Summary of JS Reverse Skills --- Hematemesis Suggestions for Ordinary Reptile Learners

News 2023-08-07 04:56:03 views: null

The actual JS reverse engineering of reptiles is like being a detective. Many times, we have to try different ways and means to find clues, we must not let go of the clues, through careful observation and comparison, and then follow the clues to find the encrypted entrance. When debugging JS code, you need to maintain a clear goal and sense of direction, and try boldly to get results. If the following techniques are used well, we will be able to bring us a bright future and the feeling of another village.

Packet capture:
Most websites can complete packet capture through a browser. For complex ones, you can consider using third-party software such as Fiddle and Charlse.


Encryption entry:
1. Search for keywords
such as "sign", "sign:", "sign :", "sign=", "sign="
In addition, JSON.parse(, JSON.stringify, encrypt(, decrypt( are all available Selecting keywords sometimes has unexpected effects.
It should be said that searching for keywords can solve more than 80% of encrypted entries.
But it is not a panacea.

2. XHR breakpoint is also a good choice.

 3. On the browser debugging interface, click a request under Network, and then debug the request call stack in the launcher on the right.

4. Event listener breakpoints, such as canvas, script, etc.

5. Code debugging: You can try local coverage and code segments, and you can also fully deduct the code to Pycharm, and then try to call a function to achieve encryption or decryption.
When an error occurs, follow the prompts to supplement the environment or directly obtain data from browser debugging, and write a certain parameter to death.
Some errors are reported, you can try to comment out the corresponding code directly, it will not affect the result.
If the JS code can get the result but the program will not terminate, or the Python code can not get the result, it is likely that there is a timer function in the JS code, you can hook the following functions, for example: null=function(){
}
setTimeout=null
setInterval=null

6. When verifying whether the encryption result is consistent with the browser, you can try to hook functions such as Math.random, Date.getTime, Date.Now, etc., similar to the above hook timer code.
Math.random=function(){return 0.123456}
Date.getTime=function(){return 0.123456}

7. Unlimited debugger, right click, click never stop.

Constantly updating...
You are also welcome to leave a message about your experience in the comment area. I will supplement and improve it and share it with you.

Guess you like

Origin blog.csdn.net/weixin_45387160/article/details/128089165
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com