From 10c561758af3aa7d2c9c28f46a5f2ab948c5d04f Mon Sep 17 00:00:00 2001 From: liyf Date: Fri, 2 Dec 2022 16:38:28 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=B8=BA=E6=9C=80=E5=90=8E?= =?UTF-8?q?=E6=9B=B4=E6=96=B0=E4=BA=8E:=202023-03-28=20=E7=8C=8E=E8=81=98?= =?UTF-8?q?=EF=BC=8C=E8=AF=B7=E6=B1=82=E5=A4=B4=E5=8F=82=E6=95=B0X-Fscp-Tr?= =?UTF-8?q?ace-Id?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- liepin/__init__.py | 4 +++ liepin/demo.js | 78 ++++++++++++++++++++++++++++++++++++++++++++++ readme.MD | 1 + 3 files changed, 83 insertions(+) create mode 100644 liepin/__init__.py create mode 100644 liepin/demo.js diff --git a/liepin/__init__.py b/liepin/__init__.py new file mode 100644 index 0000000..1687627 --- /dev/null +++ b/liepin/__init__.py @@ -0,0 +1,4 @@ +# _*_ coding: utf-8 _*_ +# @Date: 4:33 下午 +# @File: __init__.py.py +# @Author: liyf diff --git a/liepin/demo.js b/liepin/demo.js new file mode 100644 index 0000000..f47dd0a --- /dev/null +++ b/liepin/demo.js @@ -0,0 +1,78 @@ +/* +- 控制台全局搜索 `X-Fscp-Trace-Id`,可以定位到在 `common.ee5c9e85.js` 文件中,有该参数的赋值,代码如下: + ```javascript + e.headers["X-Fscp-Trace-Id"] = w() + ``` +- 在该处打上断点,点击下一页,断点生效 +- 进入 w 函数中,发现如下代码 + ```javascript + var w = function(e, t, n) { + var r = (e = e || {}).random || (e.rng || h)(); + if (r[6] = 15 & r[6] | 64, + r[8] = 63 & r[8] | 128, + t) { + n = n || 0; + for (var a = 0; a < 16; ++a) + t[n + a] = r[a]; + return t + } + return x(r) + } + ``` + 最终返回的 `x(r)` 即最终的结果。 + +- x 函数如下: + ```javascript + function x(e) { + var t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : 0 + , + n = (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase(); + return n + } + ``` +- 缺啥补啥,需要注意的是 `new Uint8Array(16)`,参考博客 [js逆向 模拟window.Crypto.getRandomValues](https://blog.csdn.net/Little__Panda/article/details/113566803) +*/ + + +// js逆向 模拟window.Crypto.getRandomValues +function randoms(min, max) { + return Math.floor(Math.random() * (max - min + 1) + min) +} + +function getRandomValues(buf) { + var min = 0, + max = 255; + if (buf instanceof Uint16Array) { + max = 65535; + } else if (buf instanceof Uint32Array) { + max = 4294967295; + } + for (var element in buf) { + buf[element] = randoms(min, max); + } + return buf; +} + +for (var g = [], b = 0; b < 256; ++b) + g.push((b + 256).toString(16).substr(1)); + +function m() { + var p = new Uint8Array(16), r = []; + for (getRandomValues(p), G = 0; G < p.length; ++G) + r.push(p[G]) + return r +} + +function x(e) { + var t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : 0 + , + n = (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase(); + return n +} + +function get_x_fscp_teace_id() { + var r = m(); + return x(r) +} + +console.log(get_x_fscp_teace_id()) diff --git a/readme.MD b/readme.MD index e81334c..6692eb3 100644 --- a/readme.MD +++ b/readme.MD @@ -103,6 +103,7 @@ MyToken | [链接](https://www.mytokencap.com/) | [点击跳转](https://blog 裁判文书响应数据解密 | [链接](https://wenshu.court.gov.cn/website/wenshu/181217BMTKHNT2W0/index.html?pageId=4c80b947ecca9eee0d410a2a65ef5e72&s8=02) | | [cpws](cpws) 搜狐详情页图片地址解密 | [链接](https://www.sohu.com/a/611710835_123753) | [点击跳转](souhu/demo.js) | [souhu](souhu) 黑猫投诉 | [链接](https://tousu.sina.com.cn/company/view/?couid=6384912431) | | [tousu_sign](tousu_sign) +猎聘 | [链接](https://www.liepin.com/zhaopin/?inputFrom=www_index&workYearCode=0&key=&scene=input&ckId=cei1lxwcgvjwp0v613z0tdqvn0ziea1b&dq=) | [点击跳转](liepin/demo.js) | [liepin](liepin) ***