53逆向aes获取接口响应
# coding=gbk # -*- coding:uft-8 -*- from Crypto.Cipher import AES import base64 import binascii import requests import json # 数据类 class MData(): def __init__(self, data=b"", characterSet='utf-8'): # data肯定为bytes self.data = data self.characterSet = characterSet def saveData(self, FileName): with open(FileName, 'wb') as f: f.write(self.data) def fromString(self, data): self.data = data.encode(self.characterSet) return self.data def fromBase64(self, data): self.data = base64.b64decode(data.encode(self.characterSet)) return self.data def fromHexStr(self, data): self.data = binascii.a2b_hex(data) return self.data def toString(self): return self.data.decode(self.characterSet) def toBase64(self): return base64.b64encode(self.data).decode() def toHexStr(self): return binascii.b2a_hex(self.data).decode() def toBytes(self): return self.data def __str__(self): try: return self.toString() except Exception: return self.toBase64() ### 封装类 class AEScryptor(): def __init__(self, key, mode, iv='', paddingMode="NoPadding", characterSet="utf-8"): ''' 构建一个AES对象 key: 秘钥,字节型数据 mode: 使用模式,只提供两种,AES.MODE_CBC, AES.MODE_ECB iv: iv偏移量,字节型数据 paddingMode: 填充模式,默认为NoPadding, 可选NoPadding,ZeroPadding,PKCS5Padding,PKCS7Padding characterSet: 字符集编码 ''' self.key = key self.mode = mode self.iv = iv self.characterSet = characterSet self.paddingMode = paddingMode self.data = "" def __ZeroPadding(self, data): data += b'\x00' while len(data) % 16 != 0: data += b'\x00' return data def __StripZeroPadding(self, data): data = data[:-1] while len(data) % 16 != 0: data = data.rstrip(b'\x00') if data[-1] != b"\x00": break return data def __PKCS5_7Padding(self, data): needSize = 16 - len(data) % 16 if needSize == 0: needSize = 16 return data + needSize.to_bytes(1, 'little') * needSize def __StripPKCS5_7Padding(self, data): paddingSize = data[-1] return data.rstrip(paddingSize.to_bytes(1, 'little')) def __paddingData(self, data): if self.paddingMode == "NoPadding": if len(data) % 16 == 0: return data else: return self.__ZeroPadding(data) elif self.paddingMode == "ZeroPadding": return self.__ZeroPadding(data) elif self.paddingMode == "PKCS5Padding" or self.paddingMode == "PKCS7Padding": return self.__PKCS5_7Padding(data) else: print("不支持Padding") def __stripPaddingData(self, data): if self.paddingMode == "NoPadding": return self.__StripZeroPadding(data) elif self.paddingMode == "ZeroPadding": return self.__StripZeroPadding(data) elif self.paddingMode == "PKCS5Padding" or self.paddingMode == "PKCS7Padding": return self.__StripPKCS5_7Padding(data) else: print("不支持Padding") def setCharacterSet(self, characterSet): ''' 设置字符集编码 characterSet: 字符集编码 ''' self.characterSet = characterSet def setPaddingMode(self, mode): ''' 设置填充模式 mode: 可选NoPadding,ZeroPadding,PKCS5Padding,PKCS7Padding ''' self.paddingMode = mode def decryptFromBase64(self, entext): ''' 从base64编码字符串编码进行AES解密 entext: 数据类型str ''' mData = MData(characterSet=self.characterSet) self.data = mData.fromBase64(entext) return self.__decrypt() def decryptFromHexStr(self, entext): ''' 从hexstr编码字符串编码进行AES解密 entext: 数据类型str ''' mData = MData(characterSet=self.characterSet) self.data = mData.fromHexStr(entext) return self.__decrypt() def decryptFromString(self, entext): ''' 从字符串进行AES解密 entext: 数据类型str ''' mData = MData(characterSet=self.characterSet) self.data = mData.fromString(entext) return self.__decrypt() def decryptFromBytes(self, entext): ''' 从二进制进行AES解密 entext: 数据类型bytes ''' self.data = entext return self.__decrypt() def encryptFromString(self, data): ''' 对字符串进行AES加密 data: 待加密字符串,数据类型为str ''' self.data = data.encode(self.characterSet) return self.__encrypt() def __encrypt(self): if self.mode == AES.MODE_CBC: aes = AES.new(self.key, self.mode, self.iv) elif self.mode == AES.MODE_ECB: aes = AES.new(self.key, self.mode) else: print("不支持这种模式") return data = self.__paddingData(self.data) enData = aes.encrypt(data) return MData(enData) def __decrypt(self): if self.mode == AES.MODE_CBC: aes = AES.new(self.key, self.mode, self.iv) elif self.mode == AES.MODE_ECB: aes = AES.new(self.key, self.mode) else: print("不支持这种模式") return data = aes.decrypt(self.data) mData = MData(self.__stripPaddingData(data), characterSet=self.characterSet) return mData # 获取信息 def info(): url = 'https://XXXXXXXX/v1/completions' datas = { "prompt": rData.toBase64() } headers = { 'Content-Type': 'application/json', 'Referer': 'https://chatgpt.sbaliyun.com/', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36' } response = requests.post(url=url, headers=headers, data=json.dumps(datas)) # print(response.status_code) # print(response.json()) res = response.json()["choices"][0]["text"].strip() print(res) if __name__ == '__main__': key = b"XXXXXX" iv = b"XXXXXXX" aes = AEScryptor(key, AES.MODE_CBC, iv, paddingMode="ZeroPadding", characterSet='utf-8') while True: data = input("输入查询的内容:") rData = aes.encryptFromString(data) # print("密文:", rData.toBase64()) info() # rData = aes.decryptFromBase64(rData.toBase64()) # print("明文:", rData)
此站点就payload一个参数用了aes加密+混淆 解密出key 和iv 即可
~get是param-
~post是data-
~要带'Content-Type',否则无法识别
~对python字典进行反序列化json.dumps()
本文来自博客园,作者:__username,转载请注明原文链接:https://www.cnblogs.com/code3/p/17053280.html
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步