JsRpc练习
今日网站#
aHR0cHM6Ly93d3cuY2NwcmVjLmNvbS9wcm9qZWN0U2VjUGFnZS8jL2NxenI=
抓包分析#
打上断点#
刷新
分析堆栈#
加密的参数是l
,加密前的参数是'{"id":"rsubtrx19v4o35b1","projectKey":"honsan_cloud_ccprec","clientKey":"rsubtrw8t68wb157","token":null,"acts":[{"id":"rsubtrwsp80cx51c","fullPath":"/ccprec.com.cn.web/client/info/cqweb_nonphy_cqzr","args":[1,20,null]}]}'
放开断点运行,控制台输出了解密后的结果
加入断点
启动Jsrpc后端#
赋值加密函数#
上面图片中提到了加密函数this.aes.encode
,打开断点,执行到该加密函数的时候赋值给 aes_func,然后放开debug
Jsrpc解密#
控制台输入
function Hlclient(wsURL) { this.wsURL = wsURL; this.handlers = {}; this.socket = {}; if (!wsURL) { throw new Error('wsURL can not be empty!!') } this.connect() } Hlclient.prototype.connect = function () { console.log('begin of connect to wsURL: ' + this.wsURL); var _this = this; try { this.socket["ySocket"] = new WebSocket(this.wsURL); this.socket["ySocket"].onmessage = function (e) { console.log("send func", e.data); _this.handlerRequest(e.data); } } catch (e) { console.log("connection failed,reconnect after 10s"); setTimeout(function () { _this.connect() }, 10000) } this.socket["ySocket"].onclose = function () { console.log("connection failed,reconnect after 10s"); setTimeout(function () { _this.connect() }, 10000) } }; Hlclient.prototype.send = function (msg) { this.socket["ySocket"].send(msg) } Hlclient.prototype.regAction = function (func_name, func) { if (typeof func_name !== 'string') { throw new Error("an func_name must be string"); } if (typeof func !== 'function') { throw new Error("must be function"); } console.log("register func_name: " + func_name); this.handlers[func_name] = func; } Hlclient.prototype.handlerRequest = function (requestJson) { var _this = this; var result=JSON.parse(requestJson); //console.log(result) if (!result['action']) { this.sendResult('','need request param {action}'); return } action=result["action"] var theHandler = this.handlers[action]; try { if (!result["param"]){ theHandler(function (response) { _this.sendResult(action, response); }) }else{ theHandler(function (response) { _this.sendResult(action, response); },result["param"]) } } catch (e) { console.log("error: " + e); _this.sendResult(action+e); } } Hlclient.prototype.sendResult = function (action, e) { this.send(action + atob("aGxeX14") + e); }
创建加密的调用接口#
var jiami = new Hlclient("ws://127.0.0.1:12080/ws?group=cc&name=changchun&action=jiami¶m=yes")
编写加密接口#
# 注册一个名称为jiami的方法 jiami.regAction("jiami", function (resolve,param) { var a={"id":"rstyd9hkvm8ykwhx","projectKey":"honsan_cloud_ccprec","clientKey":"rstyd9ghzxc05icg","token":null,"acts":[{"id":"rstyd9hd528bi7vw","fullPath":"/ccprec.com.cn.web/client/info/cqweb_nonphy_cqzr","args":[parseInt(param),20,null]}]} s = JSON.stringify(a); l = aes_func.encode(s) resolve(l); })
测试加密接口#
地址: http://127.0.0.1:12080/go?group=cc&name=changchun&action=jiami¶m=1, param指的是页数
创建解密接口#
var jiemi = new Hlclient("ws://127.0.0.1:12080/ws?group=cc&name=changchun&action=jiemi¶m=yes")
编写解密接口#
jiemi.regAction("jiemi", function (resolve,param) { console.log(param); l = aes_func.decode(param) resolve(l); })
测试解密接口#
地址:http://127.0.0.1:12080/go?group=cc&name=changchun&action=jiami¶m=,param为请求文章第一步请求接口后返回的加密结果
作者:jruing
出处:https://www.cnblogs.com/jruing/p/16148662.html
版权:本作品采用「署名-非商业性使用-相同方式共享 4.0 国际」许可协议进行许可。
本文来自博客园,作者:Jruing,转载请注明原文链接:https://www.cnblogs.com/jruing/p/16148662.html
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!
2021-04-15 本地测试前端+Django是否存在跨域问题