项目场景:
地址:aHR0cHM6Ly93d3cubHkuY29tL2hvdGVsL2JlaWppbmc1My8/c3BtMD0xMDAwMi4yMDAxLjEuMC4xLjQuMTc=
解决方案:
就直接贴代码了,没啥技术含量,下个断点调试下就可以看到,讲解下这两个参数
- wangba:cookie里的参数,13位时间戳,请求时cookie只需加这一属性即可。
- antitoken:根据wangba加密后的参数,即MD5(wangba)。
下面是抠出来的JS代码,MD5方法可以在python里使用,无需加载js。
function o_stringToBytes(t) {
for (var e = [], a = 0; a < t.length; a++)
e.push(255 & t.charCodeAt(a));
return e
}
function i_stringToBytes(t) {
return a_bin_stringToBytes(unescape(encodeURIComponent(t)))
}
function a_bin_stringToBytes(t) {
for (var e = [], a = 0; a < t.length; a++)
e.push(255 & t.charCodeAt(a));
return e
}
(s = function (t, e) {
t.constructor == String ? t = e && "binary" === e.encoding ? o_stringToBytes(t) : i_stringToBytes(t) : r(t) ? t = Array.prototype.slice.call(t, 0) : Array.isArray(t) || (t = t.toString());
for (var a = n.bytesToWords(t), l = 8 * t.length, c = 1732584193, d = -271733879, h = -1732584194, u = 271733878, p = 0; p < a.length; p++)
a[p] = 16711935 & (a[p] << 8 | a[p] >>> 24) | 4278255360 & (a[p] << 24 | a[p] >>> 8);
a[l >>> 5] |= 128 << l % 32,
a[14 + (l + 64 >>> 9 << 4)] = l;
var f = s._ff
, m = s._gg
, v = s._hh
, y = s._ii;
for (p = 0; p < a.length; p += 16) {
var g = c
, _ = d
, b = h
, $ = u;
d = y(d = y(d = y(d = y(d = v(d = v(d = v(d = v(d = m(d = m(d = m(d = m(d = f(d = f(d = f(d = f(d, h = f(h, u = f(u, c = f(c, d, h, u, a[p + 0], 7, -680876936), d, h, a[p + 1], 12, -389564586), c, d, a[p + 2], 17, 606105819), u, c, a[p + 3], 22, -1044525330), h = f(h, u = f(u, c = f(c, d, h, u, a[p + 4], 7, -176418897), d, h, a[p + 5], 12, 1200080426), c, d, a[p + 6], 17, -1473231341), u, c, a[p + 7], 22, -45705983), h = f(h, u = f(u, c = f(c, d, h, u, a[p + 8], 7, 1770035416), d, h, a[p + 9], 12, -1958414417), c, d, a[p + 10], 17, -42063), u, c, a[p + 11], 22, -1990404162), h = f(h, u = f(u, c = f(c, d, h, u, a[p + 12], 7, 1804603682), d, h, a[p + 13], 12, -40341101), c, d, a[p + 14], 17, -1502002290), u, c, a[p + 15], 22, 1236535329), h = m(h, u = m(u, c = m(c, d, h, u, a[p + 1], 5, -165796510), d, h, a[p + 6], 9, -1069501632), c, d, a[p + 11], 14, 643717713), u, c, a[p + 0], 20, -373897302), h = m(h, u = m(u, c = m(c, d, h, u, a[p + 5], 5, -701558691), d, h, a[p + 10], 9, 38016083), c, d, a[p + 15], 14, -660478335), u, c, a[p + 4], 20, -405537848), h = m(h, u = m(u, c = m(c, d, h, u, a[p + 9], 5, 568446438), d, h, a[p + 14], 9, -1019803690), c, d, a[p + 3], 14, -187363961), u, c, a[p + 8], 20, 1163531501), h = m(h, u = m(u, c = m(c, d, h, u, a[p + 13], 5, -1444681467), d, h, a[p + 2], 9, -51403784), c, d, a[p + 7], 14, 1735328473), u, c, a[p + 12], 20, -1926607734), h = v(h, u = v(u, c = v(c, d, h, u, a[p + 5], 4, -378558), d, h, a[p + 8], 11, -2022574463), c, d, a[p + 11], 16, 1839030562), u, c, a[p + 14], 23, -35309556), h = v(h, u = v(u, c = v(c, d, h, u, a[p + 1], 4, -1530992060), d, h, a[p + 4], 11, 1272893353), c, d, a[p + 7], 16, -155497632), u, c, a[p + 10], 23, -1094730640), h = v(h, u = v(u, c = v(c, d, h, u, a[p + 13], 4, 681279174), d, h, a[p + 0], 11, -358537222), c, d, a[p + 3], 16, -722521979), u, c, a[p + 6], 23, 76029189), h = v(h, u = v(u, c = v(c, d, h, u, a[p + 9], 4, -640364487), d, h, a[p + 12], 11, -421815835), c, d, a[p + 15], 16, 530742520), u, c, a[p + 2], 23, -995338651), h = y(h, u = y(u, c = y(c, d, h, u, a[p + 0], 6, -198630844), d, h, a[p + 7], 10, 1126891415), c, d, a[p + 14], 15, -1416354905), u, c, a[p + 5], 21, -57434055), h = y(h, u = y(u, c = y(c, d, h, u, a[p + 12], 6, 1700485571), d, h, a[p + 3], 10, -1894986606), c, d, a[p + 10], 15, -1051523), u, c, a[p + 1], 21, -2054922799), h = y(h, u = y(u, c = y(c, d, h, u, a[p + 8], 6, 1873313359), d, h, a[p + 15], 10, -30611744), c, d, a[p + 6], 15, -1560198380), u, c, a[p + 13], 21, 1309151649), h = y(h, u = y(u, c = y(c, d, h, u, a[p + 4], 6, -145523070), d, h, a[p + 11], 10, -1120210379), c, d, a[p + 2], 15, 718787259), u, c, a[p + 9], 21, -343485551),
c = c + g >>> 0,
d = d + _ >>> 0,
h = h + b >>> 0,
u = u + $ >>> 0
}
return n.endian([c, d, h, u])
}
)._ff = function (t, e, a, n, i, r, o) {
var s = t + (e & a | ~e & n) + (i >>> 0) + o;
return (s << r | s >>> 32 - r) + e
}
,
s._gg = function (t, e, a, n, i, r, o) {
var s = t + (e & n | a & ~n) + (i >>> 0) + o;
return (s << r | s >>> 32 - r) + e
}
,
s._hh = function (t, e, a, n, i, r, o) {
var s = t + (e ^ a ^ n) + (i >>> 0) + o;
return (s << r | s >>> 32 - r) + e
}
,
s._ii = function (t, e, a, n, i, r, o) {
var s = t + (a ^ (e | ~n)) + (i >>> 0) + o;
return (s << r | s >>> 32 - r) + e
}
,
s._blocksize = 16,
s._digestsize = 16;
a = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
n = {
rotl: function (t, e) {
return t << e | t >>> 32 - e
},
endian: function (t) {
if (t.constructor == Number)
return 16711935 & n.rotl(t, 8) | 4278255360 & n.rotl(t, 24);
for (var e = 0; e < t.length; e++)
t[e] = n.endian(t[e]);
return t
},
bytesToWords: function (t) {
for (var e = [], a = 0, n = 0; a < t.length; a++,
n += 8)
e[n >>> 5] |= t[a] << 24 - n % 32;
return e
},
wordsToBytes: function (t) {
for (var e = [], a = 0; a < 32 * t.length; a += 8)
e.push(t[a >>> 5] >>> 24 - a % 32 & 255);
return e
},
bytesToHex: function (t) {
for (var e = [], a = 0; a < t.length; a++)
e.push((t[a] >>> 4).toString(16)),
e.push((15 & t[a]).toString(16));
return e.join("")
}
};
function bytesToString(t) {
for (var e = [], a = 0; a < t.length; a++)
e.push(String.fromCharCode(t[a]));
return e.join("")
}
function get_code(t,e) {
var a = n.wordsToBytes(s(t,e));
return {
'wangba':t,'antitoken':e && e.asBytes ? a : e && e.asString ? bytesToString(a) : n.bytesToHex(a)}
}
var timestamp = (new Date).getTime().toString();
var data = get_code(timestamp, undefined);
console.log(data);
