某建筑网页js逆向分析过程(有坑）

某建筑网页js逆向分析过程(有坑）

https://blog.csdn.net/ak_bingbing/article/details/134399056

 

acmakb

于 2023-11-14 14:56:27 发布

阅读量709
收藏

点赞数 4
分类专栏： 网络爬虫 文章标签： javascript 爬虫 python
版权

网络爬虫
专栏收录该内容
20 篇文章0 订阅
订阅专栏
某建筑网页：
网站：
import base64
# 解码
website = base64.b64decode('aHR0cHM6Ly9qenNjLm1vaHVyZC5nb3YuY24vZGF0YS9jb21wYW55'.encode('utf-8'))
print(website)
1
2
3
4
JSON.parse()
​ 当你有一个包含JSON字符串的变量时，你可以使用JSON.parse()将其转换为JavaScript对象。

var jsonString = '{"name":"John","age":30,"city":"New York"}';
var jsonObject = JSON.parse(jsonString);
console.log(jsonObject.name); // 输出：John
console.log(jsonObject.age); // 输出：30
console.log(jsonObject.city); // 输出：New York

1
2
3
4
5
6
思路：

表单中都是正常数据，没有特殊的数据。

相应是密文：

 

JSON.parse 进行初步尝试搜素

 

 

 

 

 

d.a 就是CryptoJS的一个对象，使用标准库替换即可

 

但是会报错。

 

我们可以思考一下哪里错了，第一密文数据肯定没有错，有错的话就是iv值，密钥有一些问题。

 

我们的密钥与网页的不一样啊！

没办法，在加个断点呗。

 

注意上面我打断点的位置，在这个解密函数这行打上断点，这行之前应该iv和密钥已经被确定了。

 

对比一下，发现密钥f的值有变换，说明f被覆盖了。我需要使用覆盖后的。

然后我添加一个监听器

 

会发现，f在解密之前已经生成好了，而且优先级很高，没有被后面那个f覆盖。

将其转化为字符串全局搜索看看吧。

 

 

 

关于iv和key变不变的问题，就看他每一次有没有发送性的请求，没有的话就是固定的

js代码：
const CryptoJS = require("crypto-js");
f =CryptoJS .enc.Utf8.parse("Dt8j9wGw%6HbxfFn")
m = CryptoJS .enc.Utf8.parse("0123456789ABCDEF");
function b(t) {
var e = CryptoJS .enc.Hex.parse(t)
, n = CryptoJS .enc.Base64.stringify(e)
, a = CryptoJS .AES.decrypt(n, f, {
iv: m,
mode: CryptoJS .mode.CBC,
padding: CryptoJS .pad.Pkcs7
})
, r = a.toString(CryptoJS .enc.Utf8);
return r.toString()
}

data='5588a9e126c91a28cc2f6813e3793369c25469a35a79a5541917e64a1f6f6af3bbd0cce6b277e85b6d8453c0ed389efe7b9c284465ff6d20106dc8b2e826243fd32ccbf213498c5f47a2baac4ef91406f0cd2195daef19ec25e8e08aa85daadc8fbf2dfb965fdcb9e104cf25f28dcf1f4bb682492b8f8af4e0ff8c85ef391d4e481febb162d46cbdefe7e10a5ac0126b9a80a5ba665aa8b3f63df6c16ee9312092eeb8cfff00a53b86844e8a5a84d1ebaa327c90440859f91d92be3d0fc09bbfe0e82ee3e3e3d5de399068bb1bec3afd73d243dc50836872acace651768f837ad3542c5572021ee30d7362a36e9e1f59b61d2f5fd6a2f18f96f26310cbbd3c085f173578d7c11223b78f9bca5d7438992931b0f593a38bb8a893ed93e1d121f9ebbdd256c75d374e5158cd99b3dcc004174014c875b83f7c28182df2a69e48e78d460695eba2283419022725fe75bed7a3f35855ace37f308d4c9b59782351b86fcb44ee3b6a0f6ab87a138264a22a7a2bfc4680e748a9e74850ff7d4c8551f68451a085dc515968de3f4a3b73e4ac758d17aa2d936fef16ac607c6c992aab99eadf35884094eca819412348d818af099f1c002c63f7caa7ef1948fe932101d9ed271695b712cc283eb392308df8c681e1197a6b75ef3b699030bd86a6e77e1c9322caeffb0a1ed259fddd3783a63c83a45ba32568751956cb37fcb968d21232024f125608391462fba018b5849bfe4e140dbfd329b2a0fc1d33e980231e08c74d47e09401e3ca65b5eede5deb5702be0ab209da312f3a70187a8b4508ba48fb207640b13cb6cff87b7224cdb9e8689a3e48661eaec3bca58acc0eb171d2447af44db23ec24dbca41bbca69379df1d925bb75dc79d05e6f0338b5db66a3f791874bcc6bccb4ae11b75bd54cd9cb8a3fd66cf9101ef35dfdc1da42d2d4bd74d20201fa6bff590f6ee934cf41cd8b3a36df72529f3ea4af2dfc01b9f19d913f9ac449ef7f5e60c3dff7ed2329cf89f6e4a74c4e28d8eba0eeef4272398af4f97bccd3912e16ed28cd14dda3c4a5647a9bdfb06868db5085f027a37f9c35f2f3fec1f425161dae6e48a21d6c63999f53864580c8aef4b77f49867a3f6825eadd74613fe773a6c960ded5c3b2179a3fbc8c3d8f9b0d12275c0badff698759e9ddd6022b8d0b97d810a43047c3c26739d82292b687055e1119fac72f8f778ce5d03bdcbb145dd327f4d05075b98d05b40a1589542dbe798ec5ee17067a8b937a69583755a1f46051ec45a08a4aa7b9151511b32174a642122f7ee3262d27a8a04f68f9a239152150dbe8f7e181145cd661feec3968e6cf9835d6961894a6ea992a22093cf41c689ee6381dcd0effad596f7d877ac5e18ef72710782fa6d9813cdc6bb8cc189a7b8c468f9a45f7ffbb99812ec6a91e6c39c4b108ae33b3e9c01e036ec6319d5d483365c62e052b9b76a0598ecf36c292973c403e39aab196dafdfc64b0b2d1df2c1f9ab6371e4fa9d6985ead5426fc12e911e913177c21023a699e650ef888d8d4681dc861cf88d8ce59cec43d5a97637e6a42816beaaaea464b329ff026a3222862473ab50fe4cf9db7e46dab1e893e3f998edf7eefddca5008ec990551825b814f6c175a223d768536b83c2ef89168726fecbc4f8b8bfa8a85b4b417dec607e2888d0e47efac97671c00dfaf4d65b09043a6de0c69619e6afdeaec622c46e41151a6510154d56cd064b3accec2fcae3e9898cc045b93e59b2fa8be1018a9df2d5053d9b4784efd416d1b71c0c1b5751509203d35175c07b42d189bfc349c75e809e5f04f6ac5884cedeacebfe5853c68cf613171ff19650f2b29fe47c3c208c0dabbdcb0f4ec2162fc74f86e7079e88835fad1b5baa1fd234d6276214385e81fd2abbfe20e42f0f5a460afe064c845c1967ae61785a869ab1bf89d3f21ac8ef0fff498ddacbd2d6107a3d06b2dc478687e3945f5de8641be0977f400be10a3dec885f0c46d841eec7c54aa50d9ad560250d82fefd59e3db148786ec40c214d0060306e40e87d3df3ba73efcc17fe00a7da6828c8e922c4ab96a70730247101cc9bc6f43f8d3582efaeaac022b5c7eac748e54e6c1a6471ec5d65ef0de5ec01061c785f44dddb98a3a61298b769153d496e58204752a8719ad1b14d05580e9a3f8b597a02a37135107c74e8cd2ee5b19dde3f1bf4a64f1522bee5cc3e384671d5b4b24a3e4a7302c8afa21217383c3b2bc84b8518914cfd1b88687753c5c59b47c36f34f2f30c23d4498387e817092f61a5e6497a7bff95d2ee5910d8ef0e760c08a8a0c53170b23f0360b99740e829a3347f7b4a26612a7ba847f369cd6d1190816d3cdc2c707976e9092bee0cbdf5b2133403daafd22a35e4724277c0c61540640da0e5ee9519cb7cb30972602cdcc91f0e1e949edb0f775479afb6497ec186222e55a46f70c7c58c4471b6ecba87cb8a06a0c24acc5fd0c57b72559a8b23e4dde253141932af8642b61baa1736803bbd0a872ddd7d0944ee24b592f195a00e8d568c4ca14241ea0ae6fb407c7c49e2f3900f4d82f125c98dd8a7526991a965edb6fa1d0c9c6116cbaba862a80cfb6515c9d2eb364f00af18d6343c0837a66ff4ec7e2fa96b0fa05fdb60e855d9e34a28a388efea19e1549ecbe90a49780dcdc0448c2068cdddda5112a09e45d026431c0836e75686bd177905f006255a5cff6d013890097e27f4f70f9956a49979fa4405effbda7275fe2a7de3203e0cbdcce6c5b18a76b050b3d05a1b8a28a6425cea1262a9e70d3d7a39940047fe7601a3d9a787bbc8328d18bfebb1a46d79187e062516300b20e71debc3ed24e3d2b52b0038cb3f22f9fc46d7fc8b07720290032f8ad0bb357efc315c2991590358c55bfc3a5b317a5e48a842e54e04a4ebfa180bc0ddd7d6f9ef39c258410ed51208da2c1166893cdfaeed18ea606dbdd8954a490372e325f911dab61caa4a3219ae8015b21d1d0bcbcc5cd40d760b175564d05ce9d6a370fdbd33e9d7c20c81788ca281b15af65043a09a5ce7e08ffaae0e253921b44a9caa1b0bad6706094ef306fd6315af32f61589800f908db0dcb274113ec2631bdd59f02fb07e29c7f4e0398b46c7adddaadd7fd0aa242967e7e2030a3924b740ae37c72a021ed48012479b4a46b7bf0ac19eef25684bc4a89f34c972788fc015c125ed9baf8e6ec02ab9db7447acc4021ee0660a57872740aae743c478a3d232783335cf9732a792e21cc44960ce31fbea327e77e18f1fb6066a1a713e52e1853530237b87c28ff5e42ca59af02dbff0880f90c2edbeb7daf48e00edad55881978228b1d9fd00a60d7483aa52f9b6eed1b32ab64451ad075cddf3a72ee00efafd23bb4c66c66a899b5e361a66d6270ccfe9917abeb147d01a4008fde052f7d489a464b77f01cb8cd7a26ebc42b6a2bd3d2d443d08eebc538867eb8fedbe4e7d2c6e84b91160f336546eaf579e25b678e59ef4fe95f9c6a3f38ba3ab2a3557b1544155c091b4f97d8bca14989dddb5611d877d74a34b2fea5e5bfea18e30c93be3f2c955a96dfa998de8b7d43739d27aac07f74f59c40235547ae0c431cf48540ca4117c04f4a01e5e2229f5093549347f50bc4f39ad8cc25edd1c5f7f1ebaeb3661eca63dd9a962f6ce0393431ba1415ac9b5efbf3c9fb1ecce2fdb2264571ac1528a560c7da5e8292bcf2748fcfe92deb7663a0b99154017f46c20e64e3a3626e79976d3486107b2dc34b800bfcf42d66b189b090010c208ae1791385d386f1d625f854086c8d5cb4b498e6a13f6c1054b879e0410cd57f25a79fc990238b309c0c0bc25ace708e13cc8ffb1f5d25fafe96748ddc62bde59f898ef88eb27b230e939d66781f173610c8164bbed9590028d33f1987534bae6f574319f7278a571c71e7f92fb54a8269d32dbd5d2dd13249e7fda952e2d1598292279a172393292dc6476703358b6c420ef0a686c5f8ac4cc808e23c0799b37df48345caf481951e0aa92030b96e6d268fd972f1663e326e717aaa7c7a8069ae2ab8500b43c724d05c6030d015875283aadc10917d71efbcf50188539b3bcb46e42b44498092fb68aa540c9f64bff44f548a845b97cd30de4aa75569c9f896f4fb9557a4543fc9b7b6be267cd315bd089de24b69910b7a9cc732083ff8e1894ac05a8fb00ae34788e2192f3b26593b72abf8170d6cd6f32d018f03b0b9f44ed12cdbea463cfb4537fd01838de176de03ac4a04433e4386c13558e7bb3123eeb44663d178d7ff2c184cf80a910658ff0a40960ea01dba1eafed41a6d03fd6f654bf5919e3dfb06166dedd7a9ddf16f8e61c34a071c10572f15a2b83dd477f3f306e956cbf65d7deb56457d4d4d63438c1034aabac210b14f2bbe461f4e3c2a19a1167ec0741f5aa876d046514cb056c5f9b2aa159c99d104b2b6cd149b5d8eb7297ec95a4d3376d4d85a1c0ac0a3948cd1debeaff4a90e4c1d58c2d2c274751b70284237f906b4ce15831ad77f71e4d659521103ee8d024a23b61c54e6f287f59fad4d32da2284f55a466e2fb0fb1459c4d0e2e37e00acaefc348b6e7a085272e29c0db6dd7c156d64786046e75353f0c635fa4faa8ab1567d4c82730b93c61353b951a03607163aab45a382608b196b5d382bf58a89ea416e39ce144f0ed2df09d93b66460bdb9eb9629a76875a83f9cd1dcc5084acb0f8ebaf10ed6ca01c789833ffeae9318d5abb75309770f3daecc4b20bcf9c2e33c8f0048e8acb1216554ab59b4cbcb68162d8e8762f72d9781b8e9a1664bf21f12beef2de08c48b3bbb7ed0489e324192fe8d52b3b2d858a97a523f23ba48b20dc19924bd8b8fd93ce0ae11a2ee4e84fe9298433ef63fad0fb9a8ba3df67881a236b2253d9d66ad28eb5f2164e0c0f71f6eed6e2d9aa0ca75f33bb0bc9309f879e42913e64d4c46e57bb7295360f7d2dead2eeff7fd14d8744bd7c8ffe724d61f574cd66688956dd4177a0dd47a572efc407edfe95a61de86752c1d9eaee569dde7874d625a623a54519573285eb3608918dc5709fbd933fcd6bba0942c5740d75cfea210cb92eae1161fe38b8ad9808045f0625cf09e54c929ea3ae82902c28fe8b4b12ce3790e58ae6f225b56770083068b584b326751c147d0711459a6ca471a3ed9b2a112b7181fb88a5fc4c56bb81081143fa14d41f375f3b819ed38989f388fc922af6e470c9dcf610e64b80745ed070b41c645629216d81548dce4d3768b80262014da531bc4c4526534c90bcd3dc976164a0aefb4eab38e358933c290e6c40944b133968e3c854003d2e35555be09ba0073fa9a0cd622350d28bf14df99b62eac55c1002221e533dd614ee4a48585b4cd518cc31386b5356881d110cb83739c6472a46569b0c6587b2c5f05b39bd4ce1fa5d53ec8eb1c1312454ed958c0f78b047482e7d8b4beffa44309a404049954e1a6a2624adc1429f3e80a9175aecb3bc2c3ff929ade1389a4a8beffcfd41f8eb44ce7edf97347f8a148f6570e438177302aab05bd5f9cc239e02bae168ffd17fe81b91de15728f018c48aec71e4d6ba667b3e1b5b89b58e5a2efa85007eebd043184e333efa9f8bed7388d9276b2cc7f4912cc50561a63d044846c4f6a5b61be91dda2558e2fe7223b349f51959cf948f7444546d9b3ec396b65df693747aff5b46c6ef9061b1af43a053f68a770bfb5bdf058ecee58686442ea6a98aa812f64bcf5a482a68c745b1f1bf5188d2816a2f72d38aa68ec60aaa7b50f5a067010ca9dc8a6197f9fb418cfdc39d1db62041a5b7fad562b73278afbffe7556eb3e8dd17f9e09f2d8f6d33cc134e2f1a5e2c4599e078364ad3a4b08a981f38606c2f098300157ac52d03108900fbe1fe53bd9dc466e449b0a62c26deb8a0f4e385f2179ea52919465c918fd1648058850b8ea52ff6d4b1c4abe8894e33947c843ffd9b167c84486c9b2be8c6c23a158f6c4e53788d0f4f696b1ab12fe076aa2612d56bf431d894ac61f75f26f6784f091ec6a4e869ca9e19d100dccb075ea0acfc8f965c06f1dc3cf53e1474a1acad83be12494380faf2d72273f81bc397bcc5444f10140e6db751c898dd9700de7216f97ba11c3ff1aba0a11ef14746ae9a0ade672fb9af2c2279874269e37442a678c71a08833e7e49f753a9f79ae1d474db1c921b1517cae63e5ff8d494f3d8f23cb556127a6dc64e2410a42d0b6fb10c1b0a5ebf8225c20f967fe4fc8ddebcc192ba1ca6fbbcf5e7e7510be695adf64c4771fe9f5254fc376c9b334805c3d5176121974448ba5d2a4a4fe9eb588518106fc4c24658e246cc7a134a9226461c0b616a617c46473a74ff6987332a4237a7168883f54c8de449220e3c72b3b11f6cec98633c5a911ac02'

console.log(b(data))

function AesDecrypt(Key,Iv,text) {
var key = CryptoJS.enc.Utf8.parse(Key),
iv = CryptoJS.enc.Utf8.parse(Iv),
srcs = text,
// CBC 加密方式，Pkcs7 填充方式
decrypted = CryptoJS.AES.decrypt(srcs, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
return decrypted.toString(CryptoJS.enc.Utf8);
}

————————————————
版权声明：本文为CSDN博主「acmakb」的原创文章，遵循CC 4.0 BY-SA版权协议，转载请附上原文出处链接及本声明。
原文链接：https://blog.csdn.net/ak_bingbing/article/details/134399056