python之JS逆向—破解头条抖音登录协议

抖音与头条登录协议方法相同

从以下图片可以看出
account:
password:
都加过密

1.在搜索框中输入password

2.查找password加密并在此处打断点

进入之后跳到此处,继续一步一步往下走

3.运行到此处时注意参数变化

e = this.__encryptParams(e, ["account", "password"]);

进去之后,鼠标悬浮在 2 处 进入函数
le.prototype.__encrypt = function(e)

4.最后把这段JS抠出来

复制 js_str = """function fe(e) {
var t = [];
var r;
var n = 0;
var a = 0;
for (n = 0; n < e.length; n++) {
    r = e.charCodeAt(n);
    if (0 <= r && r <= 127) t.push(r);
    else if (128 <= r && r <= 2047) {
        t.push(192 | 31 & r >> 6);
        t.push(128 | 63 & r)
    } else if (2048 <= r && r <= 55295 || 57344 <= r && r <= 65535) {
        t.push(224 | 15 & r >> 12);
        t.push(128 | 63 & r >> 6);
        t.push(128 | 63 & r)
    }
}
for (a = 0; a < t.length; a++) t[a] &= 255;
return t
}
//获取
//pwd="www123456"
//手机号
//account ="+8613918777711"
function get_pwd_account (e) {
var t, r;
var n = [];
var a = [];
if (void 0 === e) return "";
e = String(e);
a = fe(e);
for (t = 0, r = a.length; t < r; ++t) n.push((5 ^ a[t]).toString(16));
return n.join("")
}"""

5.python之execjs

复制import requests
import execjs
js_obj = execjs.compile(js_str)
account = js_obj.call("a", f'+86{phone}')
password = js_obj.call("a", pwd)
# print(account, password)

6.改写python方法

复制def jing_ri_tou_tiao_encrype(data):
    ls = list(data.encode('utf8'))
    new_list = []
    print(ls)
    for index in range(len(data)):
        new_list.append(str(hex(5 ^ls[index]).replace('0x','')))
    data = ''.join(new_list)
    print(data)
if __name__ == '__main__':
    jing_ri_tou_tiao_encrype('www123456')
    jing_ri_tou_tiao_encrype('+8613822222211')
'2e3d3334303230323d3233373d36 7472603433323130'

---

如果您觉得阅读本文对您有帮助，请点一下“推荐”按钮，您的“推荐”将是我最大的写作动力！欢迎各位转载！