网址: aHR0cHM6Ly9iei56enptaC5jbi9pbmRleA==

正文:

1:打开网页进行翻页可以看到返回的数据包数据是加密的

2.直接下段跟

3.在520处下断点

4.回到网页点击翻页再次断下,分析改断点附近代码,可以发现显眼的字眼

5.在523处下断点,可以发现_0x3c6b83[‘data’][‘result’]为密文,JSON’parse’则是解密好的明文

6.重新回到代码,看到_0xf79b3e[‘a’][‘decipher’]则是解密方法,跟进去看下

7.最终经过三个方法解密成明文,扣下三个方法即可。

8.代码如下:

 var a = {base64EncodeChars:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",base64DecodeChars:new Array(-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1),keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",/*** base64编码 * @param {Object} str */base64encode(str) {var out, i, len;var c1, c2, c3;len = str.length;i = 0;out = "";while (i < len) {c1 = str.charCodeAt(i++) & 0xff;if (i == len) {out += this.base64EncodeChars.charAt(c1 >> 2);out += this.base64EncodeChars.charAt((c1 & 0x3) << 4);out += "==";break;}c2 = str.charCodeAt(i++);if (i == len) {out += this.base64EncodeChars.charAt(c1 >> 2);out += this.base64EncodeChars.charAt(((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4));out += this.base64EncodeChars.charAt((c2 & 0xF) << 2);out += "=";break;}c3 = str.charCodeAt(i++);out += this.base64EncodeChars.charAt(c1 >> 2);out += this.base64EncodeChars.charAt(((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4));out += this.base64EncodeChars.charAt(((c2 & 0xF) << 2) | ((c3 & 0xC0) >> 6));out += this.base64EncodeChars.charAt(c3 & 0x3F);}return out;},/** * base64解码 * @param {Object} str */base64decode(str) {var c1, c2, c3, c4;var i, len, out;len = str.length;i = 0;out = "";while (i < len) {/* c1 */do {c1 = this.base64DecodeChars[str.charCodeAt(i++) & 0xff];}while (i < len && c1 == -1);if (c1 == -1)break;/* c2 */do {c2 = this.base64DecodeChars[str.charCodeAt(i++) & 0xff];}while (i < len && c2 == -1);if (c2 == -1)break;out += String.fromCharCode((c1 << 2) | ((c2 & 0x30) >> 4));/* c3 */do {c3 = str.charCodeAt(i++) & 0xff;if (c3 == 61)return out;c3 = this.base64DecodeChars[c3];}while (i < len && c3 == -1);if (c3 == -1)break;out += String.fromCharCode(((c2 & 0XF) << 4) | ((c3 & 0x3C) >> 2));/* c4 */do {c4 = str.charCodeAt(i++) & 0xff;if (c4 == 61)return out;c4 = this.base64DecodeChars[c4];}while (i < len && c4 == -1);if (c4 == -1)break;out += String.fromCharCode(((c3 & 0x03) << 6) | c4);}return out;},//将Ansi编码的字符串进行Base64编码encode64(input) {var output = "";var chr1, chr2, chr3 = "";var enc1, enc2, enc3, enc4 = "";var i = 0;do {chr1 = input.charCodeAt(i++);chr2 = input.charCodeAt(i++);chr3 = input.charCodeAt(i++);enc1 = chr1 >> 2;enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);enc4 = chr3 & 63;if (isNaN(chr2)) {enc3 = enc4 = 64;} else if (isNaN(chr3)) {enc4 = 64;}output = output + this.keyStr.charAt(enc1) + this.keyStr.charAt(enc2)+ this.keyStr.charAt(enc3) + this.keyStr.charAt(enc4);chr1 = chr2 = chr3 = "";enc1 = enc2 = enc3 = enc4 = "";} while (i < input.length);return output;},//将Base64编码字符串转换成Ansi编码的字符串decode64(input) {var output = "";var chr1, chr2, chr3 = "";var enc1, enc2, enc3, enc4 = "";var i = 0;if (input.length % 4 != 0) {return "";}var base64test = /[^A-Za-z0-9\+\/\=]/g;if (base64test.exec(input)) {return "";}do {enc1 = this.keyStr.indexOf(input.charAt(i++));enc2 = this.keyStr.indexOf(input.charAt(i++));enc3 = this.keyStr.indexOf(input.charAt(i++));enc4 = this.keyStr.indexOf(input.charAt(i++));chr1 = (enc1 << 2) | (enc2 >> 4);chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);chr3 = ((enc3 & 3) << 6) | enc4;output = output + String.fromCharCode(chr1);if (enc3 != 64) {output += String.fromCharCode(chr2);}if (enc4 != 64) {output += String.fromCharCode(chr3);}chr1 = chr2 = chr3 = "";enc1 = enc2 = enc3 = enc4 = "";} while (i < input.length);return output;},utf16to8(str) {var out, i, len, c;out = "";len = str.length;for (i = 0; i < len; i++) {c = str.charCodeAt(i);if ((c >= 0x0001) && (c <= 0x007F)) {out += str.charAt(i);} else if (c > 0x07FF) {out += String.fromCharCode(0xE0 | ((c >> 12) & 0x0F));out += String.fromCharCode(0x80 | ((c >> 6) & 0x3F));out += String.fromCharCode(0x80 | ((c >> 0) & 0x3F));} else {out += String.fromCharCode(0xC0 | ((c >> 6) & 0x1F));out += String.fromCharCode(0x80 | ((c >> 0) & 0x3F));}}return out;},utf8to16(str) {var out, i, len, c;var char2, char3;out = "";len = str.length;i = 0;while (i < len) {c = str.charCodeAt(i++);switch (c >> 4) {case 0: case 1: case 2: case 3: case 4: case 5: case 6: case 7:// 0xxxxxxxout += str.charAt(i - 1);break;case 12: case 13:// 110x xxxx   10xx xxxxchar2 = str.charCodeAt(i++);out += String.fromCharCode(((c & 0x1F) << 6) | (char2 & 0x3F));break;case 14:// 1110 xxxx  10xx xxxx  10xx xxxxchar2 = str.charCodeAt(i++);char3 = str.charCodeAt(i++);out += String.fromCharCode(((c & 0x0F) << 12) |((char2 & 0x3F) << 6) |((char3 & 0x3F) << 0));break;}}return out;}
}function _0x1ce9a6(_0x5cd53e) {for (var _0x1823fa = a.base64decode(_0x5cd53e), _0x2d7ae1 = new Int8Array(_0x1823fa['length']), _0x589139 = 0x0; _0x589139 < _0x1823fa['length']; _0x589139++)_0x2d7ae1[_0x589139] = _0x1823fa['charCodeAt'](_0x589139);return _0x2d7ae1;
}function _0x4c8bf9(_0x519912) {for (var _0x116147 = [-0x6f, 0x34, 0x5b, 0x41, -0x41, 0x74, 0x77, 0x6a, -0x79, -0x52, -0x5, 0x50, 0x33, 0x61, 0x44, -0x53, -0x70, -0x33, 0x17, -0x2e, -0x22, -0x72, -0x37, -0xb, -0x7f, 0x5a, 0x21, 0x16, -0x1f, 0x32, -0x11, 0x14, -0x2c, 0xf, -0x5e, -0x7b, 0x76, -0x17, -0x3d, 0x72, 0x47, -0x68, -0x7e, -0x75, -0x51, -0x36, -0x12, -0x6e, -0x4, -0x5f, -0x5b, 0x5e, -0x50, -0xe, 0x78, 0x69, 0x55, 0x68, -0x56, -0x6c, 0x43, 0x19, 0x65, 0x6c, 0x10, -0x69, 0x6f, -0xa, 0x75, -0x49, 0x4d, 0x59, -0x1d, -0x62, -0x44, 0x70, 0x6b, -0x1, 0x56, 0x79, 0x58, -0x65, -0x7c, 0x45, -0x1e, -0x8, -0x71, -0x4a, -0x76, 0x39, -0x19, 0xc, -0x73, -0x6a, 0x5f, 0x7f, 0x54, 0x7c, -0x66, -0x1c, 0x49, 0x2b, -0x3c, 0x1c, 0x2e, 0x73, 0x1e, 0x7a, -0x4b, 0x7d, -0x43, -0x4d, 0x3, -0x7, -0x35, -0xd, 0x35, 0x4e, -0x48, 0x1, 0xb, -0x47, -0x27, -0x4f, -0x3, 0x13, 0x29, 0x7e, -0x2b, -0x7d, -0x1b, 0x22, 0x3f, 0x8, 0x48, -0x23, -0x29, -0x3f, 0x3c, -0x18, 0x66, 0x2f, -0x77, -0x67, -0x16, 0x2d, 0x3b, 0x40, -0x60, 0x31, 0x53, -0x6b, -0x78, -0x39, -0x46, 0x0, -0x26, -0x54, -0x28, 0x18, 0xe, 0x30, 0x1d, 0x2c, -0x24, -0x2f, 0x38, -0x5c, 0x26, 0x25, 0x4, -0x32, 0x67, 0xa, -0x59, 0x37, 0x71, -0x1a, 0x6e, 0x36, 0x24, -0x14, -0x4e, -0xc, -0x74, 0x46, -0x25, 0x5, -0x3e, -0x4c, -0x30, -0x40, 0x4f, 0x64, 0x28, 0x6, -0x3a, -0x5a, -0x13, -0x9, 0x27, 0x5d, -0x63, 0x15, 0x7, 0x1a, -0x2, 0x1b, -0x2d, 0x51, 0x3a, -0x7a, 0x4c, -0x42, 0x2, 0x5c, -0x2a, 0x62, -0x10, 0x9, 0x3d, 0x3e, -0xf, 0x63, -0x15, 0x1f, -0x38, 0x57, 0x11, -0x34, -0x45, -0x21, -0x3b, -0x55, 0x42, 0x4a, 0x12, -0x5d, -0x80, -0x57, -0x20, 0x2a, 0x20, -0x58, 0x6d, 0x60, 0xd, -0x6, 0x4b, -0x64, -0x31, 0x23, -0x61, 0x52, -0x6d, 0x7b], _0x2cde30 = 0x0, _0x33054d = 0x0, _0x5f5d82 = 0x0, _0x508aee = new Array(), _0x5bafcd = 0x0; _0x5bafcd < _0x519912['length']; _0x5bafcd++) {_0x2cde30 = _0x2cde30 + 0x1 & 0xff,_0x33054d = (0xff & _0x116147[_0x2cde30]) + _0x33054d & 0xff;var _0x58a8df = _0x116147[_0x2cde30];_0x116147[_0x2cde30] = _0x116147[_0x33054d],_0x116147[_0x33054d] = _0x58a8df,_0x5f5d82 = (0xff & _0x116147[_0x2cde30]) + (0xff & _0x116147[_0x33054d]) & 0xff,_0x508aee['push'](_0x519912[_0x5bafcd] ^ _0x116147[_0x5f5d82]);}return _0x508aee;}function _0x3093a6(_0x1e2ea5) {for (var _0x223f55, _0x5c974b, _0x1c0275 = '', _0x40d000 = 0x0; _0x40d000 < _0x1e2ea5['length']; )_0x223f55 = _0x1e2ea5[_0x40d000],_0x5c974b = 0x0,_0x223f55 >>> 0x7 === 0x0 ? (_0x1c0275 += String['fromCharCode'](_0x1e2ea5[_0x40d000]),_0x40d000 += 0x1) : 0xfc === (0xfc & _0x223f55) ? (_0x5c974b = (0x3 & _0x1e2ea5[_0x40d000]) << 0x1e,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x1]) << 0x18,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x2]) << 0x12,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x3]) << 0xc,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x4]) << 0x6,_0x5c974b |= 0x3f & _0x1e2ea5[_0x40d000 + 0x5],_0x1c0275 += String['fromCharCode'](_0x5c974b),_0x40d000 += 0x6) : 0xf8 === (0xf8 & _0x223f55) ? (_0x5c974b = (0x7 & _0x1e2ea5[_0x40d000]) << 0x18,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x1]) << 0x12,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x2]) << 0xc,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x3]) << 0x6,_0x5c974b |= 0x3f & _0x1e2ea5[_0x40d000 + 0x4],_0x1c0275 += String['fromCharCode'](_0x5c974b),_0x40d000 += 0x5) : 0xf0 === (0xf0 & _0x223f55) ? (_0x5c974b = (0xf & _0x1e2ea5[_0x40d000]) << 0x12,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x1]) << 0xc,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x2]) << 0x6,_0x5c974b |= 0x3f & _0x1e2ea5[_0x40d000 + 0x3],_0x1c0275 += String['fromCharCode'](_0x5c974b),_0x40d000 += 0x4) : 0xe0 === (0xe0 & _0x223f55) ? (_0x5c974b = (0x1f & _0x1e2ea5[_0x40d000]) << 0xc,_0x5c974b |= (0x3f & _0x1e2ea5[_0x40d000 + 0x1]) << 0x6,_0x5c974b |= 0x3f & _0x1e2ea5[_0x40d000 + 0x2],_0x1c0275 += String['fromCharCode'](_0x5c974b),_0x40d000 += 0x3) : 0xc0 === (0xc0 & _0x223f55) ? (_0x5c974b = (0x3f & _0x1e2ea5[_0x40d000]) << 0x6,_0x5c974b |= 0x3f & _0x1e2ea5[_0x40d000 + 0x1],_0x1c0275 += String['fromCharCode'](_0x5c974b),_0x40d000 += 0x2) : (_0x1c0275 += String['fromCharCode'](_0x1e2ea5[_0x40d000]),_0x40d000 += 0x1);return _0x1c0275;};function decrypt(data){return _0x3093a6(_0x4c8bf9(_0x1ce9a6(data)))
}

9.python调用结果

*简壁纸 返回数据解密相关推荐

  1. 某小说App返回数据 解密分析

    一.目标 李老板:奋飞呀,最近被隔离在小区里,没啥可干的呀. 奋飞:看小说呀,量大管饱. 我们今天的目标就是某小说App v2021_09_53 二.步骤 搜索url字符串 App请求小说内容的时候没 ...

  2. retrofit 解析百度地图api 返回数据_新版百度地图建筑数据含高度解析

    注:本文中所述内容仅作为研究用途,不包括任何技术细节,不提供数据爬取.非法攻击的咨询和支持.另:百度建筑轮廓数据中存在明显签名式错误,下载使用容易被追求侵权. 矢量瓦片:爬取百度地图必须要了解矢量瓦片 ...

  3. 2021最新某某文书列表参数pageId、ciphertext、__RequestVerificationToken以及接口返回数据result逆向分析(二)

    文章目录 前言 一.抓包分析 二.参数解析 1.参数ciphertext 2.参数__RequestVerificationToken 3.参数pageId 三. result 解析 总结 前言 哦嚯 ...

  4. Android逆向分析案例——某点评APP登陆请求数据解密

    今天,七夕,单身23载的程序汪,默默地写着博客~ 上一次的逆向分析案例中讲了如何去分析某酒店的APP登陆请求,为了进一步学习如何逆向分析以及学习其他公司的网络传输加解密,本次案例将继续就登陆请求的数据 ...

  5. 某电商App 返回数据加密解密分析(四)

    一.目标 最近在抓包某电商App的时候发现一个加密数据,它在做通讯地址请求的时候,请求数据做了加密.返回数据中的地址信息也是密文. 今天我们的目标就是这个数据的加密解密. App版本: v10.3.0 ...

  6. Fiddler修改返回数据教程,亲测有效

    Fiddler修改返回数据教程,亲测有效!!! 1.首先手机连接好代理进行抓包,触发你要改的那个接口,选中它,按alt+F11打断点 这个时候fiddler左下角会出现一个红色图标,如图: 2.重新触 ...

  7. 大道至简:大数据、小数据、量化交易

    大道至简:大数据.小数据.量化交易, 11.23 今天下午在Q群:124134140(zwPython大数据量化交易). 与大家讨论大数据.量化交易, 没想到,晚上就碰到了一只黑天鹅 惯例,QQ讨论直 ...

  8. 记半次元App数据解密记录

    最近发现一个有意思的应用,半次元,这个应用中有很多Cosplay美图,很感兴趣便想试试能否通过抓包分析获取相应的接口,没想到自己实际上已经跳到了一个大大的深坑之中,一起来看下吧. 万里长征第一步:抓包 ...

  9. 乱炖“简书交友”数据之代码(2):关键词抽取、Word2Vec词向量

    继续更新出来本系列的代码:乱炖数据之2700余篇"简书交友"专题文章数据的花式玩法 在乱炖"简书交友"数据之代码(1)一文里,主要涉及结构化数据的分析,文本挖掘 ...

最新文章

  1. 解读2018年诺贝尔化学奖成果:用进化的力量解决化学问题
  2. HTML5绝对定位图片合成,HTML5 绝对定位的问题
  3. PMCAFF微课堂 | SegmentFault联合创始人高阳带你玩转垂直社群
  4. arthas的安装(在线/离线)和卸载
  5. sql索引从入门到精通(十亿行数据测试报告)
  6. AtCoder - arc098_b Xor Sum 2(尺取+位运算)
  7. Java Map集合面试题汇总
  8. 《剑指offer》第二十八题(对称的二叉树)
  9. 使用HighCharts实现实时数据展示
  10. 毕业设计 基于java的贴吧论坛_java毕业设计_springboot框架的论坛贴吧
  11. 随机抽取一名同学回答问题,7/4更新一次
  12. Java开发实习(入职经历)
  13. 和极有家一起玩转智能家居——极有家未来之家合作招募
  14. 【网络爬虫项目】实战知识点 - webcrawler
  15. c语言课程设计会员卡计费系统,会员卡计费系统源代码.doc
  16. 在linux上gc日志详解,JVM Parallel Scavenge GC日志详解
  17. 指数函数----e是什么?
  18. vscode设置背景护眼主题颜色、字体颜色不影响其他主题的颜色
  19. python任务分配问题_【python3】任务分配问题
  20. Java代码安装maven jar_maven安装本地jar到本地仓库(引入第三方jar, maven打包提示程序包不存在)...

热门文章

  1. R语言系统教程(七):数据的分布(含多种图的绘制)
  2. 点击密码input框禁止浏览器弹出已经记录的账号密码
  3. 小米手机能刷鸿蒙系统了!这操作太6了!
  4. 乐观锁和悲观锁全面总结及实际应用介绍
  5. 【GeoServer】发布图层
  6. display:weston:weston-simple-egl: server端
  7. zznuoj 1075 聚餐人数统计
  8. 中国标准时间和年月日 时分秒相互转化
  9. [转]Bram和Dram的区别
  10. java 打劫_【JAVA算法题】职业抢劫