python之JS逆向—破解DIDI外卖wsgsig

网址:https://passport.didichuxing.com/#/

1.分析js 查找wsgsig并打断点

2.定位生成 wsgsig 位置

3.拆解分析各个函数

 d.C5T(38) + o(r(new Uint8Array(new Uint32Array([Math.floor(4294967296 * Math.random())]).buffer), h)).replace(/=*$/, d.C5T(0));

d.C5T(38) 写死
o
r
h
s
分别查找以上函数位置,并抠出,进行组装

4.要知道t的值是什么,要不断调式

return i(t + e)
i 是md5方法得出结果

5.最后JS合并

以下只是获取wsgsig方法

function getWsgsig(sig) {
    //var t = {};
     var t="R4doMFFeMNlliIWM";
    e = {q:'{"domain":"https://epassport.diditaxi.com.cn","role":13,"appid":50001,"source":70001,"api_version":"1.0.1","lang":"zh-CN","imei":"6ca02a246f33c0d95dd4c3dcaa22e9e1","cell":"13518237839","country_calling_code":"+86","country_id":156,"password":"7418522222222"}'};
    // console.log(p(t, e));
    var sig = p(t, e);
    console.log(sig);
    var timeStamp = new Date().getTime();
    var ts = (timeStamp + '').substring(0,10);
    console.log(ts);
    var wsgsig = "dd03-" + o(r(new Uint8Array(new Uint32Array([Math.floor(4294967296 * Math.random())]).buffer), "ts="+ ts +"&v=1&os=web&av=02&kv=0000010001&vl=252&sig=" + sig)).replace(/=*$/, "");
    console.log(wsgsig);
    return wsgsig
}

需要完整的js @

posted @ 2020-10-27 16:14  莫贞俊晗  阅读(2613)  评论(2编辑  收藏  举报