spider/js_reverse
1
0
Fork 0
mirror of https://github.com/luzhisheng/js_reverse.git synced 2025-04-20 03:59:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

猿人学第5题-hook-cookie

Browse Source
This commit is contained in:
luzhisheng 2022-05-19 18:00:29 +08:00
parent 43d8f740f0
commit 760682bb09
6 changed files with 366 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
img/80.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 72 KiB

160
猿人学第5题-hook-cookie, AES加密/readme.md Normal file
View File

@ -0,0 +1,160 @@
## 知识点
油猴hook是注意 //@run-at document-start 表示页面加载之前
hook cookie
Cookie之所以要新增一个包含固定字符串的判断是因为cookie经常被修改这样会断很多次而我们只想让他断在固定cookie块被设置的时候因此这么写
hook m
// ==UserScript==
// @name Hook Cookie
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://match.yuanrenxue.com/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(document, "cookie", {
set:function(val){
console.log(11111)
if(val.indexOf("m") != -1){
debugger;
}
return val;
}
})
})();
hook RM4hZBv0dDon443M
// 方案二 indexOf() 方法可返回某个指定的字符串值在字符串中首次出现的位置。
// ==UserScript==
// @name Hook Cookie
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://match.yuanrenxue.com/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(document, "cookie", {
set:function(val){
console.log(11111)
if(val.indexOf("RM4hZBv0dDon443M") != -1){
debugger;
}
return val;
}
})
})();
hook window
// ==UserScript==
// @name Hook window
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://match.yuanrenxue.com/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(window, "_$ss", {
set:function(val){
console.log(11111)
console.warn("hook _$ss", val)
debugger;
return val;
}
})
})();
这里 hook "RM4hZBv0dDon443M" 找到 _0x4e96b4['_$ss'] 生成的加密参数
![debugger](../img/80.png)
_0x29dd83 = _$Tk['A' + _$UH[0x32d]][_$UH[0x337] + _$UH[0x336]](_$Ww, _0x4e96b4[_0xc77418('0x6', 'OCbs')], {
'mode': _$Tk[_$UH[0x339] + _$UH[0x33a]][_$UH[0x2e5]],
'padding': _$Tk[_$UH[0x33b]][_$UH[0x33c] + _$UH[0x33d]]
}),
_0x4e96b4['_$' + _$UH[0x348][0x1] + _$UH[0x353][0x1]] = _0x29dd83[_$UH[0x1f]]();
解混淆
_0x29dd83 = _$Tk['AES']['encrypt'](_$Ww, _0x4e96b4['_$qF'], {
'mode': _$Tk['mode']['ECB'],
'padding': _$Tk['pad']['Pkcs7']
});
ss = _0x29dd83['toString']();
console.log(ss);
这里就很熟悉了 AES加密贴一段加密代码
const CryptoJS = require("crypto-js");
let value = "123456"; //待加密的字符串
let secret_value = "af25-87hk-a35v-5"; //密匙 16位
let iv_value = "af25-87hk-a35v-5"; // 初始向量 initial vector 16位
// 密匙和向量处理
let secret = CryptoJS.enc.Utf8.parse(secret_value);
let iv = CryptoJS.enc.Utf8.parse(iv_value);
// 加密
let encrypted = CryptoJS.AES.encrypt(value, secret, {
iv: iv,
// mode 支持 CBC, CFB,CTB,ECB,OFB,OFB, 默认CBC
mode: CryptoJS.mode.CBC,
// NoPadding, zeropadding 默认Pkcs7 即 pkcs5
padding: CryptoJS.pad.Pkcs7
});
// 将加密结果转换为字符串
encrypted = encrypted.toString();
// 解密,传入密文,密钥盒向量设置加密与填充模式
let decrypted = CryptoJS.AES.decrypt(encrypted, secret, {
iv: iv,
// mode 支持 CBC, CFB,CTB,ECB,OFB,OFB, 默认CBC
mode: CryptoJS.mode.CBC,
// NoPadding, zeropadding 默认Pkcs7 即 pkcs5
padding: CryptoJS.pad.Pkcs7
});
// 将解密结果转换为utf8字符串
decrypted = CryptoJS.enc.Utf8.stringify(decrypted);
console.log(value);
console.log(encrypted);
console.log(decrypted);
_$Ww是明文 _0x4e96b4['_$qF']是密钥
继续看代码
_$Ww = _$Tk['enc']['Utf8']['parse'](_0x4e96b4['_$pr']['toString']());
实例代码
let secret = CryptoJS.enc.Utf8.parse(secret_value);

192
猿人学第5题-hook-cookie, AES加密/案例.js Normal file
View File

@ -0,0 +1,192 @@
window = global;
_0x4e96b4 = window;
document = {};
const CryptoJS = require("crypto-js");
_$Tk = CryptoJS;
var _0x30bc70 = String;
function _0xaaef84(_0xaf3112, _0x2a165a, _0x532fb4, _0x10aa40, _0x41c4e7, _0x1cb4da) {
return _0x12e4a8(_0x3634fc(_0x12e4a8(_0x12e4a8(_0x2a165a, _0xaf3112), _0x12e4a8(_0x10aa40, _0x1cb4da)), _0x41c4e7), _0x532fb4);
}
var _0x25e0a5, _0x3073c8 = null;
function _0x48d200(_0x4b706e, _0x3c3a85, _0x111154, _0x311f9f, _0x5439cf, _0x38cac7, _0x26bd2e) {
return _0xaaef84(_0x3c3a85 & _0x111154 | ~_0x3c3a85 & _0x311f9f, _0x4b706e, _0x3c3a85, _0x5439cf, _0x38cac7, _0x26bd2e);
}
function _0x12e4a8(_0x7542c8, _0x5eada0) {
var _0x41f81f = (0xffff & _0x7542c8) + (0xffff & _0x5eada0);
return (_0x7542c8 >> 0x10) + (_0x5eada0 >> 0x10) + (_0x41f81f >> 0x10) << 0x10 | 0xffff & _0x41f81f;
}
function _0x3634fc(_0x5803ba, _0x1ce5b2) {
return _0x5803ba << _0x1ce5b2 | _0x5803ba >>> 0x20 - _0x1ce5b2;
}
function _0x29dd83() {
var _0xba5f8a = [0x26d];
Array['prototype']['push']['apply'](_0xba5f8a, arguments);
return _$$c['apply'](this, _0xba5f8a);
}
function _0x3180ec(_0x401705, _0x240e6a, _0x56b131, _0x5a5c20, _0x1f2a72, _0x2bfc1, _0x19741a) {
return _0xaaef84(_0x240e6a & _0x5a5c20 | _0x56b131 & ~_0x5a5c20, _0x401705, _0x240e6a, _0x1f2a72, _0x2bfc1, _0x19741a);
}
function _0x32032f(_0x520fdf, _0x13921d, _0x1af9d5, _0x4a2311, _0xb6d40a, _0x1d58da, _0x361df0) {
return _0xaaef84(_0x13921d ^ _0x1af9d5 ^ _0x4a2311, _0x520fdf, _0x13921d, _0xb6d40a, _0x1d58da, _0x361df0);
}
function _0x11a7a2(_0x193f00, _0x1cfe89) {
_0x193f00[_0x1cfe89 >> 0x5] |= 0x80 << _0x1cfe89 % 0x20,
_0x193f00[0xe + (_0x1cfe89 + 0x40 >>> 0x9 << 0x4)] = _0x1cfe89;
try {
var _0x42fb36 = _0x4e96b4[_$UH[0x260]][_$UH[0x8]]['DONE'] * 0x4;
} catch (_0x1b1b35) {
var _0x42fb36 = 0x1;
}
try {
_0x4e96b4['$_z2'][0x0] = 'Q';
} catch (_0x4c574d) {
try {
op = 26;
} catch (_0x58af26) {
var _0x3b7935 = 0x0;
// for (var _0x1badc3 = 0x0; _0x1badc3 < 0xf4240; _0x1badc3++) {
// _0x3b7935 = _0x3b7935 + _0x1badc3['toString']();
// history['pushState'](0x0, 0x0, _0x3b7935);
// }
}
if (op > 0x14) {
b64pad = 1;
} else if (op < 0xa) {
_0x4e96b4['$_zw'] = [0x1, 0x8, 0x2, 0x4, 0x17, 0x2d, 0x8, 0xf, 0x51, 0x44, 0xd, 0x48, 0x46];
}
}
var _0x1badc3, _0x38ca59, _0x431764, _0x43f1b4, _0x5722c0, _0x3e0c38 = 1732584193, _0xdb4d2c = 271733879, _0x1724c5 = 1732584194, _0x257ec6 = 271733878;
try {
if (_0x4e96b4['_$6_']) {} else {
_0x4e96b4['_$6_'] = 0x20dc5d57f;
}
} catch (_0x15bf3f) {
_0x4e96b4['_$6_'] = 0x2421603;
}
for (_0x1badc3 = 0x0; _0x1badc3 < _0x193f00['length']; _0x1badc3 += _0x42fb36)
_0x38ca59 = _0x3e0c38,
_0x431764 = _0xdb4d2c,
_0x43f1b4 = _0x1724c5,
_0x5722c0 = _0x257ec6,
_0x3e0c38 = _0x48d200(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3], 0x7, 0x7d60c),
_0x257ec6 = _0x48d200(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x1], 0xc, _0x4e96b4['_$6_']),
_0x1724c5 = _0x48d200(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x2], 0x11, 0x242070db),
_0xdb4d2c = _0x48d200(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x3], 0x16, -0x3e423112),
_0x3e0c38 = _0x48d200(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x4], 0x7, -0xa83f051),
_0x257ec6 = _0x48d200(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x5], 0xc, 0x4787c62a),
_0x1724c5 = _0x48d200(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x6], 0x11, -0x57cfb9ed),
_0xdb4d2c = _0x48d200(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x7], 0x16, -0x2b96aff),
_0x3e0c38 = _0x48d200(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x8], 0x7, 0x698098d8),
_0x257ec6 = _0x48d200(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x9], 0xc, -0x74bb0851),
_0x1724c5 = _0x48d200(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xa], 0x11, -0xa44f),
_0xdb4d2c = _0x48d200(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xb], 0x16, -0x76a32842),
_0x3e0c38 = _0x48d200(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0xc], 0x7, 0x6b901122),
_0x257ec6 = _0x48d200(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xd], 0xc, -0x2678e6d),
_0x1724c5 = _0x48d200(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xe], 0x11, -0x5986bc72),
_0xdb4d2c = _0x48d200(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xf], 0x16, 0x49b40821),
_0x3e0c38 = _0x3180ec(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x1], 0x5, -0x9e1da9e),
_0x257ec6 = _0x3180ec(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x6], 0x9, -0x3fbf4cc0),
_0x1724c5 = _0x3180ec(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xb], 0xe, 0x265e5a51),
_0xdb4d2c = _0x3180ec(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3], 0x14, -0x16493856),
_0x3e0c38 = _0x3180ec(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x5], 0x5, -0x29d0efa3),
_0x257ec6 = _0x3180ec(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xa], 0x9, 0x2441453),
_0x1724c5 = _0x3180ec(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xf], 0xe, _0x4e96b4['_$tT']),
_0xdb4d2c = _0x3180ec(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x4], 0x14, _0x4e96b4['_$Jy']),
_0x3e0c38 = _0x3180ec(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x9], 0x5, 0x21e1cde6),
_0x257ec6 = _0x3180ec(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xe], 0x9, -0x3cc8aa0a),
_0x1724c5 = _0x3180ec(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x3], 0xe, -0xb2af279),
_0xdb4d2c = _0x3180ec(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x8], 0x14, 0x455a14ed),
_0x3e0c38 = _0x3180ec(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0xd], 0x5, -0x5caa8e7b),
_0x257ec6 = _0x3180ec(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x2], 0x9, -0x3105c08),
_0x1724c5 = _0x3180ec(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x7], 0xe, 0x676f02d9),
_0xdb4d2c = _0x3180ec(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xc], 0x14, -0x72d5b376),
_0x3e0c38 = _0x32032f(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x5], 0x4, -0x241282e),
_0x257ec6 = _0x32032f(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x8], 0xb, -0x788e097f),
_0x1724c5 = _0x32032f(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xb], 0x10, 0x6d9d6122),
_0xdb4d2c = _0x32032f(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xe], 0x17, -0x21ac7f4),
_0x3e0c38 = _0x32032f(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x1], 0x4, -0x5b4115bc * b64pad),
_0x257ec6 = _0x32032f(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x4], 0xb, 0x4bdecfa9),
_0x1724c5 = _0x32032f(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x7], 0x10, -0x944b4a0),
_0xdb4d2c = _0x32032f(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xa], 0x17, -0x41404390),
_0x3e0c38 = _0x32032f(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0xd], 0x4, 0x289b7ec6),
_0x257ec6 = _0x32032f(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3], 0xb, -0x155ed806),
_0x1724c5 = _0x32032f(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x3], 0x10, -0x2b10cf7b),
_0xdb4d2c = _0x32032f(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x6], 0x17, 0x2d511fd9),
_0x3e0c38 = _0x32032f(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x9], 0x4, -0x3d12017),
_0x257ec6 = _0x32032f(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xc], 0xb, -0x1924661b),
_0x1724c5 = _0x32032f(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xf], 0x10, 0x1fa27cf8),
_0xdb4d2c = _0x32032f(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x2], 0x17, -0x3b53a99b),
_0x3e0c38 = _0x4b459d(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3], 0x6, -0xbd6ddbc),
_0x257ec6 = _0x4b459d(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x7], 0xa, 0x432aff97),
_0x1724c5 = _0x4b459d(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xe], 0xf, -0x546bdc59),
_0xdb4d2c = _0x4b459d(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x5], 0x15, -0x36c5fc7),
_0x3e0c38 = _0x4b459d(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0xc], 0x6, 0x655b59c3),
_0x257ec6 = _0x4b459d(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0x3], 0xa, -0x70ef89ee),
_0x1724c5 = _0x4b459d(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0xa], 0xf, -0x644f153),
_0xdb4d2c = _0x4b459d(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x1], 0x15, -0x7a7ba22f),
_0x3e0c38 = _0x4b459d(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x8], 0x6, 0x6fa87e4f),
_0x257ec6 = _0x4b459d(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xf], 0xa, -0x1d31920),
_0x1724c5 = _0x4b459d(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x6], 0xf, -0x5cfebcec),
_0xdb4d2c = _0x4b459d(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0xd], 0x15, 0x4e0811a1),
_0x3e0c38 = _0x4b459d(_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6, _0x193f00[_0x1badc3 + 0x4], 0x6, -0x8ac817e),
_0x257ec6 = _0x4b459d(_0x257ec6, _0x3e0c38, _0xdb4d2c, _0x1724c5, _0x193f00[_0x1badc3 + 0xb], 0xa, -1120211379),
_0x1724c5 = _0x4b459d(_0x1724c5, _0x257ec6, _0x3e0c38, _0xdb4d2c, _0x193f00[_0x1badc3 + 0x2], 0xf, 0x2ad7d2bb),
_0xdb4d2c = _0x4b459d(_0xdb4d2c, _0x1724c5, _0x257ec6, _0x3e0c38, _0x193f00[_0x1badc3 + 0x9], 0x15, -0x14792c01),
_0x3e0c38 = _0x12e4a8(_0x3e0c38, _0x38ca59),
_0xdb4d2c = _0x12e4a8(_0xdb4d2c, _0x431764),
_0x1724c5 = _0x12e4a8(_0x1724c5, _0x43f1b4),
_0x257ec6 = _0x12e4a8(_0x257ec6, _0x5722c0);
return [_0x3e0c38, _0xdb4d2c, _0x1724c5, _0x257ec6];
}
function _0x499969(_0x82fe7e) {
var _0x5bdda4, _0x322a73, _0xd0b5cd = '0123456789abcdef', _0x21f411 = '';
for (_0x322a73 = 0x0; _0x322a73 < _0x82fe7e['length']; _0x322a73 += 0x1)
_0x5bdda4 = _0x82fe7e['charCodeAt'](_0x322a73),
_0x21f411 += _0xd0b5cd['charAt'](_0x5bdda4 >>> 0x4 & 0xf) + _0xd0b5cd['charAt'](0xf & _0x5bdda4);
return _0x21f411;
}
function _0x35f5f2(_0x243853) {
var _0x139b8b, _0xa791a1 = [];
for (_0xa791a1[(_0x243853['length'] >> 0x2) - 0x1] = void 0x0,
_0x139b8b = 0x0; _0x139b8b < _0xa791a1['length']; _0x139b8b += 0x1)
_0xa791a1[_0x139b8b] = 0x0;
var _0x41a533 = 0x8 * _0x243853['length'];
for (_0x139b8b = 0x0; _0x139b8b < _0x41a533; _0x139b8b += 0x8)
_0xa791a1[_0x139b8b >> 0x5] |= (0xff & _0x243853['charCodeAt'](_0x139b8b / 0x8)) << _0x139b8b % 0x20;
return _0xa791a1;
}
function _0x12b47d(_0x149183) {
var _0xabbcb3, _0x1145c3 = '', _0x4fce58 = 0x20 * _0x149183['length'];
for (_0xabbcb3 = 0x0; _0xabbcb3 < _0x4fce58; _0xabbcb3 += 0x8)
_0x1145c3 += _0x30bc70['fromCharCode'](_0x149183[_0xabbcb3 >> 0x5] >>> _0xabbcb3 % 0x20 & 0xff);
return _0x1145c3;
}
function _0x1ee7ec(_0x206333) {
return _0x12b47d(_0x11a7a2(_0x35f5f2(_0x206333), 0x8 * _0x206333['length']));
}
function _0x2b8a17(_0x36f847) {
return unescape(encodeURIComponent(_0x36f847));
}
function _0x41873d(_0x5a6962) {
return _0x1ee7ec(_0x2b8a17(_0x5a6962));
}
function _0x37614a(_0x32e7c1) {
return _0x499969(_0x41873d(_0x32e7c1));
}
function _0x474032(_0x233f82, _0xe2ed33, _0x3229f9) {
return _0x37614a(_0x233f82);
}
function _0x4b459d(_0x8d8f2a, _0x406d34, _0x53e7d7, _0x26c827, _0xec41ea, _0x52dead, _0x3f66e7) {
return _0xaaef84(_0x53e7d7 ^ (_0x406d34 | ~_0x26c827), _0x8d8f2a, _0x406d34, _0xec41ea, _0x52dead, _0x3f66e7);
}
m = _0x474032(1652939100976);
console.log(m);

14
猿人学第5题-hook-cookie, AES加密/案例2.js Normal file
View File

@ -0,0 +1,14 @@
const CryptoJS = require("crypto-js");
_$Tk = CryptoJS;
_0x4e96b4['_$pr'] = new _0x4d2d2c();
_$Ww = _$Tk['enc']['Utf8']['parse'](_0x4e96b4['_$pr']['toString']());
_0x29dd83 = _$Tk['AES']['encrypt'](_$Ww, _0x4e96b4['_$qF'], {
'mode': _$Tk['mode']['ECB'],
'padding': _$Tk['pad']['Pkcs7']
});
ss = _0x29dd83['toString']();
console.log(ss);

58
猿人学第5题-hook-cookie/readme.md
View File

@ -1,58 +0,0 @@
## 知识点
油猴hook是注意 //@run-at document-start 表示页面加载之前
hook cookie
Cookie之所以要新增一个包含固定字符串的判断是因为cookie经常被修改这样会断很多次而我们只想让他断在固定cookie块被设置的时候因此这么写
// 方案二 indexOf() 方法可返回某个指定的字符串值在字符串中首次出现的位置。
// ==UserScript==
// @name Hook Cookie
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://match.yuanrenxue.com/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(document, "cookie", {
set:function(val){
console.log(11111)
if(val.indexOf("RM4hZBv0dDon443M") != -1){
debugger;
}
return val;
}
})
})();
hook window
// ==UserScript==
// @name Hook window
// @namespace http://tampermonkey.net/
// @version 0.1
// @description pass
// @author ayf
// @run-at document-start
// @match *://match.yuanrenxue.com/*
// @grant none
// ==/UserScript==
(function () {
'use strict';
Object.defineProperty(window, "_$ss", {
set:function(val){
console.log(11111)
console.warn("hook _$ss", val)
debugger;
return val;
}
})
})();

15
猿人学第5题-hook-cookie/案例.js
View File

@ -1,15 +0,0 @@
window = global;
_0x4e96b4 = window;
const CryptoJS = require("crypto-js");
_$Tk = CryptoJS;
_$Ww = _$Tk['enc']['Utf8']['parse']('2f26186ac9b401a48a73c74798c1bd97,a1bb84cafccc2d9d8f32ecf1b65185ee,6f3ac1b837f0eed3be1242d3fd5422d2,4f515f9e5d3824733a05f18666cce280,16c50db4bca1cf96d84d334e1fb28ff9');
_0x4e96b4['_$qF'] = CryptoJS['enc']['Utf8']['parse'](_0x4e96b4['btoa'](_0x4e96b4['_$is'])['slice'](0x0, 0x10));
_0x29dd83 = _$Tk["AES"]["encrypt"](_$Ww, _0x4e96b4['_$qF'], {
'mode': _$Tk['mode']['ECB'],
'padding': _$Tk['pad']['Pkcs7']
});
_0x4e96b4["_$ss"] = _0x29dd83["toString"]();
console.log(_0x4e96b4["_$ss"]);