【JS Reverse】Networker Reverse Encryption Question 2

Enterprise 2023-08-06 14:47:06 views: null

Article directory

foreword

The content of this article is only for learning and communication, and it is strictly prohibited for commercial and illegal purposes. If there is any infringement, please contact to delete! ! !

1. Goals

.Destination URL:https://www.wangluozhe.com/
.Request address:https://www.wangluozhe.com/challenge/api/2
.Encryption parameters:_signature

2. Parameter analysis

insert image description here
It can be found that _signature is encrypted, and then search for this key statement in search](https://img-blog.csdnimg.cn/4f5b2fc345364bd296f52f1917e37409.jpeg#pic_center)
insert image description here
Click to find that the keyword position
insert image description here
is at the break point on line 224, click The page change is stuck here, follow the stack
insert image description here
to get confused, you can use the deobfuscation tool or remove the last () in the console and run it
insert image description here
, you can see the encrypted position, click to insert image description here
pull out the code and run the test and it will be ok
insert image description here

3. Run the test

write python

import execjs
import requests
base_url='https://www.wangluozhe.com/challenge/api/2'
body=open('2.js','r',encoding='utf-8').read()
obj=execjs.compile(body)
header={
    
    
    "content-type": "application/x-www-form-urlencoded; charset=UTF-8",
    "cookie": "你的cookie",
    "origin": "https://www.wangluozhe.com",
    "referer": "https://www.wangluozhe.com/challenge/2",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "same-origin",
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.54",
    "x-requested-with": "XMLHttpRequest"
}
def get_sign():
    sign=obj.call('get_sign')
    return sign

data={
    
    
'page':1,
"count":10,
"_signature":get_sign()

}
resp=requests.post(url=base_url,data=data,headers=header).json()
print(resp)

The operation is successful
insert image description here
, and finally add a loop to calculate the sum

Summarize

This reverse is relatively simple, just find the key parameters and follow the stack. If you need all the code, you can contact me in the background.
I hope you will support us a lot, study hard together, and share more novel and interesting things in the future

Guess you like

Origin blog.csdn.net/qq_61260911/article/details/129877944
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com