Python crawler advanced | JS necessary reverse | header of a volunteer platform encryption logic analysis

This is the fifth day of my participation in the August More text Challenge. For details, see:August is more challenging

Today’s web site

aHR0cHM6Ly93d3cueW91enkuY24vdHp5L3NlYXJjaC9jb2xsZWdlcy9jb2xsZWdlTGlzdA==

This article is to make fun of the current predicament of various orders, encryption is secondary

In my own case, I found this website in a communication group for paid help.

After detailed discussion, there are many fields to be collected. The price given by the help party is 1K, and if the collection is stable, a little more can be added to the price.

I took a little time to look at it, and the response I got was this

Emmm, has the inner roll come to this?

In the spirit of fun in the group chat two words, received group friends below screenshots

Oh ~

Encryption analysis

The encrypted field is in the Header

Special fields like this, which are usually searchable and are in XHR requests, can also be analyzed using XHR

Retrieve the U-sign directly

Retrieve U-sing synchronously in the retrieved file. There are eight relevant locations, all of which can be broken and then swiped up the page

The possible breakpoints are as follows

Here is an Interceptors

Luckily, there is no XHR breakpoint; parsing the stack is cumbersome with interceptors X

And you can see the logic of the U-sign as follows

 u(e.url, e.data)
Copy the code

It’s obvious that E.url is the REQUESTED API

E.data is the request submission parameter

Now what do we do in this u method

The following logic can be seen in a single step

You don’t have to look at the logic in the middle, which is the operation of splicing

Finally, the spliced content is transferred to lower case to the following content

{"keyword":""."provincenames": []."naturetypes": []."edulevel":""."categories": []."features": []."pageindex": 7,"pagesize": 20."sort":7}&9sasji5owng41irkisvtjhlxhmrysrp1
Copy the code

This content goes through the o method and results in a string of 32 bits.

I want you to be sensitive to strings of fixed length like 16 or 32

Direct bubble encryption station, you can get the following results

Compared with the page encryption results

So the O method here is the MD5 hash algorithm

Well, that’s all for this article. See you next time