前言
我们今天来介绍一个js案例,本文仅供学习参考,大家谨慎使用。 我们先认识一下,什么是js逆向。
JavaScript 逆向是指对 JavaScript 程序进行反汇编或反编译的过程。它可以帮助你了解 JavaScript 程序的工作原理,并且可以用来修改或扩展程序的功能。
在 JavaScript 中,很多代码是被高度压缩的,这是为了减少文件大小和提高加载速度。但是,在压缩代码的过程中,有些情况下会导致代码变得难以理解和调试。因此,逆向工程师可以通过分析反汇编代码,来理解代码的工作原理,并且修改或扩展 JavaScript 程序的功能。
功能演示
我们这里以某个网站的一个加密参数,作为演示,为了安全,我们这里不放网页,不放逆向的过程。
我们这里获取到了一个加密参数,我们接下来就是解密,我们先把加密后的值写死。
_0x2219f6 = 'ak+9VCsq4dEdB+UdVPGo8kh5JDEbMHGTCmF/AyXJQ0IgHU+lUAivRFLre9jlgVPP2wTUOE6PMq0asFjbCuP00t/pOHkVAvhOpzdJ30Qxe5v5mtObG1j6Eh/bWp9BcjXF3RMhAEnP2kFG5fHQLM+yMdL+FT/KvZWiQAWtbQsEjO5MPyJxzjby+bMgMED7Uy4XQLp6hAN6hZgJ0vuBLeHPQ4WPcc2oYGk5dO4FmTeXqRie+iq1IXH8QUfC6jtYx6VarWX5B1PVgpEv2rYmjqZUsyCZeHtm7EDw9WxFzatw98cEpoLETFx74ZxgiCrYeRYGNSU+TghsmMo8fbbycPrDNeXAQnqhPG8hUR+nb7LkHdGsGPkYKl3RUOh2OH1qt+64POe7OpsKhMBlb9fMyhagnwixu3RHfC44BsYIC0WStvQPzpsdT0oS/jQp0ADJTrGLs5BaazERQyOVWXmrYwalKsFPvIL3QJ9KZ7INGYZIE1G6mGLBHFGbB8MUALSvE5Az8ETagiEibk7MTGEH0TBGDgutLx/U2RnKXrXb8eEBJWVwp6AYL7z/74rAgaIeCXWBt5Zq1aA1pEMT6u19qfElBSO7pO80NPLxqNfxPLocTlVJ9GbTuhQXd2FL9dtuqy4sTzzrsUWLoId7R09clXPIfb9umiQqI0RTTQxdvtcpNjF1I9V3rgK/szwcDOlNq/Uk9fkbrsLLK/zZmSotW5h2NKRn7LTd2gwPzqCDFnBq1UbGFjpurKfjEtbiqc9VQ02m172wjCz0jJkalOh0YxPK3pMh/HVicE7a1nEjOHK7n7bUL6WRFc4mqN9VuNMleDQkXJa95meD+7xGhBlFNjK3oeKZw4zc62Mcb2npJfVbAR8qyOhQijignJ8GiM7/fNoR6CVBgxgSobos/9+jOL0HRDEeoNB9PaSNmIx+QhVQeKCKWfo26J//Mp5gD0AgPtJgVN3ORZrn2QMI6nzKKl7e/W2oHtglEZWvKTnZ9lwvc6lcMgJ5GfIgkGZhjgD++8cAcSJniRSOLIrOU42SkaWwiWG9WnHwFwZSKxmMlZA502rjT66xnZBWmbZiOeC3UZx2Tg+8RpohA7TZ6Ym6kgJCDrZ3MYNxTSnTIjGS65RoNBDDw7vpTXtWqvdCgjEGskH42/ASkqTzJ8HDHuvYW6ZQiRy7NYQCWUN7qSqpnPOpPE2m4+dVHKWw4FkLcmKfgvTYcg0TlgMVhNqfv11KMtpF1FqyiKx5WnFFomEbi2UG42uQQPr8Z5kL6QoJiXxdRrVMYfOTazrIS8XM7/PDnXQ5ZhmwD/gdc9dL3y2igm2mzj5Jbob+VnpVejD5SVM9+gP9tw7v7xy4GJepJRajwOtMhxVybLF/Qz0dKFYRcBzUeR2EpqZqOr8lHJo8umTx3SpKH9C4TV6if/cgUIHyBmCjH4gTBn0tpxxGlpZ0Q2YKV0QJSHrvGfiCeGroYNObJQlbhk82Vw3AGawrUsP6obtR1BlodqxtFzRKNZ6qWcVnZqxOBV/dYsEFUwVDMtR9BsxCQljGJye1FiFBNdfIFN9I03SteClLUtwc0Ydt41ROROYTJG2JsJwPutvpLXV8i/2D0mhT+LcvXglLbePFPooKhxH09v5TPezWKAiqvda/PFfpt6yaoddyS0GWzAb8fRzdaBNYHneI08MXyj6XbSLA7rlIPcgvlH2xF9oJPnk15EOWSnHkxW47s3ni3EXjqJtYp/WUZqK4/KsnyhTpBObBXc2+sndwYFkXmL1pEQ8SUqjc1QdgRvtptmgKy73cJYQ21wwptmiauEmA4IkNN9+dgjjlqow4IYTwsb8gtoVp+zAqIl9m0+qg8EohciYUmz1X+KMQen/QlfRQUM1Fi3f0h8DDPOk2KR/ZXeMCR2hLH7bsdU1f+eLi0ERnusYVTSm7CNtGR93i7Odjqzfgzj8KE8mFrdfqm7KZrAiWa1P8s7tmFX+/RUYVYRSvmcVYMovSYxGO8lTV6nDr1DFEl0fYzfm+MYzQfLt2a/b+OY9GGue8WexeWI5WQhHjAflzfSJFjVJUVv2lLmNs5mfZl+Enz6IFKi+mcbzu+BWOh7ENNkxEzWxx3rmEDRrzA3E0fAIo17Z7yuf9na0vJIFs6lLzTQAJoBormCVhAJ7k4CrUNtU6k2G/xofL5slSTt7hasGil03Hv5OYDclGq0gBcUwFvAajQbUK'
我们首先进行第一次解密,我们找到对应的解密函数,我们看看代码怎么写。
function _0x4207c2(_0x2219f6) { for (var _0x9c7ad4 = atob(_0x2219f6), _0x2dd788 = new Int8Array(_0x9c7ad4['length']), _0x7c7af6 = 0x0; _0x7c7af6 < _0x9c7ad4['length']; _0x7c7af6++) _0x2dd788[_0x7c7af6] = _0x9c7ad4['charCodeAt'](_0x7c7af6); return _0x2dd788; } console.log(_0x4207c2(_0x2219f6));
在控制台中调用 _0x4207c2
函数,并传入 _0x2219f6
作为参数,可以看到函数返回的结果为包含原字符串反转后的字节数组的对象,其中第一个字节为 0x0
,表示字符串的结束标志。
Int8Array(1653) [ 106, 79, -67, 84, 43, 42, -31, -47, 29, 7, -27, 29, 84, -15, -88, -14, 72, 121, 36, 49, 27, 48, 113, -109, 10, 97, 127, 3, 37, -55, 67, 66, 32, 29, 79, -91, 80, 8, -81, 68, 82, -21, 123, -40, -27, -127, 83, -49, -37, 4, -44, 56, 78, -113, 50, -83, 26, -80, 88, -37, 10, -29, -12, -46, -33, -23, 56, 121, 21, 2, -8, 78, -89, 55, 73, -33, 68, 49, 123, -101, -7, -102, -45, -101, 27, 88, -6, 18, 31, -37, 90, -97, 65, 114, 53, -59, -35, 19, 33, 0, ... 1553 more items]
我们进行第二次解密,我们找到对应的解密函数,我们看看代码怎么写。
function _0x3ed467(_0x58f7d4) { for (var _0x4f1bcd = [-0x6f, 0x34, 0x5b, 0x41, -0x41, 0x74, 0x77, 0x6a, -0x79, -0x52, -0x5, 0x50, 0x33, 0x61, 0x44, -0x53, -0x70, -0x33, 0x17, -0x2e, -0x22, -0x72, -0x37, -0xb, -0x7f, 0x5a, 0x21, 0x16, -0x1f, 0x32, -0x11, 0x14, -0x2c, 0xf, -0x5e, -0x7b, 0x76, -0x17, -0x3d, 0x72, 0x47, -0x68, -0x7e, -0x75, -0x51, -0x36, -0x12, -0x6e, -0x4, -0x5f, -0x5b, 0x5e, -0x50, -0xe, 0x78, 0x69, 0x55, 0x68, -0x56, -0x6c, 0x43, 0x19, 0x65, 0x6c, 0x10, -0x69, 0x6f, -0xa, 0x75, -0x49, 0x4d, 0x59, -0x1d, -0x62, -0x44, 0x70, 0x6b, -0x1, 0x56, 0x79, 0x58, -0x65, -0x7c, 0x45, -0x1e, -0x8, -0x71, -0x4a, -0x76, 0x39, -0x19, 0xc, -0x73, -0x6a, 0x5f, 0x7f, 0x54, 0x7c, -0x66, -0x1c, 0x49, 0x2b, -0x3c, 0x1c, 0x2e, 0x73, 0x1e, 0x7a, -0x4b, 0x7d, -0x43, -0x4d, 0x3, -0x7, -0x35, -0xd, 0x35, 0x4e, -0x48, 0x1, 0xb, -0x47, -0x27, -0x4f, -0x3, 0x13, 0x29, 0x7e, -0x2b, -0x7d, -0x1b, 0x22, 0x3f, 0x8, 0x48, -0x23, -0x29, -0x3f, 0x3c, -0x18, 0x66, 0x2f, -0x77, -0x67, -0x16, 0x2d, 0x3b, 0x40, -0x60, 0x31, 0x53, -0x6b, -0x78, -0x39, -0x46, 0x0, -0x26, -0x54, -0x28, 0x18, 0xe, 0x30, 0x1d, 0x2c, -0x24, -0x2f, 0x38, -0x5c, 0x26, 0x25, 0x4, -0x32, 0x67, 0xa, -0x59, 0x37, 0x71, -0x1a, 0x6e, 0x36, 0x24, -0x14, -0x4e, -0xc, -0x74, 0x46, -0x25, 0x5, -0x3e, -0x4c, -0x30, -0x40, 0x4f, 0x64, 0x28, 0x6, -0x3a, -0x5a, -0x13, -0x9, 0x27, 0x5d, -0x63, 0x15, 0x7, 0x1a, -0x2, 0x1b, -0x2d, 0x51, 0x3a, -0x7a, 0x4c, -0x42, 0x2, 0x5c, -0x2a, 0x62, -0x10, 0x9, 0x3d, 0x3e, -0xf, 0x63, -0x15, 0x1f, -0x38, 0x57, 0x11, -0x34, -0x45, -0x21, -0x3b, -0x55, 0x42, 0x4a, 0x12, -0x5d, -0x80, -0x57, -0x20, 0x2a, 0x20, -0x58, 0x6d, 0x60, 0xd, -0x6, 0x4b, -0x64, -0x31, 0x23, -0x61, 0x52, -0x6d, 0x7b], _0x39eb66 = 0x0, _0x46445e = 0x0, _0x1360a5 = 0x0, _0x596013 = new Array(), _0x411913 = 0x0; _0x411913 < _0x58f7d4['length']; _0x411913++) { _0x39eb66 = _0x39eb66 + 0x1 & 0xff, _0x46445e = (0xff & _0x4f1bcd[_0x39eb66]) + _0x46445e & 0xff; var _0x5e20d4 = _0x4f1bcd[_0x39eb66]; _0x4f1bcd[_0x39eb66] = _0x4f1bcd[_0x46445e], _0x4f1bcd[_0x46445e] = _0x5e20d4, _0x1360a5 = (0xff & _0x4f1bcd[_0x39eb66]) + (0xff & _0x4f1bcd[_0x46445e]) & 0xff, _0x596013['push'](_0x58f7d4[_0x411913] ^ _0x4f1bcd[_0x1360a5]); } return _0x596013; } console.log(_0x3ed467(_0x58f7d4))
我们定义了一个名为 _0x3ed467
的函数,该函数接受一个整数参数 _0x58f7d4
,并返回一个字符串。
[ 123, 34, 99, 117, 114, 114, 80, 97, 103, 101, 34, 58, 51, 44, 34, 108, 105, 115, 116, 34, 58, 91, 123, 34, 116, 34, 58, 50, 44, 34, 119, 34, 58, 49, 57, 50, 48, 44, 34, 104, 34, 58, 49, 48, 56, 48, 44, 34, 105, 34, 58, 34, 49, 50, 57, 54, 54, 48, 49, 101, 51, 55, 54, 101, 52, 56, 56, 48, 56, 55, 49, 99, 57, 56, 51, 54, 56, 102, 99, 54, 98, 53, 53, 99, 34, 125, 44, 123, 34, 116, 34, 58, 50, 44, 34, 119, 34, 58, 51, 50, ... 1553 more items]
我们第三次解密之后,就会得到下面的内容。
{"currPage":3,"list":[{"t":2,"w":1920,"h":1080,"i":"1296601e376e4880871c98368fc6b55c"},{"t":2,"w":3200,"h":1600,"i":"151
ffe398bcb416eafc33ca52eb96fe4"},{"t":2,"w":1920,"h":1100,"i":"f6cceb2baa7c417fa347d4a50bfc59d3"},{"t":2,"w":1920,"h":144
0,"i":"117332980bcc4a538641f18574bd1cef"},{"t":2,"w":1920,"h":1437,"i":"437d11872128423093b5d645276368a3"},{"t":2,"w":19
20,"h":1080,"i":"b9f3d1013cae48c4964936b93122edcd"},{"t":2,"w":3840,"h":2160,"i":"67b0bdc2af904ca28958c94f53748868"},{"t
":2,"w":1920,"h":1080,"i":"a34d3d192f764fd5b4708e5abab1a325"},{"t":2,"w":3840,"h":2160,"i":"a76bc43bd1b9485cb7cb475dc630
9b97"},{"t":2,"w":3840,"h":2160,"i":"7c054fa99bb34a7f8ff6cfa161d62d18"},{"t":2,"w":3840,"h":1620,"i":"0916a04e1a2144cdb0
d2762a05f61ba4"},{"t":2,"w":1920,"h":1080,"i":"45faaa549400488ca99aa88c4ca63aba"},{"t":2,"w":2580,"h":1290,"i":"cb2b9741
b3d641b190a848c75a97d050"},{"t":2,"w":1920,"h":1124,"i":"980181719bd343a98a825c806a64c138"},{"t":2,"w":1920,"h":1080,"i"
:"054709ce68e741188d303a4b4fa1b9c9"},{"t":2,"w":1920,"h":1081,"i":"0c71159805454605880915a091458d22"},{"t":1,"w":1920,"h
":1080,"i":"26928d2b557b4c5284a83fcc75164ff0"},{"t":2,"w":1920,"h":1080,"i":"e3408389cb0d4ea1b5f651873dab2a19"},{"t":1,"
w":2880,"h":1800,"i":"a93980ec55db49c6b76406d5e9ad70ee"},{"t":2,"w":1920,"h":1080,"i":"50044b636c284cc59b970a358d2dcc84"
},{"t":2,"w":2048,"h":1536,"i":"b70d5aca343f4f5bbca0ee1c8e295996"},{"t":2,"w":1920,"h":1280,"i":"c4d4e0dce3b544b58443019
a511f51f0"},{"t":1,"w":2048,"h":1153,"i":"79c5b27326d84c3c90582bbe092670d8"},{"t":2,"w":1920,"h":1339,"i":"efdc37f74e8f4
总结
这样,我们就把加密参数获取了下来,也解密了出来,更多关于python js逆向的资料请关注其它相关文章!