pdd登录分析(一)
作者:互联网
某日玩果园上瘾,于是打算做个自动浇水的软件。绕了一大圈,卡在了登录,登录上有个screen_token,这个值的作用对报文的校验。搜索相关文章,大部分是直接复制其源码,引入必要库,直接调用。参考地址:
https://blog.csdn.net/qq_41668369/article/details/105577538
https://blog.csdn.net/qq_31795679/article/details/102701533
https://blog.csdn.net/juedi999/article/details/102585144
https://blog.csdn.net/qq_39802740/article/details/104912052
这显而易见不符合我的作风。那就开始吧。
首先搜索关键字screen_token,然后找到其加密return t = e.sent,n = t.messagePack(),
然后会跟到function Ae() 这个函数。
function Ae() { var e, t = {}; t[p("0xde", "tGHt")] = function(e) { return e() } , t[p("0xdf", "g!0p")] = p("0xe0", "kYKn"), t[p("0xe1", "3HI!")] = function(e, t) { return e < t } , t[p("0xe2", "9cg4")] = function(e, t) { return e * t } , t[p("0xe3", "l9X*")] = function(e, t, r) { return e(t, r) } , t[p("0xe4", "]kE!")] = p("0xe5", "2Bha"), t[p("0xe6", "9cg4")] = function(e, t) { return e === t } , t[p("0xe7", "nBw!")] = function(e, t) { return e > t } , t[p("0xe8", "3HI!")] = function(e, t) { return e <= t } , t[p("0xe9", "krTJ")] = function(e, t) { return e - t } , t[p("0xea", "]pQq")] = function(e, t) { return e << t } , t[p("0xeb", "g!0p")] = function(e, t) { return e === t } , t[p("0xec", ")uYb")] = p("0xed", "3zQ4"), t[p("0xee", "9cg4")] = p("0xef", "LYQ!"), t[p("0xf0", "9cg4")] = function(e, t) { return e + t } , t[p("0xf1", "ijT1")] = p("0xf2", "4N]H"), t[p("0xf3", "J7u(")] = p("0xf4", "jvpv"), B = t[p("0xf5", "UnBX")](t[p("0xf6", "jvpv")](Math[A](), 10), 7) ? "" : "N"; var r = [p("0xf7", "g!0p") + B] , n = (e = [])[j].apply(e, [Z ? [][j](t[p("0xf8", "F6r*")](we), ae[r]()) : h[r](), ne[r](), ie[r](), oe[r](), se[r](), ce[r](), ue[r](), he[r](), de[r](), pe[r](), le[r]()].concat(function(e) { if (Array.isArray(e)) { for (var t = 0, r = Array(e.length); t < e.length; t++) r[t] = e[t]; return r } return Array.from(e) }(fe[r]()), [_e[r](), me[r](), ge[r]()])); t[p("0xf9", "3HI!")](setTimeout, (function() { t[p("0xfa", "l*GI")](Ee) } ), 0); for (var a = n[U][_](2)[p("0xfb", "UnBX")](""), i = 0; t[p("0xfc", "I%I8")](a[U], 16); i += 1) a[t[p("0xfd", "Fvsl")]]("0"); a = a[p("0xfe", "l*GI")](""); var o = []; t[p("0xff", "l9X*")](n[U], 0) ? o[W](0, 0) : t[p("0x100", "Ya61")](n[U], 0) && t[p("0x101", "2Bha")](n[U], t[p("0x102", "U0CN")](t[p("0x103", "43d3")](1, 8), 1)) ? o[W](0, n[U]) : t[p("0x104", ")uYb")](n[U], t[p("0x102", "U0CN")](t[p("0x105", "Sdwk")](1, 8), 1)) && o[W](z[m](a[E](0, 8), 2), z[m](a[E](8, 16), 2)), n = [][j]([t[p("0x106", "c6Bq")](B, "N") ? 2 : 1], [1, 0, 0], o, n); var u = s[t[p("0x107", "ui)S")]](n) , d = [][t[p("0x108", "P!c2")]][p("0x109", "dQAO")](u, (function(e) { return String[t[p("0x10a", "b]KU")]](e) } )); return t[p("0x10b", "Fvsl")](t[p("0x10c", "nBw!")], c[t[p("0x10d", "krTJ")]](d[p("0x10e", "B4$K")](""))) }
这段就是代码了,然而有一些混淆,下篇文章,替换其混淆部分。
标签:分析,function,return,登录,blog,csdn,article,net,pdd 来源: https://www.cnblogs.com/kittyajoke/p/13775684.html