Written at the beginning, it is recommended not bad money directly to call api Sogou official, stable, will not be closed, and high concurrency, can be considered support for official>
- Debugging method chrome under recommended to understand: https: //www.jianshu.com/p/b25c5b88baf5
- Tools: chrome
- Home https://fanyi.sogou.com/, take a look at what data needs to be called once the translation:
The first step: Ethereal
It is obvious from the data capture, requires some headers and form data, headers here not elaborate, and it does not matter, we mainly see encryption;
Experimental Procedure:
- Create a script in python, what are the parameters to the script copy, replay the request, no problem, the direct return incorrect results; (you can also use playback postman, are the same)
- form data to note that only s and uuid, other Needless to say, it is clear that you can see what parameters meaning;
- uuid;
- Modify s, playback request, an error is returned, indicating that the value of s is to check the server!
Step Two: modal
Experimental Procedure:
-
Open the Developer Tools -> source, you can see the resources page loads, then the encryption algorithm necessarily in a js script;
-
In the above we see the packet capture, data and s also sent with the uuid and client information, search it s this character a lot, so we choose search client efficiency will be high in the js in;
-
One by one all the js scripts in search of the source client and uuid, followed by the investigation, and ultimately find the corresponding data in a script:
Here we see the value of s from J, and J values from the equation s ( "" + P + O + M + V), then the POMV these variables is how to do? s This function is what? -
In the 289 line marked with a breakpoint, re-enter the passage, the page will stop and show the value of the relevant variables at a breakpoint in Sogou input box:
Obviously, M is the text to be translated, O is the target language, P is the original language , V is a string value; -
The question again becomes, what s () This function is? V what this number is?
-
我们先看V值:
在代码里搜索V(注意打开匹配大小写,效率高些),搜索上一个(在我们的参数构造代码出现前的那一个),发现var V = window.seccode
,window.seccode这个值在搜索引擎找了下,没有,那应该就是搜狗自己定义的值了,于是在source的各个js文件里搜索它,在一个js文件里找到了:
发现这个值是写死的,打开无痕浏览,重新打开搜狗搜索,发现里面的window.seccode值一样,说明是个定值,类似于salt;
- 现在只剩s(),我们就可以自己计算s = s(’’ + P + O + M + V)的值了;
- 我们把js代码格式化下,点击下chrome的括号小图标即可
这样我们搜索s()被定义的地方就方便了,因为js中定义函数要么是s = function(){…} ,要么是function s(){…},所以我们依次搜索s(
和s =
,在同一个文件的同一个函数里发现这个代码:
(和大家说个搜索小技巧,这里搜索尽量在我们发现data数据那里,搜索上一个,并且s =
优先查看在同一个函数内的s =
,这样就可以找到离我们的data代码最近的一个被定义的s,省去了不少事!)
在console里打印下n(50),发现它确实是一个函数!
点一下,跳转到对应的js处,得到s()函数的代码为:
function(t, n) {
if (void 0 === t || null === t)
throw new Error("Illegal argument " + t);
var r = e.wordsToBytes(a(t, n));
return n && n.asBytes ? r : n && n.asString ? i.bytesToString(r) : e.bytesToHex(r)
}
在console中测试下这个代码:
发现和我们的data中s值完全一致,且第二个参数可有可无,不影响结果;
9.这样,整个form data数据我们都知道怎么计算了,大家可以用自己的编程语言实现对应的代码即可(其实s()这个函数就是一个md5算法,噗哈哈)
10. all this point, we can look at form data in the uuid in the end is what, to find a method to search s () of the uuid found uuid = B, search B =
, only two found
the search up o =
to give
Printing the console n (16), a function is found, and there get method, a direct call:
End: In fact, today saw a chrome commissioning articles (that is, to let you see the beginning of the essay), so hurry to practice again