Collection point not only praise bullying
Note: Currently pdd already need to login, this article is not changed before writing, if necessary practice you need to log in before proceeding to pdd
Last week's pdd saw a lot of people say will not find are looking for me to teach how to write a code button, then you should request today to write a detailed process of deduction codes, completely from zero to First, if you have help, but also look strong to share, so I will write more and more.
Code on my Github, not feeling star star, ha ha, this week may be updated to other sites, because the site is too strong to postpone, we will need time to reptiles can be said to fall out hair.
Github:https://github.com/SergioJune/Spider-Crack-JS
Other much to say, just start today's theme, deduction code.
Last article I have found the location of the encryption, this position is the following figure
If you do not know how to find it, you can see https://sergiojune.com/2019/03/26/pinduoduo_anti_content/, micro letter were reported removed, being only a point of view in my blog, do not say here a.
1. Create an HTML file
Before we buckle the code, in order to facilitate debugging, you can create a html file, so you can directly help us debug directly on the chrome, or create a js file can, but need debugging on webstorm when debugging can. Here I created a html file.
Then we buckle down code into a script tag which can then use the browser to open debugging.
2. officially buckle Code
这里我们知道了 ep(“0xd2”, “jLF%”) 这个语句是生成 anti_content 的,所以可以直接打断点到这个语句进行查看它所需要的语句。
点击下一步,进入了这个函数内
如果你调试过多次之后,发现这个是将一些加密后的字符串解密为正常的函数名字。如果你第一次扣的话,估计是把这个函数直接给扣出来,但是后面会有很多麻烦,比如变量之间的关系,所以我们应该是把整个大函数给扣出来,即是包括这个函数的函数,看下图
但是当你扣的时候,发现刚才我们加密的那个方法也在这个函数里面,这时就得改改了,不扣大函数,因为扣了之后调用开始就难免会出错,还是直接把这个小函数扣出来先,如下图:
这时就可以用浏览器打开这个文件了,可以看到报错
这时不要慌,报错是正常的,因为我们只扣了一下部分,所以还需要继续找,接下来就是查看报错的地方并断点。
可以用这个和原网址上的运行作比较,发现这个变量是个数组,所以也直接扣下来。
你细心的话会发现,下面还有个打乱这个数组的函数,正确来说应该是还原数组,需要两个一起扣下来。
这时再次刷新文件即可正常得到结果了
我们再看下一个问题。
再次点击到达错误位置,再根据原网站对比
可以发现这是个函数,可以点击箭头所指函数直达函数位置,发现还是和加密的语句在同一个大函数内,所以我们还是直接扣出 Z 函数即可
再次刷新运行,出错的位置也变了
我们继续进入错误位置和原网址的对比
发现这个变量是个方法名,可以往上找找定义位置
估计这里面的变量都是有用的,所以直接全部扣了
再次刷新即可看到错误地方不一样了,继续找即可。
在出错地方断点的同时也需要在原文件中断点,然后将原文件的运行到该断点处就可以了。
接着就是查找这个对象的定义的地方了,然后把代码扣下来即可。
这里不止 F 对象, 还有 B,U,z等对象,定义位置都是在附近的,也都一起扣下来即可。
再次刷新看到少了个 data 属性,这里自己手动加上即可
接着运行就变成了这个错误
Still the same comparison can be made with the original file. Find the definition places the original file, and then all buckle up their definitions.
I have here is a whole big functions buckle up, and then to return the object from above the required call this package a lot of variables to avoid conflict.
Refresh again, the error went to another place.
Is also a function, compared to the original, it is easy to find the function, the direct debit
Save the file to continue to refresh the error has changed
Compared with the original file, know that this is the url of the search, where we can direct assignment, you can pass this parameter when we call the function.
Refresh again, or issue data attributes of these objects
And also the same as above, to see what the original value, you can direct assignment.
Then came the error
It is quite original, find function definitions, and buckle up, do not say.
Followed by the error here.
This error is too much trouble, but the patient can still point, or to compare the original file JS to see there is not the same.
Compare Y objects, we found one less data, then generate is to find this data in the Y position. According to the above, it is easy to know the location defined.
May know l () is to generate data, you can break point of the original file and refresh you can see the build step.
It should be directly l where large external function of the position of all buckle up, and since the call returns to the l function.
The next step was repeated before, that much is nonsense, I believe we should be able to learn by analogy, if it does not, then it Duokanjibian article it, his finger, there will always harvest.
Article starters: teach you step by step deduction code is solved encryption parameters you need to find