官方公众号企业安全新浪微博
FreeBuf.COM网络安全行业门户,每日发布专业的安全资讯、技术剖析。
FreeBuf+小程序
JS逆向之某网站爬虫大赛第一题详解
- 关注
JS逆向之某网站爬虫大赛第一题详解
0.概述
现在越来越多的网站用到了前端的JS混淆或者展示数据混淆加密,以及对传输的信息进行前端加密之后在传输。提高了爬取网站数据难度,以及渗透测试过程中对登录接口爆破难度。
这个系列主要是针对某网站爬虫大赛中题目逆向过程简单记录。共计17道题,从简至难,项目地址如下:
http://match.yuanrenxue.com/list
关于某网站爬虫大赛第一题详细题解分析过程,实战地址:
http://match.yuanrenxue.com/match/1
打开URL看看题目的要求,抓取5页机票的价格,并计算平均值,打开浏览器的调试工具,发现有个debug,选中debug这一行,右键 never pause here,直接就过了。
经过对Network面板中的请求分析,发现机票价格数据是一个XHR请求得到的json数据:
经过多次请求和抓包分析,即使page页面相同,m参数每次都会变,获取数据的唯一变量值就是参数m,但是m 是可以重放的,估计是1分钟的有效期,利用burp抓包,修改page的值,不变参数m,短时间内,一个m值可以把page1-5的所有机票价格都可以获取,前提得修改UA的值为 User-Agent: yuanrenxue.project,这是最简单快捷,不用去分析JS就可以可以获取答案的方法。
但是如果我们用这种方法得到答案,可能就失去了此题的本意了,以下是分析JS代码生成m参数值的过程,然后每次请求都可以生成有效的一次性的参数m的值,通过Python重写获取机票价格的脚本,计算出答案。
1. 定位:
获取数据的是该XHR请求:
http://match.yuanrenxue.com/api/match/1?m=68afadf4945964b792503ed1efe11953%E4%B8%A81606976298
请求m参数的值由两部分构成,中间由中文的|间隔符拼接,右边有点像时间戳,
通过两种方式定位到m参数是如何形成的源码处:
方法1.直接全局搜索中文的丨符号,全局搜索只有一处,那应该就是这里了。
方法2:直接通过request call stack定位过来:
点击进入直接到源码所在处,可以看到生成逻辑就直接在首页的源码中。
2.调试
将关键代码抠出来,放到自己的新建的HTML页面中进行调试:
本地一个web服务
python -m http.server
然后将HTML放到web根路径,加载HTML,现在的思路就是缺什么补什么:
缺oo0O0函数就补该函数
回到第一题的页面,我们可以通过console来获取这个函数的代码
以下是oo0O0函数的定义,加入到本地的HTML代码中
function oo0O0(mw) {
window.b = '';
for (var i = 0, len = window.a.length; i < len; i++) {
console.log(window.a[i]);
window.b += String[document.e + document.g](window.a[i][document.f + document.h]() - i - window.c)
}
var U = ['W5r5W6VdIHZcT8kU', 'WQ8CWRaxWQirAW=='];
var J = function (o, E) {
o = o - 0x0;
var N = U[o];
if (J['bSSGte'] === undefined) {
var Y = function (w) {
var m = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=',
T = String(w)['replace'](/=+$/, '');
var A = '';
for (var C = 0x0, b, W, l = 0x0; W = T['charAt'](l++); ~W && (b = C % 0x4 ? b * 0x40 + W : W, C++ % 0x4) ? A += String['fromCharCode'](0xff & b >> (-0x2 * C & 0x6)) : 0x0) {
W = m['indexOf'](W)
}
return A
};
var t = function (w, m) {
var T = [], A = 0x0, C, b = '', W = '';
w = Y(w);
for (var R = 0x0, v = w['length']; R < v; R++) {
W += '%' + ('00' + w['charCodeAt'](R)['toString'](0x10))['slice'](-0x2)
}
w = decodeURIComponent(W);
var l;
for (l = 0x0; l < 0x100; l++) {
T[l] = l
}
for (l = 0x0; l < 0x100; l++) {
A = (A + T[l] + m['charCodeAt'](l % m['length'])) % 0x100, C = T[l], T[l] = T[A], T[A] = C
}
l = 0x0, A = 0x0;
for (var L = 0x0; L < w['length']; L++) {
l = (l + 0x1) % 0x100, A = (A + T[l]) % 0x100, C = T[l], T[l] = T[A], T[A] = C, b += String['fromCharCode'](w['charCodeAt'](L) ^ T[(T[l] + T[A]) % 0x100])
}
return b
};
J['luAabU'] = t, J['qlVPZg'] = {}, J['bSSGte'] = !![]
}
var H = J['qlVPZg'][o];
return H === undefined ? (J['TUDBIJ'] === undefined && (J['TUDBIJ'] = !![]), N = J['luAabU'](N, E), J['qlVPZg'][o] = N) : N = H, N
};
eval(atob(window['b'])[J('0x0', ']dQW')](J('0x1', 'GTu!'), '\x27' + mw + '\x27'));
return ''
}
本地环境,再次运行,报错的是10行oo0O0函数中的 window.a.length, 那么就需要分析Windows window.a是什么:
回到题目中,利用相同的方法在console中输入window.a + ''获取对应的值,然后复制出来加入到本地的HTML代码中。
"isMRQsxrU]xtDhMbZJrrdvxPiiuypx]qz}® g°¤¯©¡tª¥¯º§¯·£¢³²¯¥ ĺ¡Ä½¢±Õ¿Ç¡É¹ײÓÏÔÎÓÖÏ¡¹Üɤ¤ßÃÉßòÝÂÄõÖëëõãÅëìÐÙÿðÕ÷ăøïûóÀòÕăþöÞáĒþăĆČăõùÑăďñÔĆýàĝòñôÞûôèĤċöĈģĎĉģïĜħđìġĖĉĵĊĉčĴħijľŁĢĴĤüĘĕĝņĴĿĩĺķĭĨĉĤĢĩČŀňĩʼnłĹĘŗİĭĬŘĵıİšŏĵŅťŋĥŅţŀţŅŧŜŨʼnIJňőūĹśŰřŹŞĹřŸūļĿųŰŁšƉũńńſţũſƀŤŲƏƕŷŶűőƄƏŗƋžƓƓƝƋŮŵƦƑŶŸƟƊŤŬƭƏƌŰƬƓžƐƫƠűƑƹƎƯƍƴƧƳƾƷƢƝƶƿƦơƄǃƫƩƈǂƹƝƾljƲƌǃǕǀƑǎǐƬƺƔǑljƽƜǒǍƱǗǢǏǗƱǟNjNJǛǚǖƽƨǠǒƫƴǰǗǂǔǯǚǕǻǭǐǞǻȁǣǢǝƽǰǻǃǷǪǿǿȉǷǚǡȇdzDzȂȋǶǐǘșǻǸǜȓȇǽǭȒȁǜǜȗǻȁȗȘǽǹǼȤȀȎǨȥȝȑǰȦȡȅȫȶȣȫȅȭȓȰșȮȪȑǼȴȦǿȈɄȫȖȨɃȮȩɏɁȤȲɏɕȷȶȱȑɄɏȗɋȾɓɓɝɋȮȵɕȻɘɀɟɊȤȬɭɏɌȰɧɛɑɁɦɕȰȰɫɏɕɫɬɑɍɐɸɔɢȼɹɱɥɄɺɵəɿʊɷɿəʒɽɢɥʂɾɥɐʈɺɓɜʘɿɪɼʗʂɽʣʕɸʆʣʩʋʊʅɥʘʣɫʟʒʧʧʱʟʂʉʺʥʊʌʳʞɸʀˁʣʠʄʻʯʥʕʺʩʄʄʿʣʩʿˀʥʡʤˌʨʶʐˍ˅ʹʘˎˉʭ˓˞ˋ˓ʭˠˇʲ˅˖˕˟ʤ˚˙ʽˍ˲˝ʽˢˬˢʱˉˬ˥ˊ˙˽˧˯ˉ˷ˣˢ˳˲˯˥ˠˁ˜˕˝˼ˮ̃ˤ́ˤˮˋ˕˦̗̈̊ˮ˦˨˕˲˪̒˜˶˜˹̗˺̘̝̜́̊˵̢̟̠̃˪̆ˬ̔˯̗̂̈˴̛̖̈˷̸̟̰̪́̒˼̵̷̵̵̛̹̱̥̺̙̙̻̥͈̯̱̭͚͎̝̭͎͎̣͈̤̬̼̄̿͊̿͂̍̐̐͋͋͛ͨ̿͊͘ͅͱ͈̾Ͳ̴͈́ͧͲ͕͌͘;͒ͯͲ̿ͬ͐;ͻ͑͘ͷ͜Όͬ̈́ͪ͋̓ͩ͠΄ΆΌͭ͢Ζ͐ͬ͵ΖΜͳͬ͗͡ΊΤΟ͞ΆΆΗΓάͣάΰ΄α·ΎͬΊΒΪκΐ͵ΝάΨίΉνΙΝͻυΛψΔΞόΠΈΣϐςΏνχΡϕΦΥΏΙέζΨΗβϠΰΙθήμϤμςπΧϕϟιϭξνϮαφϤϞϴϋϸόϺϐφϦθϔθϡϾϬϳϳξϦϦϘϷϫЌσЋϤψϺϐϼϝϐЏϷϵϔЎЅϩЊϛϿПКϡ϶ϾЄМВϡЉИДЛϵХЅЍϯϯНЧЁеІЅЦϹУЬз϶ООАЯУдϼрМЁЩидлЕрХЭюЏлєЌѐзТецлямѓчџџѝебЛџябѧѧшФіѦтмЧѫчѳѲѰыѨѦѷѐіѦжєњєкєўѿѿѝѥрѻџѨьҁѯѿѿҋѥѡѓҏѿ҇җҔѭѪѥ҆ѿҟҚҠҁѽҢҤѺҗҦҤѾҬҚѩ҃ҊҐѨ҇ҎҢѮ҈ҒҳҴґҙѴүғҜҀҵңҳҳӀҙҕӆӃҳӋӋӉҡҞҙҺҳӓӎӕҵұӖӘүӛӚҖҲҪӀӠҶҮӀҠҺӂӚӠӀҤҧҭӗӍӈҩӑҬӕөӈӅҳӳӣӕӻӷӑӍҿӻӬӐӿӺӘԈӝӴӝӖӜԍӡәӇԐӦӞӬӌӫӲӨӑӮԜӰԛӰӺԛԞӹԁӜԗӻԄӨԝԋԛԛԪԁӽӫԫԛԍԳԯԉԆԁԢԛԻԶӴԝԙԾӻԕԍӻՄԛՈԨԀԞԦԺԈԤԪԺՈԨԌՒԕԿԵԑԹԔԽՑԭ՞՛ՋգգաԹԵԟգՔԸէբՀհՍ՜ՅԾՀյՉՂՄչՎՆՄջՔՊՈԸՖմդռ՜ՀԿՉճթդՅխՈձօդաՋ֏տա֖֗խթ֗ֈլ֛֖մ֤օչղմգսյգ֬փպֲ֚ֆ֤ֈִ֊ַָָֹ֖֕֝ոֳ֗֠քַַֹ֧ׅ֝֙փַׇ֥֢֙֝־ַחגֵֹ֓ךםֲמלַ֮׀ֲֺ֥֟ׄ׀ֶ׀פֱׄ֨֯כב֭וְיֻקׯובװהל،סך؋צתענؚׯ״׳؏ؒן؋לؠ؇ײؖ؋؟،أؗدخׯد؟ؑططؘ״ئضؔػؖ؞ؔؿؙآؔ؟ئغآتب؈ئخؾٌجؐ؏ؙكعشؕؽؘفٕشر؛ُٟر٧٦ؽعا٧٘ؼ٫٦لٴـٳّٕٶٸُٻٺٸٓيِٿٗٴ٘ټٜـكىٳ٩٤م٭وٱڅ٤١ُڏٿٱڗړ٭٩ٛڗڈ٬ڛږٴڤٰڤڅځڦکپڛڪڨڂڊڢ٭چپڌڳڋڂڄٲڎګڮٻڧۀٸڼڣڎڡڲڧڻڨڿڳۋۋۉڡڝڇۋڻڝۓۓڴڐۂےڮڶڭۈڱڪۊۛڶھےۣڻڲۈڢھڶیڨۂ۟ۢگۛھڬ۰ۗۂەۦۛۯۜ۳ۧۉۿ۾ەۑڿۿۯۡ܇܇ۨۄ۶܆۪ۢۥۼۥ۞۠ܕ۩ۡۏېۮۦ۰۔۲ۺ۬ܟ۶۽ܖۣ܂۠ܤ܋۶܉ܚܣܐܧܛ܍ܳܯ܉܅۷ܳܣܫܻܻܜ۸ܪܺܖܞܝܰܙܒܔ܃ܝܕ܃ܣܪܘݑܦܞܜݕܪ݈݊ݗܬܶݗݙܵܽܘݓܷ݀ܤݙ݇ݗݗݥܹܽܣݧݗܹݯݮ݂݅ܽݞݗݷݲݸݏݘܳݷݒݰݐݻݖݞݔކݛݸݤފݟݦݠލݤݩނݏݻޔސݷݢݵކݻݔކޓއޟޟޝݵݱݛޟޏݱާާވݤޖަނތݧޫއލްފޒޘݱޏޮݶޓޚތޔޞޝޥހޟިތ߂ޯߏߋޥޡޓߏ߇ߗߔޭުޥ߆ߟߚޚ߁ߢޡޱޟߨߌީ߃ߊ߰߇ߤ߈ߵ߈ߒ߳ߴߑߙ߯ߓߜ߀߶ߣࠃ߳ࠀߙߕࠆࠃ߳ࠋࠋࠉߡߞߙߺ߳ࠓࠎࠔߪߴߏࠓ߮߶ߴࠗ߳ࠐ߸ࠢ߷ࠤ߰ߟࠨߴࠪࠆࠧࠩࠅࠍߨࠣࠇࠐߴࠪࠗ࠷ࠧ࠵ࠍࠉ߳࠷ࠧࠉ࠾ࠕࠒࠍࠧࡇࡂࡇࠩࠥࡊࡍࠢ࠙ࡎࡌࠦࡔ࠾ࡖࠬࠢࡊࠓࠤ࠰࠺࡛࡞࠹ࡁࠜࡗ࠻ࡄࠨ࡞ࡋ࡛ࡪࡁ࠽࡛ࠫࡍࡳࡉࡆࡁࡢ࡛ࡻࡶ࠵࡙ࡾ࠹ࡕࡍ࠻࡚ࡒࡔࡁࡦࡺࡆࡤࡪ࢈ࡨࡌࡕࡿࡵࡰࡑࡹࡔࢇࡰ࢛࢞ࢋࢣࢣࢡࡹࡵࢣࡸࢧࢢࢀࢰࡼࢯࢍࢲࡱࢉࢂࢌࡴࢎࢆ࢈ࡶࢊࢮࣂ࢞ࢿࣀ࢝ࢥࢀࢻ࢟ࢨࢌࣂࢯ࣏ࢿ࣌ࢥࢡ࣒࣏ࢿࣗࣗࣕࢭࢪࢥࣆࢿࣟࣚ࣠ࢷࣀ࢛ࣟࢺࣂࣀࣣࢽࣆ࣌ࢦࣂࢺࣈࢫࣈࢾࣈࣶ࣑࣋࣪ࢷࣣ࣬ࢴ࣮ࣣࣸࣟ࣊ࣝࢼ࣮࣯ࣻࣷइऄࣝࣙऊइࣷएएएࣰ࣌ࣾऎ࣏࣫ࣤओ࣮ऌࣤगࣱࣺࣸटࣷࣾऀदࣻनख࣠ऀࣵञ࣫गरࣨबओࣾऑढगࣰढयणऻऻहऑऍࣷऻफऍृृतऀलूठनःेणऩॎउधॄूऌफढसऐमड़ॊ॔ऴघफ़डोु़झॅठ॓फ़़ह४१ॗ९९७ॅुफ९ॠॄॳ८ौॼैऴढ़ख़ॾऽॕ्ऻग़॒॔ॅॠॖ॔ॣঀংএ।८এঐ७ॵॐঋ९ॸड़ॿটএজॵॱঢটএধধথॽॺॵখএযপললঋঁশখপॷীঠূঘঞতৄঘঢৃডিণবঐৃথএৃথমৃৣঠু০৩া৪৬ূ৲েৎৈ৴োী৸ৌ৷৺ঢ়স৳ৗৠৄ৺১ਇ৷ਆঢ়েਇ৷৩ਏৢঢ়৾৷ਗਘ৮ਗ৳৹ਞਜ৶৾ৼড়৻৲ਈ৾ਆ০ਃਯਢ৯ਛ৾৬ਰਗਂਕਦਛ৴ਦਲ਼ਧਉਿਾਕਿਯਡੇੇਨਸ਼ਢੂਇੋਨਭਫਲਤਐਮਦਰਗਪਸਸਜਛਥੀਡਤੀਧ੫ਜ਼ੳੲਲ਼ੳੈੲ੫੬਼ਖ਼ਫ਼ઌ੨ੈ੧ઔ੨ઌ੬ਖ਼ઃੴઋખੴੱટએઁધણ੫ધઘફદવકઑશહઅસચલુખઞઔૃછૈલટકાઋષૐઈૌળઞૂાથૃભગોભૣૣૄઠૢિૈણ૧ૃહ૮૬રોૌસૠૄૻ૮ଃોଇ૿ଏଌૢ૾ଗૹଚଜૹଞଜଔ૬ଥૺଘૣ૿૦ଂଯଢ૯ଛ૬ରଗଂକଦଢଉପଳଧଙିକଃିଯଷେେନଶଢପଝ଼ଥଞଠଢତଔମଡ଼ଲୠନଙଷଡ଼଼ଠଣୄଥ୍ନୟ୧ୄୁଯ୯ୟ୷୳୍୷୨ୌ୶଼ୡஆஉஊஈୢஐ୬ஒ୦ஆ୍୫୲ஐ୰ଢ଼இଡ଼ஓ୵୧ணஓநமஜயபஈஸஅதஆஔஷசஜேடஔதஈறவஐேனௗேவறௐழ௬ு௰ாீ௵ோ௸ைழௐௐ௸௯ு௩ఃேఋఓఒ௩ఓఄ௨గఒ௰ఠఋఌ௵௮௰௹௱నఆఈఄఊచ௪ఆఴఄబఌ௰௳௹ణఙఔ௵ఝ௸యషఔియడేృఝఙఋేసజోెతఠవఱౖౙమౚౘలనఝషమ౦లైఠావఫన౬ాౢ౦౯ౣ౻౻౹్ష౻౫్ಃಃీಂ౦ౡ౸ౡౚ౨ಋ౧಄ಂಔ౪ಈಂౕ౮ಆ౺ಛಛ౹ಁಗ౻಄౨ಟಒಛಧಁ౽౯ಫಛಣಳರಉಆಁಢಛಶಝಙಾೀಖಝೂೀಚೈತ಄ಟದಠಇಢೀಠತಮಭವಐೋಯಸಜೆವಱೢ೧೧ಽವೖ೯೪ೲ್ೲೋ೧ೌೊ೮ഀೞ೮ುೢഃഅೡ೩ೄೣ೬ഇೝഃ೩ഓഃഛചೱ೮೩ഊഃണഞೞഅഁദഩഫപ೧ഃഠറഈഎഀഌപണ഼സടഊഝമപല഻യേേഝങഃേഷങ൏൏രഌാൎബഴഏയഥ൚൘ളസൟശൄജ഻ലൖണ഼െ൧൧്നൣേഴ൫൞ു൧൳്഻൷൧൯ൿർൕ്൮൧ඇංඈ൞ൾൃඇൢ൪൜උ൮൬ඕ൪൲ආ൯൶ඊඞ൳൹ඒൟඋൾ൜චඇ൲අඖඒ൹කඣඉදණඅඁ൳දඟටභභ൴ඦබඒකඝඬඕඎඐൾඒඤ්ඞඖබජවඬෑඦඝෆඓඐුරඦඹ්ෆතීඹඵ෦ී෫෫෫ඨේ෪ෆ෦ණ෯්෨ෳූ෮ඹීේුขෘලේෳฌහจ෯ේ෭ฆซททต෭෩ීทง෩ฟฟොฎพ෴ෟรปสศขชย෬งฤจำฌขฐฌถืืตฝำทภคฮมืใฝนซ็ื฿๏์ลยฝื๗๒ณูี๚าษึิพฺโิยๆไใ้ฯ๛๎ฬ๗โ๕๙๙๕๑ใງງไຆํ๏ຘ๖ຠ๘ຂຣລກຉຟຌຨບຍຣັຉຳຣົ຺ຑຎຉສຣໃລມໆ້ພລ໊່ຣສ຺ຈ໔ຬ໓ຫາິ໐ະດປຝຽຸນແຜ໗ໜຸີວ໓ແຽໜເ່ໄ໙໕ຶ໑໊໌ົ໖໎໌ຼໜ໒ແໟ༌໘༄່༎໑ໍ໐་༐༚༗༇༟༟༝༟༐༣༞༬༁༘༁༯༅༴༌༂༪༏༆༔༓༰༈༔༞༿ཀ༝༥ༀ༻༟༨༌ང༶༩༿ཌ༥༡དྷཏ༿བྷབྷཕ༭༪༥ཆ༿ཟཚའ༶༰༛ཟ༺གངལ༽ཆ༸ཫགྷཊ༼༩ཆཤཬཌ༰༳༹ལཙཔ༵ཝ༸ཱིླྀཔད༿ཿཡ྇ྃཝཙཋ྇ླྀཛྷྋ྆ཤྔཡྀཀྵརཨཥནྜྷིཪོམླྀཾུྥཻྨྚཥོ྆ྦྷྪ྅ྍཨྣ྇ྐུྫྷྞྑྦྷྶྍྉཷྷྦྷྙ྿ྻྕྒྍྮྦྷ࿇࿂྄ྩྥ࿊྆ྡྚྜྌྦྷ࿔ྨ࿖ྪྲྫྷ࿚ྯྶ࿎࿔ྴྡ࿋࿁ྼྜྷ࿅ྠྼྐྵ࿗࿅࿁ྫ࿄࿌࿈ྵ࿙က࿖ဂက࿚ဈ࿐࿂࿘࿇࿚ဈ࿌࿋࿕࿑࿔ဏန࿗ရဋဣဢဣနဧဢကူထလစကဉခးဏဖလျဒယဲဖ၄ဲ၃ဘဢ၃၅အဩငဿဣာတ၈်ိ၃ၑဩဥဏၓ၃ဥၛၚေီဩ၊၃ၣၞၤ်ဟဟၣှၜးၧ၂၊၄ၯ၈၎၀ိ၊ၒၘူၐၕၮျၧႀးၼၣ၎ၡၲၮၥၺၿၳႋႋႉၡၝ၇ႋၻၝ႓႓ၴၐႂ႒ၯၨၓ႗ၳႏ႞ႜၶၾၼၝၻႂၸႪၾၶ႖ႫႀႊႫႫႉ႑ၬႧႋ႔ၸႰႢ႕ႫႷ႑ႍၿႻႫႳჃჀ႙႖႑ႲႫႢႬႇႦႮႜႩႲႤიႮႤოႲႺႨტႷფზნႼႠ႟ႩდჄႥჍႨუშჄჁႫჯჟჁჷჶჍႷჷშ჻ჶეᄄვჰკგეჁოზჶᄌფლჺყᄔფჍწჱᄊთᄃᄌეᄘჿცჽᄎᄊᄁᄖᄛᄏᄗᄧᄤჽჹᄪᄧᄗᄯᄯᄯᄐწᄞᄮᄌᄔჯᄳᄎᄬᄈᄷᄑᄚᄔჸᄖᅄᄜᄀᄛᄢᄤᄁᄞᄥᄾᄋᄷᅐᄈᅒᄲᄱᄵᅈᄵᄐᄥᅋᄻᄥᅋᅚᄱᄭᅖᅘᄸᄜᄟᄥᅐᄠᄵᅝᅋᅈᄬᅜᅏᄽᅈᅧᅛᅣᅳᅫᅈᅒᅳᅴᅑᅚᅑᅬᅟᅳᅝᅮᅢᅡᅝᅷᅘᅕᄿᆃᅫᅻᅾᅋᅷᅚᅈᆒᅲᅱᅵᆈᅵᅐᅥᆋᅻᅥᆋᆗᅱᅭᅼᆘᆏᆂᅵᆘᆑᅶᆅᆩᆓᆛᅵᅶᆘᆤᆁᆠᆞᆍᆣᆲᆉᆅᅳᆳᆣᆕᆻᆷᆐᆞᅸᆵᆭᆡᆀᆶᆱᆕᆻᇆᆳᆻᆕᇈᆯᆚᆭᆾᆲᆌᆌᇑᆨᆥᇆᇓᆻᆵᇛᇏᆱᆭᆴᇛᇃᇣᇣᇙᆸᇆᇣᇩᇋᇊᇅᆥᇘᇣᆫᇟᇜᆬᇁᇩᇗᇔᆸᇨᇛᇉᇔᇳᇞᇳᇳᆸᇡᆽᇕሂᇯᇑᇷሊᇪᇩᇭሀᇭᇈᇝሃᇳᇝሃሖᇶᇵᇹሌᇹᇔᇩሏᇿᇩሏሔᇵᇱሒሜᇹᇶᇽመላሟሉሚሎልሉሣሄሁለሯሗሧሪሰልሉሦሴሑልመሸሯሡሥᇽሯሻምሀሲሩሌሞምለቃሧሰሔሷቇቇርሩሼቆስሱቀቁቧሼቊቧቭሩቜቧሯባቕቐሱሴቑቸቧቯቮቷባታብቾቘቦኆቿቜቚቈኁበቩቱቤቭናኊቩብቸናቻትኛኔቱቭኘኁኅቝኛችበኒቬኩቾችቨኣኇነቴኪኗኧኮኍኜኦኹንኑአኮኡኜኪውኯኮኩኼዃኵኰኑኹኔዘዏዎዃዓዅዝኸዦዟዒያዌዣዛዣዦየዄውዳዪዉዅዘዳዛዕዻዴዑውዮዸዯዡዥኽዯዻዝዀዲዩዌጉዞዝወጃዧደዔጋዾዡጇጎይዩዼጆጟጟጙድዱጀጟጎጁጧጟዼጊጧጭጏጎጉዩጜጧዯጣጟጕጐዱጙዴጸጧጯጯጵጡጷጿጱጮጷፇጾጝጙጬፇጯጩፏፈጥጡፂፌፃጵጹፃፏጱጔፆጽጠ፝ጲጱጜፗጻፄጨ፠ፒፅ።ፁጽፐ፫ፚ፳፳፭ፉፅፔ፳።ፕ፻፳ፐ፞፻ᎁ፣።፝ጽ፰፻ፃ፷፳፩፤ፅ፭ፈ፥ᎌ፻ᎃᎃᎎ፵ᎇᎇᎍᎇ፥ᎋፏᎆᎏ᎒᎘፵፱ᎎᎇ᎗Ꭷ፹Ꭷ᎖፹Ꭳ፱᎓Ꭸ᎑Ꮁ᎖፱᎑ᎰᎣ፴፷Ꭻ፸ᎀᏁᎣᎠᎄᎻᎯᎥ᎕ᎺᎩᎄᎄᎿᎣᎩᎿᏂᎥᎡᎴᏌᏂ᎑ᎹᏈᏄᏋᎥᏐᎵᎾᎵ᎘ᏌᏔᎵᏕᏎᏅᎤᏣᎼᎹᏀᏤᏄᎨᏣᏥᏄᏁᏐᏱᏟᏅᏕᏵᏛᎵᏕᏳᏕᏰᏌᎺᏔᏢᏸᏝᏥᏝᐆᏴᏩᏺᏭᏨᏉᏤᏡᏰᐏᐗᏔᐓᏻᏹᏘᐒᐉᏭᐎᐙᐂᏜᐓᐥᐐᏡᐞᐠᐗᐊᐍᐜᐘᐟᏹᐠᐉᐏᐁᐵᐠᐫᐅᏵᐌᐆᐈᐐᐙᐿᐳᐙᐟᐑᑅᐰᐻᐕᐅᐜᐖᐘᐆᐠᐪᑋᑅᐻᐍᐤᑋᑁᑋᐥᑙᐪᐩᐬᐝᐲᐪᑛᑑᐹᐮᐰᐞᐼᐠᐸᑢᐼᑫᑟᐫᑎᑌᑫᑡᑑᑎᐬᑨᑔᐰᑉᑤᑙᑬᑮᑻᑔᑚᑜᒁᑖᑴᑜᑀᑛᑸᒃᑻᑨᑄᑝᑸᑥᑭᑭᑺᑲᒆᑌᒁᑪᑲᑴᑐᑰᑶᑸᑕᑳᒐᒎᒡᑸᑲᑜᑞᒆᒆᑸᒗᒋᒬᑤᒞᒗᑩᒁᒤᒑᑬᑬᒧᒋᒑᒧᒨᒍᒯᒑᒺᒧᒳᒕᒰᒭᒍᒳᓆᒱᒖᒘᓉᒪᒿᒿᓉᒷᒙᒿᓅᒤᒭᓆᓏᒫᒲᒤᓙᒬᒔᒼᓙᓇᒭᒽᓝᓃᒝᒽᓛᒸᓛᒽᓟᓔᓠᓁᒪᓀᓊᓫᓱᓓᓒᓍᒭᓠᓫᒳᓧᓚᒴᒼᓽᓟᓜᓀᓼᓣᓎᓠᓻᓧᓑᓄᓺᓳᓄᓈᓾᓮᓮᓨᔇᓳᔓᔆᔏᓫᓲᓤᔙᓬᔜᓨᔝᓴᓩᔓᓡᔃᔘᔁᔡᔆᓡᔁᔠᔓᓤᓧᔛᔘᓨᓽᔥᔓᔐᓴᔤᔗᔅᔐᔯᔚᔕᔻᔯᔐᔞᔻᓺᔢᔢᔔᔳᔦᕈᓿᔿᔪᔥᔬᔆᔣᔪᔬᕒᔧᔭᕆᕎᔨᔥᔰᕍᔯᕌᔸᔕᔲᕠᔼᕘᔸᔝᕅᕔᕐᕗᔱᕙᕁᕅᕛᕜᕅᕠᔫᕰᕇᕣᕦᕮᕈᕅᕐᔫᕑᕬᕈᔶᕐᕙᕺᕷᕢᖄᔿᔷᕚᕢᕨᖀᕠᕅᕝᖀᕹᕞᕭᖑᕻᖃᖃᖅᕭᕢᖖᖘᕯᖋᖏᕜᕰᕭᕴᖕᕷᖔᖀᕝᕺᖨᖄᖠᖗᖉᖍᕥᖗᖣᖅᕨᖚᖑᕴᖱᖆᖅᖉᖰᖥᖈᕼᖽᖧᕸᖾᖷᖢᖝᗃᖵᖘᖦᗃᗉᖫᖪᖥᖅᖸᗃᖋᗇᖲᖮᗒᖔᖶᗇᗋᖘᖬᖩᖨᖏᖵᗐᖛᗗᖶᗤᖴᗠᗆᗗᗚᗠᗗᗉᗍᖥᗗᗣᗅᖨᗚᗑᖴᗱᗆᗆᗍᖰᗤᗬᗍᗭᗦᗝᖼᗻᗔᗑᗜᗼᗲᗁᗩᗸᗴᗻᗕᗾᗥᗫᗝᘑᗼᘇᗡᗑᗨᗡᘊᗗᘅᘏᗩᘝᗮᗭᗬᗡᗴᗮᗰᗤᗽᗵᗽᘟᘔᘠᘁᗪᘀᘉᗧᘰᘈᗬᘕᘲᘠᘧᘧᗲᘚᘚᘌᘫᘞᘰᗷᘿᘘᗼᘔᘄᘧᘑᘄᙃᘫᘩᘈᙂᘹᘝᘾᙉᘲᘌᙃᙕᙀᘑᙎᘗᘺᙋᙖᘝᘾᘘᙏᙡᙌᘝᙚᙜᙒᘠᘽᙒᙊᙜᘧᘟᙃᙌᘨᘰᙉᙍᙣᙧᙉᙫᙍᙯᙚᙚᙍᙈᙧᘸᙙᙴᙚᙢᙜᙻᙦᙷᙈᙺᙲᙚᙝᚎᙺᙿᚂᚅᙲ᙭ᚆᙔ᙭ᙡᚇᚉᙫᙶᙰᙰᙾᙘᚡᚃᚂᙽᙝᚐ᚛ᙣᚗᚊᙥᙤᚡᚙᚍᙬᚢᚁᚧᚲᚧᚁᚩᚢᚙᙸᚷᚒᚴᚕᙸᚬᚳᚳᚶᚘᚦᛃᚂᚪᚪ᚜ᚻᚯᚚᚇᛁᚢᛄᛏᚎᚶᚶᚨᛇᚺᚶᚓᛓᚲᚺᛞᚠᛂ᚜ᛓᛥᛐᚡᛞᛠᚽᛆᚸᚫᛏᛣᚰᛱᛄᛂᛕᛤᛠᛧᛁᛩᛑᛖᛄᚻᛞᛰᛲᛕᛷᜃᛸᛯᛳᛀᛲᛕᜂᜎᛢᜀᜋᜁᛤ᜔ᛌᜆᛦᛩᜆᜋᜏᛛᛩᛡᛝᜥᜎᜅᛤᜟᜍᜭᛨᛨᜁᜁ᜵ᜎᛰᛸᜫ᜕ᜪᜳᛷᜱ᜴ᜥᜢᜃᜡᜟᜪᜤᝑᜤᜭᝆᝉ᜶ᜱᝋᝄᝏ᜔ᝉᜱᜲᜱᜥᝇᝅᝥᝊᜥᝅᝤᜨᜫᝒᝧᝧᝂᝉᝯᝪᝳᝳᝑចᝉᝲᝩᝈᝮᝈធᝳᝮᝓចᝪᝢᝤយᝮវᝳថដᝯខឃលᝪហឰឆឤឈᝬឋធមᝳថឆឯឬឞឳផឳឣឡឤ឵វខឩី឴ុផឿឥឩហេឨឌ឵្ៀះះធឺឺឬ់ើឺភីវឰឤំ៧ឤ៣់៉ឨ២៙ួ៩ះើ៤ៈ៷៲៰៦឴។៶៕៝័២ូ៳៴៰៹៕ៀៜ៕ៈៜៃ៩᠄៥᠀᠈៓᠏៩៨᠐៳៩᠒᠙៸ៜ៸᠁᠆᠈ᠤ᠀៨᠀ᠭ᠒ᠣᠤᠠᠩ᠅៰᠌᠅ᠫᠮ៸᠌៳᠙ᠴ᠕ᠰᠸ᠃ᠿ᠙᠘ᡀᠣ᠙ᡂᡉᠨᡆᡌᠧᡈᠤ᠑ᠬᠺ᠔ᡝᠿᠾᠹ᠙ᡌᡗᡓᡇᠶᠠᡝᡕᡉᠨᡞᡙᠽᡣᡮᡛᡣᠽᡥᡞᡕᠴᡳᡎᡯᡌᠶᡓᡉᡯᡳᡔᡢᠾᡦᡦᡘᡷᡪᢌᡃᡦᡫᡡᡜᡫᡟᡱᡣᡯᡎᢇᡪᡴᢍᢗᡱᡜᡸᡰᡱᢂᡟᢁᢆᢇᢞᢗᢍᢌᢌᢧᢠᢒᢧᢉᢧᢗᢕᢙᢢᢉᢵᢦᡸᢿᢼᢷᢄᣃᢰᢦᢙᣊᢵᢚᢩᢆᢹᢉᢿᢍᢾᣄᢜᣔᢪᣈᢐᢶᢼᢗᢴᢪᣒᣚᢵᣣᢴᢣᣑᣛᢵᣩᢺᢹᣌᢾᣟᣀᣓᣧᢴᣵᣈᣆᣙᣨᣤᣫᣅᣭᣕᣚᣈᢿᣢᣴᤃᣙᤇᣳᣄᣙᤆᣈᣨᣌᣤᤎᣭᣲᣬᤐᤆᣕᤌᤈᤏᣩᤔᤒᤛᣵᤁᤒᤊᤜᣧᣟᤂᤢᣧᣣᤉᤤᤢᤈᤅᤈᤏᤅᤴᤏᤰᤐᤗᤝᤶᤄᤝᤒᤔᤂᤜᤪ᥊ᤠᤙᤰᤌᤤ᥎ᤪᤲᤓᤋ᥎ᤓᤏᤵᥐ᥎ᥙᤴᥓᥕᤸᥨᤴᥠ᤻᥆᥄ᥤ᥀᥉ᥐᥱ᥇᥎ᥐᥬ᥍ᤴ᥌ᥚᥳᥐ᥍ᥙᥪᥢᥳᦅᥝᦉᥩᥦ᥇ᥤᥙᦆᦇᥤᥡᥤᦎᥪᦇᦊᦌᥥᦎᦔᦐᥰᥙᦖᥣᦇᦛᥨᦩᦍᦜᦘᦟᦠᦉᦎᥳᦖᦒᦶᥰᦐᥴᦈᦶᦐᦿᦳᦪᦡᦤᦻᦦᦷᦾᦄᦜᦄᦘᧅᦣᧀᦌᧃᦥᧇ᧓ᧈᦿᧃᦐᧂᦥ᧒᧞ᦲ᧓ᦟᧃ᧓᧞ᦥᧆ᧘ᧈᦠ᧔ᦹᦹ᧟᧫᧑ᦳ᧗᧧᧲ᦹ᧚᧻ᦸ᧮᧦ᨁ᧚᧢᧻᧘᧕᧤ᦻ᧡᧼᧬ᨅ᧠᧚᧤ᨌ᧲᧭ᨆᨌ᧧ᨈ᧸ᨚ᧬᧺᧔ᨋ᧾᧱ᨔᨍ᧲ᨁᨥᨏᨗ᧱ᨗᨆᨧ᧧ᨖᨍ᧬ᨣᨛ᧭᨞ᨱᨗᨧᨀ᧹ᨊᨉᨫᨰᨪᨌᨀᨼᨣᨎᨠᨻᨯᨦᨳᩈᨴᨪᨕᩋᨺᨿᩂᨕ"
本地环境,再次运行,报错的是14行oo0O0函数中的 window.a[i][(document.f + document.h)]
回到题目中,看看(document.f + document.h)是什么顺便将oo0O0函数的定义中的document.g和document.e)一起撸了 :
document.e='fromC';document.f='charCo';document.g='harCode';document.h='deAt';
在本地加入这些代码之后运行调试,报错是56行的eval(atob(window['b'])[J('0x0', ']dQW')](J('0x1', 'GTu!'), '\x27' + mw + '\x27'));
先看看atob(window['b'])是什么,JavaScript中atob() 方法用于解码使用 base-64 编码的字符串,那window['b']应该是base64编码的字符串,在题目源站的console直接输入atob(window['b'])获取数据,或者输入window['b']获取原始的base64值,其他地方进行base64解码也行。
"dmFyIGhleGNhc2U9MDt2YXIgYjY0cGFkPSIiO3ZhciBjaHJzej0xNjtmdW5jdGlvbiBoZXhfbWQ1KGEpe3JldHVybiBiaW5sMmhleChjb3JlX21kNShzdHIyYmlubChhKSxhLmxlbmd0aCpjaHJzeikpfWZ1bmN0aW9uIGI2NF9tZDUoYSl7cmV0dXJuIGJpbmwyYjY0KGNvcmVfbWQ1KHN0cjJiaW5sKGEpLGEubGVuZ3RoKmNocnN6KSl9ZnVuY3Rpb24gc3RyX21kNShhKXtyZXR1cm4gYmlubDJzdHIoY29yZV9tZDUoc3RyMmJpbmwoYSksYS5sZW5ndGgqY2hyc3opKX1mdW5jdGlvbiBoZXhfaG1hY19tZDUoYSxiKXtyZXR1cm4gYmlubDJoZXgoY29yZV9obWFjX21kNShhLGIpKX1mdW5jdGlvbiBiNjRfaG1hY19tZDUoYSxiKXtyZXR1cm4gYmlubDJiNjQoY29yZV9obWFjX21kNShhLGIpKX1mdW5jdGlvbiBzdHJfaG1hY19tZDUoYSxiKXtyZXR1cm4gYmlubDJzdHIoY29yZV9obWFjX21kNShhLGIpKX1mdW5jdGlvbiBtZDVfdm1fdGVzdCgpe3JldHVybiBoZXhfbWQ1KCJhYmMiKT09IjkwMDE1MDk4M2NkMjRmYjBkNjk2M2Y3ZDI4ZTE3ZjcyIn1mdW5jdGlvbiBjb3JlX21kNShwLGspe3Bbaz4+NV18PTEyODw8KChrKSUzMik7cFsoKChrKzY0KT4+PjkpPDw0KSsxNF09azt2YXIgbz0xNzMyNTg0MTkzO3ZhciBuPS0yNzE3MzM4Nzk7dmFyIG09LTE3MzI1ODQxOTQ7dmFyIGw9MjcxNzMzODc4O2Zvcih2YXIgZz0wO2c8cC5sZW5ndGg7Zys9MTYpe3ZhciBqPW87dmFyIGg9bjt2YXIgZj1tO3ZhciBlPWw7bz1tZDVfZmYobyxuLG0sbCxwW2crMF0sNywtNjgwOTc2OTM2KTtsPW1kNV9mZihsLG8sbixtLHBbZysxXSwxMiwtMzg5NTY0NTg2KTttPW1kNV9mZihtLGwsbyxuLHBbZysyXSwxNyw2MDYxMDU4MTkpO249bWQ1X2ZmKG4sbSxsLG8scFtnKzNdLDIyLC0xMDQ0NTI1MzMwKTtvPW1kNV9mZihvLG4sbSxsLHBbZys0XSw3LC0xNzY0MTg4OTcpO2w9bWQ1X2ZmKGwsbyxuLG0scFtnKzVdLDEyLDEyMDAwODA0MjYpO209bWQ1X2ZmKG0sbCxvLG4scFtnKzZdLDE3LC0xNDczMjMxMzQxKTtuPW1kNV9mZihuLG0sbCxvLHBbZys3XSwyMiwtNDU3MDU5ODMpO289bWQ1X2ZmKG8sbixtLGwscFtnKzhdLDcsMTc3MDAzNTQxNik7bD1tZDVfZmYobCxvLG4sbSxwW2crOV0sMTIsLTE5NTg0MTQ0MTcpO209bWQ1X2ZmKG0sbCxvLG4scFtnKzEwXSwxNywtNDIwNjMpO249bWQ1X2ZmKG4sbSxsLG8scFtnKzExXSwyMiwtMTk5MDQwNDE2Mik7bz1tZDVfZmYobyxuLG0sbCxwW2crMTJdLDcsMTgwNDY2MDY4Mik7bD1tZDVfZmYobCxvLG4sbSxwW2crMTNdLDEyLC00MDM0MTEwMSk7bT1tZDVfZmYobSxsLG8sbixwW2crMTRdLDE3LC0xNTAyMDAyMjkwKTtuPW1kNV9mZihuLG0sbCxvLHBbZysxNV0sMjIsMTIzNjUzNTMyOSk7bz1tZDVfZ2cobyxuLG0sbCxwW2crMV0sNSwtMTY1Nzk2NTEwKTtsPW1kNV9nZyhsLG8sbixtLHBbZys2XSw5LC0xMDY5NTAxNjMyKTttPW1kNV9nZyhtLGwsbyxuLHBbZysxMV0sMTQsNjQzNzE3NzEzKTtuPW1kNV9nZyhuLG0sbCxvLHBbZyswXSwyMCwtMzczODk3MzAyKTtvPW1kNV9nZyhvLG4sbSxsLHBbZys1XSw1LC03MDE1NTg2OTEpO2w9bWQ1X2dnKGwsbyxuLG0scFtnKzEwXSw5LDM4MDE2MDgzKTttPW1kNV9nZyhtLGwsbyxuLHBbZysxNV0sMTQsLTY2MDQ3ODMzNSk7bj1tZDVfZ2cobixtLGwsbyxwW2crNF0sMjAsLTQwNTUzNzg0OCk7bz1tZDVfZ2cobyxuLG0sbCxwW2crOV0sNSw1Njg0NDY0MzgpO2w9bWQ1X2dnKGwsbyxuLG0scFtnKzE0XSw5LC0xMDE5ODAzNjkwKTttPW1kNV9nZyhtLGwsbyxuLHBbZyszXSwxNCwtMTg3MzYzOTYxKTtuPW1kNV9nZyhuLG0sbCxvLHBbZys4XSwyMCwxMTYzNTMxNTAxKTtvPW1kNV9nZyhvLG4sbSxsLHBbZysxM10sNSwtMTQ0NDY4MTQ2Nyk7bD1tZDVfZ2cobCxvLG4sbSxwW2crMl0sOSwtNTE0MDM3ODQpO209bWQ1X2dnKG0sbCxvLG4scFtnKzddLDE0LDE3MzUzMjg0NzMpO249bWQ1X2dnKG4sbSxsLG8scFtnKzEyXSwyMCwtMTkyMTIwNzczNCk7bz1tZDVfaGgobyxuLG0sbCxwW2crNV0sNCwtMzc4NTU4KTtsPW1kNV9oaChsLG8sbixtLHBbZys4XSwxMSwtMjAyMjU3NDQ2Myk7bT1tZDVfaGgobSxsLG8sbixwW2crMTFdLDE2LDE4MzkwMzA1NjIpO249bWQ1X2hoKG4sbSxsLG8scFtnKzE0XSwyMywtMzUzMDk1NTYpO289bWQ1X2hoKG8sbixtLGwscFtnKzFdLDQsLTE1MzA5OTIwNjApO2w9bWQ1X2hoKGwsbyxuLG0scFtnKzRdLDExLDEyNzI4OTMzNTMpO209bWQ1X2hoKG0sbCxvLG4scFtnKzddLDE2LC0xNTU0OTc2MzIpO249bWQ1X2hoKG4sbSxsLG8scFtnKzEwXSwyMywtMTA5NDczMDY0MCk7bz1tZDVfaGgobyxuLG0sbCxwW2crMTNdLDQsNjgxMjc5MTc0KTtsPW1kNV9oaChsLG8sbixtLHBbZyswXSwxMSwtMzU4NTM3MjIyKTttPW1kNV9oaChtLGwsbyxuLHBbZyszXSwxNiwtNzIyODgxOTc5KTtuPW1kNV9oaChuLG0sbCxvLHBbZys2XSwyMyw3NjAyOTE4OSk7bz1tZDVfaGgobyxuLG0sbCxwW2crOV0sNCwtNjQwMzY0NDg3KTtsPW1kNV9oaChsLG8sbixtLHBbZysxMl0sMTEsLTQyMTgxNTgzNSk7bT1tZDVfaGgobSxsLG8sbixwW2crMTVdLDE2LDUzMDc0MjUyMCk7bj1tZDVfaGgobixtLGwsbyxwW2crMl0sMjMsLTk5NTMzODY1MSk7bz1tZDVfaWkobyxuLG0sbCxwW2crMF0sNiwtMTk4NjMwODQ0KTtsPW1kNV9paShsLG8sbixtLHBbZys3XSwxMCwxMTI2MTE2MTQxNSk7bT1tZDVfaWkobSxsLG8sbixwW2crMTRdLDE1LC0xNDE2MzU0OTA1KTtuPW1kNV9paShuLG0sbCxvLHBbZys1XSwyMSwtNTc0MzQwNTUpO289bWQ1X2lpKG8sbixtLGwscFtnKzEyXSw2LDE3MDA0ODU1NzEpO2w9bWQ1X2lpKGwsbyxuLG0scFtnKzNdLDEwLC0xODk0NDQ2NjA2KTttPW1kNV9paShtLGwsbyxuLHBbZysxMF0sMTUsLTEwNTE1MjMpO249bWQ1X2lpKG4sbSxsLG8scFtnKzFdLDIxLC0yMDU0OTIyNzk5KTtvPW1kNV9paShvLG4sbSxsLHBbZys4XSw2LDE4NzMzMTMzNTkpO2w9bWQ1X2lpKGwsbyxuLG0scFtnKzE1XSwxMCwtMzA2MTE3NDQpO209bWQ1X2lpKG0sbCxvLG4scFtnKzZdLDE1LC0xNTYwMTk4MzgwKTtuPW1kNV9paShuLG0sbCxvLHBbZysxM10sMjEsMTMwOTE1MTY0OSk7bz1tZDVfaWkobyxuLG0sbCxwW2crNF0sNiwtMTQ1NTIzMDcwKTtsPW1kNV9paShsLG8sbixtLHBbZysxMV0sMTAsLTExMjAyMTAzNzkpO209bWQ1X2lpKG0sbCxvLG4scFtnKzJdLDE1LDcxODc4NzI1OSk7bj1tZDVfaWkobixtLGwsbyxwW2crOV0sMjEsLTM0MzQ4NTU1MSk7bz1zYWZlX2FkZChvLGopO249c2FmZV9hZGQobixoKTttPXNhZmVfYWRkKG0sZik7bD1zYWZlX2FkZChsLGUpfXJldHVybiBBcnJheShvLG4sbSxsKX1mdW5jdGlvbiBtZDVfY21uKGgsZSxkLGMsZyxmKXtyZXR1cm4gc2FmZV9hZGQoYml0X3JvbChzYWZlX2FkZChzYWZlX2FkZChlLGgpLHNhZmVfYWRkKGMsZikpLGcpLGQpfWZ1bmN0aW9uIG1kNV9mZihnLGYsayxqLGUsaSxoKXtyZXR1cm4gbWQ1X2NtbigoZiZrKXwoKH5mKSZqKSxnLGYsZSxpLGgpfWZ1bmN0aW9uIG1kNV9nZyhnLGYsayxqLGUsaSxoKXtyZXR1cm4gbWQ1X2NtbigoZiZqKXwoayYofmopKSxnLGYsZSxpLGgpfWZ1bmN0aW9uIG1kNV9oaChnLGYsayxqLGUsaSxoKXtyZXR1cm4gbWQ1X2NtbihmXmteaixnLGYsZSxpLGgpfWZ1bmN0aW9uIG1kNV9paShnLGYsayxqLGUsaSxoKXtyZXR1cm4gbWQ1X2NtbihrXihmfCh+aikpLGcsZixlLGksaCl9ZnVuY3Rpb24gY29yZV9obWFjX21kNShjLGYpe3ZhciBlPXN0cjJiaW5sKGMpO2lmKGUubGVuZ3RoPjE2KXtlPWNvcmVfbWQ1KGUsYy5sZW5ndGgqY2hyc3opfXZhciBhPUFycmF5KDE2KSxkPUFycmF5KDE2KTtmb3IodmFyIGI9MDtiPDE2O2IrKyl7YVtiXT1lW2JdXjkwOTUyMjQ4NjtkW2JdPWVbYl1eMTU0OTU1NjgyOH12YXIgZz1jb3JlX21kNShhLmNvbmNhdChzdHIyYmlubChmKSksNTEyK2YubGVuZ3RoKmNocnN6KTtyZXR1cm4gY29yZV9tZDUoZC5jb25jYXQoZyksNTEyKzEyOCl9ZnVuY3Rpb24gc2FmZV9hZGQoYSxkKXt2YXIgYz0oYSY2NTUzNSkrKGQmNjU1MzUpO3ZhciBiPShhPj4xNikrKGQ+PjE2KSsoYz4+MTYpO3JldHVybihiPDwxNil8KGMmNjU1MzUpfWZ1bmN0aW9uIGJpdF9yb2woYSxiKXtyZXR1cm4oYTw8Yil8KGE+Pj4oMzItYikpfWZ1bmN0aW9uIHN0cjJiaW5sKGQpe3ZhciBjPUFycmF5KCk7dmFyIGE9KDE8PGNocnN6KS0xO2Zvcih2YXIgYj0wO2I8ZC5sZW5ndGgqY2hyc3o7Yis9Y2hyc3ope2NbYj4+NV18PShkLmNoYXJDb2RlQXQoYi9jaHJzeikmYSk8PChiJTMyKX1yZXR1cm4gY31mdW5jdGlvbiBiaW5sMnN0cihjKXt2YXIgZD0iIjt2YXIgYT0oMTw8Y2hyc3opLTE7Zm9yKHZhciBiPTA7YjxjLmxlbmd0aCozMjtiKz1jaHJzeil7ZCs9U3RyaW5nLmZyb21DaGFyQ29kZSgoY1tiPj41XT4+PihiJTMyKSkmYSl9cmV0dXJuIGR9ZnVuY3Rpb24gYmlubDJoZXgoYyl7dmFyIGI9aGV4Y2FzZT8iMDEyMzQ1Njc4OUFCQ0RFRiI6IjAxMjM0NTY3ODlhYmNkZWYiO3ZhciBkPSIiO2Zvcih2YXIgYT0wO2E8Yy5sZW5ndGgqNDthKyspe2QrPWIuY2hhckF0KChjW2E+PjJdPj4oKGElNCkqOCs0KSkmMTUpK2IuY2hhckF0KChjW2E+PjJdPj4oKGElNCkqOCkpJjE1KX1yZXR1cm4gZH1mdW5jdGlvbiBiaW5sMmI2NChkKXt2YXIgYz0iQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkrLyI7dmFyIGY9IiI7Zm9yKHZhciBiPTA7YjxkLmxlbmd0aCo0O2IrPTMpe3ZhciBlPSgoKGRbYj4+Ml0+PjgqKGIlNCkpJjI1NSk8PDE2KXwoKChkW2IrMT4+Ml0+PjgqKChiKzEpJTQpKSYyNTUpPDw4KXwoKGRbYisyPj4yXT4+OCooKGIrMiklNCkpJjI1NSk7Zm9yKHZhciBhPTA7YTw0O2ErKyl7aWYoYio4K2EqNj5kLmxlbmd0aCozMil7Zis9YjY0cGFkfWVsc2V7Zis9Yy5jaGFyQXQoKGU+PjYqKDMtYSkpJjYzKX19fXJldHVybiBmfTt3aW5kb3cuZiA9IGhleF9tZDUobXdxcXBweik="
直接将window['b']赋值放本地的HTML页面中:
再刷新本地的HTML页面,发现可以正常执行获取console.log(m),
此时运行没有报错了,说明加密逻辑需要的代码已经足够了,回到最初的m生成的代码这里。
m = oo0O0(timestamp.toString()) + window.f;
说明window.f的值在atob(window['b'])解码里面,所以这里还是要去关注atob(window['b'])具体的值,base64解码之后:
var hexcase = 0;
var b64pad = "";
var chrsz = 16;
function hex_md5(a) {
return binl2hex(core_md5(str2binl(a), a.length * chrsz))
}
function b64_md5(a) {
return binl2b64(core_md5(str2binl(a), a.length * chrsz))
}
function str_md5(a) {
return binl2str(core_md5(str2binl(a), a.length * chrsz))
}
function hex_hmac_md5(a, b) {
return binl2hex(core_hmac_md5(a, b))
}
function b64_hmac_md5(a, b) {
return binl2b64(core_hmac_md5(a, b))
}
function str_hmac_md5(a, b) {
return binl2str(core_hmac_md5(a, b))
}
function md5_vm_test() {
return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72"
}
function core_md5(p, k) {
p[k >> 5] |= 128 << ((k) % 32);
p[(((k + 64) >>> 9) << 4) + 14] = k;
var o = 1732584193;
var n = -271733879;
var m = -1732584194;
var l = 271733878;
for (var g = 0; g < p.length; g += 16) {
var j = o;
var h = n;
var f = m;
var e = l;
o = md5_ff(o, n, m, l, p[g + 0], 7, -680976936);
l = md5_ff(l, o, n, m, p[g + 1], 12, -389564586);
m = md5_ff(m, l, o, n, p[g + 2], 17, 606105819);
n = md5_ff(n, m, l, o, p[g + 3], 22, -1044525330);
o = md5_ff(o, n, m, l, p[g + 4], 7, -176418897);
l = md5_ff(l, o, n, m, p[g + 5], 12, 1200080426);
m = md5_ff(m, l, o, n, p[g + 6], 17, -1473231341);
n = md5_ff(n, m, l, o, p[g + 7], 22, -45705983);
o = md5_ff(o, n, m, l, p[g + 8], 7, 1770035416);
l = md5_ff(l, o, n, m, p[g + 9], 12, -1958414417);
m = md5_ff(m, l, o, n, p[g + 10], 17, -42063);
n = md5_ff(n, m, l, o, p[g + 11], 22, -1990404162);
o = md5_ff(o, n, m, l, p[g + 12], 7, 1804660682);
l = md5_ff(l, o, n, m, p[g + 13], 12, -40341101);
m = md5_ff(m, l, o, n, p[g + 14], 17, -1502002290);
n = md5_ff(n, m, l, o, p[g + 15], 22, 1236535329);
o = md5_gg(o, n, m, l, p[g + 1], 5, -165796510);
l = md5_gg(l, o, n, m, p[g + 6], 9, -1069501632);
m = md5_gg(m, l, o, n, p[g + 11], 14, 643717713);
n = md5_gg(n, m, l, o, p[g + 0], 20, -373897302);
o = md5_gg(o, n, m, l, p[g + 5], 5, -701558691);
l = md5_gg(l, o, n, m, p[g + 10], 9, 38016083);
m = md5_gg(m, l, o, n, p[g + 15], 14, -660478335);
n = md5_gg(n, m, l, o, p[g + 4], 20, -405537848);
o = md5_gg(o, n, m, l, p[g + 9], 5, 568446438);
l = md5_gg(l, o, n, m, p[g + 14], 9, -1019803690);
m = md5_gg(m, l, o, n, p[g + 3], 14, -187363961);
n = md5_gg(n, m, l, o, p[g + 8], 20, 1163531501);
o = md5_gg(o, n, m, l, p[g + 13], 5, -1444681467);
l = md5_gg(l, o, n, m, p[g + 2], 9, -51403784);
m = md5_gg(m, l, o, n, p[g + 7], 14, 1735328473);
n = md5_gg(n, m, l, o, p[g + 12], 20, -1921207734);
o = md5_hh(o, n, m, l, p[g + 5], 4, -378558);
l = md5_hh(l, o, n, m, p[g + 8], 11, -2022574463);
m = md5_hh(m, l, o, n, p[g + 11], 16, 1839030562);
n = md5_hh(n, m, l, o, p[g + 14], 23, -35309556);
o = md5_hh(o, n, m, l, p[g + 1], 4, -1530992060);
l = md5_hh(l, o, n, m, p[g + 4], 11, 1272893353);
m = md5_hh(m, l, o, n, p[g + 7], 16, -155497632);
n = md5_hh(n, m, l, o, p[g + 10], 23, -1094730640);
o = md5_hh(o, n, m, l, p[g + 13], 4, 681279174);
l = md5_hh(l, o, n, m, p[g + 0], 11, -358537222);
m = md5_hh(m, l, o, n, p[g + 3], 16, -722881979);
n = md5_hh(n, m, l, o, p[g + 6], 23, 76029189);
o = md5_hh(o, n, m, l, p[g + 9], 4, -640364487);
l = md5_hh(l, o, n, m, p[g + 12], 11, -421815835);
m = md5_hh(m, l, o, n, p[g + 15], 16, 530742520);
n = md5_hh(n, m, l, o, p[g + 2], 23, -995338651);
o = md5_ii(o, n, m, l, p[g + 0], 6, -198630844);
l = md5_ii(l, o, n, m, p[g + 7], 10, 11261161415);
m = md5_ii(m, l, o, n, p[g + 14], 15, -1416354905);
n = md5_ii(n, m, l, o, p[g + 5], 21, -57434055);
o = md5_ii(o, n, m, l, p[g + 12], 6, 1700485571);
l = md5_ii(l, o, n, m, p[g + 3], 10, -1894446606);
m = md5_ii(m, l, o, n, p[g + 10], 15, -1051523);
n = md5_ii(n, m, l, o, p[g + 1], 21, -2054922799);
o = md5_ii(o, n, m, l, p[g + 8], 6, 1873313359);
l = md5_ii(l, o, n, m, p[g + 15], 10, -30611744);
m = md5_ii(m, l, o, n, p[g + 6], 15, -1560198380);
n = md5_ii(n, m, l, o, p[g + 13], 21, 1309151649);
o = md5_ii(o, n, m, l, p[g + 4], 6, -145523070);
l = md5_ii(l, o, n, m, p[g + 11], 10, -1120210379);
m = md5_ii(m, l, o, n, p[g + 2], 15, 718787259);
n = md5_ii(n, m, l, o, p[g + 9], 21, -343485551);
o = safe_add(o, j);
n = safe_add(n, h);
m = safe_add(m, f);
l = safe_add(l, e)
}
return Array(o, n, m, l)
}
function md5_cmn(h, e, d, c, g, f) {
return safe_add(bit_rol(safe_add(safe_add(e, h), safe_add(c, f)), g), d)
}
function md5_ff(g, f, k, j, e, i, h) {
return md5_cmn((f & k) | ((~f) & j), g, f, e, i, h)
}
function md5_gg(g, f, k, j, e, i, h) {
return md5_cmn((f & j) | (k & (~j)), g, f, e, i, h)
}
function md5_hh(g, f, k, j, e, i, h) {
return md5_cmn(f ^ k ^ j, g, f, e, i, h)
}
function md5_ii(g, f, k, j, e, i, h) {
return md5_cmn(k ^ (f | (~j)), g, f, e, i, h)
}
function core_hmac_md5(c, f) {
var e = str2binl(c);
if (e.length > 16) {
e = core_md5(e, c.length * chrsz)
}
var a = Array(16), d = Array(16);
for (var b = 0; b < 16; b++) {
a[b] = e[b] ^ 909522486;
d[b] = e[b] ^ 1549556828
}
var g = core_md5(a.concat(str2binl(f)), 512 + f.length * chrsz);
return core_md5(d.concat(g), 512 + 128)
}
function safe_add(a, d) {
var c = (a & 65535) + (d & 65535);
var b = (a >> 16) + (d >> 16) + (c >> 16);
return (b << 16) | (c & 65535)
}
function bit_rol(a, b) {
return (a << b) | (a >>> (32 - b))
}
function str2binl(d) {
var c = Array();
var a = (1 << chrsz) - 1;
for (var b = 0; b < d.length * chrsz; b += chrsz) {
c[b >> 5] |= (d.charCodeAt(b / chrsz) & a) << (b % 32)
}
return c
}
function binl2str(c) {
var d = "";
var a = (1 << chrsz) - 1;
for (var b = 0; b < c.length * 32; b += chrsz) {
d += String.fromCharCode((c[b >> 5] >>> (b % 32)) & a)
}
return d
}
function binl2hex(c) {
var b = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var d = "";
for (var a = 0; a < c.length * 4; a++) {
d += b.charAt((c[a >> 2] >> ((a % 4) * 8 + 4)) & 15) + b.charAt((c[a >> 2] >> ((a % 4) * 8)) & 15)
}
return d
}
function binl2b64(d) {
var c = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
var f = "";
for (var b = 0; b < d.length * 4; b += 3) {
var e = (((d[b >> 2] >> 8 * (b % 4)) & 255) << 16) | (((d[b + 1 >> 2] >> 8 * ((b + 1) % 4)) & 255) << 8) | ((d[b + 2 >> 2] >> 8 * ((b + 2) % 4)) & 255);
for (var a = 0; a < 4; a++) {
if (b * 8 + a * 6 > d.length * 32) {
f += b64pad
} else {
f += c.charAt((e >> 6 * (3 - a)) & 63)
}
}
}
return f
};
window.f = hex_md5(mwqqppz)
在代码最后可以看到window.f = hex_md5(mwqqppz),熟悉的MD5加密。
还不清楚mwqqppz是什么,接着分析,eval(atob(window['b'])[J('0x0', ']dQW')](J('0x1', 'GTu!'), '\x27' + mw + '\x27'));中剩下的逻辑,直接在console中声明J函数,或者在代码中加断点进入J函数中,在console可以输入对应的值:
还原eval(atob(window['b'])[J('0x0', ']dQW')](J('0x1', 'GTu!'), '\x27' + mw + '\x27'));的逻辑为:
eval(window['b'].replace('mwqqppz','mw')
而且上面的分析中,mwqqppz是window.f = hex_md5(mwqqppz)的参数,作用就是将window.f = hex_md5(mwqqppz)参数换成oo0O0函数的参数。
而且oo0O0函数的最后可以看到return ''返回是空值,那实际
m = window.f;
var m=oo0O0(timestamp.toString())+window.f;
oo0O0函数最后返回的是空值,但是在调用的时候讲window.f = hex_md5(mwqqppz)参数给替换成了oo0O0参数,实际调用时候oo0O0函数的传参为timestamp.toString(),也就是时间戳字符串。
那么实际
var m = hex_md5(timestamp.toString())
而在oo0O0函数中可以看到,Date.parse()函数用于分析一个包含日期的字符串,timestamp是时间戳数字。
var timestamp = Date.parse(new Date());
//这里获取时间戳方法是将毫秒改成000显示
那最后m参数的值为
m = hex_md5(timestamp.toString()) + '丨'+ timestamp/1000
然后利用Python编写脚本爬取数据进行答题,进过测试base64解码出来的MD5加密算法不是标准的MD5,经过修改的,所以不能用Python自带的标准MD5加密算法编写,为了省时间直接Python的execjs调用解码之后的js MD5代码。
import requests
import execjs
jscode = """var timestamp = (Date.parse(new Date())).toString(); var hexcase=0;var b64pad="";var chrsz=16;function hex_md5(a){return binl2hex(core_md5(str2binl(a),a.length*chrsz))}function b64_md5(a){return binl2b64(core_md5(str2binl(a),a.length*chrsz))}function str_md5(a){return binl2str(core_md5(str2binl(a),a.length*chrsz))}function hex_hmac_md5(a,b){return binl2hex(core_hmac_md5(a,b))}function b64_hmac_md5(a,b){return binl2b64(core_hmac_md5(a,b))}function str_hmac_md5(a,b){return binl2str(core_hmac_md5(a,b))}function md5_vm_test(){return hex_md5("abc")=="900150983cd24fb0d6963f7d28e17f72"}function core_md5(p,k){p[k>>5]|=128<<((k)%32);p[(((k+64)>>>9)<<4)+14]=k;var o=1732584193;var n=-271733879;var m=-1732584194;var l=271733878;for(var g=0;g<p.length;g+=16){var j=o;var h=n;var f=m;var e=l;o=md5_ff(o,n,m,l,p[g+0],7,-680976936);l=md5_ff(l,o,n,m,p[g+1],12,-389564586);m=md5_ff(m,l,o,n,p[g+2],17,606105819);n=md5_ff(n,m,l,o,p[g+3],22,-1044525330);o=md5_ff(o,n,m,l,p[g+4],7,-176418897);l=md5_ff(l,o,n,m,p[g+5],12,1200080426);m=md5_ff(m,l,o,n,p[g+6],17,-1473231341);n=md5_ff(n,m,l,o,p[g+7],22,-45705983);o=md5_ff(o,n,m,l,p[g+8],7,1770035416);l=md5_ff(l,o,n,m,p[g+9],12,-1958414417);m=md5_ff(m,l,o,n,p[g+10],17,-42063);n=md5_ff(n,m,l,o,p[g+11],22,-1990404162);o=md5_ff(o,n,m,l,p[g+12],7,1804660682);l=md5_ff(l,o,n,m,p[g+13],12,-40341101);m=md5_ff(m,l,o,n,p[g+14],17,-1502002290);n=md5_ff(n,m,l,o,p[g+15],22,1236535329);o=md5_gg(o,n,m,l,p[g+1],5,-165796510);l=md5_gg(l,o,n,m,p[g+6],9,-1069501632);m=md5_gg(m,l,o,n,p[g+11],14,643717713);n=md5_gg(n,m,l,o,p[g+0],20,-373897302);o=md5_gg(o,n,m,l,p[g+5],5,-701558691);l=md5_gg(l,o,n,m,p[g+10],9,38016083);m=md5_gg(m,l,o,n,p[g+15],14,-660478335);n=md5_gg(n,m,l,o,p[g+4],20,-405537848);o=md5_gg(o,n,m,l,p[g+9],5,568446438);l=md5_gg(l,o,n,m,p[g+14],9,-1019803690);m=md5_gg(m,l,o,n,p[g+3],14,-187363961);n=md5_gg(n,m,l,o,p[g+8],20,1163531501);o=md5_gg(o,n,m,l,p[g+13],5,-1444681467);l=md5_gg(l,o,n,m,p[g+2],9,-51403784);m=md5_gg(m,l,o,n,p[g+7],14,1735328473);n=md5_gg(n,m,l,o,p[g+12],20,-1921207734);o=md5_hh(o,n,m,l,p[g+5],4,-378558);l=md5_hh(l,o,n,m,p[g+8],11,-2022574463);m=md5_hh(m,l,o,n,p[g+11],16,1839030562);n=md5_hh(n,m,l,o,p[g+14],23,-35309556);o=md5_hh(o,n,m,l,p[g+1],4,-1530992060);l=md5_hh(l,o,n,m,p[g+4],11,1272893353);m=md5_hh(m,l,o,n,p[g+7],16,-155497632);n=md5_hh(n,m,l,o,p[g+10],23,-1094730640);o=md5_hh(o,n,m,l,p[g+13],4,681279174);l=md5_hh(l,o,n,m,p[g+0],11,-358537222);m=md5_hh(m,l,o,n,p[g+3],16,-722881979);n=md5_hh(n,m,l,o,p[g+6],23,76029189);o=md5_hh(o,n,m,l,p[g+9],4,-640364487);l=md5_hh(l,o,n,m,p[g+12],11,-421815835);m=md5_hh(m,l,o,n,p[g+15],16,530742520);n=md5_hh(n,m,l,o,p[g+2],23,-995338651);o=md5_ii(o,n,m,l,p[g+0],6,-198630844);l=md5_ii(l,o,n,m,p[g+7],10,11261161415);m=md5_ii(m,l,o,n,p[g+14],15,-1416354905);n=md5_ii(n,m,l,o,p[g+5],21,-57434055);o=md5_ii(o,n,m,l,p[g+12],6,1700485571);l=md5_ii(l,o,n,m,p[g+3],10,-1894446606);m=md5_ii(m,l,o,n,p[g+10],15,-1051523);n=md5_ii(n,m,l,o,p[g+1],21,-2054922799);o=md5_ii(o,n,m,l,p[g+8],6,1873313359);l=md5_ii(l,o,n,m,p[g+15],10,-30611744);m=md5_ii(m,l,o,n,p[g+6],15,-1560198380);n=md5_ii(n,m,l,o,p[g+13],21,1309151649);o=md5_ii(o,n,m,l,p[g+4],6,-145523070);l=md5_ii(l,o,n,m,p[g+11],10,-1120210379);m=md5_ii(m,l,o,n,p[g+2],15,718787259);n=md5_ii(n,m,l,o,p[g+9],21,-343485551);o=safe_add(o,j);n=safe_add(n,h);m=safe_add(m,f);l=safe_add(l,e)}return Array(o,n,m,l)}function md5_cmn(h,e,d,c,g,f){return safe_add(bit_rol(safe_add(safe_add(e,h),safe_add(c,f)),g),d)}function md5_ff(g,f,k,j,e,i,h){return md5_cmn((f&k)|((~f)&j),g,f,e,i,h)}function md5_gg(g,f,k,j,e,i,h){return md5_cmn((f&j)|(k&(~j)),g,f,e,i,h)}function md5_hh(g,f,k,j,e,i,h){return md5_cmn(f^k^j,g,f,e,i,h)}function md5_ii(g,f,k,j,e,i,h){return md5_cmn(k^(f|(~j)),g,f,e,i,h)}function core_hmac_md5(c,f){var e=str2binl(c);if(e.length>16){e=core_md5(e,c.length*chrsz)}var a=Array(16),d=Array(16);for(var b=0;b<16;b++){a[b]=e[b]^909522486;d[b]=e[b]^1549556828}var g=core_md5(a.concat(str2binl(f)),512+f.length*chrsz);return core_md5(d.concat(g),512+128)}function safe_add(a,d){var c=(a&65535)+(d&65535);var b=(a>>16)+(d>>16)+(c>>16);return(b<<16)|(c&65535)}function bit_rol(a,b){return(a<<b)|(a>>>(32-b))}function str2binl(d){var c=Array();var a=(1<<chrsz)-1;for(var b=0;b<d.length*chrsz;b+=chrsz){c[b>>5]|=(d.charCodeAt(b/chrsz)&a)<<(b%32)}return c}function binl2str(c){var d="";var a=(1<<chrsz)-1;for(var b=0;b<c.length*32;b+=chrsz){d+=String.fromCharCode((c[b>>5]>>>(b%32))&a)}return d}function binl2hex(c){var b=hexcase?"0123456789ABCDEF":"0123456789abcdef";var d="";for(var a=0;a<c.length*4;a++){d+=b.charAt((c[a>>2]>>((a%4)*8+4))&15)+b.charAt((c[a>>2]>>((a%4)*8))&15)}return d}function binl2b64(d){var c="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var f="";for(var b=0;b<d.length*4;b+=3){var e=(((d[b>>2]>>8*(b%4))&255)<<16)|(((d[b+1>>2]>>8*((b+1)%4))&255)<<8)|((d[b+2>>2]>>8*((b+2)%4))&255);for(var a=0;a<4;a++){if(b*8+a*6>d.length*32){f+=b64pad}else{f+=c.charAt((e>>6*(3-a))&63)}}}return f};mm=hex_md5(timestamp)"""
ctx= execjs.compile(jscode)
sum = 0
count = 0
for i in range(1,6):
timestamp = int(ctx.eval('timestamp'))
m = ctx.eval("mm") + '丨' + str(timestamp // 1000)
args = {
'page':i,
'm': m
}
datas = requests.get('http://match.yuanrenxue.com/api/match/1?', params=args, headers = {'User-Agent':'yuanrenxue.project'}).json()
for value in datas['data']:
print(value)
sum = sum + value['value']
count = count + 1
result = sum /count
print('result',result)
运行结果:
{'value': 8179}
{'value': 6177}
{'value': 4174}
{'value': 5945}
{'value': 9556}
{'value': 2318}
{'value': 4}
{'value': 2653}
{'value': 4855}
{'value': 1370}
{'value': 2366}
{'value': 2108}
{'value': 6159}
{'value': 5685}
{'value': 2010}
{'value': 7109}
{'value': 1002}
{'value': 9300}
{'value': 8995}
{'value': 5732}
{'value': 5535}
{'value': 7126}
{'value': 7472}
{'value': 4129}
{'value': 2724}
{'value': 3475}
{'value': 3605}
{'value': 7729}
{'value': 1860}
{'value': 833}
{'value': 3937}
{'value': 6420}
{'value': 115}
{'value': 4333}
{'value': 6674}
{'value': 383}
{'value': 5922}
{'value': 7344}
{'value': 7012}
{'value': 8009}
{'value': 9297}
{'value': 8727}
{'value': 4130}
{'value': 1910}
{'value': 5976}
{'value': 2973}
{'value': 1756}
{'value': 6725}
{'value': 1716}
{'value': 1456}
result 4700.0
本文为 独立观点,未经允许不得转载,授权请联系FreeBuf客服小蜜蜂,微信:freebee2022
被以下专辑收录,发现更多精彩内容
+ 收入我的专辑
+ 加入我的收藏
相关推荐
- 0 文章数
- 0 关注者