From 400ce9a374ed847a2b2dfdc15871d7d69f270d7b Mon Sep 17 00:00:00 2001
From: luzhisheng <aiyingfeng110@qq.com>
Date: Thu, 9 Mar 2023 11:47:03 +0800
Subject: [PATCH] =?UTF-8?q?=E7=8C=BF=E4=BA=BA=E5=AD=A6=E7=AC=AC5=E9=A2=98-?=
 =?UTF-8?q?js=20=E6=B7=B7=E6=B7=86-=E4=B9=B1=E7=A0=81=E5=A2=9E=E5=BC=BA-?=
 =?UTF-8?q?=E8=A1=A5=E7=8E=AF=E5=A2=83-atob?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../readme.md                                 | 22 +++++--------------
 1 file changed, 6 insertions(+), 16 deletions(-)

diff --git a/猿人学第5题-js 混淆-乱码增强-补环境-atob/readme.md b/猿人学第5题-js 混淆-乱码增强-补环境-atob/readme.md
index b69cea8..5cb8ffe 100644
--- a/猿人学第5题-js 混淆-乱码增强-补环境-atob/readme.md	
+++ b/猿人学第5题-js 混淆-乱码增强-补环境-atob/readme.md	
@@ -1,16 +1,14 @@
 ## 知识点 atob，魔改的md5，环境指纹，crypto-js，hook cookie
 
-### 解题
+网上有2篇介绍的文章，但最最关键的点都没有写出来，直接说明了主要破解cookie中的`RM4hZBv0dDon443M=`
 
-网上有2篇介绍的文章，但最最关键的点都没有写出来，
+### 解题一：RM4hZBv0dDon443M的值是怎么来的
 
-直接说明了主要破解cookie中的`m=`和`RM4hZBv0dDon443M=`
-
-![图片](./img/1.png)
+![图片](./img/2.png)
 
 油猴插件`hook cookie`
 
-![图片](./img/2.png)
+![图片](./img/1.png)
 
 很容易就找到`RM4hZBv0dDon443M=`加密点
 
@@ -24,7 +22,7 @@
 
 ![图片](./img/5.png)
 
-仔细观察这断代码是不是`crypto-js`加密，mode是`ECB`，padding是`Pkcs7`
+仔细观察这断代码发现是`crypto-js`加密，mode是`ECB`，padding是`Pkcs7`
 
     _$Ww = _$Tk[_$UH[0x2db]][_$UH[0x2dc]][_$UH[0xff]](_0x4e96b4['_$pr'][_$UH[0x1f]]()),
     _0x29dd83 = _$Tk['A' + _$UH[0x32d]][_$UH[0x337] + _$UH[0x336]](_$Ww, _0x4e96b4[_0xc77418('0x6', 'OCbs')], {
@@ -59,12 +57,4 @@
 
 ![图片](./img/8.png)
 
-    pr = [
-        "b2148c31fb09c98f90ce78424d6cdd58",
-        "3be88c860ec6fc7e4e33fe7a167d02dd",
-        "0be14faf5221bbdefdede418b077ca60",
-        "9c2b5781ba44e92f5e4b3f4d7951b899",
-        "08aca52cf82f1e26cc1f4dd35db9795e"
-    ];
-    dada_time = "1678253268764";
-
+### 解题二：_0x4e96b4['_$pr']生成