spider/js_reverse
1
0
Fork 0
mirror of https://github.com/luzhisheng/js_reverse.git synced 2025-04-12 03:27:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

猿人学第14题-备而后动-勿使有变

Browse Source
This commit is contained in:
luzhisheng 2023-08-30 23:01:12 +08:00
parent 73a4bf721e
commit 2f397387da
2 changed files with 178 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
猿人学Web端爬虫攻防刷题平台/猿人学第14题-备而后动-勿使有变/14.js
View File

@ -1,37 +1,55 @@
var $_0xad4684 = function () {
var _0x17da04 = !![];
z = [
navigator['appCodeName'],
navigator['appName'],
navigator['appVersion'],
navigator['connection'],
navigator['cookieEnabled'],
navigator['doNotTrack'],
navigator['geolocation'],
navigator['hardwareConcurrency'],
navigator['language'],
navigator['languages'],
navigator['maxTouchPoints'],
navigator['mediaCapabilities'],
navigator['mediaSession'],
navigator['mimeTypes'],
navigator['onLine'],
navigator['permissions'],
navigator['platform'],
navigator['plugins'],
navigator['product'],
navigator['productSub'],
navigator['userActivation'],
navigator['userAgent'],
navigator['vendor'],
navigator['vendorSub'],
navigator['webkitPersistentStorage'],
navigator['webkitTemporaryStorage'],
screen['availHeight'],
screen['availLeft'],
screen['availTop'],
screen['availWidth'],
screen['colorDepth'],
screen['height'],
screen['orientation'],
screen['pixelDepth'],
screen['width'],
document['location']['ancestorOrigins'],
document['location']['assign'],
document['location']['hash'],
document['location']['host'],
document['location']['hostname'],
document['location']['href'],
document['location']['origin'],
document['location']['pathname'],
document['location']['port'],
document['location']['protocol'],
document['location']['reload'],
document['location']['replace'],
document['location']['search'],
document['location']['toString'],
document['location']['valueOf']
];
return function (_0xb2ea18, _0x1bc01e) {
if (_0x17da04) {
var _0x3e7529 = function () {
if (_0x1bc01e) {
var _0x474987 = _0x1bc01e.apply(_0xb2ea18, arguments);
_0x1bc01e = null;
return _0x474987;
}
};
} else {
var _0x3e7529 = function () {
};
}
_0x17da04 = ![];
return _0x3e7529;
};
}();
var $_0x158989 = $_0xad4684(this, function () {
var _0x92502a = function () {
var _0x3733a3 = _0x92502a.constructor("return /\" + this + \"/")().compile("^([^ ]+( +[^ ]+)+)+[^ ]}");
return !_0x3733a3.test($_0x158989);
};
return _0x92502a();
});
$_0x158989();
window.v14 = "e9h6rom5gz8cpjn";
window.v142 = "36703668750";
b64_zw = btoa(z);
document['cookie'] = 'mz=' + b64_zw + ';path=/';

124
猿人学Web端爬虫攻防刷题平台/猿人学第14题-备而后动-勿使有变/README.md
View File

@ -1,3 +1,127 @@
## hook cookie
```javascript
// ==UserScript==
// @name hook cookie
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://*/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(document, "cookie", {
set:function(val){
console.log('hook cookie')
if(val.indexOf("mz=") != -1){
debugger;
}
return val;
}
})
})();
```
cookie生成
```javascript
document['\x63\x6f' + '\x6f\x6b' + '\x69\x65'] = G['\x6e\x4d' + '\x48\x69' + '\x44'](G['\x4e\x75' + '\x6d\x4b' + '\x4a'] + b64_zw, G['\x5a\x44' + '\x4b\x62' + '\x76']);
```
还原后
```javascript
document['cookie'] = mz=' + b64_zw + ';path=/';
```
b64_zw生成
```javascript
b64_zw = G['\x63\x57' + '\x51\x54' + '\x54'](btoa, z)
```
还原后
```javascript
b64_zw = btoa(z)
```
b64_zw生成
```javascript
z = [navigator['\x61\x70' + '\x70\x43' + '\x6f\x64' + '\x65\x4e' + '\x61\x6d' + '\x65'], navigator['\x61\x70' + '\x70\x4e' + '\x61\x6d' + '\x65'], navigator['\x61\x70' + '\x70\x56' + '\x65\x72' + '\x73\x69' + '\x6f\x6e'], navigator['\x63\x6f' + '\x6e\x6e' + '\x65\x63' + '\x74\x69' + '\x6f\x6e'], navigator['\x63\x6f' + '\x6f\x6b' + '\x69\x65' + '\x45\x6e' + '\x61\x62' + '\x6c\x65' + '\x64'], navigator['\x64\x6f' + '\x4e\x6f' + '\x74\x54' + '\x72\x61' + '\x63\x6b'], navigator['\x67\x65' + '\x6f\x6c' + '\x6f\x63' + '\x61\x74' + '\x69\x6f' + '\x6e'], navigator['\x68\x61' + '\x72\x64' + '\x77\x61' + '\x72\x65' + '\x43\x6f' + '\x6e\x63' + '\x75\x72' + '\x72\x65' + '\x6e\x63' + '\x79'], navigator['\x6c\x61' + '\x6e\x67' + '\x75\x61' + '\x67\x65'], navigator['\x6c\x61' + '\x6e\x67' + '\x75\x61' + '\x67\x65' + '\x73'], navigator['\x6d\x61' + '\x78\x54' + '\x6f\x75' + '\x63\x68' + '\x50\x6f' + '\x69\x6e' + '\x74\x73'], navigator['\x6d\x65' + '\x64\x69' + '\x61\x43' + '\x61\x70' + '\x61\x62' + '\x69\x6c' + '\x69\x74' + '\x69\x65' + '\x73'], navigator['\x6d\x65' + '\x64\x69' + '\x61\x53' + '\x65\x73' + '\x73\x69' + '\x6f\x6e'], navigator['\x6d\x69' + '\x6d\x65' + '\x54\x79' + '\x70\x65' + '\x73'], navigator['\x6f\x6e' + '\x4c\x69' + '\x6e\x65'], navigator['\x70\x65' + '\x72\x6d' + '\x69\x73' + '\x73\x69' + '\x6f\x6e' + '\x73'], navigator['\x70\x6c' + '\x61\x74' + '\x66\x6f' + '\x72\x6d'], navigator['\x70\x6c' + '\x75\x67' + '\x69\x6e' + '\x73'], navigator['\x70\x72' + '\x6f\x64' + '\x75\x63' + '\x74'], navigator['\x70\x72' + '\x6f\x64' + '\x75\x63' + '\x74\x53' + '\x75\x62'], navigator['\x75\x73' + '\x65\x72' + '\x41\x63' + '\x74\x69' + '\x76\x61' + '\x74\x69' + '\x6f\x6e'], navigator['\x75\x73' + '\x65\x72' + '\x41\x67' + '\x65\x6e' + '\x74'], navigator['\x76\x65' + '\x6e\x64' + '\x6f\x72'], navigator['\x76\x65' + '\x6e\x64' + '\x6f\x72' + '\x53\x75' + '\x62'], navigator['\x77\x65' + '\x62\x6b' + '\x69\x74' + '\x50\x65' + '\x72\x73' + '\x69\x73' + '\x74\x65' + '\x6e\x74' + '\x53\x74' + '\x6f\x72' + '\x61\x67' + '\x65'], navigator['\x77\x65' + '\x62\x6b' + '\x69\x74' + '\x54\x65' + '\x6d\x70' + '\x6f\x72' + '\x61\x72' + '\x79\x53' + '\x74\x6f' + '\x72\x61' + '\x67\x65'], screen['\x61\x76' + '\x61\x69' + '\x6c\x48' + '\x65\x69' + '\x67\x68' + '\x74'], screen['\x61\x76' + '\x61\x69' + '\x6c\x4c' + '\x65\x66' + '\x74'], screen['\x61\x76' + '\x61\x69' + '\x6c\x54' + '\x6f\x70'], screen['\x61\x76' + '\x61\x69' + '\x6c\x57' + '\x69\x64' + '\x74\x68'], screen['\x63\x6f' + '\x6c\x6f' + '\x72\x44' + '\x65\x70' + '\x74\x68'], screen['\x68\x65' + '\x69\x67' + '\x68\x74'], screen['\x6f\x72' + '\x69\x65' + '\x6e\x74' + '\x61\x74' + '\x69\x6f' + '\x6e'], screen['\x70\x69' + '\x78\x65' + '\x6c\x44' + '\x65\x70' + '\x74\x68'], screen['\x77\x69' + '\x64\x74' + '\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x61\x6e' + '\x63\x65' + '\x73\x74' + '\x6f\x72' + '\x4f\x72' + '\x69\x67' + '\x69\x6e' + '\x73'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x61\x73' + '\x73\x69' + '\x67\x6e'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x61' + '\x73\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x6f' + '\x73\x74'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x6f' + '\x73\x74' + '\x6e\x61' + '\x6d\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x72' + '\x65\x66'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x6f\x72' + '\x69\x67' + '\x69\x6e'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x61' + '\x74\x68' + '\x6e\x61' + '\x6d\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x6f' + '\x72\x74'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x72' + '\x6f\x74' + '\x6f\x63' + '\x6f\x6c'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x72\x65' + '\x6c\x6f' + '\x61\x64'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x72\x65' + '\x70\x6c' + '\x61\x63' + '\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x73\x65' + '\x61\x72' + '\x63\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x74\x6f' + '\x53\x74' + '\x72\x69' + '\x6e\x67'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x76\x61' + '\x6c\x75' + '\x65\x4f' + '\x66']],
```
还原后
```javascript
b64_zw = btoa(z)
```
z生成
```javascript
z = [navigator['\x61\x70' + '\x70\x43' + '\x6f\x64' + '\x65\x4e' + '\x61\x6d' + '\x65'], navigator['\x61\x70' + '\x70\x4e' + '\x61\x6d' + '\x65'], navigator['\x61\x70' + '\x70\x56' + '\x65\x72' + '\x73\x69' + '\x6f\x6e'], navigator['\x63\x6f' + '\x6e\x6e' + '\x65\x63' + '\x74\x69' + '\x6f\x6e'], navigator['\x63\x6f' + '\x6f\x6b' + '\x69\x65' + '\x45\x6e' + '\x61\x62' + '\x6c\x65' + '\x64'], navigator['\x64\x6f' + '\x4e\x6f' + '\x74\x54' + '\x72\x61' + '\x63\x6b'], navigator['\x67\x65' + '\x6f\x6c' + '\x6f\x63' + '\x61\x74' + '\x69\x6f' + '\x6e'], navigator['\x68\x61' + '\x72\x64' + '\x77\x61' + '\x72\x65' + '\x43\x6f' + '\x6e\x63' + '\x75\x72' + '\x72\x65' + '\x6e\x63' + '\x79'], navigator['\x6c\x61' + '\x6e\x67' + '\x75\x61' + '\x67\x65'], navigator['\x6c\x61' + '\x6e\x67' + '\x75\x61' + '\x67\x65' + '\x73'], navigator['\x6d\x61' + '\x78\x54' + '\x6f\x75' + '\x63\x68' + '\x50\x6f' + '\x69\x6e' + '\x74\x73'], navigator['\x6d\x65' + '\x64\x69' + '\x61\x43' + '\x61\x70' + '\x61\x62' + '\x69\x6c' + '\x69\x74' + '\x69\x65' + '\x73'], navigator['\x6d\x65' + '\x64\x69' + '\x61\x53' + '\x65\x73' + '\x73\x69' + '\x6f\x6e'], navigator['\x6d\x69' + '\x6d\x65' + '\x54\x79' + '\x70\x65' + '\x73'], navigator['\x6f\x6e' + '\x4c\x69' + '\x6e\x65'], navigator['\x70\x65' + '\x72\x6d' + '\x69\x73' + '\x73\x69' + '\x6f\x6e' + '\x73'], navigator['\x70\x6c' + '\x61\x74' + '\x66\x6f' + '\x72\x6d'], navigator['\x70\x6c' + '\x75\x67' + '\x69\x6e' + '\x73'], navigator['\x70\x72' + '\x6f\x64' + '\x75\x63' + '\x74'], navigator['\x70\x72' + '\x6f\x64' + '\x75\x63' + '\x74\x53' + '\x75\x62'], navigator['\x75\x73' + '\x65\x72' + '\x41\x63' + '\x74\x69' + '\x76\x61' + '\x74\x69' + '\x6f\x6e'], navigator['\x75\x73' + '\x65\x72' + '\x41\x67' + '\x65\x6e' + '\x74'], navigator['\x76\x65' + '\x6e\x64' + '\x6f\x72'], navigator['\x76\x65' + '\x6e\x64' + '\x6f\x72' + '\x53\x75' + '\x62'], navigator['\x77\x65' + '\x62\x6b' + '\x69\x74' + '\x50\x65' + '\x72\x73' + '\x69\x73' + '\x74\x65' + '\x6e\x74' + '\x53\x74' + '\x6f\x72' + '\x61\x67' + '\x65'], navigator['\x77\x65' + '\x62\x6b' + '\x69\x74' + '\x54\x65' + '\x6d\x70' + '\x6f\x72' + '\x61\x72' + '\x79\x53' + '\x74\x6f' + '\x72\x61' + '\x67\x65'], screen['\x61\x76' + '\x61\x69' + '\x6c\x48' + '\x65\x69' + '\x67\x68' + '\x74'], screen['\x61\x76' + '\x61\x69' + '\x6c\x4c' + '\x65\x66' + '\x74'], screen['\x61\x76' + '\x61\x69' + '\x6c\x54' + '\x6f\x70'], screen['\x61\x76' + '\x61\x69' + '\x6c\x57' + '\x69\x64' + '\x74\x68'], screen['\x63\x6f' + '\x6c\x6f' + '\x72\x44' + '\x65\x70' + '\x74\x68'], screen['\x68\x65' + '\x69\x67' + '\x68\x74'], screen['\x6f\x72' + '\x69\x65' + '\x6e\x74' + '\x61\x74' + '\x69\x6f' + '\x6e'], screen['\x70\x69' + '\x78\x65' + '\x6c\x44' + '\x65\x70' + '\x74\x68'], screen['\x77\x69' + '\x64\x74' + '\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x61\x6e' + '\x63\x65' + '\x73\x74' + '\x6f\x72' + '\x4f\x72' + '\x69\x67' + '\x69\x6e' + '\x73'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x61\x73' + '\x73\x69' + '\x67\x6e'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x61' + '\x73\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x6f' + '\x73\x74'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x6f' + '\x73\x74' + '\x6e\x61' + '\x6d\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x68\x72' + '\x65\x66'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x6f\x72' + '\x69\x67' + '\x69\x6e'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x61' + '\x74\x68' + '\x6e\x61' + '\x6d\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x6f' + '\x72\x74'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x70\x72' + '\x6f\x74' + '\x6f\x63' + '\x6f\x6c'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x72\x65' + '\x6c\x6f' + '\x61\x64'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x72\x65' + '\x70\x6c' + '\x61\x63' + '\x65'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x73\x65' + '\x61\x72' + '\x63\x68'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x74\x6f' + '\x53\x74' + '\x72\x69' + '\x6e\x67'], document['\x6c\x6f' + '\x63\x61' + '\x74\x69' + '\x6f\x6e']['\x76\x61' + '\x6c\x75' + '\x65\x4f' + '\x66']]
```
还原后
```javascript
z = [
navigator['appCodeName'],
navigator['appName'],
navigator['appVersion'],
navigator['connection'],
navigator['cookieEnabled'],
navigator['doNotTrack'],
navigator['geolocation'],
navigator['hardwareConcurrency'],
navigator['language'],
navigator['languages'],
navigator['maxTouchPoints'],
navigator['mediaCapabilities'],
navigator['mediaSession'],
navigator['mimeTypes'],
navigator['onLine'],
navigator['permissions'],
navigator['platform'],
navigator['plugins'],
navigator['product'],
navigator['productSub'],
navigator['userActivation'],
navigator['userAgent'],
navigator['vendor'],
navigator['vendorSub'],
navigator['webkitPersistentStorage'],
navigator['webkitTemporaryStorage'],
screen['availHeight'],
screen['availLeft'],
screen['availTop'],
screen['availWidth'],
screen['colorDepth'],
screen['height'],
screen['orientation'],
screen['pixelDepth'],
screen['width'],
document['location']['ancestorOrigins'],
document['location']['assign'],
document['location']['hash'],
document['location']['host'],
document['location']['hostname'],
document['location']['href'],
document['location']['origin'],
document['location']['pathname'],
document['location']['port'],
document['location']['protocol'],
document['location']['reload'],
document['location']['replace'],
document['location']['search'],
document['location']['toString'],
document['location']['valueOf']
]
```
## 删除检测代码
格式化检测1