Today’s reverse website: aHR0cHM6Ly9mYW55aS55b3VkYW8uY29tL2luZGV4Lmh0bWwjLw==
(Just go to the online website for base64 decryption)
1. Click Translate to trigger the request
You can see that the sign parameter is encrypted, and the encryption length is 32
md5 encryption features:
- **Fixed length. **No matter how many bytes the input data length is, the total output is 32-bit characters.
- **irreversible. **That is, the original data cannot be deduced from the MD5 value.
- **Resistance to modification. ** Any changes to the original data, even by a single byte, will result in significantly different MD5 values.
- **Collision resistance. **It is very difficult to find two different data with the same MD5 value.
From this we can judge that it belongs to md5 encryption
2. Enter the shortcut key ctrl+shift+f to open the global search and search for the encrypted parameter sign:
3. We click on the first js file and enter the interior. You can see sign:h(t,e)
4. Add a breakpoint to the line of code sign:h(t,e), and click Translate to trigger the breakpoint.
5. Console output parameters t and e
You can see that the parameter t is similar to a timestamp, and the parameter e is a string. After verification by the author, e is a fixed string.
t=(new Date).getTime(); Method to get timestamp
6. Enter the h method
Enter the h method - place the mouse on the h method, click on the blue character, click to enter the h method
7. We add a breakpoint to the h method
8. Execute h method
You can see that g is used for encryption:
g(`client=${d}&mysticTime=${e}&product=${u}&key=${t}`)
Similar to python's formatted string parameter passing, the parameters d and e and u and t are passed in
Let’s take a look at their data results respectively:
//Time stamp changes e=(new Date).getTime(); //Fixed parameter t='fsdsogkndfokasodnaso' d='fanyideskweb' u='webfanyi'
get conclusion:
Use the g method to encrypt this string (d, t, u, t): `client=${d}&mysticTime=${e}&product=${u}&key=${t}`
result:
'client=fanyideskweb&mysticTime=1687839695433&product=webfanyi&key=fsdsogkndfokasodnaso'
Finally, use the g method to encrypt the
7. Guess the encryption method
We just guessed that the encryption method is md5, and we use the g method to encrypt the string '1':
8. Verify whether it belongs to standard encryption
We compare the standard encryption algorithm to see whether the encryption result of the string '1' is consistent with the encryption result of the g method:
It can be seen that the result of standard encryption is consistent with the g method. Therefore, g belongs to standard encryption.
9. Implement encryption logic
We use js standard encryption algorithm library (crypto-js) for encryption
You can see that the results of the website we use the js standard library to encrypt and reverse are the same.
js reverse code (sign parameter):
Crypto=require('crypto-js')
function h(e, t) {
d='fanyideskweb'
u='webfanyi'
//格式化字符串 最后转为字符串
return Crypto.MD5(`client=${d}&mysticTime=${e}&product=${u}&key=${t}`).toString()
}
//传入e(时间戳)和t参数
//时间戳
e=(new Date).getTime();
//固定参数
t='fsdsogkndfokasodnaso'
//调用h方法,入e(时间戳)和t参数
console.log(h(e, t));That’s it for today’s tutorial. If it’s helpful, remember to like it!