某道翻译接口js分析

于 2025-03-16 16:46:28 发布
阅读量235 收藏 4
点赞数 9
分类专栏: # js逆向 文章标签: 爬虫 javascript
.
本文链接:https://blog.youkuaiyun.com/weixin_42065546/article/details/146296984
版权

请求

每次翻译的请求如下,3个xhr为一组

/webtranslate/key 的请求与响应

/webtranslate 的请求与响应

分析可知,主要的变化参数为 sing 和 时间戳mysticTime

追踪栈

请求发送处

向上查找,发现sign在params参数中,向下追踪调用栈

在栈中找到sign

其中除时间戳外都为固定值

import requests
import json
import hashlib
import time

url = 'https://dict.youdao.com/webtranslate'

headers = {
  "Accept": "application/json, text/plain, */*",
  "Cookie": "OUTFOX_SEARCH_USER_ID=-1244275512@112.27.238.166; OUTFOX_SEARCH_USER_ID_NCOO=533116839.258679; _uetsid=ca6356d0022b11f0b285cb34278d0caf; _uetvid=ca636fe0022b11f0af6c2d8802422be0",
  "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36",
}

mysticTime = int(time.time_ns() / 1000000)
key = "asdjnjfenknafdfsdfsd"

s = f"client=fanyideskweb&mysticTime={mysticTime}&product=webfanyi&key={key}"
md5 = hashlib.md5()
md5.update(s.encode("utf-8"))
sign = md5.hexdigest()

data={
  "i": "浏览器",
  "from": "auto",
  "to": "",
  "useTerm": "false",
  "dictResult": "true",
  "keyid": "webfanyi",
  "sign": sign,
  "client": "fanyideskweb",
  "product": "webfanyi",
  "appVersion": "1.0.0",
  "vendor": "web",
  "pointParam": "client,mysticTime,product",
  "mysticTime": mysticTime,
  "keyfrom": "fanyi.web",
  "mid": "1",
  "screen": "1",
  "model": "1",
  "network": "wifi",
  "abtest": "0",
  "yduuid": "abcdefg"
}

response = requests.post(url, headers=headers, data=data)

print(response.text)

响应

请求发送后继续追踪栈,发现

import hashlib
import Crypto.Cipher.AES as AES
from  Crypto.Util.Padding import pad,unpad
import base64

def md5(s):
    md5 = hashlib.md5()
    md5.update(s.encode("utf-8"))
    return md5.digest()

aesIv = "ydsecret://query/iv/C@lZe2YzHtZ2CYgaXKSVfsb7Y4QWHjITPPZ0nQp87fBeJ!Iv6v^6fvi2WN@bYpJ4"
aesKey = "ydsecret://query/key/B*RGygVywfNBwpmBaZg*WT7SIOUP2T0C9WHMZN39j^DAdaZhAnxvGcCY6VYFwnHl"
iv = md5(aesIv)
key = md5(aesKey)

aes = AES.new(key, AES.MODE_CBC, iv)

cipher = "Z21kD9ZK1ke6ugku2ccWuwRmpItPkRr5XcmzOgAKD0GcaHTZL9kyNKkN2aYY6yiOBjQPlEvk51Iu49tHjz60TSxd_wDtGL3eYAC8wFHxx6KysNKyUCrg_9bTy9Hd3AWhRCJESWgfDNdGYfnLfe_mUWBdTPiV7NPMUKaSt2js3CqOs5Gug0acLDPnva5CXe4-hQ1yxH3FtwSiST72kvbSOiodyPIyWU2JWGVFqHn17-1 OhnBpzyY48q7-7 KaWgLea5EewVdDL4-b-cL5BR_VN1jIgEdCaCGAXMbQ1bd_gz-8 ZMhXPxryThAR4pUmInBozytPw9VqwdsQHAg_fBdBK_TID29XFDCcJ_AMmKaKwidKA8v31TpLG8tG_Gbu9Ponm-_oRk9iCxtUiiygUbHKSbakoaW1L9ecxEmaK-Dnu_7m9f9wy5-L4vqaYvyh2xAR0YIzNOSq0XyoCUCO5R9_9S8JGijVLgzkH6rpjTXjO4bDsaIg6Ykv44Oyw_UcgUxAQABsmVaw_lG9u4WPsuO3J0wO33DwBnP0hkWdLrmH_spma_sArtQFCgdMjOgYstAQZ6_L9JaF2o6gq1vTlPw1CS9RquUiEuYm60a3-NnCACBk=".replace("-", "+").replace("_", "/")

s = base64.b64decode(cipher)
s = aes.decrypt(s)

print(s.decode())
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值