current position:Home>Python crawler reverse, a college entrance examination volunteer filling platform encrypts the parameter signsafe and decrypts the returned results

Python crawler reverse, a college entrance examination volunteer filling platform encrypts the parameter signsafe and decrypts the returned results

2022-02-01 05:32:59 User 4209879303253

Website links

aHR0cHM6Ly9na2N4LmVvbC5jbi9zY2hvb2wvMTQwL3Byb3ZpbmNlbGluZQ==

Caught analysis

Found an encryption parameter signsafe

And the returned data is also encrypted

Encryption parameters and returned content analysis

signsafe

Keyword search , Only one location was found

Click in , Search again for keywords signsafe, The discovery also basically locates the encrypted location , Then hit the breakpoint

first f value , That is to say p value , Is the interface of the request url

Welcome to my WeChat official account. :  Insert picture description here

Then look at v.default.enc.Utf8.parse(f), Go in and have a look , It's a webpack, Is it necessary to export and analyze step by step ?

Let's see if there is any other way , Because I saw the key words HmacSHA1,Base64, Then look at this v.default What is it? , Pictured , This is reminiscent of js The secret library of crypto-js

Look at the last step f What is it? , Discovery is a md5

Try to use node+crypto-js Rewrite next , It is found that the results are consistent with the above figure , And the flower

Return content

In the return result of packet capture analysis , See a keyword aes, Then search first .

Mark the suspicious positions with breakpoints , Finally located here

Print JSON.parse(B.toString(v.default.enc.Utf8)), Discovery is the result we want

Then follow suit signsafe The idea of , Direct use node+crypto-js rewrite , The final rewrite logic is as follows

var CryptoJS = require("crypto-js");


function dataRes(u, N){
    let w = u;
    let P = CryptoJS.PBKDF2("[email protected]#56", "secret", {
        keySize: 8,
        iterations: 1e3,
        hasher: CryptoJS.algo.SHA256
    }).toString();

    let q = CryptoJS.PBKDF2(w, "secret", {
        keySize: 4,
        iterations: 1e3,
        hasher: CryptoJS.algo.SHA256
    }).toString();
    let H = CryptoJS.lib.CipherParams.create({
        ciphertext: CryptoJS.enc.Hex.parse(N)
    });
    let B = CryptoJS.AES.decrypt(H, CryptoJS.enc.Hex.parse(P), {
        iv: CryptoJS.enc.Hex.parse(q)
    });
    let A =  {
        code: '0000',
        data: JSON.parse(B.toString(CryptoJS.enc.Utf8)),
        message: '0000',
    }
    return A;
}
 Copy code 

We get the result we want .

Of course, the encryption of the standard encryption library , We can also use python To rewrite , If necessary, you can realize it by yourself , For the time being, only js . , After all, it's easier to copy .(^▽^)

Conclusion

Sometimes a different way of thinking , It may really get twice the result with half the effort

copyright notice
author[User 4209879303253],Please bring the original link to reprint, thank you.
https://en.pythonmana.com/2022/02/202202010532568006.html

Random recommended