一、题目

  • 链接: 《猿人学爬虫攻防大赛 | 第二题: js 混淆 - 动态Cookie》

二、分析

按照以往习惯,我们先按F12打开控制台,Network抓包,勾选preserve log保留日志,并且开启无痕模式,F5刷新进行抓包

2.1Cookie来源

由于题目标明考点是动态Cookie,我们直接从Cookie入手:

从上面可以得知,Cookie是通过脚本动态生成的!!!并且如果Cookie已经失效回重新生成Cookie再发送一次请求!!!

通过检查所抓到的包&前端源码,我们发现:并没有生成Cookie的脚本,那么我们猜测:Chrome抓包不全!!!问题引起的。

2.2Fiddler抓包

打开fiddler抓包,刷新网页,并且Ctrl + F 筛选:

我们注意到其中一个包(脚本):

我们发现此脚本很明显已经被混淆了!!!而且注意到:开头定义一个数组!!!那我们猜测是ob混淆!!!

我们通过官方提供的ob混淆专解测试版V0.1

成功解析,结果如下:

(function $_0x43bf9b(_0x39effa) {var _0x1ff1d0 = function () {var _0x222696 = true;return function (_0x5a162b, _0x5c911b) {var _0x454e26 = _0x222696 ? function () {if (_0x5c911b) {var _0x22957f = _0x5c911b["apply"](_0x5a162b, arguments);_0x5c911b = null;return _0x22957f;}} : function () {};_0x222696 = false;return _0x454e26;};}();function _0x3a6966(_0x153bf7, _0x3ed808) {var _0x171035 = (65535 & _0x153bf7) + (65535 & _0x3ed808);return (_0x153bf7 >> 16) + (_0x3ed808 >> 16) + (_0x171035 >> 16) << 16 | 65535 & _0x171035;}function _0x2ccb22(_0x4721f7, _0x1fe0d4) {return _0x4721f7 << _0x1fe0d4 | _0x4721f7 >>> 32 - _0x1fe0d4;}function _0x4922f3(_0x3c68ee, _0x1d96b8, _0x34676b, _0x4e8b4e, _0xf9927, _0x29a98e) {return _0x3a6966(_0x2ccb22(_0x3a6966(_0x3a6966(_0x1d96b8, _0x3c68ee), _0x3a6966(_0x4e8b4e, _0x29a98e)), _0xf9927), _0x34676b);}function _0x36f856(_0x35d589, _0x4a35ca, _0x478f13, _0x40ad6a, _0x591a2c, _0x2619b3, _0x230039) {return _0x4922f3(_0x4a35ca & _0x478f13 | ~_0x4a35ca & _0x40ad6a, _0x35d589, _0x4a35ca, _0x591a2c, _0x2619b3, _0x230039);}function _0x537006(_0xb91036, _0x3959da, _0x343395, _0x1eea05, _0x4aad88, _0x5601b1, _0x38c0c9) {return _0x4922f3(_0x3959da & _0x1eea05 | _0x343395 & ~_0x1eea05, _0xb91036, _0x3959da, _0x4aad88, _0x5601b1, _0x38c0c9);}function _0x90f9e7(_0x29643f, _0x4159e4) {let _0x37ce13 = [99, 111, 110, 115, 111, 108, 101];let _0x37f1cd = "";for (let _0x40b66c = 0; _0x40b66c < _0x37ce13["length"]; _0x40b66c++) {_0x37f1cd += String["fromCharCode"](_0x37ce13[_0x40b66c]);}return _0x37f1cd;}function _0x23176b(_0x2b221f, _0x162223, _0x2149df, _0xd8214f, _0x545c38, _0x3a4c63, _0x12af48) {return _0x4922f3(_0x162223 ^ _0x2149df ^ _0xd8214f, _0x2b221f, _0x162223, _0x545c38, _0x3a4c63, _0x12af48);}function _0x5aa0e7(_0x469eb8, _0x41594e, _0x4da9bc, _0xf5268e, _0x27f0a6, _0x28250c, _0x1c4f52) {return _0x4922f3(_0x4da9bc ^ (_0x41594e | ~_0xf5268e), _0x469eb8, _0x41594e, _0x27f0a6, _0x28250c, _0x1c4f52);}function _0x436eaa(_0x14b01f, _0x8250f7) {if (_0x8250f7) {return _0x5aa0e7(_0x14b01f);}return _0x90f9e7(_0x14b01f);}function _0x32a293(_0x381e5c, _0x3047df) {let _0x4ca409 = "";for (let _0x4921f9 = 0; _0x4921f9 < _0x381e5c["length"]; _0x4921f9++) {_0x4ca409 += String["fromCharCode"](_0x381e5c[_0x4921f9]);}return _0x4ca409;}function _0x5e9c75(_0x23ce12, _0x30ff89) {var _0x35f2e8 = _0x1ff1d0(this, function () {var _0x271741 = function () {var _0x490675 = _0x271741["constructor"]("return /\" + this + \"/")()["compile"]("^([^ ]+( +[^ ]+)+)+[^ ]}");return !_0x490675["test"](_0x35f2e8);};return _0x271741();});_0x35f2e8();_0x436eaa();qz = [10, 99, 111, 110, 115, 111, 108, 101, 32, 61, 32, 110, 101, 119, 32, 79, 98, 106, 101, 99, 116, 40, 41, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 32, 61, 32, 102, 117, 110, 99, 116, 105, 111, 110, 32, 40, 115, 41, 32, 123, 10, 32, 32, 32, 32, 119, 104, 105, 108, 101, 32, 40, 49, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 102, 111, 114, 40, 105, 61, 48, 59, 105, 60, 49, 49, 48, 48, 48, 48, 48, 59, 105, 43, 43, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 104, 105, 115, 116, 111, 114, 121, 46, 112, 117, 115, 104, 83, 116, 97, 116, 101, 40, 48, 44, 48, 44, 105, 41, 10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 10, 32, 32, 32, 32, 125, 10, 10, 125, 10, 99, 111, 110, 115, 111, 108, 101, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 91, 111, 98, 106, 101, 99, 116, 32, 79, 98, 106, 101, 99, 116, 93, 39, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 402, 32, 116, 111, 83, 116, 114, 105, 110, 103, 40, 41, 32, 123, 32, 91, 110, 97, 116, 105, 118, 101, 32, 99, 111, 100, 101, 93, 32, 125, 39, 10];eval(_0x32a293(qz));try {if (global) {console["log"]("\u4EBA\u751F\u82E6\u77ED\uFF0C\u4F55\u5FC5python\uFF1F");} else {while (1) {console["log"]("\u4EBA\u751F\u82E6\u77ED\uFF0C\u4F55\u5FC5python\uFF1F");debugger;}}} catch (_0x36abda) {return navigator["vendorSub"];}}setInterval(_0x5e9c75(), 500);function _0xf4d1cc(_0x863853, _0x26a343) {_0x863853[_0x26a343 >> 5] |= 128 << _0x26a343 % 32, _0x863853[14 + (_0x26a343 + 64 >>> 9 << 4)] = _0x26a343;if (qz) {var _0x2681a6,_0x23b4de,_0x1924b5,_0x1e4452,_0x2121ad,_0x1b45ca = 1732584193,_0x55cac5 = -271733879,_0x5c4f79 = -1732584194,_0x47c685 = 271733878;} else {var _0x2681a6,_0x23b4de,_0x1924b5,_0x1e4452,_0x2121ad,_0x1b45ca = 0,_0x55cac5 = -0,_0x5c4f79 = -0,_0x47c685 = 0;}for (_0x2681a6 = 0; _0x2681a6 < _0x863853["length"]; _0x2681a6 += 16) _0x23b4de = _0x1b45ca, _0x1924b5 = _0x55cac5, _0x1e4452 = _0x5c4f79, _0x2121ad = _0x47c685, _0x1b45ca = _0x36f856(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6], 7, -680876936), _0x47c685 = _0x36f856(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 1], 12, -389564586), _0x5c4f79 = _0x36f856(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 2], 17, 606105819), _0x55cac5 = _0x36f856(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 3], 22, -1044525330), _0x1b45ca = _0x36f856(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 4], 7, -176418897), _0x47c685 = _0x36f856(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 5], 12, 1200080426), _0x5c4f79 = _0x36f856(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 6], 17, -1473231341), _0x55cac5 = _0x36f856(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 7], 22, -45705983), _0x1b45ca = _0x36f856(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 8], 7, 1770035416), _0x47c685 = _0x36f856(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 9], 12, -1958414417), _0x5c4f79 = _0x36f856(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 10], 17, -42063), _0x55cac5 = _0x36f856(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 11], 22, -1990404162), _0x1b45ca = _0x36f856(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 12], 7, 1804603682), _0x47c685 = _0x36f856(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 13], 12, -40341101), _0x5c4f79 = _0x36f856(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 14], 17, -1502882290), _0x55cac5 = _0x36f856(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 15], 22, 1236535329), _0x1b45ca = _0x537006(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 1], 5, -165796510), _0x47c685 = _0x537006(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 6], 9, -1069501632), _0x5c4f79 = _0x537006(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 11], 14, 643717713), _0x55cac5 = _0x537006(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6], 20, -373897302), _0x1b45ca = _0x537006(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 5], 5, -701558691), _0x47c685 = _0x537006(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 10], 9, 38016083), _0x5c4f79 = _0x537006(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 15], 14, -660478335), _0x55cac5 = _0x537006(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 4], 20, -405537848), _0x1b45ca = _0x537006(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 9], 5, 568446438), _0x47c685 = _0x537006(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 14], 9, -1019803690), _0x5c4f79 = _0x537006(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 3], 14, -187363961), _0x55cac5 = _0x537006(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 8], 20, 1163531501), _0x1b45ca = _0x537006(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 13], 5, -1444681467), _0x47c685 = _0x537006(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 2], 9, -51403784), _0x5c4f79 = _0x537006(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 7], 14, 1735328473), _0x55cac5 = _0x537006(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 12], 20, -1926607734), _0x1b45ca = _0x23176b(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 5], 4, -378558), _0x47c685 = _0x23176b(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 8], 11, -2022574463), _0x5c4f79 = _0x23176b(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 11], 16, 1839030562), _0x55cac5 = _0x23176b(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 14], 23, -35309556), _0x1b45ca = _0x23176b(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 1], 4, -1530992060), _0x47c685 = _0x23176b(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 4], 11, 1272893353), _0x5c4f79 = _0x23176b(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 7], 16, -155497632), _0x55cac5 = _0x23176b(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 10], 23, -1094730640), _0x1b45ca = _0x23176b(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 13], 4, 681279174), _0x47c685 = _0x23176b(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6], 11, -358537222), _0x5c4f79 = _0x23176b(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 3], 16, -722521979), _0x55cac5 = _0x23176b(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 6], 23, 76029189), _0x1b45ca = _0x23176b(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 9], 4, -640364487), _0x47c685 = _0x23176b(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 12], 11, -421815835), _0x5c4f79 = _0x23176b(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 15], 16, 530742520), _0x55cac5 = _0x23176b(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 2], 23, -995338651), _0x1b45ca = _0x5aa0e7(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6], 6, -198630844), _0x47c685 = _0x5aa0e7(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 7], 10, 1126891415), _0x5c4f79 = _0x5aa0e7(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 14], 15, -1416354905), _0x55cac5 = _0x5aa0e7(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 5], 21, -57434055), _0x1b45ca = _0x5aa0e7(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 12], 6, 1700485571), _0x47c685 = _0x5aa0e7(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 3], 10, -1894986606), _0x5c4f79 = _0x5aa0e7(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 10], 15, -1051523), _0x55cac5 = _0x5aa0e7(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 1], 21, -2054922799), _0x1b45ca = _0x5aa0e7(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 8], 6, 1873313359), _0x47c685 = _0x5aa0e7(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 15], 10, -30611744), _0x5c4f79 = _0x5aa0e7(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 6], 15, -1560198380), _0x55cac5 = _0x5aa0e7(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 13], 21, 1309151649), _0x1b45ca = _0x5aa0e7(_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685, _0x863853[_0x2681a6 + 4], 6, -145523070), _0x47c685 = _0x5aa0e7(_0x47c685, _0x1b45ca, _0x55cac5, _0x5c4f79, _0x863853[_0x2681a6 + 11], 10, -1120210379), _0x5c4f79 = _0x5aa0e7(_0x5c4f79, _0x47c685, _0x1b45ca, _0x55cac5, _0x863853[_0x2681a6 + 2], 15, 718787259), _0x55cac5 = _0x5aa0e7(_0x55cac5, _0x5c4f79, _0x47c685, _0x1b45ca, _0x863853[_0x2681a6 + 9], 21, -343485441), _0x1b45ca = _0x3a6966(_0x1b45ca, _0x23b4de), _0x55cac5 = _0x3a6966(_0x55cac5, _0x1924b5), _0x5c4f79 = _0x3a6966(_0x5c4f79, _0x1e4452), _0x47c685 = _0x3a6966(_0x47c685, _0x2121ad);return [_0x1b45ca, _0x55cac5, _0x5c4f79, _0x47c685];}function _0x3630dc(_0x576385) {var _0x2435ef,_0x54912f = "",_0x50351d = 32 * _0x576385["length"];for (_0x2435ef = 0; _0x2435ef < _0x50351d; _0x2435ef += 8) _0x54912f += String["fromCharCode"](_0x576385[_0x2435ef >> 5] >>> _0x2435ef % 32 & 255);return _0x54912f;}function _0x1b1b6d(_0x2689d9) {var _0x2435ac,_0x17403e = [];for (_0x17403e[(_0x2689d9["length"] >> 2) - 1] = undefined, _0x2435ac = 0; _0x2435ac < _0x17403e["length"]; _0x2435ac += 1) _0x17403e[_0x2435ac] = 0;var _0xfa42d7 = 8 * _0x2689d9["length"];for (_0x2435ac = 0; _0x2435ac < _0xfa42d7; _0x2435ac += 8) _0x17403e[_0x2435ac >> 5] |= (255 & _0x2689d9["charCodeAt"](_0x2435ac / 8)) << _0x2435ac % 32;return _0x17403e;}function _0xa65c7e(_0x56a651) {return _0x3630dc(_0xf4d1cc(_0x1b1b6d(_0x56a651), 8 * _0x56a651["length"]));}function _0x15d6c8(_0x556058) {var _0x2a490a,_0x33f083,_0x1f1f83 = "0123456789abcdef",_0x4f0ef2 = "";for (_0x33f083 = 0; _0x33f083 < _0x556058["length"]; _0x33f083 += 1) _0x2a490a = _0x556058["charCodeAt"](_0x33f083), _0x4f0ef2 += _0x1f1f83["charAt"](_0x2a490a >>> 4 & 15) + _0x1f1f83["charAt"](15 & _0x2a490a);return _0x4f0ef2;}function _0x2f36c7(_0x39b6bb) {return unescape(encodeURIComponent(_0x39b6bb));}function _0x151513(_0x207ce8) {return _0xa65c7e(_0x2f36c7(_0x207ce8));}function _0x960ef9(_0x4beed3) {return _0x15d6c8(_0x151513(_0x4beed3));}function _0x5192f2(_0x16069e, _0x572733, _0x23ad39) {_0x5e9c75();return _0x572733 ? _0x23ad39 ? _0x90f9e7(_0x572733, _0x16069e) : y(_0x572733, _0x16069e) : _0x23ad39 ? _0x151513(_0x16069e) : _0x960ef9(_0x16069e);}function _0x1f9c32(_0x263999, _0x4b0bc3) {document["cookie"] = "m" + _0x5e9c75() + "=" + _0x5192f2(_0x263999) + "|" + _0x263999 + "; path=/";location["reload"]();}function _0x28b6d6(_0x4693d0, _0x11d221) {return Date["parse"](new Date());}_0x1f9c32(_0x28b6d6());
})();

我们可以看到,主要执行的函数是:_ox1f9c32(_0x28b6d6()),_0x28b6d6()主要作用是生成时间戳, _ox1f9c32主要作用是设置cookie!!!

我们直接贴整个代码到node调试一下!

发现!一直阻塞着!通过分析知道,是这一行代码的问题:

我们注释掉,再进行!

那我们直接返回m的值,在打印出来看看,如下所示:

发现还是一直阻塞着:

 那么我们直接在看看里面调用的函数!!!发现:主要调用的是_0x5e9c75函数:

function _0x5e9c75(_0x23ce12, _0x30ff89) {var _0x35f2e8 = _0x1ff1d0(this, function () {var _0x271741 = function () {var _0x490675 = _0x271741["constructor"]("return /\" + this + \"/")()["compile"]("^([^ ]+( +[^ ]+)+)+[^ ]}");return !_0x490675["test"](_0x35f2e8);};return _0x271741();});_0x35f2e8();_0x436eaa();qz = [10, 99, 111, 110, 115, 111, 108, 101, 32, 61, 32, 110, 101, 119, 32, 79, 98, 106, 101, 99, 116, 40, 41, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 32, 61, 32, 102, 117, 110, 99, 116, 105, 111, 110, 32, 40, 115, 41, 32, 123, 10, 32, 32, 32, 32, 119, 104, 105, 108, 101, 32, 40, 49, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 102, 111, 114, 40, 105, 61, 48, 59, 105, 60, 49, 49, 48, 48, 48, 48, 48, 59, 105, 43, 43, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 104, 105, 115, 116, 111, 114, 121, 46, 112, 117, 115, 104, 83, 116, 97, 116, 101, 40, 48, 44, 48, 44, 105, 41, 10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 10, 32, 32, 32, 32, 125, 10, 10, 125, 10, 99, 111, 110, 115, 111, 108, 101, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 91, 111, 98, 106, 101, 99, 116, 32, 79, 98, 106, 101, 99, 116, 93, 39, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 402, 32, 116, 111, 83, 116, 114, 105, 110, 103, 40, 41, 32, 123, 32, 91, 110, 97, 116, 105, 118, 101, 32, 99, 111, 100, 101, 93, 32, 125, 39, 10];eval(_0x32a293(qz));try {if (global) {console["log"]("\u4EBA\u751F\u82E6\u77ED\uFF0C\u4F55\u5FC5python\uFF1F");} else {while (1) {console["log"]("\u4EBA\u751F\u82E6\u77ED\uFF0C\u4F55\u5FC5python\uFF1F");debugger;}}} catch (_0x36abda) {return navigator["vendorSub"];}}

因为里面有些函数又没赋值,而且自调用,就可以当作垃圾代码,这里我们处理掉。我们调试发现global是会报错的,并且navigator["vendorSub"] 是一个空字符。处理后:

function _0x5e9c75(_0x23ce12, _0x30ff89) {qz = [10, 99, 111, 110, 115, 111, 108, 101, 32, 61, 32, 110, 101, 119, 32, 79, 98, 106, 101, 99, 116, 40, 41, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 32, 61, 32, 102, 117, 110, 99, 116, 105, 111, 110, 32, 40, 115, 41, 32, 123, 10, 32, 32, 32, 32, 119, 104, 105, 108, 101, 32, 40, 49, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 102, 111, 114, 40, 105, 61, 48, 59, 105, 60, 49, 49, 48, 48, 48, 48, 48, 59, 105, 43, 43, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 104, 105, 115, 116, 111, 114, 121, 46, 112, 117, 115, 104, 83, 116, 97, 116, 101, 40, 48, 44, 48, 44, 105, 41, 10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 10, 32, 32, 32, 32, 125, 10, 10, 125, 10, 99, 111, 110, 115, 111, 108, 101, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 91, 111, 98, 106, 101, 99, 116, 32, 79, 98, 106, 101, 99, 116, 93, 39, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 402, 32, 116, 111, 83, 116, 114, 105, 110, 103, 40, 41, 32, 123, 32, 91, 110, 97, 116, 105, 118, 101, 32, 99, 111, 100, 101, 93, 32, 125, 39, 10];eval(_0x32a293(qz));return ""}

再执行一次:

成功返回m!!!

三、封装生成m的脚本

function $_0x5801ee(_0x4a2746) {var _0x1df9f3 = function () {var _0x33417a = true;return function (_0x3f6f58, _0x594c99) {var _0x132b76 = _0x33417a ? function () {if (_0x594c99) {var _0xed9245 = _0x594c99["apply"](_0x3f6f58, arguments);_0x594c99 = null;return _0xed9245;}} : function () {};_0x33417a = false;return _0x132b76;};}();function _0x1d5f30(_0x420028, _0x3e6db6) {var _0x41a479 = (65535 & _0x420028) + (65535 & _0x3e6db6);return (_0x420028 >> 16) + (_0x3e6db6 >> 16) + (_0x41a479 >> 16) << 16 | 65535 & _0x41a479;}function _0x1b1c89(_0x4fbd10, _0x47193d) {return _0x4fbd10 << _0x47193d | _0x4fbd10 >>> 32 - _0x47193d;}function _0x54a8ad(_0x3e6087, _0x523714, _0xa8f404, _0x565be1, _0x3a98b0, _0x4ebcc0) {return _0x1d5f30(_0x1b1c89(_0x1d5f30(_0x1d5f30(_0x523714, _0x3e6087), _0x1d5f30(_0x565be1, _0x4ebcc0)), _0x3a98b0), _0xa8f404);}function _0x37be7a(_0xcec692, _0x1b09bc, _0x47b276, _0xe9052, _0xb78961, _0x1291de, _0x248985) {return _0x54a8ad(_0x1b09bc & _0x47b276 | ~_0x1b09bc & _0xe9052, _0xcec692, _0x1b09bc, _0xb78961, _0x1291de, _0x248985);}function _0x1cbc9a(_0x16e101, _0x3c1614, _0x19a0d3, _0x45327b, _0x310cb1, _0x3da0c3, _0x1ee753) {return _0x54a8ad(_0x3c1614 & _0x45327b | _0x19a0d3 & ~_0x45327b, _0x16e101, _0x3c1614, _0x310cb1, _0x3da0c3, _0x1ee753);}function _0x165c29(_0x5c6107, _0x295bc7) {let _0x4c9e51 = [99, 111, 110, 115, 111, 108, 101];let _0x4ace0d = "";for (let _0x357cb8 = 0; _0x357cb8 < _0x4c9e51["length"]; _0x357cb8++) {_0x4ace0d += String["fromCharCode"](_0x4c9e51[_0x357cb8]);}return _0x4ace0d;}function _0x2e981e(_0x372e88, _0x3b758d, _0x5b6371, _0x276d4a, _0x308889, _0x49e2cb, _0x3bc46b) {return _0x54a8ad(_0x3b758d ^ _0x5b6371 ^ _0x276d4a, _0x372e88, _0x3b758d, _0x308889, _0x49e2cb, _0x3bc46b);}function _0x1abb66(_0x21e4ad, _0x53e248, _0x311b4a, _0x4f97d3, _0x203aa5, _0x58b47d, _0x9ec361) {return _0x54a8ad(_0x311b4a ^ (_0x53e248 | ~_0x4f97d3), _0x21e4ad, _0x53e248, _0x203aa5, _0x58b47d, _0x9ec361);}function _0x4cd904(_0x48f85c, _0x29c7cd) {let _0x5c365a = "";for (let _0x1ce648 = 0; _0x1ce648 < _0x48f85c["length"]; _0x1ce648++) {_0x5c365a += String["fromCharCode"](_0x48f85c[_0x1ce648]);}return _0x5c365a;}function _0x4e19ce(_0x93cb8d, _0x1b0ed7) {qz = [10, 99, 111, 110, 115, 111, 108, 101, 32, 61, 32, 110, 101, 119, 32, 79, 98, 106, 101, 99, 116, 40, 41, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 32, 61, 32, 102, 117, 110, 99, 116, 105, 111, 110, 32, 40, 115, 41, 32, 123, 10, 32, 32, 32, 32, 119, 104, 105, 108, 101, 32, 40, 49, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 102, 111, 114, 40, 105, 61, 48, 59, 105, 60, 49, 49, 48, 48, 48, 48, 48, 59, 105, 43, 43, 41, 123, 10, 32, 32, 32, 32, 32, 32, 32, 32, 104, 105, 115, 116, 111, 114, 121, 46, 112, 117, 115, 104, 83, 116, 97, 116, 101, 40, 48, 44, 48, 44, 105, 41, 10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 10, 32, 32, 32, 32, 125, 10, 10, 125, 10, 99, 111, 110, 115, 111, 108, 101, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 91, 111, 98, 106, 101, 99, 116, 32, 79, 98, 106, 101, 99, 116, 93, 39, 10, 99, 111, 110, 115, 111, 108, 101, 46, 108, 111, 103, 46, 116, 111, 83, 116, 114, 105, 110, 103, 32, 61, 32, 39, 402, 32, 116, 111, 83, 116, 114, 105, 110, 103, 40, 41, 32, 123, 32, 91, 110, 97, 116, 105, 118, 101, 32, 99, 111, 100, 101, 93, 32, 125, 39, 10];eval(_0x4cd904(qz));return ""}// setInterval(_0x4e19ce(), 500);function _0x11d987(_0x4b4b0b, _0x5ace78) {_0x4b4b0b[_0x5ace78 >> 5] |= 128 << _0x5ace78 % 32, _0x4b4b0b[14 + (_0x5ace78 + 64 >>> 9 << 4)] = _0x5ace78;if (qz) {var _0x4cc189,_0x5b2517,_0x1702b0,_0x169fdb,_0x24d090,_0x2db92a = 1732584193,_0x4a7dd6 = -271733879,_0x53dfc0 = -1732584194,_0x3fc9fe = 271733878;} else {var _0x4cc189,_0x5b2517,_0x1702b0,_0x169fdb,_0x24d090,_0x2db92a = 0,_0x4a7dd6 = -0,_0x53dfc0 = -0,_0x3fc9fe = 0;}for (_0x4cc189 = 0; _0x4cc189 < _0x4b4b0b["length"]; _0x4cc189 += 16) _0x5b2517 = _0x2db92a, _0x1702b0 = _0x4a7dd6, _0x169fdb = _0x53dfc0, _0x24d090 = _0x3fc9fe, _0x2db92a = _0x37be7a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189], 7, -680876936), _0x3fc9fe = _0x37be7a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 1], 12, -389564586), _0x53dfc0 = _0x37be7a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 2], 17, 606105819), _0x4a7dd6 = _0x37be7a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 3], 22, -1044525330), _0x2db92a = _0x37be7a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 4], 7, -176418897), _0x3fc9fe = _0x37be7a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 5], 12, 1200080426), _0x53dfc0 = _0x37be7a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 6], 17, -1473231341), _0x4a7dd6 = _0x37be7a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 7], 22, -45705983), _0x2db92a = _0x37be7a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 8], 7, 1770035416), _0x3fc9fe = _0x37be7a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 9], 12, -1958414417), _0x53dfc0 = _0x37be7a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 10], 17, -42063), _0x4a7dd6 = _0x37be7a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 11], 22, -1990404162), _0x2db92a = _0x37be7a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 12], 7, 1804603682), _0x3fc9fe = _0x37be7a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 13], 12, -40341101), _0x53dfc0 = _0x37be7a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 14], 17, -1502882290), _0x4a7dd6 = _0x37be7a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 15], 22, 1236535329), _0x2db92a = _0x1cbc9a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 1], 5, -165796510), _0x3fc9fe = _0x1cbc9a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 6], 9, -1069501632), _0x53dfc0 = _0x1cbc9a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 11], 14, 643717713), _0x4a7dd6 = _0x1cbc9a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189], 20, -373897302), _0x2db92a = _0x1cbc9a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 5], 5, -701558691), _0x3fc9fe = _0x1cbc9a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 10], 9, 38016083), _0x53dfc0 = _0x1cbc9a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 15], 14, -660478335), _0x4a7dd6 = _0x1cbc9a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 4], 20, -405537848), _0x2db92a = _0x1cbc9a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 9], 5, 568446438), _0x3fc9fe = _0x1cbc9a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 14], 9, -1019803690), _0x53dfc0 = _0x1cbc9a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 3], 14, -187363961), _0x4a7dd6 = _0x1cbc9a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 8], 20, 1163531501), _0x2db92a = _0x1cbc9a(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 13], 5, -1444681467), _0x3fc9fe = _0x1cbc9a(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 2], 9, -51403784), _0x53dfc0 = _0x1cbc9a(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 7], 14, 1735328473), _0x4a7dd6 = _0x1cbc9a(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 12], 20, -1926607734), _0x2db92a = _0x2e981e(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 5], 4, -378558), _0x3fc9fe = _0x2e981e(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 8], 11, -2022574463), _0x53dfc0 = _0x2e981e(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 11], 16, 1839030562), _0x4a7dd6 = _0x2e981e(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 14], 23, -35309556), _0x2db92a = _0x2e981e(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 1], 4, -1530992060), _0x3fc9fe = _0x2e981e(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 4], 11, 1272893353), _0x53dfc0 = _0x2e981e(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 7], 16, -155497632), _0x4a7dd6 = _0x2e981e(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 10], 23, -1094730640), _0x2db92a = _0x2e981e(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 13], 4, 681279174), _0x3fc9fe = _0x2e981e(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189], 11, -358537222), _0x53dfc0 = _0x2e981e(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 3], 16, -722521979), _0x4a7dd6 = _0x2e981e(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 6], 23, 76029189), _0x2db92a = _0x2e981e(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 9], 4, -640364487), _0x3fc9fe = _0x2e981e(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 12], 11, -421815835), _0x53dfc0 = _0x2e981e(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 15], 16, 530742520), _0x4a7dd6 = _0x2e981e(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 2], 23, -995338651), _0x2db92a = _0x1abb66(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189], 6, -198630844), _0x3fc9fe = _0x1abb66(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 7], 10, 1126891415), _0x53dfc0 = _0x1abb66(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 14], 15, -1416354905), _0x4a7dd6 = _0x1abb66(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 5], 21, -57434055), _0x2db92a = _0x1abb66(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 12], 6, 1700485571), _0x3fc9fe = _0x1abb66(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 3], 10, -1894986606), _0x53dfc0 = _0x1abb66(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 10], 15, -1051523), _0x4a7dd6 = _0x1abb66(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 1], 21, -2054922799), _0x2db92a = _0x1abb66(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 8], 6, 1873313359), _0x3fc9fe = _0x1abb66(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 15], 10, -30611744), _0x53dfc0 = _0x1abb66(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 6], 15, -1560198380), _0x4a7dd6 = _0x1abb66(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 13], 21, 1309151649), _0x2db92a = _0x1abb66(_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x4b4b0b[_0x4cc189 + 4], 6, -145523070), _0x3fc9fe = _0x1abb66(_0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x53dfc0, _0x4b4b0b[_0x4cc189 + 11], 10, -1120210379), _0x53dfc0 = _0x1abb66(_0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4a7dd6, _0x4b4b0b[_0x4cc189 + 2], 15, 718787259), _0x4a7dd6 = _0x1abb66(_0x4a7dd6, _0x53dfc0, _0x3fc9fe, _0x2db92a, _0x4b4b0b[_0x4cc189 + 9], 21, -343485441), _0x2db92a = _0x1d5f30(_0x2db92a, _0x5b2517), _0x4a7dd6 = _0x1d5f30(_0x4a7dd6, _0x1702b0), _0x53dfc0 = _0x1d5f30(_0x53dfc0, _0x169fdb), _0x3fc9fe = _0x1d5f30(_0x3fc9fe, _0x24d090);return [_0x2db92a, _0x4a7dd6, _0x53dfc0, _0x3fc9fe];}function _0x1d6044(_0x569e60) {var _0x535f11,_0x213a6e = "",_0x37be40 = 32 * _0x569e60["length"];for (_0x535f11 = 0; _0x535f11 < _0x37be40; _0x535f11 += 8) _0x213a6e += String["fromCharCode"](_0x569e60[_0x535f11 >> 5] >>> _0x535f11 % 32 & 255);return _0x213a6e;}function _0x34c79d(_0x4fb717) {var _0x33770e,_0x210d26 = [];for (_0x210d26[(_0x4fb717["length"] >> 2) - 1] = undefined, _0x33770e = 0; _0x33770e < _0x210d26["length"]; _0x33770e += 1) _0x210d26[_0x33770e] = 0;var _0x2439fe = 8 * _0x4fb717["length"];for (_0x33770e = 0; _0x33770e < _0x2439fe; _0x33770e += 8) _0x210d26[_0x33770e >> 5] |= (255 & _0x4fb717["charCodeAt"](_0x33770e / 8)) << _0x33770e % 32;return _0x210d26;}function _0xfcb045(_0x3d1966) {return _0x1d6044(_0x11d987(_0x34c79d(_0x3d1966), 8 * _0x3d1966["length"]));}function _0x1a901f(_0x52e47b) {var _0x17539b,_0x2e03da,_0x46ffb9 = "0123456789abcdef",_0x12309d = "";for (_0x2e03da = 0; _0x2e03da < _0x52e47b["length"]; _0x2e03da += 1) _0x17539b = _0x52e47b["charCodeAt"](_0x2e03da), _0x12309d += _0x46ffb9["charAt"](_0x17539b >>> 4 & 15) + _0x46ffb9["charAt"](15 & _0x17539b);return _0x12309d;}function _0x4aa5f0(_0xdb0907) {return unescape(encodeURIComponent(_0xdb0907));}function _0x348d5f(_0x13316c) {return _0xfcb045(_0x4aa5f0(_0x13316c));}function _0xf706e2(_0x4946e7) {return _0x1a901f(_0x348d5f(_0x4946e7));}function _0x21b46e(_0x3712bd, _0x50ae7d, _0x395e29) {_0x4e19ce();return _0x50ae7d ? _0x395e29 ? _0x165c29(_0x50ae7d, _0x3712bd) : y(_0x50ae7d, _0x3712bd) : _0x395e29 ? _0x348d5f(_0x3712bd) : _0xf706e2(_0x3712bd);}function _0x34d2e0(_0x3f8008, _0x499057) {return _0x21b46e(_0x3f8008) + "|" + _0x3f8008;}return _0x34d2e0(Date["parse"](new Date()))
};

四、构造爬虫代码

import requests
import execjsfile = 'index.js'
ctx = execjs.compile(open(file).read())
js = '$_0x5801ee()'
params = ctx.eval(js)
url = 'http://match.yuanrenxue.com/api/match/2'
headers = {'Cookie': 'm={}'.format(params),
}
data = requests.get(url, headers = headers)
print(data.text)

测试:

成功返回!!!

[007]爬虫系列 | 猿人学爬虫攻防大赛 | 第二题: js 混淆 - 动态Cookie相关推荐

  1. [007]爬虫系列 | 猿人学爬虫攻防大赛 | 第五题: js混淆 乱码增强(中)

    一.备注 在阅读此文章前,请先阅读前一篇<[007]爬虫系列 | 猿人学爬虫攻防大赛 | 第五题: js混淆 乱码增强(上)> 二.找参数来源(二) 在前一篇文章中,我们找出了Cookie ...

  2. [007]爬虫系列 | 猿人学爬虫攻防大赛 | 第五题: js混淆 乱码增强(下)

    一.备注 在阅读此文章前,请先阅读前两篇 <[007]爬虫系列 | 猿人学爬虫攻防大赛 | 第五题: js混淆 乱码增强(上)> <[007]爬虫系列 | 猿人学爬虫攻防大赛 | 第 ...

  3. [007]爬虫系列 | 猿人学爬虫攻防大赛 | 第五题: js混淆 乱码增强(上)

    一.备注 由于此题目比较复杂(个人感觉哈!大佬别喷!),所以博主分析了一个上午,也就只能得出m的生成,所以还是分两天写吧!!! 二.题目 http://match.yuanrenxue.com/mat ...

  4. Js逆向 | 猿人学爬虫攻防大赛 | 第一题: js 混淆 - 源码乱码(多图预警!!手把手教学!!)

    地址: 第一题地址 题目: 抓取所有(5页)机票的价格,并计算所有机票价格的平均值,填入答案. 初探: 进入网站,惯例先开F12康康 这里被 debugger 卡住了: 你可以 选中行号点右键点 Ed ...

  5. 猿人学试题(非常简单js混淆、雪碧图、样式干扰 css加密、js混淆源码乱码、js混淆动态cookie、访问逻辑)

    学习目标: python学习-猿人学试题 学习内容: 1.非常简单js混淆 2.雪碧图.样式干扰 css加密 3.js混淆源码乱码 4.js混淆动态cookie 5.访问逻辑 1.非常简单js混淆 试 ...

  6. 猿人学·爬虫逆向高阶课

    我跟 virjar 出了一套爬虫课(猿人学·爬虫进阶培训课),包含:安卓逆向抓取.JS 高阶逆向抓取.安卓群控抓取.容器定制化等. 实际上我去年就在做这个爬虫课了,一直没有放到网课平台上公开宣传,但是 ...

  7. python爬虫系列之初识爬虫

    python爬虫系列之初识爬虫 前言 我们这里主要是利用requests模块和bs4模块进行简单的爬虫的讲解,让大家可以对爬虫有了初步的认识,我们通过爬几个简单网站,让大家循序渐进的掌握爬虫的基础知识 ...

  8. 猿人学web端爬虫攻防大赛赛题解析_第九题:js混淆-动态cookie2

    js混淆,动态cookie2 一.前言 二.加密逻辑初探 三.加密逻辑深入分析 四.代码实现 4.1.ast解混淆的一个坑 4.2.完整实现过程 五.参考文献 一.前言 一转眼又有快两个星期没更博客了 ...

  9. 猿人学web端爬虫攻防大赛赛题解析_第一题:源码乱码

    第一题:js 混淆 - 源码乱码 1.前言 2.题目理解 3.逆向(踩坑)分析过程 3.1.初步分析 3.2.当头一棒 3.3.循序渐进 3.4.大功告成 4.结语 1.前言 接触网络爬虫已经有两三年 ...

最新文章

  1. 剑指offer python版 找出数组中重复的数字
  2. 什么叫大地高_涨得高不是不买的理由,更不是卖出的理由,什么叫追涨杀跌?(附最简单选股方法)---交易那些事儿...
  3. springboot2 虚拟路径设置_转载—springboot配置虚拟路径以外部访问
  4. JFreeChart 使用介绍
  5. ch=cin.get()和cin.get(ch)返回值问题
  6. Django 数据导入和导出
  7. 华为在爱尔兰增设150个LTE研发职位
  8. Android 无法查看外部依赖jar的源码的问题
  9. AOS编排语言系列教程(一):开启AOS之旅,解锁各种自动化姿势
  10. CSS Animatie是一款在线制作CSS3动画的工具,可以在线直接制作CSS3动画效果,生成代码...
  11. Java I/O操作
  12. 生产过程代码分析(二)--估计
  13. LDA-math-MCMC 和 Gibbs Sampling (我爱NLP)
  14. Jmeter性能测试流程
  15. python表示倍数的英语句型_英语倍数表达法
  16. HTML5视频和音频常见的格式,HTML5中视频音频的使用详解
  17. MySQL最全整理(面试题+笔记+导图),面试大厂不再被MySql难倒
  18. 关于家用路由器下挂多个设备包括下挂路由器的操作
  19. C# 合并、拆分PPT幻灯片
  20. 计算机毕业设计springboot基于VUE电脑城摊位出租系统

热门文章

  1. [ISUX转译]iOS7人机界面指南
  2. 算得准宇宙,却料不定人间:科学家之殁,区块链之过
  3. for单次循环参数对比-以ode45求一元二阶微分方程为例
  4. html中文本属性的设置,css 文本属性direction的功能详解说明
  5. python 读取3D obj文件
  6. 网站文章更新频率对SEO影响大吗?
  7. 逐行拆解Guava限流器RateLimiter
  8. Linux命令之less
  9. 虚拟现实产业发展白皮书(2019年)发布
  10. 带你去看2020大数据就业形势