js逆向相关内容
js中常用方法
如果遇到aes或者rsa这种比较常规的加密,可以引入一个js的加密解密包进行解密,如果报错可能是需要安装
var CryptoJS = require("crypto-js")
如果提示缺少windows,那么可以下载另一个包
const jsdom = require("jsdom");
const { JSDOM } = jsdom;
const dom = new JSDOM('<!DOCTYPE html><p>Hello world</p>');
window = dom.window;
也有人使用window={}或者window=this之类的方法,不过容易暴毙。
如果有数据压缩可以用,最典型的是中医智库
pako = require('pako')
decrypted = pako.inflate(decrypted, {to: "string"});
有些网站会对浏览器环境做进一步检测,可以使用下面方法进行伪造
window = global;
var document = new Object();
var params = {
location:{
hash: "",
host: "localhost:63342",
hostname: "localhost",
// href: "http://localhost:63342/SpiderTest/index.html?_ijt=cbm25vhb9cva9uad3qdo901n7u",
origin: "http://localhost:63342",
pathname: "/SpiderTest/index.html",
port: "63342",
protocol: "http:",
search: "?_ijt=cbm25vhb9cva9uad3qdo901n7u"
},
navigator:{
appCodeName: "Mozilla",
appName: "Netscape",
appVersion: "5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
cookieEnabled: true,
deviceMemory: 8,
doNotTrack: null,
hardwareConcurrency: 4,
language: "zh-CN",
languages: ["zh-CN", "zh"],
maxTouchPoints: 0,
onLine: true,
platform: "Win32",
product: "Gecko",
productSub: "20030107",
userAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
vendor: "Google Inc.",
vendorSub: "",
}
};
Object.assign(window,params);
python 文件中执行js函数的方法:
def get_js():
f = open("core.js", 'r', encoding='utf-8') # 打开JS文件
line = f.readline()
htmlstr = ''
while line:
htmlstr = htmlstr+line
line = f.readline()
return htmlstr
def get_des_psswd(g):
jsstr = get_js()
ctx = execjs.compile(jsstr) # 加载JS文件
params = ctx.call('get_song',g).split('+++++++')
param = params[0]
encSecKey = params[1]
get_js()函数用来读取js文件的内容
get_des_passwd函数用来执行js函数,ctx.call为具体调用的方法,get_song为js里自己定义的函数的名字,g为传给这个函数的参数
使用上述方法之前要引入包
import requests
import execjs
node = execjs.get()
之前需要安装node.js,安装node.js请参考网上的教程,安装完毕后大部分的机器需要重启才能生效
node = execjs.get()
用来检测是否生效