众所周知 耐克nick 阿迪adidas 德州仪器(TI ti.com) 得捷电子(digikey )贸泽电子(mouser)等较大的芯片 购物之类的网站都引入了akamai的js防机器人识别系统,现在最新的akamai版本是1.7,如果想实现http抢购,那么破解akamai的js 实现sensor_data 然后换取相关有用的_abck是必须的,然后模拟tsl(模拟浏览器怎么发送请求的 不是简单的python go php等)使用个requests就可以的,然后发送相关的数据,那么问题就解决了。
考虑了下,感觉从头读的话,太多的东西了,于是找了下程序入口,从入口开始读取吧,感觉还挺顺利的啊,可以看到整个程序执行下来的话,有很多函数是没用的如,方向运动等指纹的获取
虽说后面就几个步骤,但是粗略的追了下,好几个JS文件 不少步骤,更多的是嵌套,一个函数调用另一个这样的嵌套很多层。。。。。
_cf = []
bmak = {
runFonts: !1,
altFonts: !1,
js_post: !1,
pstate: !1,
fsp:!1,
bm: !1,
doadma_en: 0,
doa_throttle: 0,
dma_throttle: 0,
cf_url: "https://",
params_url: "https://www.ti.com/get_params",
t_tst: 0,
ir: function() {
bmak['start_ts'] = +new Date,
bmak['kact'] = "",
bmak['ke_cnt'] = 0,
bmak['ke_vel'] = 0,
bmak['mact'] = "",
bmak['mme_cnt'] = 0,
bmak['mduce_cnt'] = 0,
bmak['me_vel'] = 0,
bmak['pact'] = "",
bmak['pme_cnt'] = 0,
bmak['pduce_cnt'] = 0,
bmak['pe_vel'] = 0,
bmak['tact'] = "",
bmak['tme_cnt'] = 0,
bmak['tduce_cnt'] = 0,
bmak['te_vel'] = 0,
bmak['doact'] = "",
bmak['doe_cnt'] = 0,
bmak['doe_vel'] = 0,
bmak['dmact'] = "",
bmak['dme_cnt'] = 0,
bmak['dme_vel'] = 0,
bmak['vcact'] = "",
bmak['vc_cnt'] = 0,
bmak['aj_indx'] = 0,
bmak['aj_ss'] = 0,
bmak['aj_type'] = -1,
bmak['aj_indx_doact'] = 0,
bmak['aj_indx_dmact'] = 0,
bmak['aj_indx_tact'] = 0,
bmak['me_cnt'] = 0,
bmak['pe_cnt'] = 0,
bmak['te_cnt'] = 0,
bmak['nav_perm'] = "",
bmak['brv'] = 0,
bmak['hbCalc'] = !1,
bmak['fmh'] = "",
bmak['fmz'] = "",
bmak['ssh'] = "",
bmak['wv'] = "",
bmak['wr'] = "",
bmak['weh'] = "",
bmak['wl'] = 0
},
sd_debug: function (t){
if (!bmak.js_post) {
var a = t;
"string" == typeof _sd_trace ? _sd_trace += a : _sd_trace = a
}
},
getStateField: function(t) {
for (var a = "", e = "aeiouy13579", n = 0, o = t.toLowerCase(); n < o.length; )
e.indexOf(o[n]) >= 0 || e.indexOf(o[n + 1]) >= 0 ? a += 1 : a += 0,
n += 2;
return a
},
listFunctions: {
_setFsp: function(t) {
bmak.fsp = t,
bmak.fsp && (bmak.cf_url = bmak.cf_url.replace(/^http:\/\//i,"https://"))
},
_setBm: function(t) {
bmak.bm = t,
bmak.bm ? (bmak.cf_url = (bmak.fsp ? "https:" : "https:") + "//" + "www.ti.com" + "/_bm/_data",
bmak.js_post = !0) : bmak.params_url = (bmak.fsp ? "https:" :"https:") + "//" + "www.ti.com/get_params"
},
_setAu: function(t) {
"string" == typeof t && (0 === t.lastIndexOf("/", 0) ? bmak.cf_url = (bmak.fsp ? "https:" : "https:") + "//" + "www.ti.com" + t : bmak.cf_url = t)
},
_setPowState: function(t) {
bmak.pstate = t
},
},
startdoadma: function() {
0 == bmak.doadma_en && window.addEventListener && (window.addEventListener('deviceorientation', function (){}, !0),
window.addEventListener('devicemotion', function (){}, !0),
bmak.doadma_en = 1),
bmak.doa_throttle= 0,
bmak.dma_throttle = 0
},
to: function() {
var t = bmak[_ac[115]]() % 1e7;
bmak[_ac[631]] = t;
for (var a = t, e = bmak[_ac[390]](bmak[_ac[117]](51)), n = 0; n < 5; n++) {
var o = bmak[_ac[390]](t / Math[_ac[164]](10, n)) % 10
, m = o + 1;
op = bmak[_ac[645]](o),
a = op(a, m)
}
bmak[_ac[515]] = a * e
},
x2: function() {
var t = bmak[_ac[117]]
, a = t(98) + t(109) + t(97) + t(107)
, e = t(103) + t(101) + t(116) + t(95) + t(99) + t(102) + t(95) + t(100) + t(97) + t(116) + t(101)
, n = window[a][e]
, o = 0;
return _ac[554] == typeof n && (o = n()),
o
},
startTracking: function() {
bmak.startdoadma();
try {
bmak[_ac[14]]()
} catch (t) {
bmak[_ac[515]] = -654321
}
setInterval(function() {
bmak[_ac[384]]()
}, 3e3),
document[_ac[252]] ? (document[_ac[252]](_ac[799], bmak[_ac[251]], !0),
document[_ac[252]](_ac[5], bmak[_ac[391]], !0),
document[_ac[252]](_ac[350], bmak[_ac[646]], !0),
document[_ac[252]](_ac[125], bmak[_ac[215]], !0),
document[_ac[252]](_ac[567], bmak[_ac[176]], !0),
document[_ac[252]](_ac[4], bmak[_ac[359]], !0),
document[_ac[252]](_ac[602], bmak[_ac[188]], !0),
document[_ac[252]](_ac[754], bmak[_ac[337]], !0),
document[_ac[252]](_ac[312], bmak[_ac[241]], !0),
document[_ac[252]](_ac[651], bmak[_ac[289]], !0),
document[_ac[252]](_ac[17], bmak[_ac[404]], !0),
document[_ac[252]](_ac[522], bmak[_ac[271]], !0),
document[_ac[252]](_ac[769], bmak[_ac[430]], !0)) : document[_ac[545]] && (document[_ac[545]](_ac[799], bmak[_ac[251]]),
document[_ac[545]](_ac[5], bmak[_ac[391]]),
document[_ac[545]](_ac[350], bmak[_ac[646]]),
document[_ac[545]](_ac[125], bmak[_ac[215]]),
document[_ac[545]](_ac[605], bmak[_ac[176]]),
document[_ac[545]](_ac[536], bmak[_ac[359]]),
document[_ac[545]](_ac[795], bmak[_ac[188]]),
document[_ac[545]](_ac[607], bmak[_ac[337]]),
document[_ac[545]](_ac[392], bmak[_ac[241]]),
document[_ac[545]](_ac[760], bmak[_ac[289]]),
document[_ac[545]](_ac[550], bmak[_ac[404]]),
document[_ac[545]](_ac[334], bmak[_ac[271]]),
document[_ac[545]](_ac[380], bmak[_ac[430]])),
bmak[_ac[310]](),
bmak[_ac[211]] = bmak[_ac[366]](),
bmak[_ac[597]] && (bmak[_ac[446]] = 0,
bmak[_ac[110]](),
bmak[_ac[504]](!0)),
bmak[_ac[268]] = !1
},
}
t = {}
if (function(t){
var a = {}
t.fpcf = a
a.sf4 = false
a.fpValstr = "-1"
a.fpValCalculated =!1
a.rCFP = "-1"
a.cache = {}
a.td = -999999
a.clearCache =function () {
a.cache={}
}
a.fpVal=function () {
a.fpValCalculated = !0
try {
var t = 0;
t = +new Date;
var e = a.data();
// a[_ac[155]] = e[_ac[518]](/\"/g, _ac[277]);
// var n = 0;
// n = Date[_ac[82]] ? Date[_ac[82]]() : +new Date,
// a[_ac[333]] = n - t
} catch (t) {}
}
a.data = function() {
var t = 24 //colorDepth
, e = 24 //pixelDepth
, n = true //检测开启cookie
, o = false //检测开启java
, m = -1 //是否开启追踪
, r = "default";
r = "dis" //和字体相关
// return [a.canvas("<@nv45. F1n63r,Pr1n71n6!"), a[_ac[382]](_ac[487]), r, a[_ac[83]](), a[_ac[54]](), a[_ac[158]](), a[_ac[1]](), a[_ac[92]](), a[_ac[174]](), t, e, n, o, m][_ac[179]](_ac[640])
}
a.canvas =function () {
console.log("ccc")
}
}(bmak), "firstLoad"){
//正式开始执行
if (bmak.sd_debug("<init/>"),_cf.length>0){
//似乎这个玩意都不执行
}else {
//设置bm_script 为 script 对象
var bm_script = document.currentScript;
if (bm_script.src){
bm_script.src = "https://www.ti.com/BH40Pj/R6whT/QkycT/yYNs/Suh7mbrz/HV9rWxMtAg/cC4cKlkD/YnAB"
var bm_url = bm_script.src,url_split=bm_url.split("/"),obfus_state_field;
if (url_split.length>=4 && (obfus_state_field = bm_url.split("/").slice(-4)[0]),obfus_state_field && obfus_state_field.length % 2 ==0){
var state_field_str = bmak.getStateField(obfus_state_field);
state_field_str.length >= 3 && (bmak.listFunctions._setFsp(1 == state_field_str[0]),
bmak.listFunctions._setBm("1" == state_field_str[1]),
bmak.listFunctions._setPowState("1" == state_field_str[2]),
bmak.listFunctions._setAu(bm_url))
}
}
}
try {
//挂载其他的属性
bmak.ir()
bmak.t_tst = +new Date
bmak.startTracking()
}catch (t){
console.log(t)
}
}