diff --git a/猿人学练习/1js加密无混淆js加密/__init__.py b/猿人学练习/1js加密无混淆js加密/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/猿人学练习/1js加密无混淆js加密/img/1.png b/猿人学练习/1js加密无混淆js加密/img/1.png new file mode 100644 index 0000000..47a84ec Binary files /dev/null and b/猿人学练习/1js加密无混淆js加密/img/1.png differ diff --git a/猿人学练习/1js加密无混淆js加密/img/2.png b/猿人学练习/1js加密无混淆js加密/img/2.png new file mode 100644 index 0000000..a829472 Binary files /dev/null and b/猿人学练习/1js加密无混淆js加密/img/2.png differ diff --git a/猿人学练习/1js加密无混淆js加密/main.py b/猿人学练习/1js加密无混淆js加密/main.py new file mode 100644 index 0000000..c9e21ea --- /dev/null +++ b/猿人学练习/1js加密无混淆js加密/main.py @@ -0,0 +1,48 @@ +import requests +import time +import base64 +import hashlib + + +def md5_value(key): + input_name = hashlib.md5() + input_name.update(key.encode("utf-8")) + sign = (input_name.hexdigest()).lower() + return sign + + +def base64_value(key): + base64_a_timestamp = base64.b64encode(key.encode('utf8')) + base64_str = str(base64_a_timestamp, 'utf-8') + return base64_str + + +def challenge1(page, safe, timestamp): + url = "https://www.python-spider.com/api/challenge1" + payload = f"page={page}" + headers = { + 'safe': safe, + 'timestamp': timestamp, + } + response = requests.request("POST", url, headers=headers, data=payload) + return response.json() + + +def run(): + data_num = 0 + for page in range(1, 101): + timestamp = str(int(time.time())) + a_timestamp = '9622' + timestamp + print(a_timestamp) + base64_str = base64_value(a_timestamp) + safe = md5_value(base64_str) + res_dict = challenge1(page, safe, timestamp) + data_list = res_dict.get('data') + for data in data_list: + data_num += int(data.get('value')) + print(data_num) + print(data_num) + + +if __name__ == '__main__': + run() diff --git a/猿人学练习/1js加密无混淆js加密/node/safe.js b/猿人学练习/1js加密无混淆js加密/node/safe.js new file mode 100644 index 0000000..3ee458e --- /dev/null +++ b/猿人学练习/1js加密无混淆js加密/node/safe.js @@ -0,0 +1,164 @@ +var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ +var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */ +var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ + + +function md5_cmn(q, a, b, x, s, t) +{ + return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b); +} +function md5_ff(a, b, c, d, x, s, t) +{ + return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t); +} +function md5_gg(a, b, c, d, x, s, t) +{ + return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t); +} +function md5_hh(a, b, c, d, x, s, t) +{ + return md5_cmn(b ^ c ^ d, a, b, x, s, t); +} +function md5_ii(a, b, c, d, x, s, t) +{ + return md5_cmn(c ^ (b | (~d)), a, b, x, s, t); +} + +function safe_add(x, y) +{ + var lsw = (x & 0xFFFF) + (y & 0xFFFF); + var msw = (x >> 16) + (y >> 16) + (lsw >> 16); + return (msw << 16) | (lsw & 0xFFFF); +} + +function bit_rol(num, cnt) +{ + return (num << cnt) | (num >>> (32 - cnt)); +} + +function hex_md5(s) { + return binl2hex(core_md5(str2binl(s), s.length * chrsz)); +} + +function binl2hex(binarray) +{ + var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; + var str = ""; + for(var i = 0; i < binarray.length * 4; i++) + { + str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) + + hex_tab.charAt((binarray[i>>2] >> ((i%4)*8 )) & 0xF); + } + return str; +} + +function core_md5(x, len) +{ + /* append padding */ + x[len >> 5] |= 0x80 << ((len) % 32); + x[(((len + 64) >>> 9) << 4) + 14] = len; + + var a = 1732584193; + var b = -271733879; + var c = -1732584194; + var d = 271733878; + + for(var i = 0; i < x.length; i += 16) + { + var olda = a; + var oldb = b; + var oldc = c; + var oldd = d; + + a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936); + d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586); + c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819); + b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330); + a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897); + d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426); + c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341); + b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983); + a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416); + d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417); + c = md5_ff(c, d, a, b, x[i+10], 17, -42063); + b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162); + a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682); + d = md5_ff(d, a, b, c, x[i+13], 12, -40341101); + c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290); + b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329); + + a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510); + d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632); + c = md5_gg(c, d, a, b, x[i+11], 14, 643717713); + b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302); + a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691); + d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083); + c = md5_gg(c, d, a, b, x[i+15], 14, -660478335); + b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848); + a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438); + d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690); + c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961); + b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501); + a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467); + d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784); + c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473); + b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734); + + a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558); + d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463); + c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562); + b = md5_hh(b, c, d, a, x[i+14], 23, -35309556); + a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060); + d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353); + c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632); + b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640); + a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174); + d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222); + c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979); + b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189); + a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487); + d = md5_hh(d, a, b, c, x[i+12], 11, -421815835); + c = md5_hh(c, d, a, b, x[i+15], 16, 530742520); + b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651); + + a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844); + d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415); + c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905); + b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055); + a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571); + d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606); + c = md5_ii(c, d, a, b, x[i+10], 15, -1051523); + b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799); + a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359); + d = md5_ii(d, a, b, c, x[i+15], 10, -30611744); + c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380); + b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649); + a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070); + d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379); + c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259); + b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551); + + a = safe_add(a, olda); + b = safe_add(b, oldb); + c = safe_add(c, oldc); + d = safe_add(d, oldd); + } + return Array(a, b, c, d); + +} + +function str2binl(str) +{ + var bin = Array(); + var mask = (1 << chrsz) - 1; + for(var i = 0; i < str.length * chrsz; i += chrsz) + bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32); + return bin; +} + + +var a = '9622'; +var timestamp = String(Date.parse(new Date()) / 1000); +var tokens = hex_md5(a + timestamp); + +console.log(tokens); diff --git a/猿人学练习/1js加密无混淆js加密/readme.md b/猿人学练习/1js加密无混淆js加密/readme.md new file mode 100644 index 0000000..2199118 --- /dev/null +++ b/猿人学练习/1js加密无混淆js加密/readme.md @@ -0,0 +1,21 @@ +# 知识点:全局搜索定位参数,加密逻辑是否原身 + +1. 全局搜索`safe`加密字段,发现 + +![请求](./img/1.png) + +发现加密代码逻辑应该是`md5`,参数是时间戳 + 9622 + + var a = '9622'; + var timestamp = String(Date.parse(new Date()) / 1000); + var tokens = hex_md5(window.btoa(a + timestamp)); + +遇到这样的情况,不要去扣代码,先用线上的加密平台去尝试破解,这里我用的是 + + https://www.cmd5.com/hash.aspx?s=123456 + +复制明文,查看加密后的结果 + +![请求](./img/2.png) + +发现存在加密结果 \ No newline at end of file