python爬蟲破解帶有CryptoJS的aes加密的反爬機制

時間 2020-05-07

標籤 python 爬蟲破解帶有 cryptojs aes 加密機制欄目 Python 简体版

原文原文鏈接

發現問題

在一次偶然中，在爬取某個公開網站（非商業型網站）時，老方法，打開調試工具查看請求方式，請求攔截，是不是異步加載，不亦樂乎，當我覺得這個網站很是簡單的時候，發現二級網頁的地址和源碼不對應html

Ajax異步加載？源碼也是這樣的前端

並且這些連接直接訪問根本沒法訪問vue

用火狐瀏覽器的event顯示：python

找到加密方式

源碼：jquery

function() { var hh = $(this).attr("href"); if (typeof(hh) == 'undefined' || hh == '#') { return } var aa = hh.split("/"); var aaa = aa.length; var bbb = aa[aaa - 1].split('.'); var ccc = bbb[0]; var cccc = bbb[1]; var r = /^\+?[1-9][0-9]*$/; if (r.test(ccc) && cccc.indexOf('jhtml') != -1) { var srcs = CryptoJS.enc.Utf8.parse(ccc); var k = CryptoJS.enc.Utf8.parse(s); var en = CryptoJS.AES.encrypt(srcs, k, { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); var ddd = en.toString(); ddd = ddd.replace(/\//g, "^"); ddd = ddd.substring(0, ddd.length - 2); var bbbb = ddd + '.' + bbb[1]; aa[aaa - 1] = bbbb; var uuu = ''; for (i = 0; i < aaa; i++) { uuu += aa[i] + '/' } uuu = uuu.substring(0, uuu.length - 1); window.open(uuu) } else { var ee = $(this).attr('target'); if (ee.typeof('undefined')) { window.location = hh } else { window.open(hh) } } return false }

根據個人發現，實現的效果就是讓源碼的連接：c++

http://xxxx.xxxx.xx:80/jssfdg/3254639.jhtml數組

變爲以下連接：瀏覽器

http://xxxx.xxxx.xx:80/jssfdg /JzRnGhk7J9D1ZNMlh47fMw.jhtmlapp

以上代碼縮減了下：dom

就這幾行代碼：

var srcs = CryptoJS.enc.Utf8.parse(ccc); var k = CryptoJS.enc.Utf8.parse(s); var en = CryptoJS.AES.encrypt(srcs, k, { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); var ddd = en.toString(); ddd = ddd.replace(/\//g, "^"); ddd = ddd.substring(0, ddd.length - 2); return ddd

將以上代碼封裝爲一個函數並在瀏覽器的控制檯測試：

大概的意思就是先將那串數字用utf8加密成數組：

再對密鑰操做：

再將上面的兩個數組用aes加密

將用aes加密過的en轉爲字符串：

我渣一看這種字符串像是base64加密

再將帶有/符號的轉爲^，由於在url編碼中，/符號有特殊意義

再將數據後面的[==]分割掉

最後的字符串就是須要的數據了

把這段操做封裝成一個函數，而後測試：

通過測試，沒毛病，返回的這個字符與真實的一致。

臥槽，瞬間激動啦，這還沒完，我是直接在當前網頁的控制檯操做的，換到其餘網頁的控制檯：

須要兩個重要的東西：CryptoJS對象和 s變量

CryptoJS對象都還好，那特麼必定是引入的，s變量就難了，從源碼找，包含s的太多了，並且仍是小寫，關鍵詞太多了

並且S變量是已經定義好的，由於我打開控制檯直接訪問s就能有結果：

因此，那絕對是已定義的，可是我沒法肯定是寫死的仍是隨機生成的，若是按寫死的來，那就難了，因此我必須找到它，它也相當重要，由於就是aes加密須要的密鑰，否則沒法加密出來但願的格式

我找了一上午，還請教了個人前端大佬同事，也是一時不知道怎麼找

最後，我把當天的任務忙完以後，專門騰出兩小時時間來再分析，我一個一個js文件慢慢看：

找到key值

結果，他麼的，放在jquery源碼裏面：

並且，還真的是寫死的

臥槽!!!!!!!!!!!!!!!!!!!!，太nm騷了，放源碼了，按正常人的慣用思惟，像什麼jquery，vue等的源碼，必定是不敢去亂改的，要寫js的話，也不敢去亂搞，都是新建一個js文件寫入，它這個把密鑰寫在jquery源碼裏，簡直反其道而行，我不知道說這個網站的前端開發者是高明仍是奇葩了

好的，兩樣東西都齊了，準備用代碼實現了，在這以前，先了解下什麼是CryptoJS

源碼：

!function(t, n) { "object" == typeof exports ? module.exports = exports = n() : "function" == typeof define && define.amd ? define([], n) : t.CryptoJS = n() } (this, function() { var t = t ||

    function(t, n) { var i = Object.create ||

        function() { function t() {} return function(n) { var i; return t.prototype = n, i = new t, t.prototype = null, i } } (), e = {}, r = e.lib = {}, o = r.Base = function() { return { extend: function(t) { var n = i(this); return t && n.mixIn(t), n.hasOwnProperty("init") && this.init !== n.init || (n.init = function() { n.$super.init.apply(this, arguments) }), n.init.prototype = n, n.$super = this, n }, create: function() { var t = this.extend(); return t.init.apply(t, arguments), t }, init: function() {}, mixIn: function(t) { for (var n in t) t.hasOwnProperty(n) && (this[n] = t[n]); t.hasOwnProperty("toString") && (this.toString = t.toString) }, clone: function() { return this.init.prototype.extend(this) } } } (), s = r.WordArray = o.extend({ init: function(t, i) { t = this.words = t || [], i != n ? this.sigBytes = i: this.sigBytes = 4 * t.length }, toString: function(t) { return (t || c).stringify(this) }, concat: function(t) { var n = this.words, i = t.words, e = this.sigBytes, r = t.sigBytes; if (this.clamp(), e % 4) for (var o = 0; o < r; o++) { var s = i[o >>> 2] >>> 24 - o % 4 * 8 & 255; n[e + o >>> 2] |= s << 24 - (e + o) % 4 * 8 } else for (var o = 0; o < r; o += 4) n[e + o >>> 2] = i[o >>> 2]; return this.sigBytes += r, this }, clamp: function() { var n = this.words, i = this.sigBytes; n[i >>> 2] &= 4294967295 << 32 - i % 4 * 8, n.length = t.ceil(i / 4) }, clone: function() { var t = o.clone.call(this); return t.words = this.words.slice(0), t }, random: function(n) { for (var i, e = [], r = function(n) { var n = n, i = 987654321, e = 4294967295; return function() { i = 36969 * (65535 & i) + (i >> 16) & e, n = 18e3 * (65535 & n) + (n >> 16) & e; var r = (i << 16) + n & e; return r /= 4294967296,
 r += .5, r * (t.random() > .5 ? 1 : -1) } }, o = 0; o < n; o += 4) { var a = r(4294967296 * (i || t.random())); i = 987654071 * a(), e.push(4294967296 * a() | 0) } return new s.init(e, n) } }), a = e.enc = {}, c = a.Hex = { stringify: function(t) { for (var n = t.words, i = t.sigBytes, e = [], r = 0; r < i; r++) { var o = n[r >>> 2] >>> 24 - r % 4 * 8 & 255; e.push((o >>> 4).toString(16)), e.push((15 & o).toString(16)) } return e.join("") }, parse: function(t) { for (var n = t.length, i = [], e = 0; e < n; e += 2) i[e >>> 3] |= parseInt(t.substr(e, 2), 16) << 24 - e % 8 * 4; return new s.init(i, n / 2) } }, u = a.Latin1 = { stringify: function(t) { for (var n = t.words, i = t.sigBytes, e = [], r = 0; r < i; r++) { var o = n[r >>> 2] >>> 24 - r % 4 * 8 & 255; e.push(String.fromCharCode(o)) } return e.join("") }, parse: function(t) { for (var n = t.length, i = [], e = 0; e < n; e++) i[e >>> 2] |= (255 & t.charCodeAt(e)) << 24 - e % 4 * 8; return new s.init(i, n) } }, f = a.Utf8 = { stringify: function(t) { try { return decodeURIComponent(escape(u.stringify(t))) } catch(t) { throw new Error("Malformed UTF-8 data") } }, parse: function(t) { return u.parse(unescape(encodeURIComponent(t))) } }, h = r.BufferedBlockAlgorithm = o.extend({ reset: function() { this._data = new s.init, this._nDataBytes = 0 }, _append: function(t) { "string" == typeof t && (t = f.parse(t)), this._data.concat(t), this._nDataBytes += t.sigBytes }, _process: function(n) { var i = this._data, e = i.words, r = i.sigBytes, o = this.blockSize, a = 4 * o, c = r / a; c = n ? t.ceil(c) : t.max((0 | c) - this._minBufferSize, 0); var u = c * o, f = t.min(4 * u, r); if (u) { for (var h = 0; h < u; h += o) this._doProcessBlock(e, h); var p = e.splice(0, u); i.sigBytes -= f } return new s.init(p, f) }, clone: function() { var t = o.clone.call(this); return t._data = this._data.clone(), t }, _minBufferSize: 0 }), p = (r.Hasher = h.extend({ cfg: o.extend(), init: function(t) { this.cfg = this.cfg.extend(t), this.reset() }, reset: function() { h.reset.call(this), this._doReset() }, update: function(t) { return this._append(t), this._process(), this }, finalize: function(t) { t && this._append(t); var n = this._doFinalize(); return n }, blockSize: 16, _createHelper: function(t) { return function(n, i) { return new t.init(i).finalize(n) } }, _createHmacHelper: function(t) { return function(n, i) { return new p.HMAC.init(t, i).finalize(n) } } }), e.algo = {}); return e } (Math); return t }); //# sourceMappingURL=core.min.js.map

!

function(e, t, i) { "object" == typeof exports ? module.exports = exports = t(require("./core.min"), require("./sha1.min"), require("./hmac.min")) : "function" == typeof define && define.amd ? define(["./core.min", "./sha1.min", "./hmac.min"], t) : t(e.CryptoJS) } (this, function(e) { return function() { var t = e, i = t.lib, r = i.Base, n = i.WordArray, o = t.algo, a = o.MD5, c = o.EvpKDF = r.extend({ cfg: r.extend({ keySize: 4, hasher: a, iterations: 1 }), init: function(e) { this.cfg = this.cfg.extend(e) }, compute: function(e, t) { for (var i = this.cfg, r = i.hasher.create(), o = n.create(), a = o.words, c = i.keySize, f = i.iterations; a.length < c;) { s && r.update(s); var s = r.update(e).finalize(t); r.reset(); for (var u = 1; u < f; u++) s = r.finalize(s), r.reset(); o.concat(s) } return o.sigBytes = 4 * c, o } }); t.EvpKDF = function(e, t, i) { return c.create(i).compute(e, t) } } (), e.EvpKDF }); //# sourceMappingURL=evpkdf.min.js.map

!

function(r, e) { "object" == typeof exports ? module.exports = exports = e(require("./core.min")) : "function" == typeof define && define.amd ? define(["./core.min"], e) : e(r.CryptoJS) } (this, function(r) { return function() { function e(r, e, t) { for (var n = [], i = 0, o = 0; o < e; o++) if (o % 4) { var f = t[r.charCodeAt(o - 1)] << o % 4 * 2, c = t[r.charCodeAt(o)] >>> 6 - o % 4 * 2; n[i >>> 2] |= (f | c) << 24 - i % 4 * 8, i++ } return a.create(n, i) } var t = r, n = t.lib, a = n.WordArray, i = t.enc; i.Base64 = { stringify: function(r) { var e = r.words, t = r.sigBytes, n = this._map; r.clamp(); for (var a = [], i = 0; i < t; i += 3) for (var o = e[i >>> 2] >>> 24 - i % 4 * 8 & 255, f = e[i + 1 >>> 2] >>> 24 - (i + 1) % 4 * 8 & 255, c = e[i + 2 >>> 2] >>> 24 - (i + 2) % 4 * 8 & 255, s = o << 16 | f << 8 | c, h = 0; h < 4 && i + .75 * h < t; h++) a.push(n.charAt(s >>> 6 * (3 - h) & 63)); var p = n.charAt(64); if (p) for (; a.length % 4;) a.push(p); return a.join("") }, parse: function(r) { var t = r.length, n = this._map, a = this._reverseMap; if (!a) { a = this._reverseMap = []; for (var i = 0; i < n.length; i++) a[n.charCodeAt(i)] = i } var o = n.charAt(64); if (o) { var f = r.indexOf(o); f !== -1 && (t = f) } return e(r, t, a) }, _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" } } (), r.enc.Base64 }); //# sourceMappingURL=enc-base64.min.js.map

!

function(e, t, r) { "object" == typeof exports ? module.exports = exports = t(require("./core.min"), require("./evpkdf.min")) : "function" == typeof define && define.amd ? define(["./core.min", "./evpkdf.min"], t) : t(e.CryptoJS) } (this, function(e) { e.lib.Cipher ||

    function(t) { var r = e, i = r.lib, n = i.Base, c = i.WordArray, o = i.BufferedBlockAlgorithm, s = r.enc, a = (s.Utf8, s.Base64), f = r.algo, p = f.EvpKDF, d = i.Cipher = o.extend({ cfg: n.extend(), createEncryptor: function(e, t) { return this.create(this._ENC_XFORM_MODE, e, t) }, createDecryptor: function(e, t) { return this.create(this._DEC_XFORM_MODE, e, t) }, init: function(e, t, r) { this.cfg = this.cfg.extend(r), this._xformMode = e, this._key = t, this.reset() }, reset: function() { o.reset.call(this), this._doReset() }, process: function(e) { return this._append(e), this._process() }, finalize: function(e) { e && this._append(e); var t = this._doFinalize(); return t }, keySize: 4, ivSize: 4, _ENC_XFORM_MODE: 1, _DEC_XFORM_MODE: 2, _createHelper: function() { function e(e) { return "string" == typeof e ? B: x } return function(t) { return { encrypt: function(r, i, n) { return e(i).encrypt(t, r, i, n) }, decrypt: function(r, i, n) { return e(i).decrypt(t, r, i, n) } } } } () }), h = (i.StreamCipher = d.extend({ _doFinalize: function() { var e = this._process(!0); return e }, blockSize: 1 }), r.mode = {}), u = i.BlockCipherMode = n.extend({ createEncryptor: function(e, t) { return this.Encryptor.create(e, t) }, createDecryptor: function(e, t) { return this.Decryptor.create(e, t) }, init: function(e, t) { this._cipher = e, this._iv = t } }), l = h.CBC = function() { function e(e, r, i) { var n = this._iv; if (n) { var c = n; this._iv = t } else var c = this._prevBlock; for (var o = 0; o < i; o++) e[r + o] ^= c[o] } var r = u.extend(); return r.Encryptor = r.extend({ processBlock: function(t, r) { var i = this._cipher, n = i.blockSize; e.call(this, t, r, n), i.encryptBlock(t, r), this._prevBlock = t.slice(r, r + n) } }), r.Decryptor = r.extend({ processBlock: function(t, r) { var i = this._cipher, n = i.blockSize, c = t.slice(r, r + n); i.decryptBlock(t, r), e.call(this, t, r, n), this._prevBlock = c } }), r } (), _ = r.pad = {}, v = _.Pkcs7 = { pad: function(e, t) { for (var r = 4 * t, i = r - e.sigBytes % r, n = i << 24 | i << 16 | i << 8 | i, o = [], s = 0; s < i; s += 4) o.push(n); var a = c.create(o, i); e.concat(a) }, unpad: function(e) { var t = 255 & e.words[e.sigBytes - 1 >>> 2]; e.sigBytes -= t } }, y = (i.BlockCipher = d.extend({ cfg: d.cfg.extend({ mode: l, padding: v }), reset: function() { d.reset.call(this); var e = this.cfg, t = e.iv, r = e.mode; if (this._xformMode == this._ENC_XFORM_MODE) var i = r.createEncryptor; else { var i = r.createDecryptor; this._minBufferSize = 1 } this._mode && this._mode.__creator == i ? this._mode.init(this, t && t.words) : (this._mode = i.call(r, this, t && t.words), this._mode.__creator = i) }, _doProcessBlock: function(e, t) { this._mode.processBlock(e, t) }, _doFinalize: function() { var e = this.cfg.padding; if (this._xformMode == this._ENC_XFORM_MODE) { e.pad(this._data, this.blockSize); var t = this._process(!0) } else { var t = this._process(!0); e.unpad(t) } return t }, blockSize: 4 }), i.CipherParams = n.extend({ init: function(e) { this.mixIn(e) }, toString: function(e) { return (e || this.formatter).stringify(this) } })), m = r.format = {}, k = m.OpenSSL = { stringify: function(e) { var t = e.ciphertext, r = e.salt; if (r) var i = c.create([1398893684, 1701076831]).concat(r).concat(t); else var i = t; return i.toString(a) }, parse: function(e) { var t = a.parse(e), r = t.words; if (1398893684 == r[0] && 1701076831 == r[1]) { var i = c.create(r.slice(2, 4)); r.splice(0, 4), t.sigBytes -= 16 } return y.create({ ciphertext: t, salt: i }) } }, x = i.SerializableCipher = n.extend({ cfg: n.extend({ format: k }), encrypt: function(e, t, r, i) { i = this.cfg.extend(i); var n = e.createEncryptor(r, i), c = n.finalize(t), o = n.cfg; return y.create({ ciphertext: c, key: r, iv: o.iv, algorithm: e, mode: o.mode, padding: o.padding, blockSize: e.blockSize, formatter: i.format }) }, decrypt: function(e, t, r, i) { i = this.cfg.extend(i), t = this._parse(t, i.format); var n = e.createDecryptor(r, i).finalize(t.ciphertext); return n }, _parse: function(e, t) { return "string" == typeof e ? t.parse(e, this) : e } }), g = r.kdf = {}, S = g.OpenSSL = { execute: function(e, t, r, i) { i || (i = c.random(8)); var n = p.create({ keySize: t + r }).compute(e, i), o = c.create(n.words.slice(t), 4 * r); return n.sigBytes = 4 * t, y.create({ key: n, iv: o, salt: i }) } }, B = i.PasswordBasedCipher = x.extend({ cfg: x.cfg.extend({ kdf: S }), encrypt: function(e, t, r, i) { i = this.cfg.extend(i); var n = i.kdf.execute(r, e.keySize, e.ivSize); i.iv = n.iv; var c = x.encrypt.call(this, e, t, n.key, i); return c.mixIn(n), c }, decrypt: function(e, t, r, i) { i = this.cfg.extend(i), t = this._parse(t, i.format); var n = i.kdf.execute(r, e.keySize, e.ivSize, t.salt); i.iv = n.iv; var c = x.decrypt.call(this, e, t, n.key, i); return c } }) } () }); //# sourceMappingURL=cipher-core.min.js.map

!

function(e, i) { "object" == typeof exports ? module.exports = exports = i(require("./core.min")) : "function" == typeof define && define.amd ? define(["./core.min"], i) : i(e.CryptoJS) } (this, function(e) { !

    function() { var i = e, t = i.lib, n = t.Base, s = i.enc, r = s.Utf8, o = i.algo; o.HMAC = n.extend({ init: function(e, i) { e = this._hasher = new e.init, "string" == typeof i && (i = r.parse(i)); var t = e.blockSize, n = 4 * t; i.sigBytes > n && (i = e.finalize(i)), i.clamp(); for (var s = this._oKey = i.clone(), o = this._iKey = i.clone(), a = s.words, f = o.words, c = 0; c < t; c++) a[c] ^= 1549556828, f[c] ^= 909522486; s.sigBytes = o.sigBytes = n, this.reset() }, reset: function() { var e = this._hasher; e.reset(), e.update(this._iKey) }, update: function(e) { return this._hasher.update(e), this }, finalize: function(e) { var i = this._hasher, t = i.finalize(e); i.reset(); var n = i.finalize(this._oKey.clone().concat(t)); return n } }) } () }); //# sourceMappingURL=hmac.min.js.map

!

function(e, o, r) { "object" == typeof exports ? module.exports = exports = o(require("./core.min"), require("./cipher-core.min")) : "function" == typeof define && define.amd ? define(["./core.min", "./cipher-core.min"], o) : o(e.CryptoJS) } (this, function(e) { return e.mode.ECB = function() { var o = e.lib.BlockCipherMode.extend(); return o.Encryptor = o.extend({ processBlock: function(e, o) { this._cipher.encryptBlock(e, o) } }), o.Decryptor = o.extend({ processBlock: function(e, o) { this._cipher.decryptBlock(e, o) } }), o } (), e.mode.ECB }); //# sourceMappingURL=mode-ecb.min.js.map

!

function(e, r, i) { "object" == typeof exports ? module.exports = exports = r(require("./core.min"), require("./cipher-core.min")) : "function" == typeof define && define.amd ? define(["./core.min", "./cipher-core.min"], r) : r(e.CryptoJS) } (this, function(e) { return e.pad.Pkcs7 }); eval(function(p, a, c, k, e, d) { e = function(c) { return (c < a ? "": e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36)) }; if (!''.replace(/^/, String)) { while (c--) d[e(c)] = k[c] || e(c); k = [function(e) { return d[e] }]; e = function() { return '\\w+' }; c = 1; }; while (c--) if (k[c]) p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c]); return p; } ('$(E(){$("a").Q(E(){3 6=$(A).x("N");f(z(6)==\'y\'||6==\'#\'){q}3 7=6.p("/");3 c=7.e;3 b=7[c-1].p(\'.\');3 d=b[0];3 n=b[1];3 r=/^\\+?[1-9][0-9]*$/;f(r.F(d)&&n.G(\'I\')!=-1){3 u=8.m.l.v(d);3 k=8.m.l.v(s);3 w=8.H.J(u,k,{t:8.t.K,T:8.U.S});3 4=w.V();4=4.R(/\\//g,"^");4=4.D(0,4.e-2);3 o=4+\'.\'+b[1];7[c-1]=o;3 5=\'\';L(i=0;i<c;i++){5+=7[i]+\'/\'}5=5.D(0,5.e-1);h.j(5)}C{3 B=$(A).x(\'P\');f(B.z(\'y\')){h.O=6}C{h.j(6)}}q M})});', 58, 58, '|||var|ddd|uuu|hh|aa|CryptoJS|||bbb|aaa|ccc|length|if||window||open||Utf8|enc|cccc|bbbb|split|return|||mode|srcs|parse|en|attr|undefined|typeof|this|ee|else|substring|function|test|indexOf|AES|jhtml|encrypt|ECB|for|false|href|location|target|click|replace|Pkcs7|padding|pad|toString'.split('|'), 0, {})); //# sourceMappingURL=pad-pkcs7.min.js.map

!

function(e, r, i) { "object" == typeof exports ? module.exports = exports = r(require("./core.min"), require("./enc-base64.min"), require("./md5.min"), require("./evpkdf.min"), require("./cipher-core.min")) : "function" == typeof define && define.amd ? define(["./core.min", "./enc-base64.min", "./md5.min", "./evpkdf.min", "./cipher-core.min"], r) : r(e.CryptoJS) } (this, function(e) { return function() { var r = e, i = r.lib, n = i.BlockCipher, o = r.algo, t = [], c = [], s = [], f = [], a = [], d = [], u = [], v = [], h = [], y = []; !

        function() { for (var e = [], r = 0; r < 256; r++) r < 128 ? e[r] = r << 1 : e[r] = r << 1 ^ 283; for (var i = 0, n = 0, r = 0; r < 256; r++) { var o = n ^ n << 1 ^ n << 2 ^ n << 3 ^ n << 4; o = o >>> 8 ^ 255 & o ^ 99, t[i] = o, c[o] = i; var p = e[i], l = e[p], _ = e[l], k = 257 * e[o] ^ 16843008 * o; s[i] = k << 24 | k >>> 8, f[i] = k << 16 | k >>> 16, a[i] = k << 8 | k >>> 24, d[i] = k; var k = 16843009 * _ ^ 65537 * l ^ 257 * p ^ 16843008 * i; u[o] = k << 24 | k >>> 8, v[o] = k << 16 | k >>> 16, h[o] = k << 8 | k >>> 24, y[o] = k, i ? (i = p ^ e[e[e[_ ^ p]]], n ^= e[e[n]]) : i = n = 1 } } (); var p = [0, 1, 2, 4, 8, 16, 32, 64, 128, 27, 54], l = o.AES = n.extend({ _doReset: function() { if (!this._nRounds || this._keyPriorReset !== this._key) { for (var e = this._keyPriorReset = this._key, r = e.words, i = e.sigBytes / 4, n = this._nRounds = i + 6, o = 4 * (n + 1), c = this._keySchedule = [], s = 0; s < o; s++) if (s < i) c[s] = r[s]; else { var f = c[s - 1]; s % i ? i > 6 && s % i == 4 && (f = t[f >>> 24] << 24 | t[f >>> 16 & 255] << 16 | t[f >>> 8 & 255] << 8 | t[255 & f]) : (f = f << 8 | f >>> 24, f = t[f >>> 24] << 24 | t[f >>> 16 & 255] << 16 | t[f >>> 8 & 255] << 8 | t[255 & f], f ^= p[s / i | 0] << 24), c[s] = c[s - i] ^ f } for (var a = this._invKeySchedule = [], d = 0; d < o; d++) { var s = o - d; if (d % 4) var f = c[s]; else var f = c[s - 4]; d < 4 || s <= 4 ? a[d] = f: a[d] = u[t[f >>> 24]] ^ v[t[f >>> 16 & 255]] ^ h[t[f >>> 8 & 255]] ^ y[t[255 & f]] } } }, encryptBlock: function(e, r) { this._doCryptBlock(e, r, this._keySchedule, s, f, a, d, t) }, decryptBlock: function(e, r) { var i = e[r + 1]; e[r + 1] = e[r + 3], e[r + 3] = i, this._doCryptBlock(e, r, this._invKeySchedule, u, v, h, y, c); var i = e[r + 1]; e[r + 1] = e[r + 3], e[r + 3] = i }, _doCryptBlock: function(e, r, i, n, o, t, c, s) { for (var f = this._nRounds, a = e[r] ^ i[0], d = e[r + 1] ^ i[1], u = e[r + 2] ^ i[2], v = e[r + 3] ^ i[3], h = 4, y = 1; y < f; y++) { var p = n[a >>> 24] ^ o[d >>> 16 & 255] ^ t[u >>> 8 & 255] ^ c[255 & v] ^ i[h++], l = n[d >>> 24] ^ o[u >>> 16 & 255] ^ t[v >>> 8 & 255] ^ c[255 & a] ^ i[h++], _ = n[u >>> 24] ^ o[v >>> 16 & 255] ^ t[a >>> 8 & 255] ^ c[255 & d] ^ i[h++], k = n[v >>> 24] ^ o[a >>> 16 & 255] ^ t[d >>> 8 & 255] ^ c[255 & u] ^ i[h++]; a = p, d = l, u = _, v = k } var p = (s[a >>> 24] << 24 | s[d >>> 16 & 255] << 16 | s[u >>> 8 & 255] << 8 | s[255 & v]) ^ i[h++], l = (s[d >>> 24] << 24 | s[u >>> 16 & 255] << 16 | s[v >>> 8 & 255] << 8 | s[255 & a]) ^ i[h++], _ = (s[u >>> 24] << 24 | s[v >>> 16 & 255] << 16 | s[a >>> 8 & 255] << 8 | s[255 & d]) ^ i[h++], k = (s[v >>> 24] << 24 | s[a >>> 16 & 255] << 16 | s[d >>> 8 & 255] << 8 | s[255 & u]) ^ i[h++]; e[r] = p, e[r + 1] = l, e[r + 2] = _, e[r + 3] = k }, keySize: 8 }); r.AES = n._createHelper(l) } (), e.AES }); //# sourceMappingURL=aes.min.js.map

!

function(e, n) { "object" == typeof exports ? module.exports = exports = n(require("./core.min")) : "function" == typeof define && define.amd ? define(["./core.min"], n) : n(e.CryptoJS) } (this, function(e) { return e.enc.Utf8 });

aes加密源碼

源碼看半天看不懂，我高估了我本身，我搜[ccc]找到了剛纔那段加密步驟，找了不少解密方法還沒發解密

這裏強烈推薦火狐瀏覽器，就是他媽的牛逼，用火狐能夠嗅探到js的事件，並且還顯示解密過的js，對的，就是最開始那段代碼，具體往上滑，還能夠看到源碼，以及這段代碼在源碼文件的哪一個位置

那好的，加密過程咱們已經知道了

用python實現加密解密

先選用js2py庫來跑js代碼：

報錯，提示沒有引入CryptoJS對象

將crypo-js的源碼保存到本地js文件裏，放在當前目錄，

引入crypo-js，仍是不行，我傻了，這個須要在當前環境運行的

最後，搞來搞去仍是無法，這條路走不通了，最後網上查了下，仍是有不少人遇到我這樣的問題，而且有的已經解決了的，我開始慢慢找跟個人狀況同樣的，發現python本身有一個加密庫—— Crypto

我研究了半天這個庫，pypi文檔上看了一遍也沒發現個什麼東西，跟我用來解密仍是有些距離

真的無法了嗎？

我想了半天，我以爲我都已經到這一步了，爲何仍是不行，必定有我沒注意到的狀況，最後網上找了不少篇相關的文章，找到以下代碼可行，可是究竟是哪篇文章我已經不知道了，感謝這位老哥，源地址我真找不到了：

from Crypto.Cipher import AES import base64 def add_to_16(s): while len(s) % 16 != 0: s += (16 - len(s) % 16) * chr(16 - len(s) % 16) return str.encode(s)  # 返回bytes


def get_secret_url(text, key='qnbyzzwmdgghmcnm'): aes = AES.new(str.encode(key), AES.MODE_ECB)  # 初始化加密器，本例採用ECB加密模式
    encrypted_text = str(base64.encodebytes(aes.encrypt(add_to_16(text))), encoding='utf8').replace('\n', '')  # 加密
    encrypted_text = encrypted_text.replace('/', "^")  # ddd.replace(/\//g, "^")
    return encrypted_text[:-2] def get_real_url(first_url, key): aa = first_url.split('/') aaa = len(aa) bbb = aa[aaa - 1].split('.') ccc = bbb[0] secret_text = get_secret_url(ccc, key=key) return first_url.replace(ccc, secret_text) url = 'http://xxx.xxxx.xxx.xxx.cn:80/xxxx/938848.jhtml' key = 'qnbyzzwmdgghmcnm'  # 此處問加密key值
url = get_real_url(url, key=key) print(url)