前言

在Python爬取资源的时候需要分析网站,有时候关键部分的JS会被混淆,所以不得不去解密这段JS去获取数据,这里推荐两个JS在线解密工具。

https://www.sojson.com/jsjiemi.html #很强的JS反混淆解密工具

https://www.jb51.net/article/9705.htm #带原理代码

原理

拿到一段混淆的JavaScript

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('q p=["5://2.1.0/4-6-9-8/o~7.3","5://2.1.0/4-6-9-8/m~7.3","5://2.1.0/4-6-9-8/n~7.3","5://2.1.0/4-6-9-8/r~7.3","5://2.1.0/4-6-9-8/l~7.3","5://2.1.0/4-6-9-8/w~7.3","5://2.1.0/4-6-9-8/v~7.3","5://2.1.0/4-6-9-8/u~7.3","5://2.1.0/4-6-9-8/t~7.3","5://2.1.0/4-6-9-8/x~7.3","5://2.1.0/4-6-9-8/h~7.3","5://2.1.0/4-6-9-8/c~7.3","5://2.1.0/4-6-9-8/b~7.3","5://2.1.0/4-6-9-8/e~7.3","5://2.1.0/4-6-9-8/a~7.3","5://2.1.0/4-6-9-8/d~7.3","5://2.1.0/4-6-9-8/k~7.3","5://2.1.0/4-6-9-8/f~7.3","5://2.1.0/4-6-9-8/j~7.3","5://2.1.0/4-6-9-8/i~7.3","5://2.1.0/4-6-9-8/g~7.3","5://2.1.0/4-6-9-8/s~7.3","5://2.1.0/4-6-9-8/W~7.3","5://2.1.0/4-6-9-8/P~7.3","5://2.1.0/4-6-9-8/O~7.3","5://2.1.0/4-6-9-8/N~7.3","5://2.1.0/4-6-9-8/M~7.3","5://2.1.0/4-6-9-8/y~7.3","5://2.1.0/4-6-9-8/Q~7.3","5://2.1.0/4-6-9-8/R~7.3","5://2.1.0/4-6-9-8/V~7.3","5://2.1.0/4-6-9-8/U~7.3","5://2.1.0/4-6-9-8/T~7.3","5://2.1.0/4-6-9-8/S~7.3","5://2.1.0/4-6-9-8/L~7.3","5://2.1.0/4-6-9-8/K~7.3","5://2.1.0/4-6-9-8/D~7.3","5://2.1.0/4-6-9-8/C~7.3","5://2.1.0/4-6-9-8/B~7.3","5://2.1.0/4-6-9-8/z~7.3","5://2.1.0/4-6-9-8/A~7.3","5://2.1.0/4-6-9-8/E~7.3","5://2.1.0/4-6-9-8/F~7.3","5://2.1.0/4-6-9-8/J~7.3","5://2.1.0/4-6-9-8/I~7.3","5://2.1.0/4-6-9-8/H~7.3","5://2.1.0/4-6-9-8/G~7.3"]',59,59,'com|dcarimg|p3|jpg|tos|https|cn|noop|0015|avt|811716e5848751f1dae4f43f452975cd|ac1da9e8dcf023ae40eb45195cab20a1|fcae6a61ed85f85031a7829c9b519e61|f7aaa057505d7fdf86bb8e245b1bcd6a|4c77737996ab63f6db336aa073d3227f|3e28866f375affe69d7ed45e1014b414|647872d796cdb80011fe54ba30158f86|1c267424577ba7ca58e2ca4f9972e59b|24177a9f95362d39bf3d83b9bbb51851|018189c7f19dcde8784898368e87224b|993d09a49f7e9ca64f49fdc54c535531|f13a6fcd9427162329b9a55a1d076968|988aed36201086727dbdce71830020a3|f484bfd1aab868bfb1ad94e8e8d64da5|25289976c198b253271c32cfc8f6c5cd|newImgs|var|ba92c1e92141863363f480377dd3260d|66a07a2fdb465192a8db4c2c5392d0a9|f0818bb47337ba55f34df0baeed1f5cc|9355a4db8df02389c4b403ae30fcf274|8048bdbe78ec41d8d3e1ff55d65de01c|26bcc798fbdc2722d9287af869b870b2|9e41a0f6c3c53e71a0cac75cf0d99646|12ed9a9e36d363bd0093334db44ef006|543aeca44254e62a41cdcd2b6e5a5de5|2bbb7c6f1ce099f6908ed45cd5d0e252|9a838fe8cd361123fa35a8c823521bec|b10634e98282a88c93e407cd3479a8c9|6c9bc152695491ef0c1b22bf6e47de2e|875475b9019046940f104818b8e1a0d0|f5fc612de0976995e05b123e35daab32|caff83ebd1266b1548562867b19c4914|702288d93b39e913e1502af2111d5292|24a4a4d935db4fe7e3d9e21f474df902|fd43e76331946eb998a663a5b407dcbe|f10e6797cecc0a5cf480fd17bc0d35c3|4ff3e1adbf079851039e03654980166b|fc62b1ee314ff71e3093dcdc150c03a8|5442a7e61b486de6003ab3fca5c44ac9|c0d22ca08487eed65f2acd3ad712b87c|4067412f2411aab6dcfe30fed69e35a8|c61f4fd9163cd6a58c97530d61d233b1|a8f6298664ec1d5203acd1040746f62c|10439132723f4220eee6ab4c4fc56f4e|ffbc3806dd0bd6f2c754bbda42b6cd68|041f97ded5acefcf3ee41cb2598e0501|ee709d458d06c892c4b4960b0228d3bf|cc4afe36aad5666a2df254d116661fcb'.split('|'),0,{}))

我们把“eval”去掉丢到chrome F12 Console里,得到

所以我们的目标就是使用python来运行这段js

实现

这里我们使用js2py这个包

import js2pyif __name__ == '__main__':encrypted=r"""(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('q p=["5://2.1.0/4-6-9-8/o~7.3","5://2.1.0/4-6-9-8/m~7.3","5://2.1.0/4-6-9-8/n~7.3","5://2.1.0/4-6-9-8/r~7.3","5://2.1.0/4-6-9-8/l~7.3","5://2.1.0/4-6-9-8/w~7.3","5://2.1.0/4-6-9-8/v~7.3","5://2.1.0/4-6-9-8/u~7.3","5://2.1.0/4-6-9-8/t~7.3","5://2.1.0/4-6-9-8/x~7.3","5://2.1.0/4-6-9-8/h~7.3","5://2.1.0/4-6-9-8/c~7.3","5://2.1.0/4-6-9-8/b~7.3","5://2.1.0/4-6-9-8/e~7.3","5://2.1.0/4-6-9-8/a~7.3","5://2.1.0/4-6-9-8/d~7.3","5://2.1.0/4-6-9-8/k~7.3","5://2.1.0/4-6-9-8/f~7.3","5://2.1.0/4-6-9-8/j~7.3","5://2.1.0/4-6-9-8/i~7.3","5://2.1.0/4-6-9-8/g~7.3","5://2.1.0/4-6-9-8/s~7.3","5://2.1.0/4-6-9-8/W~7.3","5://2.1.0/4-6-9-8/P~7.3","5://2.1.0/4-6-9-8/O~7.3","5://2.1.0/4-6-9-8/N~7.3","5://2.1.0/4-6-9-8/M~7.3","5://2.1.0/4-6-9-8/y~7.3","5://2.1.0/4-6-9-8/Q~7.3","5://2.1.0/4-6-9-8/R~7.3","5://2.1.0/4-6-9-8/V~7.3","5://2.1.0/4-6-9-8/U~7.3","5://2.1.0/4-6-9-8/T~7.3","5://2.1.0/4-6-9-8/S~7.3","5://2.1.0/4-6-9-8/L~7.3","5://2.1.0/4-6-9-8/K~7.3","5://2.1.0/4-6-9-8/D~7.3","5://2.1.0/4-6-9-8/C~7.3","5://2.1.0/4-6-9-8/B~7.3","5://2.1.0/4-6-9-8/z~7.3","5://2.1.0/4-6-9-8/A~7.3","5://2.1.0/4-6-9-8/E~7.3","5://2.1.0/4-6-9-8/F~7.3","5://2.1.0/4-6-9-8/J~7.3","5://2.1.0/4-6-9-8/I~7.3","5://2.1.0/4-6-9-8/H~7.3","5://2.1.0/4-6-9-8/G~7.3"]',59,59,'com|dcarimg|p3|jpg|tos|https|cn|noop|0015|avt|811716e5848751f1dae4f43f452975cd|ac1da9e8dcf023ae40eb45195cab20a1|fcae6a61ed85f85031a7829c9b519e61|f7aaa057505d7fdf86bb8e245b1bcd6a|4c77737996ab63f6db336aa073d3227f|3e28866f375affe69d7ed45e1014b414|647872d796cdb80011fe54ba30158f86|1c267424577ba7ca58e2ca4f9972e59b|24177a9f95362d39bf3d83b9bbb51851|018189c7f19dcde8784898368e87224b|993d09a49f7e9ca64f49fdc54c535531|f13a6fcd9427162329b9a55a1d076968|988aed36201086727dbdce71830020a3|f484bfd1aab868bfb1ad94e8e8d64da5|25289976c198b253271c32cfc8f6c5cd|newImgs|var|ba92c1e92141863363f480377dd3260d|66a07a2fdb465192a8db4c2c5392d0a9|f0818bb47337ba55f34df0baeed1f5cc|9355a4db8df02389c4b403ae30fcf274|8048bdbe78ec41d8d3e1ff55d65de01c|26bcc798fbdc2722d9287af869b870b2|9e41a0f6c3c53e71a0cac75cf0d99646|12ed9a9e36d363bd0093334db44ef006|543aeca44254e62a41cdcd2b6e5a5de5|2bbb7c6f1ce099f6908ed45cd5d0e252|9a838fe8cd361123fa35a8c823521bec|b10634e98282a88c93e407cd3479a8c9|6c9bc152695491ef0c1b22bf6e47de2e|875475b9019046940f104818b8e1a0d0|f5fc612de0976995e05b123e35daab32|caff83ebd1266b1548562867b19c4914|702288d93b39e913e1502af2111d5292|24a4a4d935db4fe7e3d9e21f474df902|fd43e76331946eb998a663a5b407dcbe|f10e6797cecc0a5cf480fd17bc0d35c3|4ff3e1adbf079851039e03654980166b|fc62b1ee314ff71e3093dcdc150c03a8|5442a7e61b486de6003ab3fca5c44ac9|c0d22ca08487eed65f2acd3ad712b87c|4067412f2411aab6dcfe30fed69e35a8|c61f4fd9163cd6a58c97530d61d233b1|a8f6298664ec1d5203acd1040746f62c|10439132723f4220eee6ab4c4fc56f4e|ffbc3806dd0bd6f2c754bbda42b6cd68|041f97ded5acefcf3ee41cb2598e0501|ee709d458d06c892c4b4960b0228d3bf|cc4afe36aad5666a2df254d116661fcb'.split('|'),0,{}))"""print(js2py.eval_js(encrypted))

运行结果

var newImgs=["https://p3.dcarimg.com/tos-cn-avt-0015/25289976c198b253271c32cfc8f6c5cd~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/988aed36201086727dbdce71830020a3~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f484bfd1aab868bfb1ad94e8e8d64da5~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/ba92c1e92141863363f480377dd3260d~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f13a6fcd9427162329b9a55a1d076968~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/26bcc798fbdc2722d9287af869b870b2~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/8048bdbe78ec41d8d3e1ff55d65de01c~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/9355a4db8df02389c4b403ae30fcf274~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f0818bb47337ba55f34df0baeed1f5cc~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/9e41a0f6c3c53e71a0cac75cf0d99646~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/1c267424577ba7ca58e2ca4f9972e59b~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/fcae6a61ed85f85031a7829c9b519e61~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/ac1da9e8dcf023ae40eb45195cab20a1~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/4c77737996ab63f6db336aa073d3227f~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/811716e5848751f1dae4f43f452975cd~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f7aaa057505d7fdf86bb8e245b1bcd6a~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/993d09a49f7e9ca64f49fdc54c535531~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/3e28866f375affe69d7ed45e1014b414~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/018189c7f19dcde8784898368e87224b~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/24177a9f95362d39bf3d83b9bbb51851~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/647872d796cdb80011fe54ba30158f86~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/66a07a2fdb465192a8db4c2c5392d0a9~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/cc4afe36aad5666a2df254d116661fcb~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/4067412f2411aab6dcfe30fed69e35a8~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/c0d22ca08487eed65f2acd3ad712b87c~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/5442a7e61b486de6003ab3fca5c44ac9~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/fc62b1ee314ff71e3093dcdc150c03a8~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/12ed9a9e36d363bd0093334db44ef006~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/c61f4fd9163cd6a58c97530d61d233b1~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/a8f6298664ec1d5203acd1040746f62c~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/ee709d458d06c892c4b4960b0228d3bf~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/041f97ded5acefcf3ee41cb2598e0501~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/ffbc3806dd0bd6f2c754bbda42b6cd68~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/10439132723f4220eee6ab4c4fc56f4e~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/4ff3e1adbf079851039e03654980166b~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f10e6797cecc0a5cf480fd17bc0d35c3~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/6c9bc152695491ef0c1b22bf6e47de2e~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/b10634e98282a88c93e407cd3479a8c9~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/9a838fe8cd361123fa35a8c823521bec~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/543aeca44254e62a41cdcd2b6e5a5de5~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/2bbb7c6f1ce099f6908ed45cd5d0e252~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/875475b9019046940f104818b8e1a0d0~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/f5fc612de0976995e05b123e35daab32~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/fd43e76331946eb998a663a5b407dcbe~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/24a4a4d935db4fe7e3d9e21f474df902~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/702288d93b39e913e1502af2111d5292~noop.jpg","https://p3.dcarimg.com/tos-cn-avt-0015/caff83ebd1266b1548562867b19c4914~noop.jpg"]进程已结束,退出代码0

python js反混淆 eval(function(p,a,c,k,e,d){相关推荐

  1. 揭晓eval(function(p,a,c,k,e,r)js代码解密加密程序

    最近大雄搜集站,在弄改一个wp网站侧边栏的小工具就发现了,JS的代码脚本很乱,不是常规写法,后来查阅发现是由于JS加密造成的,我对这种事情很不理解,有一些既然是选择开源了,为啥JS还加密.走你,那就一 ...

  2. 密码学笔记——eval(function(p,a,c,k,e,d) 加密破解

    密码学笔记--eval(function(p,a,c,k,e,d) 的加密破解 例题: 小明某天在看js的时候,突然看到了这么一段代码,发现怎么也理不出代码逻辑,你能帮帮他吗? 格式:SimCTF{} ...

  3. js反混淆还原工具_SATURN反混淆框架

    本文为看雪论坛精华文章 看雪论坛作者ID:梦野间 摘要:近几年,软件的混淆强度一直在不断提升.基于编译器的混淆已经成为业界事实上的标准,最近的一些论文也表明软件的保护方式使用的是编译器级别的混淆. 在 ...

  4. Js 的 混淆 与反混淆

    Js 混淆: https://obfuscator.io/ 功能很多,暂举两个: 1.Identifier Names Generator : 把变量.方法的名字变成 16进制(0xabc123) 或 ...

  5. js混淆 反混淆 在线

    js反混淆地址:http://www.bm8.com.cn/jsConfusion/ 在线javascript 混淆http://www.moralsoft.com/jso-online/hdojso ...

  6. 点击时候确定某个元素 js_某空气质量监测平台 JS反爬

    目标:中国空气质量在线监测分析平台|城市分析 参考CSDN中文章,记录一下学习过程 通过切换城市,页面数据是通过 Ajax 加载的,数据接口:https://www.aqistudy.cn/apine ...

  7. 反混淆JavaScript

    0x00 前言 Javascript 作为一种运行在客户端的脚本语言,其源代码对用户来说是完全可见的.但不是每一个 js 开发者都希望自己的代码能被直接阅读,比如恶意软件的制造者们.为了增加代码分析的 ...

  8. JavaScript 反混淆的一般套路和技巧[起][承][转][结]

    https://www.blackglory.me/javascript-deobfuscate-general-routines-and-tips-chapter-1/ 最近发现网上没有什么专门深入 ...

  9. Web Spider 常见混淆EVAL、AA、JJ、JSFUCK

    文章目录 一.EVAL & constructor 二.AA混淆 三.JJ混淆 四.JSFUCK 五.针对混淆的方法 简单hook 总结 混淆的原理:就是把原本清晰的代码故意搞得花里胡哨,让局 ...

最新文章

  1. -bash: sz: command not found
  2. 同一label显示不同字体
  3. 团队作业5-测试与发布(AIpha版本)
  4. 从user 登陆開始
  5. perl语言入门第七版中文_python和c语言哪个简单
  6. 电信运营商计费模型_商客通:南京电信400电话怎么办理更省心
  7. 机器学习算法GBDT的面试总结
  8. jenkins集成sonar
  9. Cisco交换机上的链路聚合
  10. UML/ROSE学习笔记系列二:UML的概念模型
  11. React:react-router
  12. C语言字符串输出中文乱码
  13. android 10.0 SystemUI 状态栏下拉快捷添加截图快捷开关
  14. 【SDCC讲师专访】Swoole开源项目创始人韩天峰:PHP是最好的编程语言
  15. 教你如何赚你的第一桶金 - 2048(包括源代码)
  16. SGU 264 Travel(稳定婚姻匹配)
  17. win10删除第三方增加的“设备和驱动器”
  18. 大数据专业该学习什么?
  19. MATLAB时间控制函数
  20. ie8下实现预览pdf

热门文章

  1. 春节假期收官小记|抢红包黄金时间分析
  2. Ribbon(1、简介)
  3. 如何使用界面控件DevExpress WinForms自带的UI模板?其实很简单
  4. 腾讯地图api-基本用法总结
  5. 模型prun quantization related paper
  6. xp系统桌面没有计算机,在xp系统中,为什么桌面所有图标都消失?
  7. 用计算机实现的动画效果,运用PPT编辑动画效果
  8. 字节跳动内推 校招 社招 实习生都可以投递
  9. Postman使用xmysql连接数据库及Handshake inactivity timeout、PROTOCOL SEQUENCE TIMEOUT问题解决
  10. 苹果开放降级_苹果降级对手机有什么坏处