爬虫逆向 - 头部信息逆向

背景:

本文只是为了学习逆向技术,与爬取数据无关, 所以文中没有数据爬取,只是叙述了JS逆向思路及步骤

 请勿对目标网站进行大规模爬取

网址: https://ggzyfw.fujian.gov.cn/business/list

 

开始 - 步骤

1、分析网站得知:

  1)获取数据是header 中 portal_sign 为加密的,首先对其进行解密

  2)使用获取 portal_sign 解密后的字符串请求数据

  3)对数据进行JS逆向解密

 

python 脚本

 1 # coding: utf-8
 2 
 3 import requests
 4 import time
 5 import execjs
 6 
 7 cookies = {
 8     'ASP.NET_SessionId': 'ifggj3yi000hoat4z1pj0sjn',
 9 }
10 
11 json_data = {
12     'pageNo': 200,
13     'pageSize': 20,
14     'total': 0,
15     'AREACODE': '',
16     'M_PROJECT_TYPE': '',
17     'KIND': 'GCJS',
18     'GGTYPE': '1',
19     'PROTYPE': '',
20     'timeType': '6',
21     'BeginTime': '2022-06-13 00:00:00',
22     'EndTime': '2022-12-13 23:59:59',
23     'createTime': [],
24     'ts': round(time.time() * 1000),
25 }
26 
27 portal_sign = execjs.compile(
28     open("./头部信息逆向.js", "r", encoding="utf-8").read()).call('d', json_data)
29 
30 headers = {
31     'Accept': 'application/json, text/plain, */*',
32     'Accept-Language': 'zh-CN,zh;q=0.9,en-GB;q=0.8,en-US;q=0.7,en;q=0.6',
33     'Cache-Control': 'no-cache',
34     'Connection': 'keep-alive',
35     'Content-Type': 'application/json;charset=UTF-8',
36     # 'Cookie': 'ASP.NET_SessionId=ifggj3yi000hoat4z1pj0sjn',
37     'Origin': 'https://ggzyfw.fujian.gov.cn',
38     'Pragma': 'no-cache',
39     'Referer': 'https://ggzyfw.fujian.gov.cn/business/list/',
40     'Sec-Fetch-Dest': 'empty',
41     'Sec-Fetch-Mode': 'cors',
42     'Sec-Fetch-Site': 'same-origin',
43     'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36',
44     'portal-sign': portal_sign,
45     'sec-ch-ua': '"Not?A_Brand";v="8", "Chromium";v="108", "Google Chrome";v="108"',
46     'sec-ch-ua-mobile': '?0',
47     'sec-ch-ua-platform': '"Windows"',
48 }
49 
50 response = requests.post(
51     'https://ggzyfw.fujian.gov.cn/FwPortalApi/Trade/TradeInfo',
52     cookies=cookies,
53     headers=headers,
54     json=json_data,
55 ).json()
56 
57 # 请求方式
58 # dome1
59 # data = execjs.compile(
60 #     open("./数据逆向.js", "r", encoding="utf-8").read()).call('b', response['Data'])
61 # print(data)
62 
63 # dome2
64 # 实例化node对象
65 node = execjs.get()
66 # js 源码文件编译
67 ctx = node.compile(open("./数据逆向.js", "r", encoding="utf-8").read())
68 # 执行js函数
69 resp = ctx.eval('Aa.b("{}", "{}")'.format(response['Data'], 123))
70 print(resp)

 

头部信息 portal_sign 逆向 JS

const crypto = require('crypto');

params = {
    "ts": (new Date()).getTime(),
    "pageNo": 4,
    "pageSize": 20,
    "total": 6346,
    "AREACODE": "",
    "M_PROJECT_TYPE": "",
    "KIND": "GCJS",
    "GGTYPE": "1",
    "PROTYPE": "",
    "timeType": "6",
    "BeginTime": "2022-06-13 00:00:00",
    "EndTime": "2022-12-13 23:59:59",
    "createTime": []
}

function Md5Encrypto(text) {
    return crypto.createHash('md5').update(text).digest('hex');
}

function u(t, e) {
    return t.toString().toUpperCase() > e.toString().toUpperCase() ? 1 : t.toString().toUpperCase() == e.toString().toUpperCase() ? 0 : -1
}

function l(t) {
    for (var e = Object.keys(t).sort(u), n = "", a = 0; a < e.length; a++)
        if (void 0 !== t[e[a]])
            if (t[e[a]] && t[e[a]] instanceof Object || t[e[a]] instanceof Array) {
                var i = JSON.stringify(t[e[a]]);
                n += e[a] + i
            } else
                n += e[a] + t[e[a]];
    return n
}

function d(t) {
    for (var e in t)
        "" !== t[e] && void 0 !== t[e] || delete t[e];
    var n = "3637CB36B2E54A72A7002978D0506CDF" + l(t);
    return Md5Encrypto(n).toLocaleLowerCase()
}

console.log(d(params))
View Code

 

数据逆向JS

const CryptoJS = require('crypto-js')

/*
原js 加密函数
function b(t) {
    var e = h.a.enc.Utf8.parse(r["c"])
      , n = h.a.enc.Utf8.parse(r["b"])
      , a = h.a.AES.decrypt(t, e, {
        iv: n,
        mode: h.a.mode.CBC,
        padding: h.a.pad.Pkcs7
    });
    return a.toString(h.a.enc.Utf8)
}

破解:
    0、确认参数 t 是什么值
    1、确认h.a 是什么函数 --> 加密算法库crypto-js
    2、查看 r["c"]、r["b"] 是什么值
*/

var Aa = {
    b: function (t, dd) {
        var e = CryptoJS.enc.Utf8.parse('BE45D593014E4A4EB4449737660876CE')
            , n = CryptoJS.enc.Utf8.parse('A8909931867B0425')
            , a = CryptoJS.AES.decrypt(t, e, {
                iv: n,
                mode: CryptoJS.mode.CBC,
                padding: CryptoJS.pad.Pkcs7
            });
        console.log(dd)
        return a.toString(CryptoJS.enc.Utf8)
    }
}

function b(t) {
    var e = CryptoJS.enc.Utf8.parse('BE45D593014E4A4EB4449737660876CE')
        , n = CryptoJS.enc.Utf8.parse('A8909931867B0425')
        , a = CryptoJS.AES.decrypt(t, e, {
            iv: n,
            mode: CryptoJS.mode.CBC,
            padding: CryptoJS.pad.Pkcs7
        });
    return a.toString(CryptoJS.enc.Utf8)
}

data = ""
console.log(b(data))
View Code

 

posted @ 2022-12-28 11:21  萤huo虫  阅读(699)  评论(0编辑  收藏  举报