文章目录
前言
网址:https://haohuo.jinritemai.com/views/product/item?id=3380284906675503740
一、页面分析
1.按F12,进入调试,进入链接
二、参数破解
1.参数加密位置查找
1.1 老规矩直接搜索token,第二个比较像,点进去,可能加载会有点慢,耐心等待。
1.2 点进去后再搜寻token,找到10处,不知道是哪个,在下面的两个打上断点
1.3 刷新网页
1.3.1 参数o是商品的id,然后我们进入这个方法
1.3.2 可以看到调用了两次a()方法,第一次是对t加密,然后是对a()(t)+"zd2019@@1157"加密
1.3.3 然后我们看下a()方法,可以看出是一个MD5的加密
2.参数破解测试
2.1 扣JS代码,删除无关变量
function Md5(t) {
if (t)
blocks[0] = blocks[16] = blocks[1] = blocks[2] = blocks[3] = blocks[4] = blocks[5] = blocks[6] = blocks[7] = blocks[8] = blocks[9] = blocks[10] = blocks[11] = blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0,
this.blocks = blocks,
this.buffer8 = buffer8;
else if (ARRAY_BUFFER) {
var e = new ArrayBuffer(68);
this.buffer8 = new Uint8Array(e),
this.blocks = new Uint32Array(e)
} else
this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
this.h0 = this.h1 = this.h2 = this.h3 = this.start = this.bytes = this.hBytes = 0,
this.finalized = this.hashed = !1,
this.first = !0
}
var ERROR = "input is invalid type"
, WINDOW = "object" == typeof window
, root = WINDOW ? window : {
};
root.JS_MD5_NO_WINDOW && (WINDOW = !1);
var WEB_WORKER = !WINDOW && "object" == typeof self
, NODE_JS = !root.JS_MD5_NO_NODE_JS && "object" == typeof process && process.versions && process.versions.node;
NODE_JS ? root = global : WEB_WORKER && (root = self);
var COMMON_JS = !root.JS_MD5_NO_COMMON_JS && "object" == typeof module && module.exports,
ARRAY_BUFFER = !root.JS_MD5_NO_ARRAY_BUFFER && "undefined" != typeof ArrayBuffer,
HEX_CHARS = "0123456789abcdef".split(""), EXTRA = [128, 32768, 8388608, -2147483648], SHIFT = [0, 8, 16, 24],
OUTPUT_TYPES = ["hex", "array", "digest", "buffer", "arrayBuffer", "base64"],
BASE64_ENCODE_CHAR = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split(""), blocks = [],
buffer8;
if (ARRAY_BUFFER) {
var buffer = new ArrayBuffer(68);
buffer8 = new Uint8Array(buffer),
blocks = new Uint32Array(buffer)
}
!root.JS_MD5_NO_NODE_JS && Array.isArray || (Array.isArray = function (t) {
return "[object Array]" === Object.prototype.toString.call(t)
}
),
!ARRAY_BUFFER || !root.JS_MD5_NO_ARRAY_BUFFER_IS_VIEW && ArrayBuffer.isView || (ArrayBuffer.isView = function (t) {
return "object" == typeof t && t.buffer && t.buffer.constructor === ArrayBuffer
}
);
var createOutputMethod = function (t) {
return function (e) {
return new Md5(!0).update(e)[t]()
}
}
, createMethod = function () {
var t = createOutputMethod("hex");
NODE_JS && (t = nodeWrap(t)),
t.create = function () {
return new Md5
}
,
t.update = function (e) {
return t.create().update(e)
}
;
for (var e = 0; e < OUTPUT_TYPES.length; ++e) {
var n = OUTPUT_TYPES[e];
t[n] = createOutputMethod(n)
}
return t
}
, nodeWrap = function (method) {
var crypto = eval("require('crypto')")
, Buffer = eval("require('buffer').Buffer")
, nodeMethod = function (t) {
if ("string" == typeof t)
return crypto.createHash("md5").update(t, "utf8").digest("hex");
if (null === t || void 0 === t)
throw ERROR;
return t.constructor === ArrayBuffer && (t = new Uint8Array(t)),
Array.isArray(t) || ArrayBuffer.isView(t) || t.constructor === Buffer ? crypto.createHash("md5").update(new Buffer(t)).digest("hex") : method(t)
};
return nodeMethod
};
Md5.prototype.update = function (t) {
if (!this.finalized) {
var e, n = typeof t;
if ("string" !== n) {
if ("object" !== n)
throw ERROR;
if (null === t)
throw ERROR;
if (ARRAY_BUFFER && t.constructor === ArrayBuffer)
t = new Uint8Array(t);
else if (!(Array.isArray(t) || ARRAY_BUFFER && ArrayBuffer.isView(t)))
throw ERROR;
e = !0
}
for (var i, r, a = 0, o = t.length, s = this.blocks, c = this.buffer8; a < o;) {
if (this.hashed && (this.hashed = !1,
s[0] = s[16],
s[16] = s[1] = s[2] = s[3] = s[4] = s[5] = s[6] = s[7] = s[8] = s[9] = s[10] = s[11] = s[12] = s[13] = s[14] = s[15] = 0),
e)
if (ARRAY_BUFFER)
for (r = this.start; a < o && r < 64; ++a)
c[r++] = t[a];
else
for (r = this.start; a < o && r < 64; ++a)
s[r >> 2] |= t[a] << SHIFT[3 & r++];
else if (ARRAY_BUFFER)
for (r = this.start; a < o && r < 64; ++a)
i = t.charCodeAt(a),
i < 128 ? c[r++] = i : i < 2048 ? (c[r++] = 192 | i >> 6,
c[r++] = 128 | 63 & i) : i < 55296 || i >= 57344 ? (c[r++] = 224 | i >> 12,
c[r++] = 128 | i >> 6 & 63,
c[r++] = 128 | 63 & i) : (i = 65536 + ((1023 & i) << 10 | 1023 & t.charCodeAt(++a)),
c[r++] = 240 | i >> 18,
c[r++] = 128 | i >> 12 & 63,
c[r++] = 128 | i >> 6 & 63,
c[r++] = 128 | 63 & i);
else
for (r = this.start; a < o && r < 64; ++a)
i = t.charCodeAt(a),
i < 128 ? s[r >> 2] |= i << SHIFT[3 & r++] : i < 2048 ? (s[r >> 2] |= (192 | i >> 6) << SHIFT[3 & r++],
s[r >> 2] |= (128 | 63 & i) << SHIFT[3 & r++]) : i < 55296 || i >= 57344 ? (s[r >> 2] |= (224 | i >> 12) << SHIFT[3 & r++],
s[r >> 2] |= (128 | i >> 6 & 63) << SHIFT[3 & r++],
s[r >> 2] |= (128 | 63 & i) << SHIFT[3 & r++]) : (i = 65536 + ((1023 & i) << 10 | 1023 & t.charCodeAt(++a)),
s[r >> 2] |= (240 | i >> 18) << SHIFT[3 & r++],
s[r >> 2] |= (128 | i >> 12 & 63) << SHIFT[3 & r++],
s[r >> 2] |= (128 | i >> 6 & 63) << SHIFT[3 & r++],
s[r >> 2] |= (128 | 63 & i) << SHIFT[3 & r++]);
this.lastByteIndex = r,
this.bytes += r - this.start,
r >= 64 ? (this.start = r - 64,
this.hash(),
this.hashed = !0) : this.start = r
}
return this.bytes > 4294967295 && (this.hBytes += this.bytes / 4294967296 << 0,
this.bytes = this.bytes % 4294967296),
this
}
}
,
Md5.prototype.finalize = function () {
if (!this.finalized) {
this.finalized = !0;
var t = this.blocks
, e = this.lastByteIndex;
t[e >> 2] |= EXTRA[3 & e],
e >= 56 && (this.hashed || this.hash(),
t[0] = t[16],
t[16] = t[1] = t[2] = t[3] = t[4] = t[5] = t[6] = t[7] = t[8] = t[9] = t[10] = t[11] = t[12] = t[13] = t[14] = t[15] = 0),
t[14] = this.bytes << 3,
t[15] = this.hBytes << 3 | this.bytes >>> 29,
this.hash()
}
}
,
Md5.prototype.hash = function () {
var t, e, n, i, r, a, o = this.blocks;
this.first ? (t = o[0] - 680876937,
t = (t << 7 | t >>> 25) - 271733879 << 0,
i = (-1732584194 ^ 2004318071 & t) + o[1] - 117830708,
i = (i << 12 | i >>> 20) + t << 0,
n = (-271733879 ^ i & (-271733879 ^ t)) + o[2] - 1126478375,
n = (n << 17 | n >>> 15) + i << 0,
e = (t ^ n & (i ^ t)) + o[3] - 1316259209,
e = (e << 22 | e >>> 10) + n << 0) : (t = this.h0,
e = this.h1,
n = this.h2,
i = this.h3,
t += (i ^ e & (n ^ i)) + o[0] - 680876936,
t = (t << 7 | t >>> 25) + e << 0,
i += (n ^ t & (e ^ n)) + o[1] - 389564586,
i = (i << 12 | i >>> 20) + t << 0,
n += (e ^ i & (t ^ e)) + o[2] + 606105819,
n = (n << 17 | n >>> 15) + i << 0,
e += (t ^ n & (i ^ t)) + o[3] - 1044525330,
e = (e << 22 | e >>> 10) + n << 0),
t += (i ^ e & (n ^ i)) + o[4] - 176418897,
t = (t << 7 | t >>> 25) + e << 0,
i += (n ^ t & (e ^ n)) + o[5] + 1200080426,
i = (i << 12 | i >>> 20) + t << 0,
n += (e ^ i & (t ^ e)) + o[6] - 1473231341,
n = (n << 17 | n >>> 15) + i << 0,
e += (t ^ n & (i ^ t)) + o[7] - 45705983,
e = (e << 22 | e >>> 10) + n << 0,
t += (i ^ e & (n ^ i)) + o[8] + 1770035416,
t = (t << 7 | t >>> 25) + e << 0,
i += (n ^ t & (e ^ n)) + o[9] - 1958414417,
i = (i << 12 | i >>> 20) + t << 0,
n += (e ^ i & (t ^ e)) + o[10] - 42063,
n = (n << 17 | n >>> 15) + i << 0,
e += (t ^ n & (i ^ t)) + o[11] - 1990404162,
e = (e << 22 | e >>> 10) + n << 0,
t += (i ^ e & (n ^ i)) + o[12] + 1804603682,
t = (t << 7 | t >>> 25) + e << 0,
i += (n ^ t & (e ^ n)) + o[13] - 40341101,
i = (i << 12 | i >>> 20) + t << 0,
n += (e ^ i & (t ^ e)) + o[14] - 1502002290,
n = (n << 17 | n >>> 15) + i << 0,
e += (t ^ n & (i ^ t)) + o[15] + 1236535329,
e = (e << 22 | e >>> 10) + n << 0,
t += (n ^ i & (e ^ n)) + o[1] - 165796510,
t = (t << 5 | t >>> 27) + e << 0,
i += (e ^ n & (t ^ e)) + o[6] - 1069501632,
i = (i << 9 | i >>> 23) + t << 0,
n += (t ^ e & (i ^ t)) + o[11] + 643717713,
n = (n << 14 | n >>> 18) + i << 0,
e += (i ^ t & (n ^ i)) + o[0] - 373897302,
e = (e << 20 | e >>> 12) + n << 0,
t += (n ^ i & (e ^ n)) + o[5] - 701558691,
t = (t << 5 | t >>> 27) + e << 0,
i += (e ^ n & (t ^ e)) + o[10] + 38016083,
i = (i << 9 | i >>> 23) + t << 0,
n += (t ^ e & (i ^ t)) + o[15] - 660478335,
n = (n << 14 | n >>> 18) + i << 0,
e += (i ^ t & (n ^ i)) + o[4] - 405537848,
e = (e << 20 | e >>> 12) + n << 0,
t += (n ^ i & (e ^ n)) + o[9] + 568446438,
t = (t << 5 | t >>> 27) + e << 0,
i += (e ^ n & (t ^ e)) + o[14] - 1019803690,
i = (i << 9 | i >>> 23) + t << 0,
n += (t ^ e & (i ^ t)) + o[3] - 187363961,
n = (n << 14 | n >>> 18) + i << 0,
e += (i ^ t & (n ^ i)) + o[8] + 1163531501,
e = (e << 20 | e >>> 12) + n << 0,
t += (n ^ i & (e ^ n)) + o[13] - 1444681467,
t = (t << 5 | t >>> 27) + e << 0,
i += (e ^ n & (t ^ e)) + o[2] - 51403784,
i = (i << 9 | i >>> 23) + t << 0,
n += (t ^ e & (i ^ t)) + o[7] + 1735328473,
n = (n << 14 | n >>> 18) + i << 0,
e += (i ^ t & (n ^ i)) + o[12] - 1926607734,
e = (e << 20 | e >>> 12) + n << 0,
r = e ^ n,
t += (r ^ i) + o[5] - 378558,
t = (t << 4 | t >>> 28) + e << 0,
i += (r ^ t) + o[8] - 2022574463,
i = (i << 11 | i >>> 21) + t << 0,
a = i ^ t,
n += (a ^ e) + o[11] + 1839030562,
n = (n << 16 | n >>> 16) + i << 0,
e += (a ^ n) + o[14] - 35309556,
e = (e << 23 | e >>> 9) + n << 0,
r = e ^ n,
t += (r ^ i) + o[1] - 1530992060,
t = (t << 4 | t >>> 28) + e << 0,
i += (r ^ t) + o[4] + 1272893353,
i = (i << 11 | i >>> 21) + t << 0,
a = i ^ t,
n += (a ^ e) + o[7] - 155497632,
n = (n << 16 | n >>> 16) + i << 0,
e += (a ^ n) + o[10] - 1094730640,
e = (e << 23 | e >>> 9) + n << 0,
r = e ^ n,
t += (r ^ i) + o[13] + 681279174,
t = (t << 4 | t >>> 28) + e << 0,
i += (r ^ t) + o[0] - 358537222,
i = (i << 11 | i >>> 21) + t << 0,
a = i ^ t,
n += (a ^ e) + o[3] - 722521979,
n = (n << 16 | n >>> 16) + i << 0,
e += (a ^ n) + o[6] + 76029189,
e = (e << 23 | e >>> 9) + n << 0,
r = e ^ n,
t += (r ^ i) + o[9] - 640364487,
t = (t << 4 | t >>> 28) + e << 0,
i += (r ^ t) + o[12] - 421815835,
i = (i << 11 | i >>> 21) + t << 0,
a = i ^ t,
n += (a ^ e) + o[15] + 530742520,
n = (n << 16 | n >>> 16) + i << 0,
e += (a ^ n) + o[2] - 995338651,
e = (e << 23 | e >>> 9) + n << 0,
t += (n ^ (e | ~i)) + o[0] - 198630844,
t = (t << 6 | t >>> 26) + e << 0,
i += (e ^ (t | ~n)) + o[7] + 1126891415,
i = (i << 10 | i >>> 22) + t << 0,
n += (t ^ (i | ~e)) + o[14] - 1416354905,
n = (n << 15 | n >>> 17) + i << 0,
e += (i ^ (n | ~t)) + o[5] - 57434055,
e = (e << 21 | e >>> 11) + n << 0,
t += (n ^ (e | ~i)) + o[12] + 1700485571,
t = (t << 6 | t >>> 26) + e << 0,
i += (e ^ (t | ~n)) + o[3] - 1894986606,
i = (i << 10 | i >>> 22) + t << 0,
n += (t ^ (i | ~e)) + o[10] - 1051523,
n = (n << 15 | n >>> 17) + i << 0,
e += (i ^ (n | ~t)) + o[1] - 2054922799,
e = (e << 21 | e >>> 11) + n << 0,
t += (n ^ (e | ~i)) + o[8] + 1873313359,
t = (t << 6 | t >>> 26) + e << 0,
i += (e ^ (t | ~n)) + o[15] - 30611744,
i = (i << 10 | i >>> 22) + t << 0,
n += (t ^ (i | ~e)) + o[6] - 1560198380,
n = (n << 15 | n >>> 17) + i << 0,
e += (i ^ (n | ~t)) + o[13] + 1309151649,
e = (e << 21 | e >>> 11) + n << 0,
t += (n ^ (e | ~i)) + o[4] - 145523070,
t = (t << 6 | t >>> 26) + e << 0,
i += (e ^ (t | ~n)) + o[11] - 1120210379,
i = (i << 10 | i >>> 22) + t << 0,
n += (t ^ (i | ~e)) + o[2] + 718787259,
n = (n << 15 | n >>> 17) + i << 0,
e += (i ^ (n | ~t)) + o[9] - 343485551,
e = (e << 21 | e >>> 11) + n << 0,
this.first ? (this.h0 = t + 1732584193 << 0,
this.h1 = e - 271733879 << 0,
this.h2 = n - 1732584194 << 0,
this.h3 = i + 271733878 << 0,
this.first = !1) : (this.h0 = this.h0 + t << 0,
this.h1 = this.h1 + e << 0,
this.h2 = this.h2 + n << 0,
this.h3 = this.h3 + i << 0)
}
,
Md5.prototype.hex = function () {
this.finalize();
var t = this.h0
, e = this.h1
, n = this.h2
, i = this.h3;
return HEX_CHARS[t >> 4 & 15] + HEX_CHARS[15 & t] + HEX_CHARS[t >> 12 & 15] + HEX_CHARS[t >> 8 & 15] + HEX_CHARS[t >> 20 & 15] + HEX_CHARS[t >> 16 & 15] + HEX_CHARS[t >> 28 & 15] + HEX_CHARS[t >> 24 & 15] + HEX_CHARS[e >> 4 & 15] + HEX_CHARS[15 & e] + HEX_CHARS[e >> 12 & 15] + HEX_CHARS[e >> 8 & 15] + HEX_CHARS[e >> 20 & 15] + HEX_CHARS[e >> 16 & 15] + HEX_CHARS[e >> 28 & 15] + HEX_CHARS[e >> 24 & 15] + HEX_CHARS[n >> 4 & 15] + HEX_CHARS[15 & n] + HEX_CHARS[n >> 12 & 15] + HEX_CHARS[n >> 8 & 15] + HEX_CHARS[n >> 20 & 15] + HEX_CHARS[n >> 16 & 15] + HEX_CHARS[n >> 28 & 15] + HEX_CHARS[n >> 24 & 15] + HEX_CHARS[i >> 4 & 15] + HEX_CHARS[15 & i] + HEX_CHARS[i >> 12 & 15] + HEX_CHARS[i >> 8 & 15] + HEX_CHARS[i >> 20 & 15] + HEX_CHARS[i >> 16 & 15] + HEX_CHARS[i >> 28 & 15] + HEX_CHARS[i >> 24 & 15]
}
,
Md5.prototype.toString = Md5.prototype.hex,
Md5.prototype.digest = function () {
this.finalize();
var t = this.h0
, e = this.h1
, n = this.h2
, i = this.h3;
return [255 & t, t >> 8 & 255, t >> 16 & 255, t >> 24 & 255, 255 & e, e >> 8 & 255, e >> 16 & 255, e >> 24 & 255, 255 & n, n >> 8 & 255, n >> 16 & 255, n >> 24 & 255, 255 & i, i >> 8 & 255, i >> 16 & 255, i >> 24 & 255]
}
,
Md5.prototype.array = Md5.prototype.digest,
Md5.prototype.arrayBuffer = function () {
this.finalize();
var t = new ArrayBuffer(16)
, e = new Uint32Array(t);
return e[0] = this.h0,
e[1] = this.h1,
e[2] = this.h2,
e[3] = this.h3,
t
}
,
Md5.prototype.buffer = Md5.prototype.arrayBuffer,
Md5.prototype.base64 = function () {
for (var t, e, n, i = "", r = this.array(), a = 0; a < 15;)
t = r[a++],
e = r[a++],
n = r[a++],
i += BASE64_ENCODE_CHAR[t >>> 2] + BASE64_ENCODE_CHAR[63 & (t << 4 | e >>> 4)] + BASE64_ENCODE_CHAR[63 & (e << 2 | n >>> 6)] + BASE64_ENCODE_CHAR[63 & n];
return t = r[a],
i += BASE64_ENCODE_CHAR[t >>> 2] + BASE64_ENCODE_CHAR[t << 4 & 63] + "=="
}
;
var exports = createMethod();
var e = "3380284906675503740";
var t = 'hex';
var parma1 = new Md5(!0).update(e)[t](); //第一次加密
var param2 = new Md5(!0).update(parma1+'zd2019@@1157')[t]();//第二次加密
console.log(param2);
三、运行测试
可以看出我们自己解密的参数与网页上生成的参数是一致的,那么此次破解就是成功地,觉得有帮助的小伙伴,欢迎点赞关注哦~