, -722521979), h, f, r[d + 6], 23, 76029189), l = y(l, h = y(h, f = y(f, c, l, h, r[d + 9], 4, -640364487), c, l, r[d + 12], 11, -421815835), f, c, r[d + 15], 16, 530742520), h, f, r[d + 2], 23, -995338651), l = b(l, h = b(h, f = b(f, c, l, h, r[d + 0], 6, -198630844), c, l, r[d + 7], 10, 1126891415), f, c, r[d + 14], 15, -1416354905), h, f, r[d + 5], 21, -57434055), l = b(l, h = b(h, f = b(f, c, l, h, r[d + 12], 6, 1700485571), c, l, r[d + 3], 10, -1894986606), f, c, r[d + 10], 15, -1051523), h, f, r[d + 1], 21, -2054922799), l = b(l, h = b(h, f = b(f, c, l, h, r[d + 8], 6, 1873313359), c, l, r[d + 15], 10, -30611744), f, c, r[d + 6], 15, -1560198380), h, f, r[d + 13], 21, 1309151649), l = b(l, h = b(h, f = b(f, c, l, h, r[d + 4], 6, -145523070), c, l, r[d + 11], 10, -1120210379), f, c, r[d + 2], 15, 718787259), h, f, r[d + 9], 21, -343485551),
f = f + m >>> 0,
c = c + g >>> 0,
l = l + _ >>> 0,
h = h + w >>> 0
}
return endian([f, c, l, h])
}
function _ff(t, e, r, n, i, o, a) {
var s = t + (e & r | ~e & n) + (i >>> 0) + a;
return (s << o | s >>> 32 - o) + e
}
function _gg(t, e, r, n, i, o, a) {
var s = t + (e & n | r & ~n) + (i >>> 0) + a;
return (s << o | s >>> 32 - o) + e
}
function _hh(t, e, r, n, i, o, a) {
var s = t + (e ^ r ^ n) + (i >>> 0) + a;
return (s << o | s >>> 32 - o) + e
}
function _ii(t, e, r, n, i, o, a) {
var s = t + (r ^ (e | ~n)) + (i >>> 0) + a;
return (s << o | s >>> 32 - o) + e
}
function rotl(t, e) {
return t << e | t >>> 32 - e
}
function endian(t) {
if (t.constructor == Number)
return 16711935 & rotl(t, 8) | 4278255360 & rotl(t, 24);
for (var e = 0; e < t.length; e++)
t[e] = endian(t[e]);
return t
}
function bytesToWords(t) {
for (var e = [], r = 0, n = 0; r < t.length; r++,
n += 8)
e[n >>> 5] |= t[r] << 24 - n % 32;
return e
}
function i_stringToBytes(t) {
return stringToBytes(unescape(encodeURIComponent(t)))
}
function stringToBytes(t) {
for (var e = [], r = 0; r < t.length; r++)
e.push(255 & t.charCodeAt(r));
return e
}
function wordsToBytes(t) {
for (var e = [], r = 0; r < 32 * t.length; r += 8)
e.push(t[r >>> 5] >>> 24 - r % 32 & 255);
return e
}
function bytesToString(t) {
for (var e = [], r = 0; r < t.length; r++)
e.push(String.fromCharCode(t[r]));
return e.join("")
}
function bytesToHex(t) {
for (var e = [], r = 0; r < t.length; r++)
e.push((t[r] >>> 4).toString(16)),
e.push((15 & t[r]).toString(16));
return e.join("")
}
function outcode(t, e) {
var r = wordsToBytes(s(t, e));
return e && e.asBytes ? r : e && e.asString ? bytesToString(r) : bytesToHex(r)
}
function get_code() {
var e = Date.now().toString(), o = outcode(e + "9527" + e.substr(0, 6));
return [e,o];
}
console.log(get_code())
8.执行下看看效果,好像是可以了,至于怎么拿到数据,我就略略略了,都懂的!
