diff --git a/猿人学第5题-js 混淆-乱码增强/main.py b/猿人学第5题-js 混淆-乱码增强/main.py new file mode 100644 index 0000000..e69de29 diff --git a/猿人学第5题-js 混淆-乱码增强/server.js b/猿人学第5题-js 混淆-乱码增强/server.js new file mode 100644 index 0000000..6ed9727 --- /dev/null +++ b/猿人学第5题-js 混淆-乱码增强/server.js @@ -0,0 +1,18 @@ +const express = require('express'); +const app = express(); +const encryption = require("./aes-test"); +var bodyParser = require('body-parser'); +app.use(bodyParser()); + + +app.post('/sign_60', function (req, res) { + let result = ''; + let pageNum = req.body.pageNum; + result = encryption.sign(pageNum); + res.send(result.toString()); +}); + + +app.listen(3005, () => { + console.log("开启服务,端口 3005") +}); diff --git a/猿人学第5题-js 混淆-乱码增强/案例.js b/猿人学第5题-js 混淆-乱码增强/案例.js index 07d0fa7..50521b4 100644 --- a/猿人学第5题-js 混淆-乱码增强/案例.js +++ b/猿人学第5题-js 混淆-乱码增强/案例.js @@ -1,27 +1,49 @@ -const CryptoJS = require("crypto-js"); - window = global; document = {}; -var _$Wa = 1678247136000; -_0x4e96b4 = window; -_0x4e96b4['_$pr'] = []; -_0x1171c8 = 1732584193; -_0x4dae05 = -271733879; -_0x183a1d = -1732584194; -_0xcfa373 = 271733878; -b64pad = 1; -_0x30bc70 = String; -_0x3912f2 = Error; -_0x4d2d2c = Array; -_0x109910 = Math; -_0xff7e93 = parseInt; -_0x35bb1d = Date; -_0x3d0f3f = document; - _0x5cd506 = Object; -_0x3bdc68 = unescape; -_0x1ec3c0 = encodeURIComponent; -_0x3b2c8e = Function; -var _0xceb4b2 = [ +var _0xceb4b2 = []; +window.$_tb = []; +window.$_zw = []; +history = { + 'pushState': function () {}, +}; +var _0x1171c8 = 0x67452301; +var _0x4dae05 = -0x10325477; +var _0x183a1d = -0x67452302; +var _0xcfa373 = 0x10325476; +var b64pad = 1; +function _0x48d200(_0x4b706e, _0x3c3a85, _0x111154, _0x311f9f, _0x5439cf, _0x38cac7, _0x26bd2e) { + return _0xaaef84(_0x3c3a85 & _0x111154 | ~_0x3c3a85 & _0x311f9f, _0x4b706e, _0x3c3a85, _0x5439cf, _0x38cac7, _0x26bd2e); +} +function _0xaaef84(_0xaf3112, _0x2a165a, _0x532fb4, _0x10aa40, _0x41c4e7, _0x1cb4da) { + return _0x12e4a8(_0x3634fc(_0x12e4a8(_0x12e4a8(_0x2a165a, _0xaf3112), _0x12e4a8(_0x10aa40, _0x1cb4da)), _0x41c4e7), _0x532fb4); +} +function _0x12e4a8(_0x7542c8, _0x5eada0) { + var _0x41f81f = (0xffff & _0x7542c8) + (0xffff & _0x5eada0); + return (_0x7542c8 >> 0x10) + (_0x5eada0 >> 0x10) + (_0x41f81f >> 0x10) << 0x10 | 0xffff & _0x41f81f; +} +function _0x3634fc(_0x5803ba, _0x1ce5b2) { + return _0x5803ba << _0x1ce5b2 | _0x5803ba >>> 0x20 - _0x1ce5b2; +} +function _0x3180ec(_0x401705, _0x240e6a, _0x56b131, _0x5a5c20, _0x1f2a72, _0x2bfc1, _0x19741a) { + return _0xaaef84(_0x240e6a & _0x5a5c20 | _0x56b131 & ~_0x5a5c20, _0x401705, _0x240e6a, _0x1f2a72, _0x2bfc1, _0x19741a); +} +function _0x32032f(_0x520fdf, _0x13921d, _0x1af9d5, _0x4a2311, _0xb6d40a, _0x1d58da, _0x361df0) { + return _0xaaef84(_0x13921d ^ _0x1af9d5 ^ _0x4a2311, _0x520fdf, _0x13921d, _0xb6d40a, _0x1d58da, _0x361df0); +} +var _0x4e96b4 = window + , _0x30bc70 = String; +var _0x3912f2 = Error + , _0x4d2d2c = Array + , _0x109910 = Math + , _0xff7e93 = parseInt + , _0x35bb1d = Date + , _0x3d0f3f = document + , _0x5cd506 = Object + , _0x3bdc68 = unescape + , _0x1ec3c0 = encodeURIComponent + , _0x3b2c8e = Function; +_$eP = 'eval'; +_$UH = [ "name", "setAttribute", "type", @@ -747,21 +769,54 @@ var _0xceb4b2 = [ "$_YWTU", "setClientData", "getExtension" -] +]; +_0x4e96b4['$_zw']['push'](_0xceb4b2); +var _0x21b30e = _0x4e96b4[_0xceb4b2[0x49]] + // , _0x1c1e87 = _0x4e96b4['top'][_0xceb4b2[0x17]] + , _0x1624e9 = _0x109910[_0xceb4b2[0x20f]] + , _0x1fcadd = _0x109910['abs'] + , _0x3599f7 = _0x109910[_0xceb4b2[0x55]] + , _0x598d6f = _0x4e96b4[_0xceb4b2[0x34]] + , _0x14528e = _0x4e96b4[_0xceb4b2[0x1a]]; +var _0x4e4c00 = _0x4e96b4[_0xceb4b2[0x3c]] + , _0x22e053 = _0x4e96b4[_0xceb4b2[0x27f]] + , _0xd13014 = _0x4e96b4[_0xceb4b2[0x9d]] + , _0x21e9ec = _0x4e96b4[_0xceb4b2[0x2b7]] + , _0x598d6f = _0x4e96b4[_0xceb4b2[0x34]] + , _0x284ecc = _0x4e96b4[_0xceb4b2[0x292]] + , _0x341b6b = _0x4e96b4[_0xceb4b2[0x17]] + , _0x551dbe = _0x4e96b4[_0xceb4b2[0xf8]] + , _0x5562e4 = _0x4e96b4[_0xceb4b2[0x1d6]] + , _0x4c8b7b = _0x4e96b4[_0xceb4b2[0x1ba]]; +var _0x19ec04 = _0x4e96b4[_0xceb4b2[0x20e]] || (_0x4e96b4[_0xceb4b2[0x20e]] = {}); +var _0x502102 = _0x30bc70['prototype'][_0xceb4b2[0x118]] + , _0x418037 = _0x30bc70['prototype'][_0xceb4b2[0xf]] + , _0x158537 = _0x30bc70['prototype'][_0xceb4b2[0x1d]] + , _0x29da67 = _0x30bc70['prototype'][_0xceb4b2[0x46]] + , _0x414dbb = _0x30bc70['prototype'][_0xceb4b2[0xf1]] + , _0x4d4b1c = _0x30bc70['prototype'][_0xceb4b2[0x13a]] + , _0x4441d1 = _0x30bc70['prototype'][_0xceb4b2[0x4e]] + , _0x557b15 = _0x30bc70['prototype'][_0xceb4b2[0x31]] + , _0x50bb6d = _0x30bc70['prototype'][_0xceb4b2[0x9]] + , _0x3fbba8 = _0x30bc70['prototype'][_0xceb4b2[0x19]] + , _0x34a1d4 = _0x30bc70['prototype'][_0xceb4b2[0x12e]] + , _0x4e160c = _0x30bc70['prototype'][_0xceb4b2[0x1e6]] + , _0x318f6d = _0x30bc70['prototype'][_0xceb4b2[0x256]] + , _0x274250 = _0x30bc70['prototype'][_0xceb4b2[0x2bb]] + , _0x1e37ca = _0x30bc70['prototype'][_0xceb4b2[0x172]] + , _0x2b11f1 = _0x30bc70[_0xceb4b2[0x114]]; +_0x4e96b4['_$pr'] = new _0x4d2d2c(); +var _0x6b463e = _0x5cd506['prototype'][_0xceb4b2[0x1f]]; +_$JM = _0x3b2c8e['prototype'][_0xceb4b2[0x1f]]; +_0x4e96b4['_$tT'] = -0xa40bd9c; +_0x4e96b4['_$Jy'] = 0x1b821d58; - -global.Buffer = global.Buffer || require('buffer').Buffer; - -if (typeof btoa === 'undefined') { - global.btoa = function (str) { - return new Buffer.from(str).toString('base64'); - }; +function _0x474032(_0x233f82, _0xe2ed33, _0x3229f9) { + return _0xe2ed33 ? _0x3229f9 ? v(_0xe2ed33, _0x233f82) : y(_0xe2ed33, _0x233f82) : _0x3229f9 ? _0x41873d(_0x233f82) : _0x37614a(_0x233f82); } -if (typeof atob === 'undefined') { - global.atob = function (b64Encoded) { - return new Buffer.from(b64Encoded, 'base64').toString(); - }; +function _0x37614a(_0x32e7c1) { + return _0x499969(_0x41873d(_0x32e7c1)); } function _0x499969(_0x82fe7e) { @@ -772,14 +827,6 @@ function _0x499969(_0x82fe7e) { return _0x21f411; } -function _0x37614a(_0x32e7c1) { - return _0x499969(_0x41873d(_0x32e7c1)); -} - -function _0x474032(_0x233f82) { - return _0x37614a(_0x233f82); -} - function _0x41873d(_0x5a6962) { return _0x1ee7ec(_0x2b8a17(_0x5a6962)); } @@ -798,27 +845,6 @@ function _0x12b47d(_0x149183) { _0x1145c3 += _0x30bc70[_$UH[0x114]](_0x149183[_0xabbcb3 >> 0x5] >>> _0xabbcb3 % 0x20 & 0xff); return _0x1145c3; } -function _0xaaef84(_0xaf3112, _0x2a165a, _0x532fb4, _0x10aa40, _0x41c4e7, _0x1cb4da) { - return _0x12e4a8(_0x3634fc(_0x12e4a8(_0x12e4a8(_0x2a165a, _0xaf3112), _0x12e4a8(_0x10aa40, _0x1cb4da)), _0x41c4e7), _0x532fb4); -} -function _0x12e4a8(_0x7542c8, _0x5eada0) { - var _0x41f81f = (0xffff & _0x7542c8) + (0xffff & _0x5eada0); - return (_0x7542c8 >> 0x10) + (_0x5eada0 >> 0x10) + (_0x41f81f >> 0x10) << 0x10 | 0xffff & _0x41f81f; -} -function _0x3634fc(_0x5803ba, _0x1ce5b2) { - return _0x5803ba << _0x1ce5b2 | _0x5803ba >>> 0x20 - _0x1ce5b2; -} -function _0x3180ec(_0x401705, _0x240e6a, _0x56b131, _0x5a5c20, _0x1f2a72, _0x2bfc1, _0x19741a) { - return _0xaaef84(_0x240e6a & _0x5a5c20 | _0x56b131 & ~_0x5a5c20, _0x401705, _0x240e6a, _0x1f2a72, _0x2bfc1, _0x19741a); -} -var _0x3a316b = 'T'; -var _0x390c66; -function _0x32032f(_0x520fdf, _0x13921d, _0x1af9d5, _0x4a2311, _0xb6d40a, _0x1d58da, _0x361df0) { - return _0xaaef84(_0x13921d ^ _0x1af9d5 ^ _0x4a2311, _0x520fdf, _0x13921d, _0xb6d40a, _0x1d58da, _0x361df0); -} -function _0x48d200(_0x4b706e, _0x3c3a85, _0x111154, _0x311f9f, _0x5439cf, _0x38cac7, _0x26bd2e) { - return _0xaaef84(_0x3c3a85 & _0x111154 | ~_0x3c3a85 & _0x311f9f, _0x4b706e, _0x3c3a85, _0x5439cf, _0x38cac7, _0x26bd2e); -} var _0x53308f = 0x1; var _0x31ef9c = 0x0; var _0x312cd6; @@ -833,24 +859,25 @@ function _0x11a7a2(_0x193f00, _0x1cfe89) { } catch (_0x1b1b35) { var _0x42fb36 = 0x1; } - // try { - // _0x4e96b4['$_z2'][0x0] = 'Q'; - // } catch (_0x4c574d) { - // try { - // op = _0x4e96b4['$_zw'][_$UH[0x6c]]; - // } catch (_0x58af26) { - // var _0x3b7935 = 0x0; - // for (var _0x1badc3 = 0x0; _0x1badc3 < 0xf4240; _0x1badc3++) { - // _0x3b7935 = _0x3b7935 + _0x1badc3[_$UH[0x1f]](); - // history['pushState'](0x0, 0x0, _0x3b7935); - // } - // } - // if (op > 0x14) { - // eval('b64pad = _0x4e96b4[\'$_zw\'][9][\'length\'];'); - // } else if (op < 0xa) { - // _0x4e96b4['$_zw'] = [0x1, 0x8, 0x2, 0x4, 0x17, 0x2d, 0x8, 0xf, 0x51, 0x44, 0xd, 0x48, 0x46]; - // } - // } + try { + _0x4e96b4['$_z2'][0x0] = 'Q'; + } catch (_0x4c574d) { + try { + op = _0x4e96b4['$_zw']["length"]; + console.log(_0x4e96b4['$_zw']) + } catch (_0x58af26) { + var _0x3b7935 = 0x0; + for (var _0x1badc3 = 0x0; _0x1badc3 < 0xf4240; _0x1badc3++) { + _0x3b7935 = _0x3b7935 + _0x1badc3[_$UH[0x1f]](); + history['pushState'](0x0, 0x0, _0x3b7935); + } + } + if (op > 0x14) { + eval('b64pad = _0x4e96b4[\'$_zw\'][9][\'length\'];'); + } else if (op < 0xa) { + _0x4e96b4['$_zw'] = [0x1, 0x8, 0x2, 0x4, 0x17, 0x2d, 0x8, 0xf, 0x51, 0x44, 0xd, 0x48, 0x46]; + } + } var _0x1badc3, _0x38ca59, _0x431764, _0x43f1b4, _0x5722c0, _0x3e0c38 = _0x1171c8, _0xdb4d2c = _0x4dae05, _0x1724c5 = _0x183a1d, _0x257ec6 = _0xcfa373; try { @@ -948,24 +975,7 @@ function _0x35f5f2(_0x243853) { return _0xa791a1; } -_$UH = _0xceb4b2; - +_$Wa = 1678261692000; _0x4e96b4['_$pr']['push'](_0x474032(_$Wa)); - -_$Ww = CryptoJS['enc']['Utf8']['parse'](_0x4e96b4['_$pr']['toString']()); -_0x4e96b4['_$qF'] = CryptoJS['enc']['Utf8']['parse'](_0x4e96b4['btoa']('1678243662154')['slice'](0, 16)); -console.log(0x4e96b4['_$qF']); - -_0x29dd83 = CryptoJS['AES']['encrypt'](_$Ww, _0x4e96b4['_$qF'], { - 'mode': CryptoJS['mode']['ECB'], - 'padding': CryptoJS['pad']['Pkcs7'] -}); - -// _0x29dd83['toString'](); - -// console.log(_0x29dd83['toString']()); - -_$Wa = 1678247136000; -w =_0x37614a(_$Wa); -console.log(w); +console.log(_0x474032(_$Wa)); \ No newline at end of file