利用谷歌浏览器断点调试js反向解析,解密
Posted zhong_sp
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了利用谷歌浏览器断点调试js反向解析,解密相关的知识,希望对你有一定的参考价值。
目标网站:https://www.aqistudy.cn/html/city_detail.html
点击按钮才会去后台请求数据,
第一步:将click打开,
第二步:找个后台请求数据的url https://www.aqistudy.cn/apinew/aqistudyapi.php
第三步:断点调试,找到找到加密和解密的文件
1 function Base64() { 2 _2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=", 3 this.encode = function (a) { 4 var c, d, e, f, g, h, i, b = "", 5 j = 0; 6 for (a = _29(a); j < a.length;) c = a.charCodeAt(j++), 7 d = a.charCodeAt(j++), 8 e = a.charCodeAt(j++), 9 f = c >> 2, 10 g = (3 & c) << 4 | d >> 4, 11 h = (15 & d) << 2 | e >> 6, 12 i = 63 & e, 13 isNaN(d) ? h = i = 64 : isNaN(e) && (i = 64), 14 b = b + _2.charAt(f) + _2.charAt(g) + _2.charAt(h) + _2.charAt(i); 15 return b 16 }, 17 this.decode = function (a) { 18 var c, d, e, f, g, h, i, b = "", 19 j = 0; 20 for (a = a.replace(/[^A-Za-z0-9\\+\\/\\=]/g, ""); j < a.length;) f = _2.indexOf(a.charAt(j++)), 21 g = _2.indexOf(a.charAt(j++)), 22 h = _2.indexOf(a.charAt(j++)), 23 i = _2.indexOf(a.charAt(j++)), 24 c = f << 2 | g >> 4, 25 d = (15 & g) << 4 | h >> 2, 26 e = (3 & h) << 6 | i, 27 b += String.fromCharCode(c), 28 64 != h && (b += String.fromCharCode(d)), 29 64 != i && (b += String.fromCharCode(e)); 30 return b = _27(b) 31 }, 32 _29 = function (a) { 33 var b, c, d; 34 for (a = a.replace(/\\r\\n/g, "\\n"), b = "", c = 0; c < a.length; c++) d = a.charCodeAt(c), 35 128 > d ? b += String.fromCharCode(d) : d > 127 && 2048 > d ? (b += String.fromCharCode(192 | d >> 6), b += String.fromCharCode(128 | 63 & d)) : (b += String.fromCharCode(224 | d >> 12), b += String.fromCharCode(128 | 63 & d >> 6), b += String.fromCharCode(128 | 63 & d)); 36 return b 37 }, 38 _27 = function (a) { 39 for (var b = "", c = 0, d = c1 = c2 = 0; c < a.length;) d = a.charCodeAt(c), 40 128 > d ? (b += String.fromCharCode(d), c++) : d > 191 && 224 > d ? (c2 = a.charCodeAt(c + 1), b += String.fromCharCode((31 & d) << 6 | 63 & c2), c += 2) : (c2 = a.charCodeAt(c + 1), c3 = a.charCodeAt(c + 2), b += String.fromCharCode((15 & d) << 12 | (63 & c2) << 6 | 63 & c3), c += 3); 41 return b 42 } 43 } 44 function hex_md5(a) { 45 return binl2hex(core_md5(str2binl(a), a.length * chrsz)) 46 } 47 function b64_md5(a) { 48 return binl2b64(core_md5(str2binl(a), a.length * chrsz)) 49 } 50 function str_md5(a) { 51 return binl2str(core_md5(str2binl(a), a.length * chrsz)) 52 } 53 function hex_hmac_md5(a, b) { 54 return binl2hex(core_hmac_md5(a, b)) 55 } 56 function b64_hmac_md5(a, b) { 57 return binl2b64(core_hmac_md5(a, b)) 58 } 59 function str_hmac_md5(a, b) { 60 return binl2str(core_hmac_md5(a, b)) 61 } 62 function md5_vm_test() { 63 return "900150983cd24fb0d6963f7d28e17f72" == hex_md5("abc") 64 } 65 function core_md5(a, b) { 66 var c, d, e, f, g, h, i, j, k; 67 for (a[b >> 5] |= 128 << b % 32, a[(b + 64 >>> 9 << 4) + 14] = b, c = 1732584193, d = -271733879, e = -1732584194, f = 271733878, g = 0; g < a.length; g += 16) h = c, 68 i = d, 69 j = e, 70 k = f, 71 c = md5_ff(c, d, e, f, a[g + 0], 7, -680876936), 72 f = md5_ff(f, c, d, e, a[g + 1], 12, -389564586), 73 e = md5_ff(e, f, c, d, a[g + 2], 17, 606105819), 74 d = md5_ff(d, e, f, c, a[g + 3], 22, -1044525330), 75 c = md5_ff(c, d, e, f, a[g + 4], 7, -176418897), 76 f = md5_ff(f, c, d, e, a[g + 5], 12, 1200080426), 77 e = md5_ff(e, f, c, d, a[g + 6], 17, -1473231341), 78 d = md5_ff(d, e, f, c, a[g + 7], 22, -45705983), 79 c = md5_ff(c, d, e, f, a[g + 8], 7, 1770035416), 80 f = md5_ff(f, c, d, e, a[g + 9], 12, -1958414417), 81 e = md5_ff(e, f, c, d, a[g + 10], 17, -42063), 82 d = md5_ff(d, e, f, c, a[g + 11], 22, -1990404162), 83 c = md5_ff(c, d, e, f, a[g + 12], 7, 1804603682), 84 f = md5_ff(f, c, d, e, a[g + 13], 12, -40341101), 85 e = md5_ff(e, f, c, d, a[g + 14], 17, -1502002290), 86 d = md5_ff(d, e, f, c, a[g + 15], 22, 1236535329), 87 c = md5_gg(c, d, e, f, a[g + 1], 5, -165796510), 88 f = md5_gg(f, c, d, e, a[g + 6], 9, -1069501632), 89 e = md5_gg(e, f, c, d, a[g + 11], 14, 643717713), 90 d = md5_gg(d, e, f, c, a[g + 0], 20, -373897302), 91 c = md5_gg(c, d, e, f, a[g + 5], 5, -701558691), 92 f = md5_gg(f, c, d, e, a[g + 10], 9, 38016083), 93 e = md5_gg(e, f, c, d, a[g + 15], 14, -660478335), 94 d = md5_gg(d, e, f, c, a[g + 4], 20, -405537848), 95 c = md5_gg(c, d, e, f, a[g + 9], 5, 568446438), 96 f = md5_gg(f, c, d, e, a[g + 14], 9, -1019803690), 97 e = md5_gg(e, f, c, d, a[g + 3], 14, -187363961), 98 d = md5_gg(d, e, f, c, a[g + 8], 20, 1163531501), 99 c = md5_gg(c, d, e, f, a[g + 13], 5, -1444681467), 100 f = md5_gg(f, c, d, e, a[g + 2], 9, -51403784), 101 e = md5_gg(e, f, c, d, a[g + 7], 14, 1735328473), 102 d = md5_gg(d, e, f, c, a[g + 12], 20, -1926607734), 103 c = md5_hh(c, d, e, f, a[g + 5], 4, -378558), 104 f = md5_hh(f, c, d, e, a[g + 8], 11, -2022574463), 105 e = md5_hh(e, f, c, d, a[g + 11], 16, 1839030562), 106 d = md5_hh(d, e, f, c, a[g + 14], 23, -35309556), 107 c = md5_hh(c, d, e, f, a[g + 1], 4, -1530992060), 108 f = md5_hh(f, c, d, e, a[g + 4], 11, 1272893353), 109 e = md5_hh(e, f, c, d, a[g + 7], 16, -155497632), 110 d = md5_hh(d, e, f, c, a[g + 10], 23, -1094730640), 111 c = md5_hh(c, d, e, f, a[g + 13], 4, 681279174), 112 f = md5_hh(f, c, d, e, a[g + 0], 11, -358537222), 113 e = md5_hh(e, f, c, d, a[g + 3], 16, -722521979), 114 d = md5_hh(d, e, f, c, a[g + 6], 23, 76029189), 115 c = md5_hh(c, d, e, f, a[g + 9], 4, -640364487), 116 f = md5_hh(f, c, d, e, a[g + 12], 11, -421815835), 117 e = md5_hh(e, f, c, d, a[g + 15], 16, 530742520), 118 d = md5_hh(d, e, f, c, a[g + 2], 23, -995338651), 119 c = md5_ii(c, d, e, f, a[g + 0], 6, -198630844), 120 f = md5_ii(f, c, d, e, a[g + 7], 10, 1126891415), 121 e = md5_ii(e, f, c, d, a[g + 14], 15, -1416354905), 122 d = md5_ii(d, e, f, c, a[g + 5], 21, -57434055), 123 c = md5_ii(c, d, e, f, a[g + 12], 6, 1700485571), 124 f = md5_ii(f, c, d, e, a[g + 3], 10, -1894986606), 125 e = md5_ii(e, f, c, d, a[g + 10], 15, -1051523), 126 d = md5_ii(d, e, f, c, a[g + 1], 21, -2054922799), 127 c = md5_ii(c, d, e, f, a[g + 8], 6, 1873313359), 128 f = md5_ii(f, c, d, e, a[g + 15], 10, -30611744), 129 e = md5_ii(e, f, c, d, a[g + 6], 15, -1560198380), 130 d = md5_ii(d, e, f, c, a[g + 13], 21, 1309151649), 131 c = md5_ii(c, d, e, f, a[g + 4], 6, -145523070), 132 f = md5_ii(f, c, d, e, a[g + 11], 10, -1120210379), 133 e = md5_ii(e, f, c, d, a[g + 2], 15, 718787259), 134 d = md5_ii(d, e, f, c, a[g + 9], 21, -343485551), 135 c = safe_add(c, h), 136 d = safe_add(d, i), 137 e = safe_add(e, j), 138 f = safe_add(f, k); 139 return Array(c, d, e, f) 140 } 141 function md5_cmn(a, b, c, d, e, f) { 142 return safe_add(bit_rol(safe_add(safe_add(b, a), safe_add(d, f)), e), c) 143 } 144 function md5_ff(a, b, c, d, e, f, g) { 145 return md5_cmn(b & c | ~b & d, a, b, e, f, g) 146 } 147 function md5_gg(a, b, c, d, e, f, g) { 148 return md5_cmn(b & d | c & ~d, a, b, e, f, g) 149 } 150 function md5_hh(a, b, c, d, e, f, g) { 151 return md5_cmn(b ^ c ^ d, a, b, e, f, g) 152 } 153 function md5_ii(a, b, c, d, e, f, g) { 154 return md5_cmn(c ^ (b | ~d), a, b, e, f, g) 155 } 156 function core_hmac_md5(a, b) { 157 var d, e, f, g, c = str2binl(a); 158 for (c.length > 16 && (c = core_md5(c, a.length * chrsz)), d = Array(16), e = Array(16), f = 0; 16 > f; f++) d[f] = 909522486 ^ c[f], 159 e[f] = 1549556828 ^ c[f]; 160 return g = core_md5(d.concat(str2binl(b)), 512 + b.length * chrsz), 161 core_md5(e.concat(g), 640) 162 } 163 function safe_add(a, b) { 164 var c = (65535 & a) + (65535 & b), 165 d = (a >> 16) + (b >> 16) + (c >> 16); 166 return d << 16 | 65535 & c 167 } 168 function bit_rol(a, b) { 169 return a << b | a >>> 32 - b 170 } 171 function str2binl(a) { 172 var d, b = Array(), 173 c = (1 << chrsz) - 1; 174 for (d = 0; d < a.length * chrsz; d += chrsz) b[d >> 5] |= (a.charCodeAt(d / chrsz) & c) << d % 32; 175 return b 176 } 177 function binl2str(a) { 178 var d, b = "", 179 c = (1 << chrsz) - 1; 180 for (d = 0; d < 32 * a.length; d += chrsz) b += String.fromCharCode(a[d >> 5] >>> d % 32 & c); 181 return b 182 } 183 function binl2hex(a) { 184 var d, b = hexcase ? "0123456789ABCDEF" : "0123456789abcdef", 185 c = ""; 186 for (d = 0; d < 4 * a.length; d++) c += b.charAt(15 & a[d >> 2] >> 8 * (d % 4) + 4) + b.charAt(15 & a[d >> 2] >> 8 * (d % 4)); 187 return c 188 } 189 function binl2b64(a) { 190 var d, e, f, b = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 191 c = ""; 192 for (d = 0; d < 4 * a.length; d += 3) for (e = (255 & a[d >> 2] >> 8 * (d % 4)) << 16 | (255 & a[d + 1 >> 2] >> 8 * ((d + 1) % 4)) << 8 | 255 & a[d + 2 >> 2] >> 8 * ((d + 2) % 4), f = 0; 4 > f; f++) c += 8 * d + 6 * f > 32 * a.length ? b64pad : b.charAt(63 & e >> 6 * (3 - f)); 193 return c 194 } 195 function encode_param(a) { 196 var b = new Base64; 197 return b.encode(a) 198 } 199 function encode_secret() { 200 var b, a = appId; 201 for (b = 0; b < arguments.length; b++) a += arguments[b]; 202 return a = a.replace(/\\s/g, ""), 203 hex_md5(a) 204 } 205 function decode_result(a) { 206 var b = new Base64; 207 return b.decode(b.decode(b.decode(a))) 208 } 209 var hexcase = 0, 210 b64pad = "", 211 chrsz = 8, 212 appId = "a01901d3caba1f362d69474674ce477f"; 213 var hexcase = 0; 214 var b64pad = ""; 215 216 function hex_md5(s) { 217 return rstr2hex(rstr_md5(str2rstr_utf8(s))) 218 } 219 function b64_md5(s) { 220 return rstr2b64(rstr_md5(str2rstr_utf8(s))) 221 } 222 function any_md5(s, e) { 223 return rstr2any(rstr_md5(str2rstr_utf8(s)), e) 224 } 225 function hex_hmac_md5(k, d) { 226 return rstr2hex(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))) 227 } 228 function b64_hmac_md5(k, d) { 229 return rstr2b64(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))) 230 } 231 function any_hmac_md5(k, d, e) { 232 return rstr2any(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d)), e) 233 } 234 function md5_vm_test() { 235 return hex_md5("abc").toLowerCase() == "900150983cd24fb0d6963f7d28e17f72" 236 } 237 function rstr_md5(s) { 238 return binl2rstr(binl_md5(rstr2binl(s), s.length * 8)) 239 } 240 function rstr_hmac_md5(key, data) { 241 var bkey = rstr2binl(key); 242 if (bkey.length > 16) bkey = binl_md5(bkey, key.length * 8); 243 var ipad = Array(16), 244 opad = Array(16); 245 for (var i = 0; i < 16; i++) { 246 ipad[i] = bkey[i] ^ 0x36363636; 247 opad[i] = bkey[i] ^ 0x5C5C5C5C 248 } 249 var hash = binl_md5(ipad.concat(rstr2binl(data)), 512 + data.length * 8); 250 return binl2rstr(binl_md5(opad.concat(hash), 512 + 128)) 251 } 252 function rstr2hex(input) { 253 try { 254 hexcase 255 } catch (e) { 256 hexcase = 0 257 } 258 var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; 259 var output = ""; 260 var x; 261 for (var i = 0; i < input.length; i++) { 262 x = input.charCodeAt(i); 263 output += hex_tab.charAt((x >>> 4) & 0x0F) + hex_tab.charAt(x & 0x0F) 264 } 265 return output 266 } 267 function rstr2b64(input) { 268 try { 269 b64pad 270 } catch (e) { 271 b64pad = \'\' 272 } 273 var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 274 var output = ""; 275 var len = input.length; 276 for (var i = 0; i < len; i += 3) { 277 var triplet = (input.charCodeAt(i) << 16) | (i + 1 < len ? input.charCodeAt(i + 1) << 8 : 0) | (i + 2 < len ? input.charCodeAt(i + 2) : 0); 278 for (var j = 0; j < 4; j++) { 279 if (i * 8 + j * 6 > input.length * 8) output += b64pad; 280 else output += tab.charAt((triplet >>> 6 * (3 - j)) & 0x3F) 281 } 282 } 283 return output 284 } 285 function rstr2any(input, encoding) { 286 var divisor = encoding.length; 287 var i, j, q, x, quotient; 288 var dividend = Array(Math.ceil(input.length / 2)); 289 for (i = 0; i < dividend.length; i++) { 290 dividend[i] = (input.charCodeAt(i * 2) << 8) | input.charCodeAt(i * 2 + 1) 291 } 292 var full_length = Math.ceil(input.length * 8 / (Math.log(encoding.length) / Math.log(2))); 293 var remainders = Array(full_length); 294 for (j = 0; j < full_length; j++) { 295 quotient = Array(); 296 x = 0; 297 for (i = 0; i < dividend.length; i++) { 298 x = (x << 16) + dividend[i]; 299 q = Math.floor(x / divisor); 300 x -= q * divisor; 301 if (quotient.length > 0 || q > 0) quotient[quotient.length] = q 302 } 303 remainders[j] = x; 304 dividend = quotient 305 } 306 var output = ""; 307 for (i = remainders.length - 1; i >= 0; i--) output += encoding.charAt(remainders[i]); 308 return output 309 } 310 function str2rstr_utf8(input) { 311 var output = ""; 312 var i = -1; 313 var x, y; 314 while (++i < input.length) { 315 x = input.charCodeAt(i); 316 y = i + 1 < input.length ? input.charCodeAt(i + 1) : 0; 317 if (0xD800 <= x && x <= 0xDBFF && 0xDC00 <= y && y <= 0xDFFF) { 318 x = 0x10000 + ((x & 0x03FF) << 10) + (y & 0x03FF); 319 i++ 320 } 321 if (x <= 0x7F) output += String.fromCharCode(x); 322 else if (x <= 0x7FF) output += String.fromCharCode(0xC0 | ((x >>> 6) & 0x1F), 0x80 | (x & 0x3F)); 323 else if (x <= 0xFFFF) output += String.fromCharCode(0xE0 | ((x >>> 12) & 0x0F), 0x80 | ((x >>> 6) & 0x3F), 0x80 | (x & 0x3F)); 324 else if (x <= 0x1FFFFF) output += String.fromCharCode(0xF0 | ((x >>> 18) & 0x07), 0x80 | ((x >>> 12) & 0x3F), 0x80 | ((x >>> 6) & 0x3F), 0x80 | (x & 0x3F)) 325 } 326 return output 327 } 328 function str2rstr_utf16le(input) { 329 var output = ""; 330 for (var i = 0; i < input.length; i++) output += String.fromCharCode(input.charCodeAt(i) & 0xFF, (input.charCodeAt(i) >>> 8) & 0xFF); 331 return output 332 } 333 function str2rstr_utf16be(input) { 334 var output = ""; 335 for (var i = 0; i < input.length; i++) output += String.fromCharCode((input.charCodeAt(i) >>> 8) & 0xFF, input.charCodeAt(i) & 0xFF); 336 return output 337 } 338 function rstr2binl(input) { 339 var output = Array(input.length >> 2); 340 for (var i = 0; i < output.length; i++) output[i] = 0; 341 for (var i = 0; i < input.length * 8; i += 8) output[i >> 5] |= (input.charCodeAt(i / 8) & 0xFF) << (i % 32); 342 return output 343 } 344 function binl2rstr(input) { 345 var output = ""; 346 for (var i = 0; i < input.length * 32; i += 8) output += String.fromCharCode((input[i >> 5] >>> (i % 32)) & 0xFF); 347 return output 348 } 349 function binl_md5(x, len) { 350 x[len >> 5] |= 0x80 << ((len) % 32); 351 x[(((len + 64) >>> 9) << 4) + 14] = len; 352 var a = 1732584193; 353 var b = -271733879; 354 var c = -1732584194; 355 var d = 271733878; 356 for (var i = 0; i < x.length; i += 16) { 357 var olda = a; 358 var oldb = b; 359 var oldc = c; 360 var oldd = d; 361 a = md5_ff(a, b, c, d, x[i + 0], 7, -680876936); 362 d = md5_ff(d, a, b, c, x[i + 1], 12, -389564586); 363 c = md5_ff(c, d, a, b, x[i + 2], 17, 606105819); 364 b = md5_ff(b, c, d, a, x[i + 3], 22, -1044525330); 365 a = md5_ff(a, b, c, d, x[i + 4], 7, -176418897); 366 d = md5_ff(d, a, b, c, x[i + 5], 12, 1200080426); 367 c = md5_ff(c, d, a, b, x[i + 6], 17, -1473231341); 368 b = md5_ff(b, c, d, a, x[i + 7], 22, -45705983); 369 a = md5_ff(a, b, c, d, x[i + 8], 7, 1770035416); 370 d = md5_ff(d, a, b, c, x[i + 9], 12, -1958414417); 371 c = md5_ff(c, d, a, b, x[i + 10], 17, -42063); 372 b = md5_ff(b, c, d, a, x[i + 11], 22, -1990404162); 373 a = md5_ff(a, b, c, d, x[i + 12], 7, 1804603682); 374 d = md5_ff(d, a, b, c, x[i + 13], 12, -40341101); 375 c = md5_ff(c, d, a, b, x[i + 14], 17, -1502002290); 376 b = md5_ff(b, c, d, a, x[i + 15], 22, 1236535329); 377 a = md5_gg(a, b, c, d, x[i + 1], 5, -165796510); 378 d = md5_gg(d, a, b, c, x[i + 6], 9, -1069501632); 379 c = md5_gg(c, d, a, b, x[i + 11], 14, 643717713); 380 b = md5_gg(b, c, d, a, x[i + 0], 20, -373897302); 381 a = md5_gg(a, b, c, d, x[i + 5], 5, -701558691); 382 d = md5_gg(d, a, b, c, x[i + 10], 9, 38016083); 383 c = md5_gg(c, d, a, b, x[i + 15], 14, -660478335); 384 b = md5_gg(b, c, d, a, x[i + 4], 20, -405537848); 385 a = md5_gg(a, b, c, d, x[i + 9], 5, 568446438); 386 d = md5_gg(d, a, b, c, x[i + 14], 9, -1019803690); 387 c = md5_gg(c, d, a, b, x[i + 3], 14, -187363961); 388 b = md5_gg(b, c, d, a, x[i + 8], 20, 1163531501); 389 a = md5_gg(a, b, c, d, x[i + 13], 5, -1444681467); 390 d = md5_gg(d, a, b, c, x[i + 2], 9, -51403784); 如何利用搜狗浏览器调试js