js逆向相關內(nèi)容
js中常用方法
如果遇到aes或者rsa這種比較常規(guī)的加密,可以引入一個js的加密解密包進行解密,如果報錯可能是需要安裝
var CryptoJS = require("crypto-js")
如果提示缺少windows,那么可以下載另一個包
const jsdom = require("jsdom");
const { JSDOM } = jsdom;
const dom = new JSDOM('<!DOCTYPE html><p>Hello world</p>');
window = dom.window;
也有人使用window={}或者window=this之類的方法,不過容易暴斃。
如果有數(shù)據(jù)壓縮可以用,最典型的是中醫(yī)智庫
pako = require('pako')
decrypted = pako.inflate(decrypted, {to: "string"});
有些網(wǎng)站會對瀏覽器環(huán)境做進一步檢測,可以使用下面方法進行偽造
window = global;
var document = new Object();
var params = {
location:{
hash: "",
host: "localhost:63342",
hostname: "localhost",
// href: "http://localhost:63342/SpiderTest/index.html?_ijt=cbm25vhb9cva9uad3qdo901n7u",
origin: "http://localhost:63342",
pathname: "/SpiderTest/index.html",
port: "63342",
protocol: "http:",
search: "?_ijt=cbm25vhb9cva9uad3qdo901n7u"
},
navigator:{
appCodeName: "Mozilla",
appName: "Netscape",
appVersion: "5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
cookieEnabled: true,
deviceMemory: 8,
doNotTrack: null,
hardwareConcurrency: 4,
language: "zh-CN",
languages: ["zh-CN", "zh"],
maxTouchPoints: 0,
onLine: true,
platform: "Win32",
product: "Gecko",
productSub: "20030107",
userAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
vendor: "Google Inc.",
vendorSub: "",
}
};
Object.assign(window,params);
python 文件中執(zhí)行js函數(shù)的方法:
def get_js():
f = open("core.js", 'r', encoding='utf-8') # 打開JS文件
line = f.readline()
htmlstr = ''
while line:
htmlstr = htmlstr+line
line = f.readline()
return htmlstr
def get_des_psswd(g):
jsstr = get_js()
ctx = execjs.compile(jsstr) # 加載JS文件
params = ctx.call('get_song',g).split('+++++++')
param = params[0]
encSecKey = params[1]
get_js()函數(shù)用來讀取js文件的內(nèi)容
get_des_passwd函數(shù)用來執(zhí)行js函數(shù),ctx.call為具體調(diào)用的方法,get_song為js里自己定義的函數(shù)的名字,g為傳給這個函數(shù)的參數(shù)
使用上述方法之前要引入包
import requests
import execjs
node = execjs.get()
之前需要安裝node.js,安裝node.js請參考網(wǎng)上的教程,安裝完畢后大部分的機器需要重啟才能生效
node = execjs.get()
用來檢測是否生效
浙公網(wǎng)安備 33010602011771號