JS逆向|猿人学逆向反混淆练习平台第13题加密分析

关注它不迷路。本文章中所有内容仅供学习交流不可用于任何商业用途和非法用途否则后果自负如有侵权请联系作者立即删除一.题目地址https://match.yuanrenxue.cn/match/13二.抓包分析先打开控制台然后再打开上面的网站查看数据所在的页面:发现每次请求数据页都会先请求下面这个urlhttps://match.yuanrenxue.cn/api2/13才看数据发现是一段js代码:控制台运行:原来是设置了cookie那就很简单了。直接交给AI吧。三.编写Python代码import jsonimport refrom typing import Tuple import requests BASE_URL https://match.yuanrenxue.cnMATCH_URL f{BASE_URL}/match/13API2_URL f{BASE_URL}/api2/13QUESTION_URL f{BASE_URL}/api/question/13SESSIONID XXXXXXUSER_AGENT yuanrenxue FALSE_TEXT falseTRUE_TEXT trueOBJECT_TEXT [object Object] def _replace_indexed_token(expression: str, pattern: str, alphabet: str) - str: def repl(match: re.Match[str]) - str: index int(match.group(1)) try: char alphabet[index] except IndexError as exc: raise ValueError(fUnexpected token index {index} for {alphabet!r}) from exc return f({char}) return re.sub(pattern, repl, expression) def decode_cookie_assignment(js_code: str) - Tuple[str, str]: script js_code.strip() prefix document.cookie if not script.startswith(prefix): raise ValueError(fUnexpected /api2/13 response: {script[:80]!r}) expression script[len(prefix) :] if expression.endswith(;): expression expression[:-1] expression expression.replace(\\, ) expression re.sub(r\s, , expression) expression _replace_indexed_token( expression, r\(\(\[\]\!\[\]\)\[(\d)\]\), FALSE_TEXT, ) expression _replace_indexed_token( expression, r\(\(\[\]\\!\!\[\]\)\[(\d)\]\), TRUE_TEXT, ) expression _replace_indexed_token( expression, r\(\(\{\}\\)\[(\d)\]\), OBJECT_TEXT, ) pieces re.findall(r\(([^]*)\), expression) if not pieces: raise ValueError(fUnable to decode cookie expression: {expression[:120]!r}) assignment .join(pieces) if not in assignment: raise ValueError(fDecoded assignment is invalid: {assignment!r}) name, remainder assignment.split(, 1) value remainder.split(;, 1)[0] return name, value def build_session() - requests.Session: session requests.Session() session.cookies.set(sessionid, SESSIONID, domainmatch.yuanrenxue.cn, path/) session.headers.update( { User-Agent: USER_AGENT, Referer: MATCH_URL, X-Requested-With: XMLHttpRequest, } ) return session def fetch_page(session: requests.Session, page: int) - list[int]: api2_response session.get( API2_URL, headers{Accept: */*}, timeout10, ) api2_response.raise_for_status() cookie_name, cookie_value decode_cookie_assignment(api2_response.text) session.cookies.set(cookie_name, cookie_value, domainmatch.yuanrenxue.cn, path/) print (cookie_name,cookie_value) question_response session.get( QUESTION_URL, params{page: page, pageSize: 10, kw: }, headers{Accept: application/json, text/javascript, */*; q0.01}, timeout10, ) question_response.raise_for_status() payload question_response.json() if data not in payload or not isinstance(payload[data], list): raise ValueError(fUnexpected question payload: {payload!r}) return payload[data] def main() - None: session build_session() all_numbers: list[int] [] page_results: dict[int, list[int]] {} for page in range(1, 6): numbers fetch_page(session, page) page_results[page] numbers all_numbers.extend(numbers) print(fpage {page}: {json.dumps(numbers, ensure_asciiFalse)}) print(fsum: {sum(all_numbers)}) if __name__ __main__: main()运行结果:今天的分享就到这里感谢阅读。欢迎加入知识星球学习更多AST和爬虫技巧。