|
本篇介紹精靈數(shù)據(jù)-數(shù)據(jù)加密AES的逆向?qū)崙?zhàn)分析����。 1.分析網(wǎng)站
2.分析請(qǐng)求的標(biāo)頭���、載荷��、預(yù)覽項(xiàng)
3.逆向分析
4.采集數(shù)據(jù) 網(wǎng)站地址:
aHR0cHM6Ly93d3cuamluZ2xpbmdzaHVqdS5jb20vYXJ0aWNsZXM= 訪問(wèn)網(wǎng)站�,打開(kāi)開(kāi)發(fā)者控制臺(tái)�����,頁(yè)面下來(lái)����,點(diǎn)擊下一頁(yè)��,觀察控制臺(tái)的請(qǐng)求����。 2.標(biāo)頭��、載荷�、預(yù)覽項(xiàng)分析 這里有個(gè)`uid`參數(shù),經(jīng)過(guò)測(cè)試該參數(shù)非必須���,所以也不需要逆向�����。測(cè)試參數(shù)是否必須得方法:將請(qǐng)求復(fù)制到開(kāi)發(fā)工具�����,注釋對(duì)應(yīng)的參數(shù)發(fā)送請(qǐng)求���,多次測(cè)試后如果能成功大概率就是非不要參數(shù)。 let my_parse = JSON.parse;JSON.parse = function (params) { //這里可以添加其他邏輯比如 debugger console.log("json_parse params:",params); return my_parse(params);};
重新分頁(yè),慢速過(guò)debugger 看到解密后的內(nèi)容�����,進(jìn)行調(diào)用堆棧跟棧分析����,第一堆棧進(jìn)入即可以發(fā)現(xiàn)解密js 的位置 `data`的解密算法是AES算法�����,整個(gè)算法的邏輯的都在這里����,還是比較簡(jiǎn)單 var CryptoJS = require('crypto-js')
function tripleAesDecrypt(text) { var j = "DXZWdxUZ5jgsUFPF" var key = CryptoJS.enc.Utf8.parse(j), iv = CryptoJS.enc.Utf8.parse(j.substr(0, 16)), decrypted = CryptoJS.AES.decrypt(text, key, { iv: iv, mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); return JSON.parse(decrypted.toString(CryptoJS.enc.Utf8));}
采集代碼 # -*- coding: utf-8 -*-import execjsimport requests
def get_data(): headers = { # "authority": "vapi.", # "accept": "application/json, text/plain, */*", # "accept-language": "zh-CN,zh;q=0.9", # "cache-control": "no-cache", # "content-type": "application/x-www-form-urlencoded", # "origin": "https://www.", # "pragma": "no-cache", # "sec-ch-ua": "\"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"", # "sec-ch-ua-mobile": "?0", # "sec-ch-ua-platform": "\"macOS\"", # "sec-fetch-dest": "empty", # "sec-fetch-mode": "cors", # "sec-fetch-site": "same-site", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" } url = "https://vapi./Data/getNewsList" data = { "page": "1", "num": "20", # "uid": "8e48e07cebba14927e18aaaa946a6968" } response = requests.post(url, headers=headers, data=data)
result = response.json()['data'] # print(result) new_list = execjs.compile(open('decrypt.js', 'r', encoding='utf-8').read()).call('tripleAesDecrypt', result) # print(new_list['list']) for new in new_list['list']: news = {} news['title'] = new['title'] news['news_time'] = new['news_time'] news['time_str'] = new['time_str'] news['summary'] = new['summary'] news['news_source'] = new['news_source'] news['news_author'] = new['news_author'] print(news)
get_data()
認(rèn)認(rèn)真真分析逆向知識(shí),歡迎留言交流?����。�。?br> 更多逆向分析��,數(shù)據(jù)采集知識(shí)�����, 請(qǐng)關(guān)注我吧
|
