-
-
[分享]一篇贴子中的JS脚本混淆
-
发表于: 2021-2-9 10:23
-
昨天无意中看到了论坛内的一篇帖子https://bbs.pediy.com/thread-260318.htm,当然看过的小伙伴不要指望我完成他未竟的事业,毕竟我对这安卓破解不是太在行而且我的老司机APP每日观看最大次数验证也是过不了,哈哈。
那这篇贴子主要目的是因为他在文中提到了一个JS脚本的混淆,我想试着解一下他这个混淆,第二就是分享一个我之前用python写的一个解js混淆的脚本(只有两种格式的JS混淆,算是抛砖引玉了)
原文中的混淆是这样的
一开始的时候我也是蒙的,不管他了索性不如先手动排一下版吧,也许就能发现什么
当我们把这个貌似解密函数排出来之后,发现其有六个参数,之后会发现紧跟着这个函数的就是它的参数。既然解密函数和参数都有了,那就简单了,打开浏览器(这里以windows自带的Edge为例),按下F12进入控制台,随后复制解密函数及其参数,然后再点击运行就能够得到我们想要的结果了。
需要注意的就是加上函数名,别把eval也复制进去,最后再return p 之前打印这个p就是解密之后的脚本。
最后把红色的结果复制下来就行了,然后可以用NotePad++的JSTool插件中的JSFormat进行自动排版即可
最后分享关于其他两种个人比较常遇到的脚本类型和解混淆的py脚本
划红色框框的是我用来拾取混淆特征的,当然如果有兄弟碰到的也是这样的,但是变量名之类的可能有所改动,可以自行在脚本中修改特征,否则会因为不识别而解不了。
另外针对这两种脚本,我输出了其中的网址混淆部位,目的是为了更快的提取特征。
eval(
function (p,a,c,k,e,r) { e=function(c){
return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))
};
if(!''.replace(/^/,String)){
while(c--)
r[e(c)]=k[c]||e(c);
k=[function(e){return r[e]}];
e=function(){
return'\\w+'
};
c=1
};
while(c--)
if(k[c])
p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);
return p
}eval(
function (p,a,c,k,e,r) { e=function(c){
return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))
};
if(!''.replace(/^/,String)){
while(c--)
r[e(c)]=k[c]||e(c);
k=[function(e){return r[e]}];
e=function(){
return'\\w+'
};
c=1
};
while(c--)
if(k[c])
p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);
return p
}jQuery(document).ready(function ($) { var g = false;
var h = "null";
h = UrlParm.parm("auth");
if (!h || h == 'null') {
weui.alert('请前往官网https://SKRMAN.APP更新最新版本')
}
var l;
var m;
var n = 0;
var o = [];
var p = 1;
var q = "null";
var r;
var s;
var t = false;
var u = false;
var v = true;
var w = true;
var x = window.location.host;
if (x.indexOf('skrman.app') > -1 || x.indexOf('SKRMAN.APP') > -1) {
v = true
} else {
v = false
}
$("#card-step-1").show();
$("#card-step-2").hide();
$("#promode-time-offset").hide();
$("#promode-time-button").hide();
$("#promode-copy-button").hide();
$("#promode-channel-select").hide();
let userAgent = navigator.userAgent;
if (userAgent.indexOf('AppleWebKit') > -1 || userAgent.indexOf('iPhone') > -1 || userAgent.indexOf('iPad') > -1) {
g = true;
if (userAgent.indexOf('iPhone OS 4_3_3') > -1 || userAgent.indexOf('SKRAND') > -1 || userAgent.indexOf('iPhone OS 7_0_1') > -1 || userAgent.indexOf('IOS14') > -1) {
g = false
}
}
$('#timeInput').val(getNowFormatDateTime());
var y = setInterval(function () {
timeTask()
}, 50);
$("#professional-button").click(function () {
if (!u) {
u = true;
$("#professional-button").css('color', 'red');
weui.alert("已开启专业模式");
$("#promode-time-offset").show();
$("#basemode-time-offset").hide();
$("#promode-copy-button").show();
$("#promode-time-button").show();
$("#promode-channel-select").show()
} else {
u = false;
$("#professional-button").css('color', 'black');
weui.alert("已关闭专业模式");
$("#promode-time-offset").hide();
$("#basemode-time-offset").show();
$("#promode-copy-button").hide();
$("#promode-time-button").hide();
$("#promode-channel-select").hide()
}
});
function timeTask() {
if (t) {
let now = new Date();
let timeDiff = r.getTime() - now.getTime();
if (timeDiff <= s) {
t = false;
startJump();
$("#time-count").html("开启跳转")
} else {
$("#time-count").html("倒计时:" + timeDiff + "ms")
}
}
}
function queryItem(b) {
if (w) {
w = false
} else {
return
}
n = 0;
o = [];
p = 1;
t = false;
var c = 'https://bmobapi.hb174.top/aed0843961fb06dc/tmallBP?auth=' + h + '&mlink=' + b;
if (v) {
c = 'https://cloud.bmob.cn/aed0843961fb06dc/tmallBP?auth=' + h + '&mlink=' + b
}
$.ajax({
type: "GET",
timeout: 5000,
dataType: 'jsonp',
jsonp: "callback",
jsonpCallback: 'jsonp',
url: c,
success: function (a) {
w = true;
if (a.errcode == 0) {
l = a.data;
reflashControlPad();
$("#card-step-1").hide();
$("#card-step-2").show();
$("#configPad").show();
$("#readyPad").hide()
} else {
if (a.errmsg.indexOf('解析失败') > -1) {
queryItem2(b);
w = true
} else {
weui.alert(a.errmsg)
}
}
},
error: (err, type) => {
queryItem2(b);
w = true
},
})
}
function queryItem2(a) {
n = 0;
o = [];
p = 1;
t = false;
if (a.indexOf('.tb.cn') > -1) {
geiItemId(a)
}
if (a.indexOf('id=') > -1) {
var b = a.split("id=")[1];
getTmallItemStyle(b)
}
}
function geiItemId(d) {
dsBridge.call("networkGet", {
url: d
}, function (a) {
if (a.indexOf('errorjhandler') == 0) {
weui.alert("错误" + a);
return
}
let body = a;
var b = "null";
if (body.indexOf('&id=') > -1) {
var c = body.split("&id=")[1];
b = c.split("&")[0]
} else if (body.indexOf('taobao.com/i') > -1) {
var c = body.split("taobao.com/i")[1];
b = c.split(".htm")[0]
} else if (body.indexOf('tmall.com/i') > -1) {
var c = body.split("tmall.com/i")[1];
b = c.split(".htm")[0]
}
if (b != 'null') {
getTmallItemStyle(b)
} else {
weui.alert("无法解析该淘口令")
}
})
}
function getTmallItemStyle(b) {
let current_token = "654a3a20023319a6dc4c755b151f082b";
let callbackString = "mtopjsonp";
let now = new Date();
let timeStramp = now.getTime() + "";
var c = {
"id": b,
"itemNumId": b,
"itemId": b,
"exParams": {
"id": b
},
"detail_v": "8.0.0",
"utdid": "1"
};
var d = JSON.stringify(c);
d = encodeURIComponent(d);
let preSignStr = current_token + "&" + timeStramp + "&12574478&" + d;
let signStr = hex_md5(preSignStr);
let linkString = "https://h5api.m.taobao.com/h5/mtop.taobao.detail.getdetail/6.0/?" + "jsv=2.5.7&appKey=12574478&t=" + timeStramp + "&sign=" + signStr + "&api=mtop.taobao.detail.getdetail&v=6.0&isSec=0&ecode=0&AntiFlood=true&AntiCreep=true&H5Request=true&ttid=2018@taobao_h5_9.9.9&type=jsonp&dataType=jsonp&" + "data=" + d;
$.ajax({
type: "GET",
timeout: 5000,
dataType: 'jsonp',
jsonp: "callback",
jsonpCallback: callbackString,
url: linkString,
success: function (a) {
try {
let _result = {
item: a.data.item,
skuBase: a.data.skuBase
};
l = _result;
reflashControlPad();
$("#card-step-1").hide();
$("#card-step-2").show();
$("#configPad").show();
$("#readyPad").hide()
} catch (e) {
weui.alert("解析失败")
}
},
error: (err, type) => {
weui.alert(err.statusText + "网络错误,换个网络试试")
},
})
}
function reflashControlPad() {
$("#itemTitle").html(l.item.title);
m = l.item.itemId + "";
var a = '';
var b;
var c = '';
try {
if (l.item.images[0].length > 0) {
b = l.item.images[0];
if (b.indexOf("http") != 0) {
b = "https:" + b
}
console.log(b)
}
} catch (e) {}
try {
for (var i = 0; i < l.skuBase.props.length; i++) {
let current_props = l.skuBase.props[i];
let current_props_name = current_props.name;
let current_props_pid = current_props.pid;
var d = '';
d = " <div class='item' >\n" + " <div class='itemTitle' >" + current_props_name + "</div>\n" + " <select name='select' class='itemSelect' onchange=onChange_Row(" + current_props_pid + ",this.options[this.options.selectedIndex].value)>\n";
for (var j = 0; j < current_props.values.length; j++) {
let current_props_value = current_props.values[j];
let current_props_vid = current_props_value.vid;
var f = "null";
if (current_props_value.image) {
f = "https:" + current_props_value.image
}
let isSelect = false;
if (n == 0 && j == 0) {
if (i == 0 && f != 'null') {
b = f
}
c = c + current_props_name + ":" + current_props_value.name;
let _mprops = {
pid: current_props_pid,
vid: current_props_vid
};
o.push(_mprops)
}
if (n != 0) {
for (var k = 0; k < o.length; k++) {
if (o[k].pid == current_props_pid && o[k].vid == current_props_vid) {
c = c + current_props_name + ":" + current_props_value.name;
isSelect = true;
if (i == 0 && f != 'null') {
b = f
}
}
}
}
if (isSelect) {
d = d + " <option value=" + current_props_vid + " selected = 'selected'>" + current_props_value.name + "</option>"
} else {
d = d + " <option value=" + current_props_vid + ">" + current_props_value.name + "</option>"
}
}
a = a + d + "</select></div>"
}
} catch (e) {
c = '默认'
}
a = a + " <div class='item' >\n" + "<div class='itemTitle' >购买数量(谨慎输入)</div>\n" + "<input name='select' class='itemSelect' onchange=onChange_Count(this.value) value='" + p + "'>";
a = a + "</div>";
$("#itemStylePad").html(a);
c = "[下单确认]" + c + ' 购买数量:' + p;
$("#itemStyle").html(c);
$("#itemPic").attr("src", b);
findSkuId();
$("#tips-content").hide()
}
function findSkuId() {
n = 0;
try {
for (var i = 0; i < l.skuBase.skus.length; i++) {
let _propPath = l.skuBase.skus[i].propPath + ';';
var a = true;
for (var j = 0; j < o.length; j++) {
if (_propPath.indexOf(o[j].pid + ':') == -1 || _propPath.indexOf(o[j].vid + ';') == -1) {
a = false
}
}
if (a) {
n = l.skuBase.skus[i].skuId
}
}
if (n == 0) {
weui.alert("获取skuid出错");
$("#itemStyle").html("获取数据错误")
}
} catch (e) {
console.log("skuId" + "---" + n)
}
};
onChange_Row = function (a, b) {
for (var i = 0; i < o.length; i++) {
if (o[i].pid == a) {
o[i].vid = b
}
}
reflashControlPad()
};
onChange_Count = function (a) {
let _count = parseInt(a);
if (_count > 0 && _count < 1000) {
p = _count;
console.log(p);
reflashControlPad()
}
};
$("#query-button").click(function () {
let _link = $("#link").val();
if (_link.indexOf('.tb.cn') > -1) {
var a = _link.split("http")[1];
a = a.split("?")[0];
a = 'http' + a;
queryItem(a)
} else if (_link.indexOf('id=') > -1) {
var a = _link.split("id=")[1];
a = 'id=' + a;
queryItem(a)
} else {
weui.alert('确保口令内含有https://m.tb.cn')
}
});
$("#promode-time-button").click(function () {
dsBridge.call("networkGet", {
url: "http://api.m.taobao.com/rest/api3.do?api=mtop.common.getTimestamp"
}, function (a) {
try {
let now = new Date();
let data = JSON.parse(a);
let timestamp_tb = data.data.t;
var b = timestamp_tb - now;
var c = 60 - b;
if (b > 0) {
weui.alert('淘宝时间比本地晚了【' + b + 'ms】 , 时间偏移建议提前【' + c + '】(正负值已为您算好,数值仅供参考!实际视设备跳转速度自行调整!)')
} else {
weui.alert('淘宝时间比本地早了【' + (-b) + 'ms】 , 时间偏移建议设置【' + c + '】(正负值已为您算好,数值仅供参考!实际视设备跳转速度自行调整!)')
}
} catch (e) {}
})
});
$("#reset-button").click(function () {
t = false;
$("#card-step-1").show();
$("#card-step-2").hide();
$("#tips-content").show()
});
$("#config-button").click(function () {
let ready_time_str = $("#timeInput").val();
r = new Date(ready_time_str);
r.setSeconds(0);
if (g) {
r.setTime(r.getTime() - (1000 * 60 * 60 * 8))
}
q = "taobao://h5.m.taobao.com/cart/order.html?itemId=" + m + "&_input_charset=utf-8&buyNow=true&v=0&skuId=" + n + "&quantity=" + p;
if (u) {
let _ready_time_offset = parseInt($("#time-offset-input").val());
s = _ready_time_offset;
let buy_channel = $("#channel-select").val();
if (buy_channel == 'bybtqdyh') {
var a = {
"id": m,
"umpChannel": "bybtqdyh",
"u_channel": "bybtqdyh"
};
var b = JSON.stringify(a);
b = encodeURIComponent(b);
q = 'taobao://h5.m.taobao.com/cart/order.html?skuId=' + n + '&quantity=' + p + '&itemId=' + m + '&buyNow=true&exParams=' + b
}
} else {
s = $("#time-offset-select").val()
}
let now = new Date();
let timeDiff = r.getTime() - now.getTime();
if (timeDiff <= s) {
weui.alert("哎呀,开始时间不能比现在早");
return
}
$("#configPad").hide();
$("#readyPad").show();
$("#time-confirm").html("[" + r.toLocaleString() + "(-" + s + "ms)] 自动下单");
t = true
});
$("#buy-button").click(function () {
startJump()
});
$("#promode-copy-button").click(function () {
q = "taobao://h5.m.taobao.com/cart/order.html?itemId=" + m + "&_input_charset=utf-8&buyNow=true&v=0&skuId=" + n + "&quantity=" + p;
copyTxt(q.replace("taobao:", "https:"))
});
function startJump() {
window.location.href = q
}
function copyTxt(a) {
if (typeof document.execCommand !== "function") {
weui.alert(a);
return
}
var b = document.createElement("textarea");
b.value = a;
b.setAttribute('style', 'display: block;width: 1px;height: 1px;');
document.body.appendChild(b);
b.select();
var c = document.execCommand('copy');
document.body.removeChild(b);
if (c) {
weui.alert('BP链接已经复制到剪切板中,请保存好使用【已有BP链接跳转 】');
return
}
if (typeof document.createRange !== "function") {
weui.alert(a);
return
}
var d = document.createRange();
var e = document.createElement('div');
e.innerHTML = a;
e.setAttribute('style', 'height: 1px;fontSize: 1px;overflow: hidden;');
document.body.appendChild(e);
d.selectNode(e);
const selection = window.getSelection();
if (selection.rangeCount > 0) {
selection.removeAllRanges()
}
selection.addRange(d);
document.execCommand('copy');
weui.alert(a)
}
function getNowFormatDateTime() {
let date = new Date();
let seperator1 = "-";
var a = date.getFullYear();
var b = date.getMonth() + 1;
var c = date.getDate();
date.setMinutes(date.getMinutes() + 1);
let hour = date.getHours();
let strMinutes = date.getMinutes();
if (b >= 1 && b <= 9) {
b = "0" + b
}
if (c >= 0 && c <= 9) {
c = "0" + c
}
if (strMinutes >= 0 && strMinutes <= 9) {
strMinutes = "0" + strMinutes
}
var d = a + seperator1 + b + seperator1 + c + 'T' + hour + ':' + strMinutes;
return d
}
})jQuery(document).ready(function ($) { var g = false;
var h = "null";
h = UrlParm.parm("auth");
if (!h || h == 'null') {
weui.alert('请前往官网https://SKRMAN.APP更新最新版本')
}
var l;
var m;
var n = 0;
var o = [];
var p = 1;
var q = "null";
var r;
var s;
var t = false;
var u = false;
var v = true;
var w = true;
var x = window.location.host;
if (x.indexOf('skrman.app') > -1 || x.indexOf('SKRMAN.APP') > -1) {
v = true
} else {
v = false
}
$("#card-step-1").show();
$("#card-step-2").hide();
$("#promode-time-offset").hide();
$("#promode-time-button").hide();
$("#promode-copy-button").hide();
$("#promode-channel-select").hide();
let userAgent = navigator.userAgent;
if (userAgent.indexOf('AppleWebKit') > -1 || userAgent.indexOf('iPhone') > -1 || userAgent.indexOf('iPad') > -1) {
g = true;
if (userAgent.indexOf('iPhone OS 4_3_3') > -1 || userAgent.indexOf('SKRAND') > -1 || userAgent.indexOf('iPhone OS 7_0_1') > -1 || userAgent.indexOf('IOS14') > -1) {
g = false
}
}
$('#timeInput').val(getNowFormatDateTime());
var y = setInterval(function () {
timeTask()
}, 50);
$("#professional-button").click(function () {
if (!u) {
u = true;
$("#professional-button").css('color', 'red');
weui.alert("已开启专业模式");
$("#promode-time-offset").show();
$("#basemode-time-offset").hide();
$("#promode-copy-button").show();
$("#promode-time-button").show();
$("#promode-channel-select").show()
} else {
u = false;
$("#professional-button").css('color', 'black');
weui.alert("已关闭专业模式");
$("#promode-time-offset").hide();
$("#basemode-time-offset").show();
$("#promode-copy-button").hide();
$("#promode-time-button").hide();
$("#promode-channel-select").hide()
}
});
function timeTask() {
if (t) {
let now = new Date();
let timeDiff = r.getTime() - now.getTime();
if (timeDiff <= s) {
t = false;
startJump();
$("#time-count").html("开启跳转")
} else {
$("#time-count").html("倒计时:" + timeDiff + "ms")
}
}
}
function queryItem(b) {
if (w) {
w = false
} else {
return
}
n = 0;
o = [];
p = 1;
t = false;
var c = 'https://bmobapi.hb174.top/aed0843961fb06dc/tmallBP?auth=' + h + '&mlink=' + b;
if (v) {
c = 'https://cloud.bmob.cn/aed0843961fb06dc/tmallBP?auth=' + h + '&mlink=' + b
}
$.ajax({
type: "GET",
timeout: 5000,
dataType: 'jsonp',
jsonp: "callback",
jsonpCallback: 'jsonp',
url: c,
success: function (a) {
w = true;
if (a.errcode == 0) {
l = a.data;
reflashControlPad();
$("#card-step-1").hide();
$("#card-step-2").show();
$("#configPad").show();
$("#readyPad").hide()
} else {
if (a.errmsg.indexOf('解析失败') > -1) {
queryItem2(b);
w = true
} else {
weui.alert(a.errmsg)
}
}
},
error: (err, type) => {
queryItem2(b);
w = true
},
})
}
function queryItem2(a) {
n = 0;
o = [];
p = 1;
t = false;
if (a.indexOf('.tb.cn') > -1) {
geiItemId(a)
}
if (a.indexOf('id=') > -1) {
var b = a.split("id=")[1];
getTmallItemStyle(b)
}
}
function geiItemId(d) {
dsBridge.call("networkGet", {
url: d
}, function (a) {
if (a.indexOf('errorjhandler') == 0) {
weui.alert("错误" + a);
return
}
let body = a;
var b = "null";
if (body.indexOf('&id=') > -1) {
var c = body.split("&id=")[1];
b = c.split("&")[0]
} else if (body.indexOf('taobao.com/i') > -1) {
var c = body.split("taobao.com/i")[1];
b = c.split(".htm")[0]
} else if (body.indexOf('tmall.com/i') > -1) {
var c = body.split("tmall.com/i")[1];
b = c.split(".htm")[0]
}
if (b != 'null') {
getTmallItemStyle(b)
} else {
weui.alert("无法解析该淘口令")
}
})
}
function getTmallItemStyle(b) {
let current_token = "654a3a20023319a6dc4c755b151f082b";
let callbackString = "mtopjsonp";
let now = new Date();
let timeStramp = now.getTime() + "";
var c = {
"id": b,
"itemNumId": b,
"itemId": b,
"exParams": {
"id": b
},
"detail_v": "8.0.0",
"utdid": "1"
};
var d = JSON.stringify(c);
d = encodeURIComponent(d);
let preSignStr = current_token + "&" + timeStramp + "&12574478&" + d;
let signStr = hex_md5(preSignStr);
let linkString = "https://h5api.m.taobao.com/h5/mtop.taobao.detail.getdetail/6.0/?" + "jsv=2.5.7&appKey=12574478&t=" + timeStramp + "&sign=" + signStr + "&api=mtop.taobao.detail.getdetail&v=6.0&isSec=0&ecode=0&AntiFlood=true&AntiCreep=true&H5Request=true&ttid=2018@taobao_h5_9.9.9&type=jsonp&dataType=jsonp&" + "data=" + d;
$.ajax({
type: "GET",
timeout: 5000,
dataType: 'jsonp',
jsonp: "callback",
jsonpCallback: callbackString,
url: linkString,
success: function (a) {
try {
let _result = {
item: a.data.item,
skuBase: a.data.skuBase
};
l = _result;
reflashControlPad();
$("#card-step-1").hide();
$("#card-step-2").show();
$("#configPad").show();
$("#readyPad").hide()
} catch (e) {
weui.alert("解析失败")
}
},
error: (err, type) => {
weui.alert(err.statusText + "网络错误,换个网络试试")
},
})
}
function reflashControlPad() {
$("#itemTitle").html(l.item.title);
m = l.item.itemId + "";
var a = '';
var b;
var c = '';
try {
if (l.item.images[0].length > 0) {
b = l.item.images[0];
if (b.indexOf("http") != 0) {
b = "https:" + b
}
console.log(b)
}
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
