python之JS逆向—破解头条抖音登录协议
抖音与头条登录协议方法相同
从以下图片可以看出
account:
password:
都加过密
1.在搜索框中输入password
2.查找password加密并在此处打断点
进入之后跳到此处,继续一步一步往下走
3.运行到此处时注意参数变化
e = this.__encryptParams(e, ["account", "password"]);
进去之后,鼠标悬浮在 2 处 进入函数
le.prototype.__encrypt = function(e)
4.最后把这段JS抠出来
js_str = """function fe(e) {
var t = [];
var r;
var n = 0;
var a = 0;
for (n = 0; n < e.length; n++) {
r = e.charCodeAt(n);
if (0 <= r && r <= 127) t.push(r);
else if (128 <= r && r <= 2047) {
t.push(192 | 31 & r >> 6);
t.push(128 | 63 & r)
} else if (2048 <= r && r <= 55295 || 57344 <= r && r <= 65535) {
t.push(224 | 15 & r >> 12);
t.push(128 | 63 & r >> 6);
t.push(128 | 63 & r)
}
}
for (a = 0; a < t.length; a++) t[a] &= 255;
return t
}
//获取
//pwd="www123456"
//手机号
//account ="+8613918777711"
function get_pwd_account (e) {
var t, r;
var n = [];
var a = [];
if (void 0 === e) return "";
e = String(e);
a = fe(e);
for (t = 0, r = a.length; t < r; ++t) n.push((5 ^ a[t]).toString(16));
return n.join("")
}"""
5.python之execjs
import requests
import execjs
js_obj = execjs.compile(js_str)
account = js_obj.call("a", f'+86{phone}')
password = js_obj.call("a", pwd)
# print(account, password)
6.改写python方法
def jing_ri_tou_tiao_encrype(data):
ls = list(data.encode('utf8'))
new_list = []
print(ls)
for index in range(len(data)):
new_list.append(str(hex(5 ^ls[index]).replace('0x','')))
data = ''.join(new_list)
print(data)
if __name__ == '__main__':
jing_ri_tou_tiao_encrype('www123456')
jing_ri_tou_tiao_encrype('+8613822222211')
'2e3d3334303230323d3233373d36 7472603433323130'