本文介绍了一种前端数据解密的方法,通过对加密后的密文进行解析,并利用特定函数实现数据展示。文章详细展示了如何在前端获取加密数据并进行解密的过程。
这个是咸鱼大佬找到的混淆,我拿到网站自己搞了一波,网页下方的中属性是数据加密的地方,这种加密一般都是在前端完成的,后端给出一个加密后的密文,前端拿到密文后进行解析,展示。
谷歌浏览器 f12 然后看下这个位置,发现是展示在id="equip_desc_panel"的地方,根据老方法搜关键词,直接搜id的内容
会看到这个id被调用渲染传参的js函数
然后根据这个函数的调用得到这串密文
@RsNbJGOykfqPCR84@eyJkIjogInFcdTAwMDFcdTdiMDdcdTdlYzVqdn1JS0ZcdTRlZTVcdTg4MWNjXHU2YzY2XHUwMDFiRnFcdTAwMDFcdTRmNmFcdTViZDFqbHxAXUZcdTU0MGNcdTRlN2RjeVx1MDAwZVxmYlA8XHU4MDcyXHU0ZTBmXHU1ZWUxb0tbUVFwXHU0ZmFkXHU3NDU0XHU1OTA5XHU4ZDExckJcdTZiNmZBOFx1OTU3Y1x1NzBmM1x1N2IzMFx1N2VjY0ZAYWNyXHU5NTRlXHU1ZDc4XHU1YmNmXHU3Nzgwblx1NTk0OFx1OTY3OVx1NzdiNFx1MzA0ZVlcdTdlYzlcdTczZmRcdTc0MjhzXHUwMDFhcUpcdTAwMTcxR1xuIFx1MDAwYlx1MDAwMXtcdTcyMDBcdTY1MjNcdWZmN2NSM3dcdTAwMTZ6dVx1MDAxNEdcdTY1YWVcdTdlYzVcdTUyNjFcdTk2MTdcdTUyNzlaMkVcdTAwMDNzXHUwMDA0XHU1ZjUyXHU4ZmU4XHU1YjYwXHU2NTIyXHVmZjY5elx1NWIzNmVzXHU1YjFiWUNcdTUzYWFFXHU1YjA0anFcdTAwN2ZcdTAwMTcgXHU3YjU1XHU3N2JkWGpcdTRmMTRcdThkNjdZQFdRXHU0Zjc0XHU1YmYwclx1MDAxM1x1MDAwNXxGbVxmaVx1MDAwMGxcdTAwMGJcdTdiNGRcdTc3OTVLcFx1NTJkOFx1OTE5ZFx1MDAxOFx1MDAxZmNTXHU2YzVhXHU4ODIyamx+SUhcYlJcdTAwMTdgIFx1N2IxZVx1NzdjN2hTXHU1MmQ1XHU5MWFkamx+WVx1NmM3Zlx1ODgyNlF7cmJcdTAwMWJacTRtXHUwMDEwXHU3YjZjXHU3N2I0dVlcdTZjN2ZcdTg4MjZRe3JnXHUwMDE4XHU5MDJiXHU1ZWY0U2VTZHJsXHUwMDE3SCFSXCJcdTY2NWNcdTRmMWZcdWZmMjJcdTkwMmJcdTVlZjRTZVBpKWw+SFx1MDAxNFx1NjY2ZVx1NzZhOFx1NGVkMVx1NTQ1YVx1ZmYyMlx1NGY2N1x1OGQ3YVNlUGk1bFx1MDAxYS4jSWJcdTAwMDZcdTAwMTdcdTdiMWVcdTc3YzdcdTdlOTZcdTU0N2J0Qlx1NTljOFx1NjE0OFx1OTE5ZVx1N2JmNFx1N2I0ZFx1Nzc5NVJcIlx1OTVhYlx1NmQ2Y1x1Njc1OVx1NGVjMlx1ZmY0OFx1ODJjMlx1NjdkMlx1NWMxM2pkPVx1OTA5MVx1NGYyNlx1NjcwN1x1NGU4N1x1ZmY0YVx1NmIyNVx1NTYzYVx1MDAxOFx1MDAxNyBcdTU4ZWRcdTUyZWVcdTk1OGFcdTZkNzRcdTYyYzdcdTgwYjJcdTU5ZmJcdTYxNjRcdTkxYjdcdTdiZmNcdTdiMTlcdTdlZTRmXHU3ZTlmXHUwMDE3XHUwMDBiUDxBXHUwMDFkXHU1MjcxXHU5MDZmXHU4MDdjXHVmZjcxXHUzMDM2XHU2MzZiXHU2MDk1XHU4ZDVlXHU4YmE4XHUwMDg4XHUwMDE3XHUwMDBiU24ifQ==@
断点下在get_equip_desc("equip_desc_value")这个地方 ,会跟到加密的第一个函数get_equip_desc()
继续跟下去 ,会发现一堆变量名混淆的代码
这边代码可以直接去调用的 我把主要的函数发出来 ,缺失的地方不提供了
function g(_0x1c0cdf) {
if (_0x1c0cdf = _0x1c0cdf['\x72\x65\x70\x6c\x61\x63\x65'](/^\s+|\s+$/g, ''),
!/^@[\s\S]*@$/[_0x3a8e('0x0')](_0x1c0cdf))
return _0x1c0cdf;
var _0x36ab38 = (/\b_k=([^;]*)/['\x65\x78\x65\x63'](document['\x63\x6f\x6f\x6b\x69\x65']) || [])[0x1] || '';
if (_0x1c0cdf = _0x1c0cdf['\x72\x65\x70\x6c\x61\x63\x65'](/^@|@$/g, ''),
/^[^@]+@[\s\S]+/['\x74\x65\x73\x74'](_0x1c0cdf)) {
var _0x33c80e = _0x1c0cdf['\x69\x6e\x64\x65\x78\x4f\x66']('\x40');
_0x36ab38 = _0x1c0cdf[_0x3a8e('0x1')](0x0, _0x33c80e),
_0x1c0cdf = _0x1c0cdf['\x73\x75\x62\x73\x74\x72\x69\x6e\x67'](_0x33c80e + 0x1);
}
var _0x1b3f48 = function s(_0x1c0cdf) {
try {
return _0xcbc80b['\x65\x76\x61\x6c']('\x28' + _0x1c0cdf + '\x29');
} catch (_0x40b9c3) {
return null;
}
}(_0x1c0cdf = _0xcbc80b[_0x3a8e('0x2')](_0x1c0cdf));
_0x1b3f48 && '\x6f\x62\x6a\x65\x63\x74' == typeof _0x1b3f48 && _0x1b3f48['\x64'] && (_0x1b3f48 = _0x1b3f48['\x64']);
for (var _0x20b9fa = [], _0x10503c = 0x0, _0x1a524d = 0x0; _0x1a524d < _0x1b3f48['\x6c\x65\x6e\x67\x74\x68']; _0x1a524d++) {
var _0x3641ed = _0x1b3f48['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x1a524d)
, _0x341952 = _0x36ab38[_0x3a8e('0x3')](_0x10503c % _0x36ab38['\x6c\x65\x6e\x67\x74\x68']);
_0x10503c += 0x1,
_0x3641ed = 0x1 * _0x3641ed ^ _0x341952,
_0x20b9fa[_0x3a8e('0x4')](_0x3641ed['\x74\x6f\x53\x74\x72\x69\x6e\x67'](0x2));
}
return function d(_0x1c0cdf) {
for (var _0x36ab38 = [], _0x33c80e = 0x0; _0x33c80e < _0x1c0cdf['\x6c\x65\x6e\x67\x74\x68']; _0x33c80e++)
_0x36ab38['\x70\x75\x73\x68'](_0xcbc80b['\x53\x74\x72\x69\x6e\x67']['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](_0xcbc80b['\x70\x61\x72\x73\x65\x49\x6e\x74'](_0x1c0cdf[_0x33c80e], 0x2)));
return _0x36ab38['\x6a\x6f\x69\x6e']('');
}(_0x20b9fa);
}
蹭了大佬的文章 就公布下大佬的公众号
扫一扫
167
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
