js逆向的题目,15-20


###

第16题

第16题,使用了表情包加密,

先破解表情包加密

window.localStorage.setItem('a' , String(Date.parse(new Date()) / 1000));
a = window.localStorage.getItem('a');
window.localStorage.setItem('token', window.btoa(a)+('|')+binb2b64(hex_sha1(window.btoa(core_sha1(a)))) + b64_sha1(a));
token = window.localStorage.getItem('token');

然后扣代码

注意格式化校验的问题,

python代码

import requests
import urllib3
import execjs

urllib3.disable_warnings()


url = "https://www.python-spider.com/api/challenge16"

cookies = "vaptchaNetway=cn; Hm_lvt_337e99a01a907a08d00bed4a1a52e35d=1628248083,1629106799;" \
          " sessionid=a7ckvdtsz5p6i1udfggnkn5tk6je3dgr; _i=MTYyOTI2NDQ3M35ZV2xrYVc1blgzZHBiakUyTWpreU5qUTBOek16TXpR" \
          "PXw1MmRkNzJhMDk4NDNkNGRmNz$wNDM1Zj$xYjhiOTBlYQ; " \
          "_v=TVRZeU9USTJORFEzTTM1WlYyeHJZVmMxYmxnelpIQmlha1V5VFdwcmVVNX" \
          "FVVEJPZWsxNlRYcFJQWHcxTW1Sa056SmhNRGs0TkROa05HUm1OeiR3TkRNMVpqJHhZamhpT1R$bFlR; " \
          "sign=1629264618748~ca1c4ad08c0e246bfc23632a09b1ef64; Hm_lpvt_337e99a01a907a08d00bed4a1a52e35d=1629264744"

cookies = {cookie.split("=")[0].strip(): cookie.split("=")[1].strip() for cookie in cookies.split(";")}

all_sum = []

for i in range(1,101):
    print("page = ",i)
    with open("./16.js","r") as f:
        js_text = f.read()
        # print(js_text)
        js = execjs.compile(js_text)
        js_safe = js.call("SDK_16")
        # print(js_safe)

    headers = {
            "Host": "www.python-spider.com",
            "Connection": "keep-alive",
            "Content-Length": "6",
            "safe": js_safe,
            "Origin": "https://www.python-spider.com",
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36",
            "Accept": "*/*",
            "Referer": "https://www.python-spider.com/challenge/16",
            "Accept-Encoding": "gzip, deflate",
            "Accept-Language": "zh-CN,zh;q=0.9",
            "x-requested-with": "XMLHttpRequest",
    }
    data = {
        "page": i
    }
    res = requests.post(url, verify=False, headers = headers,data=data, cookies=cookies)

    print(res.text)
    page_sum = sum([int(item_dict["value"]) for item_dict in res.json()["data"]])
    # print(page_sum)

    all_sum.append(page_sum)

print("all_sum =",sum(all_sum))

####

 

上一篇:内存性能的正确解读


下一篇:UnixBench的七个影响要素