(编辑:jimmy 日期: 2024/10/30 浏览:2)
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
function get_ue(){ //这里是四个随机数的加密 return ((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)}
image.png
image.png
image.png
function get_ue(){ //这里是四个随机数的加密 return ((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)+((1 + Math["random"]()) * 65536 | 0)["toString"](16)["substring"](1)}function get_w(){ //第一个w值 //首先拿到四个随机数 var ue=get_ue() //加密这四个随机数 var r = new Q()[SBvg(352)](t[TywV(1257)](e)); var r=new testRSA()['encrypt'](ue) return r}
image.png
image.png
image.png
image.png
image.png
function getiii(){ //拿到json里面变化的i值 n是固定的 var n={"STYLE":1,"SCRIPT":6,"A":1,"DIV":12,"LABEL":3,"INPUT":2,"textLength":14438,"HTMLLength":15743,"documentMode":"CSS1Compat","browserLanguage":"zh-CN","browserLanguages":"zh-CN","devicePixelRatio":1,"colorDepth":24,"userAgent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36","cookieEnabled":1,"netEnabled":1,"innerWidth":376,"innerHeight":950,"outerWidth":1920,"outerHeight":1040,"screenWidth":1920,"screenHeight":1080,"screenAvailWidth":1920,"screenAvailHeight":1040,"screenLeft":0,"screenTop":0,"screenAvailLeft":0,"screenAvailTop":0,"localStorageEnabled":1,"sessionStorageEnabled":1,"indexedDBEnabled":1,"platform":"Win32","doNotTrack":0,"timezone":-8,"canvas2DFP":"584f4432fe6ebea605c1f943c0a39f15","canvas3DFP":"0b03cc6df4e2fc61df0144cad52b685f","plugins":"nppdf32.dll,npalissologin.dll,npAliSecCtrl.dll,npaliedit.dll,npYunWebDetect.dll,internal-pdf-viewer,mhjfbmdgcfjbbpaeojofohoefgiehjai,np-mswmp.dll,internal-nacl-plugin,npQQMailWebKit.dll,npQMExtensionsMozilla.dll,npQzoneMusic.dll,npactivex.dll,npxluser2.0.2.3.dll,npcombrg.dll,npQQPhotoDrawEx.dll","maxTouchPoints":0,"flashEnabled":-1,"javaEnabled":0,"hardwareConcurrency":6,"jsFonts":"Arial,ArialBlack,ArialNarrow,Calibri,Cambria,CambriaMath,ComicSansMS,Consolas,Courier,CourierNew,Georgia,Helvetica,Impact,LucidaConsole,LucidaSansUnicode,MicrosoftSansSerif,MSGothic,MSPGothic,MSSansSerif,MSSerif,PalatinoLinotype,SegoePrint,SegoeScript,SegoeUI,SegoeUILight,SegoeUISemibold,SegoeUISymbol,Tahoma,Times,TimesNewRoman,TrebuchetMS,Verdana,Wingdings","mediaDevices":-1,"timestamp":1626511113995,"deviceorientation":-1,"touchEvent":-1,"performanceTiming":-1,"internalip":-1} n['timestamp']=new Date()["getTime"](); // n['timestamp']=1626521179265; // n['timestamp']=1626519692398; n['deviceorientation']=-1; n['touchEvent']=-1; n['performanceTiming']=-1; n['internalip']=-1; var i = []; var thx=["textLength", "HTMLLength", "documentMode", "A", "ARTICLE", "ASIDE", "AUDIO", "BASE", "BUTTON", "CANVAS", "CODE", "IFRAME", "IMG", "INPUT", "LABEL", "LINK", "NAV", "OBJECT", "OL", "PICTURE", "PRE", "SECTION", "SELECT", "SOURCE", "SPAN", "STYLE", "TABLE", "TEXTAREA", "VIDEO", "screenLeft", "screenTop", "screenAvailLeft", "screenAvailTop", "innerWidth", "innerHeight", "outerWidth", "outerHeight", "browserLanguage", "browserLanguages", "systemLanguage", "devicePixelRatio", "colorDepth", "userAgent", "cookieEnabled", "netEnabled", "screenWidth", "screenHeight", "screenAvailWidth", "screenAvailHeight", "localStorageEnabled", "sessionStorageEnabled", "indexedDBEnabled", "CPUClass", "platform", "doNotTrack", "timezone", "canvas2DFP", "canvas3DFP", "plugins", "maxTouchPoints", "flashEnabled", "javaEnabled", "hardwareConcurrency", "jsFonts", "timestamp", "performanceTiming", "internalip", "mediaDevices", "DIV", "P", "UL", "LI", "SCRIPT", "deviceorientation", "touchEvent"] for(var j = 0; j < thx.length; j++) { var t = n[thx[j]] // check_type(t) i["push"](check_type(t) ? -1 : t) } return i["join"]("!!")}
image.png
image.png
var n={"STYLE":1,"SCRIPT":6,"A":1,"DIV":12,"LABEL":3,"INPUT":2,"textLength":14438,"HTMLLength":15743,"documentMode":"CSS1Compat","browserLanguage":"zh-CN","browserLanguages":"zh-CN","devicePixelRatio":1,"colorDepth":24,"userAgent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36","cookieEnabled":1,"netEnabled":1,"innerWidth":376,"innerHeight":950,"outerWidth":1920,"outerHeight":1040,"screenWidth":1920,"screenHeight":1080,"screenAvailWidth":1920,"screenAvailHeight":1040,"screenLeft":0,"screenTop":0,"screenAvailLeft":0,"screenAvailTop":0,"localStorageEnabled":1,"sessionStorageEnabled":1,"indexedDBEnabled":1,"platform":"Win32","doNotTrack":0,"timezone":-8,"canvas2DFP":"584f4432fe6ebea605c1f943c0a39f15","canvas3DFP":"0b03cc6df4e2fc61df0144cad52b685f","plugins":"nppdf32.dll,npalissologin.dll,npAliSecCtrl.dll,npaliedit.dll,npYunWebDetect.dll,internal-pdf-viewer,mhjfbmdgcfjbbpaeojofohoefgiehjai,np-mswmp.dll,internal-nacl-plugin,npQQMailWebKit.dll,npQMExtensionsMozilla.dll,npQzoneMusic.dll,npactivex.dll,npxluser2.0.2.3.dll,npcombrg.dll,npQQPhotoDrawEx.dll","maxTouchPoints":0,"flashEnabled":-1,"javaEnabled":0,"hardwareConcurrency":6,"jsFonts":"Arial,ArialBlack,ArialNarrow,Calibri,Cambria,CambriaMath,ComicSansMS,Consolas,Courier,CourierNew,Georgia,Helvetica,Impact,LucidaConsole,LucidaSansUnicode,MicrosoftSansSerif,MSGothic,MSPGothic,MSSansSerif,MSSerif,PalatinoLinotype,SegoePrint,SegoeScript,SegoeUI,SegoeUILight,SegoeUISemibold,SegoeUISymbol,Tahoma,Times,TimesNewRoman,TrebuchetMS,Verdana,Wingdings","mediaDevices":-1,"timestamp":1626511113995,"deviceorientation":-1,"touchEvent":-1,"performanceTiming":-1,"internalip":-1} var bx=getiii(n) //组装自己的json var o={"gt":gt,"challenge":challenge,"offline":false,"new_captcha":true,"product":"float","width":"300px","https":true,"api_server":"apiv6.geetest.com","protocol":"https://","aspect_radio":{"beeline":50,"pencil":128,"click":128,"slide":103,"voice":128},"beeline":"/static/js/beeline.1.0.1.js","static_servers":["static.geetest.com/","dn-staticdown.qbox.me/"],"click":"/static/js/click.3.0.1.js","slide":"/static/js/slide.7.8.3.js","pencil":"/static/js/pencil.1.0.3.js","fullpage":"/static/js/fullpage.9.0.7.js","type":"fullpage","voice":"/static/js/voice.1.2.0.js","geetest":"/static/js/geetest.6.0.9.js","cc":6,"ww":true,"i":bx} console.log(JSON.stringify(o)) //encrypt1是MXFq(1250)的反混淆 var bbb=testenc()["encrypt1"](JSON.stringify(o),ue)
image.png
image.png
三个方法都能自己生成了,我们写一个调用方法组装下这三个参数.image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
image.png
function get_traeck(){ //轨迹信息 var t=[["move",378,344,1626838592485,"pointermove"],["move",377,344,1626838592527,"pointermove"],["move",376,345,1626838592542,"pointermove"],["move",376,346,1626838592614,"pointermove"],["move",376,347,1626838592655,"pointermove"],["move",376,349,1626838592662,"pointermove"],["move",376,350,1626838593046,"pointermove"],["move",376,351,1626838593054,"pointermove"],["move",376,352,1626838593062,"pointermove"],["move",376,353,1626838593071,"pointermove"],["move",376,354,1626838593078,"pointermove"],["move",376,357,1626838593088,"pointermove"],["move",376,358,1626838593103,"pointermove"],["move",376,359,1626838593110,"pointermove"],["move",376,361,1626838593118,"pointermove"],["move",375,361,1626838593230,"pointermove"],["move",373,360,1626838593238,"pointermove"],["move",373,359,1626838593246,"pointermove"],["move",371,359,1626838593254,"pointermove"],["move",370,358,1626838593262,"pointermove"],["move",368,357,1626838593271,"pointermove"],["move",366,356,1626838593278,"pointermove"],["move",364,355,1626838593287,"pointermove"],["move",362,354,1626838593294,"pointermove"],["move",359,352,1626838593302,"pointermove"],["move",357,351,1626838593310,"pointermove"],["move",354,350,1626838593318,"pointermove"],["move",351,350,1626838593326,"pointermove"],["move",348,350,1626838593334,"pointermove"],["move",346,350,1626838593342,"pointermove"],["move",345,349,1626838593350,"pointermove"],["move",342,349,1626838593358,"pointermove"],["move",338,349,1626838593366,"pointermove"],["move",333,349,1626838593374,"pointermove"],["move",329,348,1626838593382,"pointermove"],["move",321,346,1626838593390,"pointermove"],["move",317,344,1626838593398,"pointermove"],["move",313,344,1626838593407,"pointermove"],["move",309,341,1626838593414,"pointermove"],["move",303,337,1626838593422,"pointermove"],["move",299,335,1626838593430,"pointermove"],["move",296,332,1626838593439,"pointermove"],["move",294,330,1626838593447,"pointermove"],["move",293,329,1626838593473,"pointermove"],["move",292,329,1626838593478,"pointermove"],["move",290,329,1626838593487,"pointermove"],["move",290,327,1626838593526,"pointermove"],["move",290,326,1626838593534,"pointermove"],["move",289,325,1626838593542,"pointermove"],["move",290,325,1626838593662,"pointermove"],["move",291,325,1626838593671,"pointermove"],["move",294,324,1626838593678,"pointermove"],["move",294,322,1626838593688,"pointermove"],["move",296,322,1626838593694,"pointermove"],["move",296,321,1626838593710,"pointermove"],["move",297,320,1626838593726,"pointermove"],["move",298,319,1626838593734,"pointermove"],["move",298,318,1626838593742,"pointermove"],["move",299,317,1626838593751,"pointermove"],["move",301,317,1626838593758,"pointermove"],["move",302,316,1626838593767,"pointermove"],["move",303,314,1626838593774,"pointermove"],["down",303,314,1626838593849,"pointerdown"],["focus",1626838593850],["up",303,314,1626838593926,"pointerup"]] var et=testtraj1(t) return et }//console.log(get_ww("019924a82c70bb123aae90d483087f94","ea6698b3074ebb51c091ceaab07fe4f5"))console.log(get_traeck())
image.png
image.png
[color=#000][font="][size=9pt][b]"[/b][/size][/font][/color][color=rgb(51, 51, 51)][font="][size=9pt][b]\u0067\u0052\u0045\u0056[/b][/size][/font][/color][color=#000][font="][size=9pt][b]"[/b][/size][/font][/color][color=rgb(51, 51, 51)][font="][size=9pt]: [/size][/font][/color][color=rgb(127, 0, 85)][font="][size=9pt][b]function[/b][/size][/font][/color][color=rgb(0, 0, 102)][font="][size=9pt]([/size][/font][/color][color=#000][font="][size=9pt]e[/size][/font][/color][color=rgb(51, 51, 51)][font="][size=9pt],[/size][/font][/color][color=#000][font="][size=9pt]thx[/size][/font][/color][color=rgb(0, 0, 102)][font="][size=9pt]) {[/size][/font][/color][color=#000066] [/color][color=#7f0055][b]var [/b][/color][color=#170591][b]UGut [/b][/color][color=#333333]= [/color][color=#170591][b]AXzPo[/b][/color][color=#333333].[/color][color=#7a7a43]DVn[/color][color=#7a7a43] [/color][color=#333333], [/color][color=#458383]TNZEZo [/color][color=#333333]= [/color][color=#000066][[/color][b]'XtKnl'[/b][color=#333333].[/color][color=#7a7a43]concat[/color][color=#000066]([/color][color=#170591][b]UGut[/b][/color][color=#000066])[/color][color=#000066] [/color][color=#333333], [/color][color=#458383]Vjlo [/color][color=#333333]= [/color][color=#458383]TNZEZo[/color][color=#000066][[/color][color=#333333][b]1[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#458383]TNZEZo[/color][color=#333333].[/color][color=#7a7a43]shift[/color][color=#000066]()[/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]WvQs [/color][color=#333333]= [/color][color=#458383]TNZEZo[/color][color=#000066][[/color][color=#333333][b]0[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]t [/color][color=#333333]= [/color][color=#333333][b]0[/b][/color][color=#333333][b] [/b][/color][color=#333333], [/color][color=#458383]r [/color][color=#333333]= [/color][color=#333333][b]0[/b][/color][color=#333333][b] [/b][/color][color=#333333], [/color][color=#458383]n [/color][color=#333333]= [/color][color=#333333][b]0[/b][/color][color=#333333][b] [/b][/color][color=#333333], [/color][color=#458383]i [/color][color=#333333]= [/color][color=#333333][b]0[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]a [/color][color=#333333]= [/color][color=#000066][][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]o [/color][color=#333333]= [/color][color=#7f0055][b]this[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]s [/color][color=#333333]= [/color][color=#458383]o[/color][color=#000066][[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]735[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]if [/b][/color][color=#000066]([/color]e[color=#000066][[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]67[/b][/color][color=#000066])] [/color][color=#333333]<= [/color][color=#333333][b]0[/b][/color][color=#000066]) {[/color][color=#000066] [/color][color=#7f0055][b]return [/b][/color][color=#000066][][/color][color=#333333];[/color][color=#333333] [/color][color=#000066]}[/color][color=#000066] [/color][color=#7f0055][b]var [/b][/color][color=#458383]c [/color][color=#333333]= [/color][color=#7f0055][b]null[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]_ [/color][color=#333333]= [/color][color=#7f0055][b]null[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#3f7f5f]// var l = o[UGut(701)](e);[/color][color=#3f7f5f] [/color][color=#7f0055][b]var [/b][/color][color=#458383]l [/color][color=#333333]=[/color]thx[color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]u [/color][color=#333333]= [/color][color=#458383]l[/color][color=#000066][[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]67[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#3f7f5f]// var f = u < this[UGut(749)] ? 0 : u - this[Vjlo(749)];[/color][color=#3f7f5f] [/color][color=#7f0055][b]var [/b][/color][color=#458383]f [/color][color=#333333]= [/color][color=#333333][b]0[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]for [/b][/color][color=#000066]([/color][color=#333333]; [/color][color=#458383]f [/color][color=#333333]< [/color][color=#458383]u[/color][color=#333333]; [/color][color=#458383]f [/color][color=#333333]= [/color][color=#458383]f [/color][color=#333333]+ [/color][color=#333333][b]1[/b][/color][color=#000066]) {[/color][color=#000066] [/color][color=#7f0055][b]var [/b][/color][color=#458383]p [/color][color=#333333]= [/color][color=#458383]l[/color][color=#000066][[/color][color=#458383]f[/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]var [/b][/color][color=#458383]h [/color][color=#333333]= [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]0[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]if [/b][/color][color=#000066]([/color][color=#7f0055][b]new [/b][/color][color=#170591][b]hfAt[/b][/color][color=#000066]([[/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]706[/b][/color][color=#000066])[/color][color=#333333], [/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]737[/b][/color][color=#000066])[/color][color=#333333], [/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]773[/b][/color][color=#000066])[/color][color=#333333], [/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]423[/b][/color][color=#000066])])[[/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]413[/b][/color][color=#000066])]([/color][color=#458383]h[/color][color=#000066]) [/color][color=#333333]> -[/color][color=#333333][b]1[/b][/color][color=#000066]) {[/color][color=#000066] [/color][color=#7f0055][b]if [/b][/color][color=#000066]([/color][color=#333333]![/color][color=#458383]c[/color][color=#000066]) {[/color][color=#000066] [/color][color=#458383]c [/color][color=#333333]= [/color][color=#458383]p[/color][color=#333333];[/color][color=#333333] [/color][color=#000066]}[/color][color=#000066] [/color][color=#458383]_ [/color][color=#333333]= [/color][color=#458383]p[/color][color=#333333];[/color][color=#333333] [/color][color=#458383]a[/color][color=#000066][[/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]31[/b][/color][color=#000066])]([[/color][color=#458383]h[/color][color=#333333], [/color][color=#000066][[/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]1[/b][/color][color=#000066]] [/color][color=#333333]- [/color][color=#458383]t[/color][color=#333333], [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]2[/b][/color][color=#000066]] [/color][color=#333333]- [/color][color=#458383]r[/color][color=#333333], [/color][i]ck_e[/i][color=#000066]([/color][color=#458383]s [/color][color=#333333]? [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]3[/b][/color][color=#000066]] [/color][color=#333333]- [/color][color=#458383]s [/color][color=#333333]: [/color][color=#458383]s[/color][color=#000066])])[/color][color=#333333];[/color][color=#333333] [/color][color=#458383]t [/color][color=#333333]= [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]1[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#458383]r [/color][color=#333333]= [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]2[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#458383]s [/color][color=#333333]= [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]3[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#000066]} [/color][color=#7f0055][b]else if [/b][/color][color=#000066]([/color][color=#7f0055][b]new [/b][/color][color=#170591][b]hfAt[/b][/color][color=#000066]([[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]410[/b][/color][color=#000066])[/color][color=#333333], [/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]434[/b][/color][color=#000066])[/color][color=#333333], [/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]482[/b][/color][color=#000066])])[[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]413[/b][/color][color=#000066])]([/color][color=#458383]h[/color][color=#000066]) [/color][color=#333333]> -[/color][color=#333333][b]1[/b][/color][color=#000066]) {[/color][color=#000066] [/color][color=#458383]a[/color][color=#000066][[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]31[/b][/color][color=#000066])]([[/color][color=#458383]h[/color][color=#333333], [/color][i]ck_e[/i][color=#000066]([/color][color=#458383]s [/color][color=#333333]? [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]1[/b][/color][color=#000066]] [/color][color=#333333]- [/color][color=#458383]s [/color][color=#333333]: [/color][color=#458383]s[/color][color=#000066])])[/color][color=#333333];[/color][color=#333333] [/color][color=#458383]s [/color][color=#333333]= [/color][color=#458383]p[/color][color=#000066][[/color][color=#333333][b]1[/b][/color][color=#333333];[/color][color=#333333] [/color][color=#000066]}[/color][color=#000066] }[/color][color=#000066] [/color][color=#458383]o[/color][color=#000066][[/color][color=#170591][b]UGut[/b][/color][color=#000066]([/color][color=#333333][b]748[/b][/color][color=#000066])] [/color][color=#333333]= [/color][color=#458383]c[/color][color=#333333];[/color][color=#333333] [/color][color=#458383]o[/color][color=#000066][[/color][color=#458383]Vjlo[/color][color=#000066]([/color][color=#333333][b]702[/b][/color][color=#000066])] [/color][color=#333333]= [/color][color=#458383]_[/color][color=#333333];[/color][color=#333333] [/color][color=#7f0055][b]return [/b][/color][color=#458383]a[/color][color=#333333];[/color][color=rgb(0, 0, 102)][font="][size=9pt]}[/size][/font][/color][color=rgb(51, 51, 51)][font="][size=9pt],[/size][/font][/color]
image.png
运行正常,所以e[TQXO(719)](t) 扣完了,接下来e[UPMb(720)],跟进去看image.png
是个encode 直接导出他,然后把这三个方法组一下,运行出最终的轨迹加密,代码如下:[JavaScript] 纯文本查看 复制代码function get_traeck(){ //轨迹信息 var t=[["move",378,344,1626838592485,"pointermove"],["move",377,344,1626838592527,"pointermove"],["move",376,345,1626838592542,"pointermove"],["move",376,346,1626838592614,"pointermove"],["move",376,347,1626838592655,"pointermove"],["move",376,349,1626838592662,"pointermove"],["move",376,350,1626838593046,"pointermove"],["move",376,351,1626838593054,"pointermove"],["move",376,352,1626838593062,"pointermove"],["move",376,353,1626838593071,"pointermove"],["move",376,354,1626838593078,"pointermove"],["move",376,357,1626838593088,"pointermove"],["move",376,358,1626838593103,"pointermove"],["move",376,359,1626838593110,"pointermove"],["move",376,361,1626838593118,"pointermove"],["move",375,361,1626838593230,"pointermove"],["move",373,360,1626838593238,"pointermove"],["move",373,359,1626838593246,"pointermove"],["move",371,359,1626838593254,"pointermove"],["move",370,358,1626838593262,"pointermove"],["move",368,357,1626838593271,"pointermove"],["move",366,356,1626838593278,"pointermove"],["move",364,355,1626838593287,"pointermove"],["move",362,354,1626838593294,"pointermove"],["move",359,352,1626838593302,"pointermove"],["move",357,351,1626838593310,"pointermove"],["move",354,350,1626838593318,"pointermove"],["move",351,350,1626838593326,"pointermove"],["move",348,350,1626838593334,"pointermove"],["move",346,350,1626838593342,"pointermove"],["move",345,349,1626838593350,"pointermove"],["move",342,349,1626838593358,"pointermove"],["move",338,349,1626838593366,"pointermove"],["move",333,349,1626838593374,"pointermove"],["move",329,348,1626838593382,"pointermove"],["move",321,346,1626838593390,"pointermove"],["move",317,344,1626838593398,"pointermove"],["move",313,344,1626838593407,"pointermove"],["move",309,341,1626838593414,"pointermove"],["move",303,337,1626838593422,"pointermove"],["move",299,335,1626838593430,"pointermove"],["move",296,332,1626838593439,"pointermove"],["move",294,330,1626838593447,"pointermove"],["move",293,329,1626838593473,"pointermove"],["move",292,329,1626838593478,"pointermove"],["move",290,329,1626838593487,"pointermove"],["move",290,327,1626838593526,"pointermove"],["move",290,326,1626838593534,"pointermove"],["move",289,325,1626838593542,"pointermove"],["move",290,325,1626838593662,"pointermove"],["move",291,325,1626838593671,"pointermove"],["move",294,324,1626838593678,"pointermove"],["move",294,322,1626838593688,"pointermove"],["move",296,322,1626838593694,"pointermove"],["move",296,321,1626838593710,"pointermove"],["move",297,320,1626838593726,"pointermove"],["move",298,319,1626838593734,"pointermove"],["move",298,318,1626838593742,"pointermove"],["move",299,317,1626838593751,"pointermove"],["move",301,317,1626838593758,"pointermove"],["move",302,316,1626838593767,"pointermove"],["move",303,314,1626838593774,"pointermove"],["down",303,314,1626838593849,"pointerdown"],["focus",1626838593850],["up",303,314,1626838593926,"pointerup"]] //轨迹加密报错 找不到var l = o[UGut(701)](e); 解决办法 var l=testtraj2(t) //console.log(l) var et=testtraj1(t,l) //console.log(et) var i=testencode(et) return i }//console.log(get_ww("019924a82c70bb123aae90d483087f94","ea6698b3074ebb51c091ceaab07fe4f5"))console.log(get_traeck())
image.png
结果对的,ok搞定.me(e, a[UWla(631)], a[VLOJ(285)]) 现在这me里面的三个参数都知晓了 ,直接跟进me方法里面,导出它直接调用 最终代码如下:function get_traeck(){ //轨迹信息 var t=[["move",378,344,1626838592485,"pointermove"],["move",377,344,1626838592527,"pointermove"],["move",376,345,1626838592542,"pointermove"],["move",376,346,1626838592614,"pointermove"],["move",376,347,1626838592655,"pointermove"],["move",376,349,1626838592662,"pointermove"],["move",376,350,1626838593046,"pointermove"],["move",376,351,1626838593054,"pointermove"],["move",376,352,1626838593062,"pointermove"],["move",376,353,1626838593071,"pointermove"],["move",376,354,1626838593078,"pointermove"],["move",376,357,1626838593088,"pointermove"],["move",376,358,1626838593103,"pointermove"],["move",376,359,1626838593110,"pointermove"],["move",376,361,1626838593118,"pointermove"],["move",375,361,1626838593230,"pointermove"],["move",373,360,1626838593238,"pointermove"],["move",373,359,1626838593246,"pointermove"],["move",371,359,1626838593254,"pointermove"],["move",370,358,1626838593262,"pointermove"],["move",368,357,1626838593271,"pointermove"],["move",366,356,1626838593278,"pointermove"],["move",364,355,1626838593287,"pointermove"],["move",362,354,1626838593294,"pointermove"],["move",359,352,1626838593302,"pointermove"],["move",357,351,1626838593310,"pointermove"],["move",354,350,1626838593318,"pointermove"],["move",351,350,1626838593326,"pointermove"],["move",348,350,1626838593334,"pointermove"],["move",346,350,1626838593342,"pointermove"],["move",345,349,1626838593350,"pointermove"],["move",342,349,1626838593358,"pointermove"],["move",338,349,1626838593366,"pointermove"],["move",333,349,1626838593374,"pointermove"],["move",329,348,1626838593382,"pointermove"],["move",321,346,1626838593390,"pointermove"],["move",317,344,1626838593398,"pointermove"],["move",313,344,1626838593407,"pointermove"],["move",309,341,1626838593414,"pointermove"],["move",303,337,1626838593422,"pointermove"],["move",299,335,1626838593430,"pointermove"],["move",296,332,1626838593439,"pointermove"],["move",294,330,1626838593447,"pointermove"],["move",293,329,1626838593473,"pointermove"],["move",292,329,1626838593478,"pointermove"],["move",290,329,1626838593487,"pointermove"],["move",290,327,1626838593526,"pointermove"],["move",290,326,1626838593534,"pointermove"],["move",289,325,1626838593542,"pointermove"],["move",290,325,1626838593662,"pointermove"],["move",291,325,1626838593671,"pointermove"],["move",294,324,1626838593678,"pointermove"],["move",294,322,1626838593688,"pointermove"],["move",296,322,1626838593694,"pointermove"],["move",296,321,1626838593710,"pointermove"],["move",297,320,1626838593726,"pointermove"],["move",298,319,1626838593734,"pointermove"],["move",298,318,1626838593742,"pointermove"],["move",299,317,1626838593751,"pointermove"],["move",301,317,1626838593758,"pointermove"],["move",302,316,1626838593767,"pointermove"],["move",303,314,1626838593774,"pointermove"],["down",303,314,1626838593849,"pointerdown"],["focus",1626838593850],["up",303,314,1626838593926,"pointerup"]] //轨迹加密报错 找不到var l = o[UGut(701)](e); 解决办法 var l=testtraj2(t) //console.log(l) var et=testtraj1(t,l) //console.log(et) var i=testencode(et) //服务器返回的 var q=[12, 58, 98, 36, 43, 95, 62, 15, 12] var w="76706e2e" //服务器返回的s var y= testme(i,q,w) return y}//console.log(get_ww("019924a82c70bb123aae90d483087f94","ea6698b3074ebb51c091ceaab07fe4f5"))console.log(get_traeck())
image.png
接下来开始扣json里面h的值生成[VLOJ(1324), Z(u[UWla(720)](n))] 分析下 把n放进u[UWla(720)]加密然后把结果md5一下(Z就是md5).先找n生成地方, var n = r[VLOJ(1273)][UWla(1353)](); 这里生成的,跟进去看算法image.png
function get_ajaxw(){ var data=['14438', '15743', 'CSS1Compat', '1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '2', '3', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '1', '-1', '-1', '-1', '0', '0', '0', '0', '558', '950', '1920', '1040', 'zh-CN', 'zh-CN', '-1', '1', '24', 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36', '1', '1', '1920', '1080', '1920', '1040', '1', '1', '1', '-1', 'Win32', '0', '-8', '584f4432fe6ebea605c1f943c0a39f15', '0b03cc6df4e2fc61df0144cad52b685f', 'nppdf32.dll,npalissologin.dll,npAliSecCtrl.dll,npaliedit.dll,npYunWebDetect.dll,internal-pdf-viewer,mhjfbmdgcfjbbpaeojofohoefgiehjai,np-mswmp.dll,internal-nacl-plugin,npQQMailWebKit.dll,npQMExtensionsMozilla.dll,npQzoneMusic.dll,npactivex.dll,npxluser2.0.2.3.dll,npcombrg.dll,npQQPhotoDrawEx.dll', '0', '-1', '0', '6', 'Arial,ArialBlack,ArialNarrow,Calibri,Cambria,CambriaMath,ComicSansMS,Consolas,Courier,CourierNew,Georgia,Helvetica,Impact,LucidaConsole,LucidaSansUnicode,MicrosoftSansSerif,MSGothic,MSPGothic,MSSansSerif,MSSerif,PalatinoLinotype,SegoePrint,SegoeScript,SegoeUI,SegoeUILight,SegoeUISemibold,SegoeUISymbol,Tahoma,Times,TimesNewRoman,TrebuchetMS,Verdana,Wingdings', 1626846127770, '-1', '-1', '-1', '12', '-1', '-1', '-1', '6', '-1', '-1'] var n=data.join("magic data") var t=testaes['RrSY'](n) return t }//console.log(get_ww("019924a82c70bb123aae90d483087f94","ea6698b3074ebb51c091ceaab07fe4f5"))//console.log(get_traeck())console.log(get_ajaxw())
image.png
image.png
image.png
image.png
function get_ajaxw(gt,challge){ var ue="85163855977acca6" var data=['14438', '15743', 'CSS1Compat', '1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '2', '3', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '-1', '1', '-1', '-1', '-1', '0', '0', '0', '0', '558', '950', '1920', '1040', 'zh-CN', 'zh-CN', '-1', '1', '24', 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36', '1', '1', '1920', '1080', '1920', '1040', '1', '1', '1', '-1', 'Win32', '0', '-8', '584f4432fe6ebea605c1f943c0a39f15', '0b03cc6df4e2fc61df0144cad52b685f', 'nppdf32.dll,npalissologin.dll,npAliSecCtrl.dll,npaliedit.dll,npYunWebDetect.dll,internal-pdf-viewer,mhjfbmdgcfjbbpaeojofohoefgiehjai,np-mswmp.dll,internal-nacl-plugin,npQQMailWebKit.dll,npQMExtensionsMozilla.dll,npQzoneMusic.dll,npactivex.dll,npxluser2.0.2.3.dll,npcombrg.dll,npQQPhotoDrawEx.dll', '0', '-1', '0', '6', 'Arial,ArialBlack,ArialNarrow,Calibri,Cambria,CambriaMath,ComicSansMS,Consolas,Courier,CourierNew,Georgia,Helvetica,Impact,LucidaConsole,LucidaSansUnicode,MicrosoftSansSerif,MSGothic,MSPGothic,MSSansSerif,MSSerif,PalatinoLinotype,SegoePrint,SegoeScript,SegoeUI,SegoeUILight,SegoeUISemibold,SegoeUISymbol,Tahoma,Times,TimesNewRoman,TrebuchetMS,Verdana,Wingdings', 1626846127770, '-1', '-1', '-1', '12', '-1', '-1', '-1', '6', '-1', '-1'] var n=data.join("magic data") var passtimes = randomNum(10000, 20000) var t=testaes['RrSY'](n) var h= testmd5(t) //获取h值 var hh=testmd5(data.join("magic data")) console.log(hh) //获取hi值 var hi=testmd5(data.join("!!")) console.log(hi) var rp = testmd5(gt+challge+passtimes) var data1={ "lang":"zh-cn", "type":"fullpage", "tt":t, "light":"SPAN_0", "s":"c7c3e21112fe4f741921cb3e4ff9f7cb", "h":h, "hh":hh, "hi":hi, "vip_order":-1,"ct":-1, "ep":{"v":"9.0.7","de":false,"te":false,"me":true,"ven":"Google Inc.","ren":"ANGLE (Intel(R) UHD Graphics 630 Direct3D11 vs_5_0 ps_5_0)","fp":["move",545,232,1626750892274,"pointermove"],"lp":["up",373,314,1626750896424,"pointerup"],"em":{"ph":0,"cp":0,"ek":"11","wd":0,"nt":0,"si":0,"sc":0},"tm":{"a":1626750891079,"b":1626750891417,"c":1626750891417,"d":0,"e":0,"f":1626750891082,"g":1626750891084,"h":1626750891112,"i":1626750891112,"j":1626750891172,"k":1626750891130,"l":1626750891172,"m":1626750891413,"n":1626750891413,"o":1626750891418,"p":1626750891660,"q":1626750891660,"r":1626750891663,"s":1626750891664,"t":1626750891664,"u":1626750891664},"by":0}, "passtime":passtimes,"rp":rp,"captcha_token":"1645706478"} return testaes['SBoX'](testenc()["encrypt"](JSON.stringify(data1),ue)) }//console.log(get_ww("019924a82c70bb123aae90d483087f94","ea6698b3074ebb51c091ceaab07fe4f5"))//console.log(get_traeck())console.log(get_ajaxw("019924a82c70bb123aae90d483087f94","ea6809a6067a797a8cf4f905ddb19fa9"))
image.png
image.png