diff --git a/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/readme.md b/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/readme.md new file mode 100644 index 0000000..9b66f85 --- /dev/null +++ b/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/readme.md @@ -0,0 +1,32 @@ +## 问题 + +在JS逆向系列课的第3课《奇门遁甲 调用JavaScript执行代码》中,我们学到了多种在Python上调用JavaScript的方法。 那么现在,请运用你在第3课中学到的知识,尝试做一下这道题吧~ +你需要找出练习页中引入的含有getdata函数的JS文件,并尝试使用你在第3课中学习到的调用方法调用getdata函数。 + +get_data执行结果的前16位字符是? + +1.打开浏览器开发者工具全局搜索 getdata,在console中打印 get_data() 返回 + +![debugger](../img/94.png) + +2.将代码复制,node.js运行代码发现 + + if (screen['width'] || screen['height']) { + ^ + + ReferenceError: screen is not defined + +3.控制台测试真实值 + +![debugger](../img/95.png) + +4.将js代码改成 + + if (1600 || 900) { + result = _0x49dc93['ObbQh'](___get_data); + } + +输出 + + 1c28252a6a52a30aedcd18a75d127d13 + diff --git a/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/测试.js b/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/测试.js new file mode 100644 index 0000000..88e33f8 --- /dev/null +++ b/夜幕-JS逆向系列课 第3课练习题做个简单的题热热身吧/测试.js @@ -0,0 +1,473 @@ +function _0x2a7e5ao00a() { + const _0x227afe = { + 'yHOEV': 'unknow', + 'wzENk': function(_0x3ea4f9, _0x1d95e3) { + return _0x3ea4f9(_0x1d95e3); + }, + 'wsWEe': 'windows', + 'xTHMm': 'macos', + 'yavth': function(_0x136e2c, _0x288ce3) { + return _0x136e2c(_0x288ce3); + }, + 'azgCA': 'linux', + 'nGybX': function(_0x56f4ea, _0x281669) { + return _0x56f4ea(_0x281669); + }, + 'INJwr': 'ios', + 'hZWNh': function(_0x3a5bfd, _0x22a1f5) { + return _0x3a5bfd === _0x22a1f5; + }, + 'UQRFb': '2000', + 'wwUUs': function(_0x1e2526, _0x460646) { + return _0x1e2526(_0x460646); + }, + 'rqdHg': '2003', + 'RFYwz': '8.1', + 'VwpDM': function(_0xaa1cb5, _0xe1fb5) { + return _0xaa1cb5 === _0xe1fb5; + }, + 'ijcZr': 'android', + 'wsPCu': function(_0x4cffe7, _0x13c2c0) { + return _0x4cffe7(_0x13c2c0); + }, + 'CUddb': function(_0xf3d86b, _0x13613b) { + return _0xf3d86b === _0x13613b; + }, + 'UcAvE': function(_0x303653, _0x1050a9) { + return _0x303653 === _0x1050a9; + }, + 'UPKaK': 'desktop', + 'Teriw': function(_0x562472, _0x18365e) { + return _0x562472 === _0x18365e; + }, + 'bSheG': function(_0x736c40, _0x28fa8c) { + return _0x736c40(_0x28fa8c); + }, + 'VSVPX': 'mobile', + 'YLvkS': function(_0xcbe6ef, _0x62f17b) { + return _0xcbe6ef(_0x62f17b); + }, + 'IIJTU': 'webkit', + 'VnwxS': 'edge', + 'czVTJ': 'opera', + 'nqrWh': function(_0x1a9d6b, _0x4f0983) { + return _0x1a9d6b(_0x4f0983); + }, + 'qWvjw': 'chrome', + 'wcaLm': 'safari', + 'kpgHP': function(_0x357cb4, _0x4ec618) { + return _0x357cb4(_0x4ec618); + }, + 'uZEiZ': function(_0x54d846, _0x45401a) { + return _0x54d846(_0x45401a); + }, + 'Bsdxk': 'firefox', + 'brPia': function(_0x2698c5, _0x23fc33) { + return _0x2698c5(_0x23fc33); + }, + 'OfqeT': 'presto', + 'CKdHS': function(_0x63167b, _0x50e9aa) { + return _0x63167b(_0x50e9aa); + }, + 'MOinO': 'trident', + 'ubOMd': 'iexplore', + 'Ucccc': function(_0x48de88, _0x7d49d6) { + return _0x48de88(_0x7d49d6); + }, + 'SnFUd': function(_0x45a987, _0x4a0ed4) { + return _0x45a987 === _0x4a0ed4; + }, + 'dFIVJ': 'gecko', + 'wTQFv': function(_0x583a15, _0x1bad90) { + return _0x583a15(_0x1bad90); + }, + 'ShzBA': function(_0x299d61, _0x828843) { + return _0x299d61 === _0x828843; + }, + 'eMRyr': function(_0x5d0702, _0x2beb52) { + return _0x5d0702(_0x2beb52); + }, + 'IKmjV': function(_0x233069, _0x42f6c1) { + return _0x233069 === _0x42f6c1; + }, + 'TglAC': function(_0x1783e0, _0x1acb96) { + return _0x1783e0 === _0x1acb96; + }, + 'GIWpy': function(_0xea74a9, _0x40e03a) { + return _0xea74a9 === _0x40e03a; + }, + 'LSFzT': function(_0x2de986, _0x176669) { + return _0x2de986(_0x176669); + }, + 'JVzaP': function(_0x586484, _0x30862f) { + return _0x586484(_0x30862f); + }, + 'vnhkW': function(_0x527125, _0x3ef155) { + return _0x527125(_0x3ef155); + }, + 'bFQSo': function(_0x456f13, _0x4d29b3) { + return _0x456f13(_0x4d29b3); + }, + 'mucVu': function(_0x1fc559, _0x1b76da) { + return _0x1fc559(_0x1b76da); + }, + 'ndklM': function(_0xb3a50b, _0x49d22e) { + return _0xb3a50b(_0x49d22e); + }, + 'aKRfW': '2345', + 'JvNSR': 'sougou', + 'iEjLM': 'liebao', + 'mFXYd': function(_0x401402, _0x100996) { + return _0x401402(_0x100996); + }, + 'Fkpwj': 'maxthon' + }; + const _0x445504 = navigator['userAgent']['toLowerCase'](); + const _0x38e894 = _0x5bff6b=>_0x5bff6b['test'](_0x445504); + const _0x585fad = _0x9bfeb0=>_0x445504['match'](_0x9bfeb0)['toString']()['replace'](/[^0-9|_.]/g, '')['replace'](/_/g, '.'); + let _0x52bf77 = _0x227afe['yHOEV']; + if (_0x227afe['wzENk'](_0x38e894, /windows|win32|win64|wow32|wow64/g)) { + _0x52bf77 = _0x227afe['wsWEe']; + } else if (_0x227afe['wzENk'](_0x38e894, /macintosh|macintel/g)) { + _0x52bf77 = _0x227afe['xTHMm']; + } else if (_0x227afe['yavth'](_0x38e894, /x11/g)) { + _0x52bf77 = _0x227afe['azgCA']; + } else if (_0x227afe['nGybX'](_0x38e894, /android|adr/g)) { + _0x52bf77 = 'android'; + } else if (_0x227afe['nGybX'](_0x38e894, /ios|iphone|ipad|ipod|iwatch/g)) { + _0x52bf77 = _0x227afe['INJwr']; + } + let _0x4a314b = 'unknow'; + if (_0x227afe['hZWNh'](_0x52bf77, _0x227afe['wsWEe'])) { + if (_0x227afe['nGybX'](_0x38e894, /windows nt 5.0|windows 2000/g)) { + _0x4a314b = _0x227afe['UQRFb']; + } else if (_0x38e894(/windows nt 5.1|windows xp/g)) { + _0x4a314b = 'xp'; + } else if (_0x227afe['wwUUs'](_0x38e894, /windows nt 5.2|windows 2003/g)) { + _0x4a314b = _0x227afe['rqdHg']; + } else if (_0x227afe['wwUUs'](_0x38e894, /windows nt 6.0|windows vista/g)) { + _0x4a314b = 'vista'; + } else if (_0x38e894(/windows nt 6.1|windows 7/g)) { + _0x4a314b = '7'; + } else if (_0x38e894(/windows nt 6.2|windows 8/g)) { + _0x4a314b = '8'; + } else if (_0x38e894(/windows nt 6.3|windows 8.1/g)) { + _0x4a314b = _0x227afe['RFYwz']; + } else if (_0x38e894(/windows nt 10.0|windows 10/g)) { + _0x4a314b = '10'; + } + } else if (_0x227afe['hZWNh'](_0x52bf77, 'macos')) { + _0x4a314b = _0x227afe['wwUUs'](_0x585fad, /os x [\d._]+/g); + } else if (_0x227afe['VwpDM'](_0x52bf77, _0x227afe['ijcZr'])) { + _0x4a314b = _0x227afe['wsPCu'](_0x585fad, /android [\d._]+/g); + } else if (_0x227afe['CUddb'](_0x52bf77, _0x227afe['INJwr'])) { + _0x4a314b = _0x585fad(/os [\d._]+/g); + } + let _0x19ea9e = _0x227afe['yHOEV']; + if (_0x227afe['UcAvE'](_0x52bf77, _0x227afe['wsWEe']) || _0x227afe['UcAvE'](_0x52bf77, 'macos') || _0x52bf77 === 'linux') { + _0x19ea9e = _0x227afe['UPKaK']; + } else if (_0x52bf77 === 'android' || _0x227afe['Teriw'](_0x52bf77, _0x227afe['INJwr']) || _0x227afe['bSheG'](_0x38e894, /mobile/g)) { + _0x19ea9e = _0x227afe['VSVPX']; + } + let _0x184415 = 'unknow'; + let _0x51795a = 'unknow'; + if (_0x227afe['YLvkS'](_0x38e894, /applewebkit/g)) { + _0x184415 = _0x227afe['IIJTU']; + if (_0x38e894(/edge/g)) { + _0x51795a = _0x227afe['VnwxS']; + } else if (_0x227afe['YLvkS'](_0x38e894, /opr/g)) { + _0x51795a = _0x227afe['czVTJ']; + } else if (_0x227afe['nqrWh'](_0x38e894, /chrome/g)) { + _0x51795a = _0x227afe['qWvjw']; + } else if (_0x38e894(/safari/g)) { + _0x51795a = _0x227afe['wcaLm']; + } + } else if (_0x227afe['kpgHP'](_0x38e894, /gecko/g) && _0x227afe['uZEiZ'](_0x38e894, /firefox/g)) { + _0x184415 = 'gecko'; + _0x51795a = _0x227afe['Bsdxk']; + } else if (_0x227afe['brPia'](_0x38e894, /presto/g)) { + _0x184415 = _0x227afe['OfqeT']; + _0x51795a = _0x227afe['czVTJ']; + } else if (_0x227afe['CKdHS'](_0x38e894, /trident|compatible|msie/g)) { + _0x184415 = _0x227afe['MOinO']; + _0x51795a = _0x227afe['ubOMd']; + } + let _0xb5f01a = 'unknow'; + if (_0x227afe['Teriw'](_0x184415, _0x227afe['IIJTU'])) { + _0xb5f01a = _0x227afe['Ucccc'](_0x585fad, /applewebkit\/[\d._]+/g); + } else if (_0x227afe['SnFUd'](_0x184415, _0x227afe['dFIVJ'])) { + _0xb5f01a = _0x227afe['wTQFv'](_0x585fad, /gecko\/[\d._]+/g); + } else if (_0x227afe['ShzBA'](_0x184415, _0x227afe['OfqeT'])) { + _0xb5f01a = _0x227afe['wTQFv'](_0x585fad, /presto\/[\d._]+/g); + } else if (_0x184415 === _0x227afe['MOinO']) { + _0xb5f01a = _0x227afe['eMRyr'](_0x585fad, /trident\/[\d._]+/g); + } + let _0x4349d5 = _0x227afe['yHOEV']; + if (_0x227afe['IKmjV'](_0x51795a, _0x227afe['qWvjw'])) { + _0x4349d5 = _0x585fad(/chrome\/[\d._]+/g); + } else if (_0x227afe['TglAC'](_0x51795a, 'safari')) { + _0x4349d5 = _0x585fad(/version\/[\d._]+/g); + } else if (_0x51795a === _0x227afe['Bsdxk']) { + _0x4349d5 = _0x227afe['eMRyr'](_0x585fad, /firefox\/[\d._]+/g); + } else if (_0x227afe['TglAC'](_0x51795a, _0x227afe['czVTJ'])) { + _0x4349d5 = _0x585fad(/opr\/[\d._]+/g); + } else if (_0x227afe['GIWpy'](_0x51795a, _0x227afe['ubOMd'])) { + _0x4349d5 = _0x227afe['eMRyr'](_0x585fad, /(msie [\d._]+)|(rv:[\d._]+)/g); + } else if (_0x227afe['GIWpy'](_0x51795a, _0x227afe['VnwxS'])) { + _0x4349d5 = _0x227afe['LSFzT'](_0x585fad, /edge\/[\d._]+/g); + } + let _0x59a33a = 'none'; + let _0x25de0d = 'unknow'; + if (_0x227afe['LSFzT'](_0x38e894, /micromessenger/g)) { + _0x59a33a = 'wechat'; + _0x25de0d = _0x227afe['JVzaP'](_0x585fad, /micromessenger\/[\d._]+/g); + } else if (_0x38e894(/qqbrowser/g)) { + _0x59a33a = 'qq'; + _0x25de0d = _0x227afe['JVzaP'](_0x585fad, /qqbrowser\/[\d._]+/g); + } else if (_0x227afe['vnhkW'](_0x38e894, /ucbrowser/g)) { + _0x59a33a = 'uc'; + _0x25de0d = _0x227afe['bFQSo'](_0x585fad, /ucbrowser\/[\d._]+/g); + } else if (_0x227afe['mucVu'](_0x38e894, /qihu 360se/g)) { + _0x59a33a = '360'; + } else if (_0x227afe['ndklM'](_0x38e894, /2345explorer/g)) { + _0x59a33a = _0x227afe['aKRfW']; + _0x25de0d = _0x585fad(/2345explorer\/[\d._]+/g); + } else if (_0x227afe['ndklM'](_0x38e894, /metasr/g)) { + _0x59a33a = _0x227afe['JvNSR']; + } else if (_0x227afe['ndklM'](_0x38e894, /lbbrowser/g)) { + _0x59a33a = _0x227afe['iEjLM']; + } else if (_0x227afe['mFXYd'](_0x38e894, /maxthon/g)) { + _0x59a33a = _0x227afe['Fkpwj']; + _0x25de0d = _0x227afe['mFXYd'](_0x585fad, /maxthon\/[\d._]+/g); + } + return Object['assign']({ + 'engine': _0x184415, + 'engineVs': _0xb5f01a, + 'platform': _0x19ea9e, + 'supporter': _0x51795a, + 'supporterVs': _0x4349d5, + 'system': _0x52bf77, + 'systemVs': _0x4a314b + }, _0x227afe['GIWpy'](_0x59a33a, 'none') ? {} : { + 'shell': _0x59a33a, + 'shellVs': _0x25de0d + }); +} +var _0xafb7 = ['0123456789abcdef', 'charAt', 'length', 'abc', '900150983cd24fb0d6963f7d28e17f72', 'concat', 'charCodeAt', '0123456789ABCDEF']; +(function(_0x308400, _0x4dd0d5) { + var _0x55a1b9 = function(_0x42a510) { + while (--_0x42a510) { + _0x308400['push'](_0x308400['shift']()); + } + }; + _0x55a1b9(++_0x4dd0d5); +}(_0xafb7, 0x132)); +var _0x4f75 = function(_0x20aa38, _0x3feb9f) { + _0x20aa38 = _0x20aa38 - 0x0; + var _0x442357 = _0xafb7[_0x20aa38]; + return _0x442357; +}; +var hexcase = 0x0; +var b64pad = ''; +var chrsz = 0x8; +function get_data() { + var _0x49dc93 = { + 'ObbQh': function(_0x4cc272) { + return _0x4cc272(); + } + }; + result = ''; + if (1600 || 900) { + result = _0x49dc93['ObbQh'](___get_data); + } + return result; +} +function ___get_data() { + var _0xd1d5bb = { + 'chYzh': function(_0x3214e3, _0x5ecab4) { + return _0x3214e3(_0x5ecab4); + }, + 'EyjPx': function(_0x37547a, _0x58a366, _0x1463fd) { + return _0x37547a(_0x58a366, _0x1463fd); + }, + 'oWocp': '0x0' + }; + _0x3066e8 = 'NightTeam'; + return _0xd1d5bb['chYzh'](binl2hex, _0xd1d5bb['EyjPx'](core__0x5f3, _0xd1d5bb['chYzh'](str2binl, _0x3066e8), _0x3066e8[_0x4f75(_0xd1d5bb['oWocp'])] * chrsz)); +} +function b64__0x5f3(_0x285afb) { + return binl2b64(core__0x5f3(str2binl(_0x285afb), _0x285afb[_0x4f75('0x0')] * chrsz)); +} +function str__0x5f3(_0x508693) { + return binl2str(core__0x5f3(str2binl(_0x508693), _0x508693[_0x4f75('0x0')] * chrsz)); +} +function hex_hmac__0x5f3(_0x51842a, _0x49cf0a) { + return binl2hex(core_hmac__0x5f3(_0x51842a, _0x49cf0a)); +} +function b64_hmac__0x5f3(_0x32ca2c, _0x564ce2) { + return binl2b64(core_hmac__0x5f3(_0x32ca2c, _0x564ce2)); +} +function str_hmac__0x5f3(_0x2b5ae9, _0x33e2bc) { + return binl2str(core_hmac__0x5f3(_0x2b5ae9, _0x33e2bc)); +} +function _0x5f3_vm_test() { + return hex__0x5f3(_0x4f75('0x1')) == _0x4f75('0x2'); +} +function core__0x5f3(_0x29b141, _0x1d205c) { + _0x29b141[_0x1d205c >> 0x5] |= 0x80 << _0x1d205c % 0x20; + _0x29b141[(_0x1d205c + 0x40 >>> 0x9 << 0x4) + 0xe] = _0x1d205c; + var _0x2ca934 = 0x67452301; + var _0x37ae64 = -0x10325477; + var _0x25776a = -0x67452302; + var _0x225e4c = 0x10325476; + for (var _0x13a45d = 0x0; _0x13a45d < _0x29b141['length']; _0x13a45d += 0x10) { + var _0x588610 = _0x2ca934; + var _0x12af01 = _0x37ae64; + var _0x233171 = _0x25776a; + var _0x4c36c3 = _0x225e4c; + _0x2ca934 = _0x5f3_ff(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x0], 0x7, -0x28955b88); + _0x225e4c = _0x5f3_ff(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x1], 0xc, -0x173848aa); + _0x25776a = _0x5f3_ff(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x2], 0x11, 0x242070db); + _0x37ae64 = _0x5f3_ff(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x3], 0x16, -0x3e423112); + _0x2ca934 = _0x5f3_ff(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x4], 0x7, -0xa83f051); + _0x225e4c = _0x5f3_ff(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x5], 0xc, 0x4787c62a); + _0x25776a = _0x5f3_ff(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x6], 0x11, -0x57cfb9ed); + _0x37ae64 = _0x5f3_ff(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x7], 0x16, -0x2b96aff); + _0x2ca934 = _0x5f3_ff(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x8], 0x7, 0x698098d8); + _0x225e4c = _0x5f3_ff(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x9], 0xc, -0x74bb0851); + _0x25776a = _0x5f3_ff(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xa], 0x11, -0xa44f); + _0x37ae64 = _0x5f3_ff(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xb], 0x16, -0x76a32842); + _0x2ca934 = _0x5f3_ff(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0xc], 0x7, 0x6b901122); + _0x225e4c = _0x5f3_ff(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xd], 0xc, -0x2678e6d); + _0x25776a = _0x5f3_ff(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xe], 0x11, -0x5986bc72); + _0x37ae64 = _0x5f3_ff(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xf], 0x16, 0x49b40821); + _0x2ca934 = _0x5f3_gg(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x1], 0x5, -0x9e1da9e); + _0x225e4c = _0x5f3_gg(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x6], 0x9, -0x3fbf4cc0); + _0x25776a = _0x5f3_gg(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xb], 0xe, 0x265e5a51); + _0x37ae64 = _0x5f3_gg(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x0], 0x14, -0x16493856); + _0x2ca934 = _0x5f3_gg(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x5], 0x5, -0x29d0efa3); + _0x225e4c = _0x5f3_gg(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xa], 0x9, 0x2441453); + _0x25776a = _0x5f3_gg(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xf], 0xe, -0x275e197f); + _0x37ae64 = _0x5f3_gg(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x4], 0x14, -0x182c0438); + _0x2ca934 = _0x5f3_gg(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x9], 0x5, 0x21e1cde6); + _0x225e4c = _0x5f3_gg(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xe], 0x9, -0x3cc8f82a); + _0x25776a = _0x5f3_gg(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x3], 0xe, -0xb2af279); + _0x37ae64 = _0x5f3_gg(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x8], 0x14, 0x455a14ed); + _0x2ca934 = _0x5f3_gg(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0xd], 0x5, -0x561c16fb); + _0x225e4c = _0x5f3_gg(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x2], 0x9, -0x3105c08); + _0x25776a = _0x5f3_gg(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x7], 0xe, 0x676f02d9); + _0x37ae64 = _0x5f3_gg(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xc], 0x14, -0x72d5b376); + _0x2ca934 = _0x5f3_hh(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x5], 0x4, -0x5c6be); + _0x225e4c = _0x5f3_hh(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x8], 0xb, -0x788e097f); + _0x25776a = _0x5f3_hh(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xb], 0x10, 0x6d9d6122); + _0x37ae64 = _0x5f3_hh(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xe], 0x17, -0x21ac7f4); + _0x2ca934 = _0x5f3_hh(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x1], 0x4, -0x5b4115bc); + _0x225e4c = _0x5f3_hh(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x4], 0xb, 0x4bdecfa9); + _0x25776a = _0x5f3_hh(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x7], 0x10, -0x944b4a0); + _0x37ae64 = _0x5f3_hh(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xa], 0x17, -0x41404390); + _0x2ca934 = _0x5f3_hh(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0xd], 0x4, 0x289b7ec6); + _0x225e4c = _0x5f3_hh(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x0], 0xb, -0x155ed806); + _0x25776a = _0x5f3_hh(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x3], 0x10, -0x2b10cf7b); + _0x37ae64 = _0x5f3_hh(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x6], 0x17, 0x4881d05); + _0x2ca934 = _0x5f3_hh(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x9], 0x4, -0x262b2fc7); + _0x225e4c = _0x5f3_hh(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xc], 0xb, -0x1924661b); + _0x25776a = _0x5f3_hh(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xf], 0x10, 0x1fa27cf8); + _0x37ae64 = _0x5f3_hh(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x2], 0x17, -0x3b53a99b); + _0x2ca934 = _0x5f3_ii(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x0], 0x6, -0xbd6ddbc); + _0x225e4c = _0x5f3_ii(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x7], 0xa, 0x432aff97); + _0x25776a = _0x5f3_ii(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xe], 0xf, -0x546bdc59); + _0x37ae64 = _0x5f3_ii(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x5], 0x15, -0x36c5fc7); + _0x2ca934 = _0x5f3_ii(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0xc], 0x6, 0x655b59c3); + _0x225e4c = _0x5f3_ii(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0x3], 0xa, -0x70f3336e); + _0x25776a = _0x5f3_ii(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0xa], 0xf, -0x100b83); + _0x37ae64 = _0x5f3_ii(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x1], 0x15, -0x7a7ba22f); + _0x2ca934 = _0x5f3_ii(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x8], 0x6, 0x6fa87e4f); + _0x225e4c = _0x5f3_ii(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xf], 0xa, -0x1d31920); + _0x25776a = _0x5f3_ii(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x6], 0xf, -0x5cfebcec); + _0x37ae64 = _0x5f3_ii(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0xd], 0x15, 0x4e0811a1); + _0x2ca934 = _0x5f3_ii(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c, _0x29b141[_0x13a45d + 0x4], 0x6, -0x8ac817e); + _0x225e4c = _0x5f3_ii(_0x225e4c, _0x2ca934, _0x37ae64, _0x25776a, _0x29b141[_0x13a45d + 0xb], 0xa, -0x42c50dcb); + _0x25776a = _0x5f3_ii(_0x25776a, _0x225e4c, _0x2ca934, _0x37ae64, _0x29b141[_0x13a45d + 0x2], 0xf, 0x2ad7d2bb); + _0x37ae64 = _0x5f3_ii(_0x37ae64, _0x25776a, _0x225e4c, _0x2ca934, _0x29b141[_0x13a45d + 0x9], 0x15, -0x14792c6f); + _0x2ca934 = safe_add(_0x2ca934, _0x588610); + _0x37ae64 = safe_add(_0x37ae64, _0x12af01); + _0x25776a = safe_add(_0x25776a, _0x233171); + _0x225e4c = safe_add(_0x225e4c, _0x4c36c3); + } + return Array(_0x2ca934, _0x37ae64, _0x25776a, _0x225e4c); +} +function _0x5f3_cmn(_0x37bd03, _0x204785, _0x4c8136, _0x4df7e5, _0x8adaae, _0x1bb5d5) { + return safe_add(bit_rol(safe_add(safe_add(_0x204785, _0x37bd03), safe_add(_0x4df7e5, _0x1bb5d5)), _0x8adaae), _0x4c8136); +} +function _0x5f3_ff(_0x592bc7, _0x27110f, _0x192e0e, _0x56094f, _0xf3c246, _0x3e601b, _0x5424f7) { + return _0x5f3_cmn(_0x27110f & _0x192e0e | ~_0x27110f & _0x56094f, _0x592bc7, _0x27110f, _0xf3c246, _0x3e601b, _0x5424f7); +} +function _0x5f3_gg(_0x133b26, _0x4f6e2b, _0x43870f, _0x3221b7, _0x5749c4, _0x4a7548, _0x2eeb85) { + return _0x5f3_cmn(_0x4f6e2b & _0x3221b7 | _0x43870f & ~_0x3221b7, _0x133b26, _0x4f6e2b, _0x5749c4, _0x4a7548, _0x2eeb85); +} +function _0x5f3_hh(_0x182bcc, _0x5983ea, _0x15f735, _0x53f395, _0x346932, _0x1845cc, _0x3c026d) { + return _0x5f3_cmn(_0x5983ea ^ _0x15f735 ^ _0x53f395, _0x182bcc, _0x5983ea, _0x346932, _0x1845cc, _0x3c026d); +} +function _0x5f3_ii(_0x51638c, _0x39d5b9, _0x5aa690, _0x332e8b, _0x40b6d3, _0x1f7f3b, _0x4a5089) { + return _0x5f3_cmn(_0x5aa690 ^ (_0x39d5b9 | ~_0x332e8b), _0x51638c, _0x39d5b9, _0x40b6d3, _0x1f7f3b, _0x4a5089); +} +function core_hmac__0x5f3(_0x3c9f1f, _0x24bf57) { + var _0xce47a9 = str2binl(_0x3c9f1f); + if (_0xce47a9[_0x4f75('0x0')] > 0x10) + _0xce47a9 = core__0x5f3(_0xce47a9, _0x3c9f1f['length'] * chrsz); + var _0x201e5e = Array(0x10) + , _0x3e6b17 = Array(0x10); + for (var _0x1a9e62 = 0x0; _0x1a9e62 < 0x10; _0x1a9e62++) { + _0x201e5e[_0x1a9e62] = _0xce47a9[_0x1a9e62] ^ 0x36363636; + _0x3e6b17[_0x1a9e62] = _0xce47a9[_0x1a9e62] ^ 0x5c5c5c5c; + } + var _0x32b17d = core__0x5f3(_0x201e5e[_0x4f75('0x3')](str2binl(_0x24bf57)), 0x200 + _0x24bf57[_0x4f75('0x0')] * chrsz); + return core__0x5f3(_0x3e6b17[_0x4f75('0x3')](_0x32b17d), 0x200 + 0x80); +} +function safe_add(_0x17d6bb, _0x338b5a) { + var _0x1da9a = (_0x17d6bb & 0xffff) + (_0x338b5a & 0xffff); + var _0x30eeed = (_0x17d6bb >> 0x10) + (_0x338b5a >> 0x10) + (_0x1da9a >> 0x10); + return _0x30eeed << 0x10 | _0x1da9a & 0xffff; +} +function bit_rol(_0x29570a, _0x50c5a5) { + return _0x29570a << _0x50c5a5 | _0x29570a >>> 0x20 - _0x50c5a5; +} +function str2binl(_0x564301) { + var _0x8000e = Array(); + var _0x5384bf = (0x1 << chrsz) - 0x1; + for (var _0x4eff36 = 0x0; _0x4eff36 < _0x564301[_0x4f75('0x0')] * chrsz; _0x4eff36 += chrsz) + _0x8000e[_0x4eff36 >> 0x5] |= (_0x564301[_0x4f75('0x4')](_0x4eff36 / chrsz) & _0x5384bf) << _0x4eff36 % 0x20; + return _0x8000e; +} +function binl2str(_0x1591a0) { + var _0x48bf42 = ''; + var _0x330495 = (0x1 << chrsz) - 0x1; + for (var _0x1d9e6e = 0x0; _0x1d9e6e < _0x1591a0[_0x4f75('0x0')] * 0x20; _0x1d9e6e += chrsz) + _0x48bf42 += String['fromCharCode'](_0x1591a0[_0x1d9e6e >> 0x5] >>> _0x1d9e6e % 0x20 & _0x330495); + return _0x48bf42; +} +function binl2hex(_0x2b2030) { + var _0x3b523a = hexcase ? _0x4f75('0x5') : _0x4f75('0x6'); + var _0x580323 = ''; + for (var _0x3c558a = 0x0; _0x3c558a < _0x2b2030[_0x4f75('0x0')] * 0x4; _0x3c558a++) { + _0x580323 += _0x3b523a['charAt'](_0x2b2030[_0x3c558a >> 0x2] >> _0x3c558a % 0x4 * 0x8 + 0x4 & 0xf) + _0x3b523a[_0x4f75('0x7')](_0x2b2030[_0x3c558a >> 0x2] >> _0x3c558a % 0x4 * 0x8 & 0xf); + } + return _0x580323; +} +function binl2b64(_0xbf0e43) { + var _0x5c1f17 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; + var _0x50c415 = ''; + for (var _0x30f226 = 0x0; _0x30f226 < _0xbf0e43[_0x4f75('0x0')] * 0x4; _0x30f226 += 0x3) { + var _0x13031f = (_0xbf0e43[_0x30f226 >> 0x2] >> 0x8 * (_0x30f226 % 0x4) & 0xff) << 0x10 | (_0xbf0e43[_0x30f226 + 0x1 >> 0x2] >> 0x8 * ((_0x30f226 + 0x1) % 0x4) & 0xff) << 0x8 | _0xbf0e43[_0x30f226 + 0x2 >> 0x2] >> 0x8 * ((_0x30f226 + 0x2) % 0x4) & 0xff; + for (var _0x25968b = 0x0; _0x25968b < 0x4; _0x25968b++) { + if (_0x30f226 * 0x8 + _0x25968b * 0x6 > _0xbf0e43[_0x4f75('0x0')] * 0x20) + _0x50c415 += b64pad; + else + _0x50c415 += _0x5c1f17[_0x4f75('0x7')](_0x13031f >> 0x6 * (0x3 - _0x25968b) & 0x3f); + } + } + return _0x50c415; +} + +a = get_data(); +console.log(a); diff --git a/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md b/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md new file mode 100644 index 0000000..fcf297e --- /dev/null +++ b/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md @@ -0,0 +1,6 @@ +## 问题 + +在JS逆向系列课的第6课《初窥⻔径 阻挠爬⾍⼯程师的⽆限 debugger》中,我们学会了如何处理无限 debugger。 那么这是一道综合题,在过掉无限 debugger 后找出关键加密逻辑,并模拟。请运用你所学到的或是积累的知识,尝试做一下这道题吧~ 提示:注意Cookie + +如果关键参数 arg1 为 5D6DBFF4776ED19E013868C0663AC4A6FD3C2FEB,那么 set 的关键 cookie arg2 是多少? +