前言:
记得上半年还是去年,有道翻译还是直接返回明文数据;现在也跟着,用接口返回加密数据了; 娱乐一下,破他的密文数据...
成品效果图:
js部分:
对于找他的密文数据有点费时,针对密文--->搜他`地址`和`启动器`不是特别容易,辗转多时(搜:descrypt/json.parse 结合使用更快),有图为证:
然后,对加密数据(发现他是aes加密...必须魔改)进行抠代码:
最终,自己魔改(原代码很多,这是精简后的版本---大家可以自行参照)完成:
const crypto = require('crypto');function f(t){if (!t) return null;// Buffer 对象用于 key 和 iv 参数const keyBuffer = Buffer.from([8,20,157,167,60,89,206,98,85,91,1,233,47,52,232,56]);const ivBuffer = Buffer.from([210,187,27,253,232,59,56,195,68,54,99,87,183,156,174,28]);// 使用 Buffer 对象let r = crypto.createDecipheriv("aes-128-cbc", keyBuffer, ivBuffer);let s = r.update(t, "base64", "utf-8");s += r.final("utf-8");return s;
}function jiemi(data) {return f(data)
}
针对这一块,多次试验发现,他的秘钥和iv基本是固定的,所以直接套用了; 他的小坑就在于,如果你直接用他的代码进行生成秘钥和iv 就需要修改他的buffer格式...(这里有兴趣的可以自己去抠抠试试)
最终:
import execjs
import jsonclass shengcheng():def __init__(self,data):self.data=datadef jiemi(self):mingwen = execjs.compile(open('shujujie.js', 'r', encoding='utf-8').read()).call('jiemi', self.data) #转成铭文json格式的字符串print(mingwen) #用于筛选,需要的位置json_data = json.loads(mingwen) # 转换为Python字典return json_data["translateResult"][0][0]["tgt"]#测试成功与否
data="Z21kD9ZK1ke6ugku2ccWu4n6eLnvoDT0YgGi0y3g-v0B9sYqg8L9D6UERNozYOHqnYdl2efZNyM6Trc_xS-zKtfTK4hb6JP8XwCzNh0avc8qItQUiIU_4wKKXJlIpvMvfKvJaaZzaX6VEtpkr2FdkfoT_Jgbm2GRSVj3r40autIdlImENG8hC0ZH4ww7utwuTt3Oo_ZpXg0BSq9wePSAB75-ChkiGKF9HTIPeCl2bl84SBD1XDfFCZpkKQhecYSs0JLoXOqP2ltavxRrg58Hp1q5uIgZZ_Oo2-Jmd-t1r4es40drcAq5bjmS62M2VJF8D6ojtOh9JTfNwgzD3CxYn-Pd7-TgHMyNEJEkFXTAyxzpjlFqtrCYDE3SZUYlENkqsL8Wrra1hM-1nTfiB-BLcWAdRBynNpP5_54aq_-GBsq8bB_9yEX5ovzDB4_Ry_spVVuUnb39iplMHCdCnjOD3ngiIDbl9SUz-9npjBX05ZYRdPmFPAl424qdoaxeVqnVoH8jQFPZVqaHMzu4mJg0SICDWFH7GP1zqGRbXd3ESjT_iBInl3gICt2XVuhh_nubcELkTEC6xbqEDRQkPUNMpzXJHjcvsLHtcmSW0S9F0445ho9kT2qZYdMBC3Fs0OaHpUtFu77gZpQn7sGiqh8VliXIcUtfvvop-1c-Vu5QjfUbLn2-s5POR9fGYG6rt6ioe_PGmwWj-Cc00zUM7FybfarKTr4D3Rk57R72qpXN4Ja86ZsCAMmDG-m5z31RQh_V7echJ8Kna3Go3yWKCK4vtSwOWrFhiS5RTz6EkrGc3SkFKbb5vp8Wop_84myBtgnBmj4CczhTq2HcOxrJf4def6yDt2uBxyv4bTVGx9Yx3uB4Gx0iK5kYvfma6B_LnkRWk331wjuXKQtBGYIuWkR8J5QtvBmIRVaa7AA19Z4xMIEAqbcuQ5p4I9FCElthBrJd9YOcouHK4U27xxYWJJXcJjAU6hR_oB1nwjAlwdreYSrxqhhnMfxUlzwXnjkeHIQsIrXmyDqn1ecy2NyzUnoIscC4EigujhLKbuFQIzbD5YNhKxCwU1RSNRYYy_A1hktX"
data1 ='Z21kD9ZK1ke6ugku2ccWuwRmpItPkRr5XcmzOgAKD0GcaHTZL9kyNKkN2aYY6yiOAuUGpZ7ENBTwF96PfL5x1bY7ml6fwu-TF83S-wOP7FZ-tPA2CwCh_GUzm4URELtNNJdjz8laGhynLZRmIDdXGzsyof5CH4f4HmMXalC1y1QFbY3YI7WOY_ESxSG7orHbOtDSUl2PIWETvdJNNr0s_igVhLaBVv9Eve_dur3bcenNl_7AbmsDj0kx8cyjkZWpWS0n7TkbUni6ZbeN99ClfQ=='
jie =shengcheng(data1).jiemi()
print(jie)
经验总结:
逆向web犹如盗墓,探龙点穴--->由大到小,从粗到细;耐心寻找他的棺椁位,然后....