修改为最后更新于: 2023-03-28

猎聘，请求头参数X-Fscp-Trace-Id
starsink-d · Dec 2, 2022 · 10c5617 · 10c5617
1 parent 45361b9
commit 10c5617
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 0 deletions.
diff --git a/liepin/__init__.py b/liepin/__init__.py
@@ -0,0 +1,4 @@
+# _*_ coding: utf-8 _*_
+# @Date:  4:33 下午
+# @File: __init__.py.py
+# @Author: liyf
diff --git a/liepin/demo.js b/liepin/demo.js
@@ -0,0 +1,78 @@
+/*
+- 控制台全局搜索 `X-Fscp-Trace-Id`，可以定位到在 `common.ee5c9e85.js` 文件中，有该参数的赋值，代码如下：
+    ```javascript
+    e.headers["X-Fscp-Trace-Id"] = w()
+    ```
+- 在该处打上断点，点击下一页，断点生效
+- 进入 w 函数中，发现如下代码
+    ```javascript
+    var w = function(e, t, n) {
+        var r = (e = e || {}).random || (e.rng || h)();
+        if (r[6] = 15 & r[6] | 64,
+        r[8] = 63 & r[8] | 128,
+        t) {
+            n = n || 0;
+            for (var a = 0; a < 16; ++a)
+                t[n + a] = r[a];
+            return t
+        }
+        return x(r)
+    }
+    ```
+  最终返回的 `x(r)` 即最终的结果。
+
+- x 函数如下：
+  ```javascript
+    function x(e) {
+        var t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : 0
+            ,
+            n = (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase();
+        return n
+    }
+    ```
+- 缺啥补啥，需要注意的是 `new Uint8Array(16)`，参考博客 [js逆向 模拟window.Crypto.getRandomValues](https://blog.csdn.net/Little__Panda/article/details/113566803)
+*/
+
+
+// js逆向 模拟window.Crypto.getRandomValues
+function randoms(min, max) {
+    return Math.floor(Math.random() * (max - min + 1) + min)
+}
+
+function getRandomValues(buf) {
+    var min = 0,
+        max = 255;
+    if (buf instanceof Uint16Array) {
+        max = 65535;
+    } else if (buf instanceof Uint32Array) {
+        max = 4294967295;
+    }
+    for (var element in buf) {
+        buf[element] = randoms(min, max);
+    }
+    return buf;
+}
+
+for (var g = [], b = 0; b < 256; ++b)
+    g.push((b + 256).toString(16).substr(1));
+
+function m() {
+    var p = new Uint8Array(16), r = [];
+    for (getRandomValues(p), G = 0; G < p.length; ++G)
+        r.push(p[G])
+    return r
+}
+
+function x(e) {
+    var t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : 0
+        ,
+        n = (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase();
+    return n
+}
+
+function get_x_fscp_teace_id() {
+    var r = m();
+    return x(r)
+}
+
+console.log(get_x_fscp_teace_id())
diff --git a/readme.MD b/readme.MD
@@ -103,6 +103,7 @@ MyToken  | [链接](https://www.mytokencap.com/)  |  [点击跳转](https://blog
 裁判文书响应数据解密  |  [链接](https://wenshu.court.gov.cn/website/wenshu/181217BMTKHNT2W0/index.html?pageId=4c80b947ecca9eee0d410a2a65ef5e72&s8=02)  |    |  [cpws](cpws)
 搜狐详情页图片地址解密  |  [链接](https://www.sohu.com/a/611710835_123753)  |  [点击跳转](souhu/demo.js)  |  [souhu](souhu)
 黑猫投诉  |  [链接](https://tousu.sina.com.cn/company/view/?couid=6384912431)  |    |  [tousu_sign](tousu_sign)
+猎聘  |  [链接](https://www.liepin.com/zhaopin/?inputFrom=www_index&workYearCode=0&key=&scene=input&ckId=cei1lxwcgvjwp0v613z0tdqvn0ziea1b&dq=)  |  [点击跳转](liepin/demo.js)  |  [liepin](liepin)
 
 ***