逆向案例十五——简单webpack,酷我音乐参数加密

完整代码:

javascript 复制代码
var yangxin;
window = global;
!function(e) {
    function n(data) {
        for (var n, t, c = data[0], l = data[1], f = data[2], i = 0, m = []; i < c.length; i++)
            t = c[i],
            Object.prototype.hasOwnProperty.call(o, t) && o[t] && m.push(o[t][0]),
            o[t] = 0;
        for (n in l)
            Object.prototype.hasOwnProperty.call(l, n) && (e[n] = l[n]);
        for (h && h(data); m.length; )
            m.shift()();
        return d.push.apply(d, f || []),
        r()
    }
    function r() {
        for (var e, i = 0; i < d.length; i++) {
            for (var n = d[i], r = !0, t = 1; t < n.length; t++) {
                var l = n[t];
                0 !== o[l] && (r = !1)
            }
            r && (d.splice(i--, 1),
            e = c(c.s = n[0]))
        }
        return e
    }
    var t = {}
      , o = {
        32: 0
    }
      , d = [];
    function c(n) {
        console.log(n)
        if (t[n])
            return t[n].exports;
        var r = t[n] = {
            i: n,
            l: !1,
            exports: {}
        };
        return e[n].call(r.exports, r, r.exports, c),
        r.l = !0,
        r.exports
    }
    c.e = function(e) {
        var n = []
          , r = o[e];
        if (0 !== r)
            if (r)
                n.push(r[2]);
            else {
                var t = new Promise((function(n, t) {
                    r = o[e] = [n, t]
                }
                ));
                n.push(r[2] = t);
                var d, script = document.createElement("script");
                script.charset = "utf-8",
                script.timeout = 120,
                c.nc && script.setAttribute("nonce", c.nc),
                script.src = function(e) {
                    return c.p + "" + ({
                        0: "commons/5b7f9e1d",
                        1: "vendors/f2d66b02",
                        2: "vendors/0f68e262",
                        5: "pages/album_detail/_index",
                        6: "pages/blackshark/index",
                        7: "pages/callback",
                        8: "pages/down/index",
                        9: "pages/downtingshu/index",
                        10: "pages/index",
                        11: "pages/logout/index",
                        12: "pages/musician/index",
                        13: "pages/musician/page",
                        14: "pages/mvplay/_index",
                        15: "pages/mvs/index",
                        16: "pages/play_detail/_index",
                        17: "pages/playlist_detail/_index",
                        18: "pages/playlists/index",
                        19: "pages/rankList/index",
                        20: "pages/search",
                        21: "pages/search/album",
                        22: "pages/search/list",
                        23: "pages/search/mv",
                        24: "pages/search/playlist",
                        25: "pages/search/singers",
                        26: "pages/singer_detail/_index",
                        27: "pages/singer_detail/index/album",
                        28: "pages/singer_detail/index/index",
                        29: "pages/singer_detail/index/info",
                        30: "pages/singer_detail/index/mv",
                        31: "pages/singers/index"
                    }[e] || e) + "." + {
                        0: "ef73991",
                        1: "98688b5",
                        2: "d916427",
                        5: "d002f84",
                        6: "cea87dd",
                        7: "ca61a17",
                        8: "7b70d55",
                        9: "f7fbbe2",
                        10: "9ea80c2",
                        11: "21c7805",
                        12: "4d659d0",
                        13: "0d3d4f1",
                        14: "7d675ec",
                        15: "60cff3a",
                        16: "7376d49",
                        17: "f7f3904",
                        18: "89c9054",
                        19: "5d582f0",
                        20: "42e9a82",
                        21: "b7f4adf",
                        22: "9d4a88d",
                        23: "73730b8",
                        24: "2b98591",
                        25: "8f164de",
                        26: "32393da",
                        27: "8eec705",
                        28: "4798c76",
                        29: "8f7afed",
                        30: "7bcccc2",
                        31: "c41a169"
                    }[e] + ".js"
                }(e);
                var l = new Error;
                d = function(n) {
                    script.onerror = script.onload = null,
                    clearTimeout(f);
                    var r = o[e];
                    if (0 !== r) {
                        if (r) {
                            var t = n && ("load" === n.type ? "missing" : n.type)
                              , d = n && n.target && n.target.src;
                            l.message = "Loading chunk " + e + " failed.\n(" + t + ": " + d + ")",
                            l.name = "ChunkLoadError",
                            l.type = t,
                            l.request = d,
                            r[1](l)
                        }
                        o[e] = void 0
                    }
                }
                ;
                var f = setTimeout((function() {
                    d({
                        type: "timeout",
                        target: script
                    })
                }
                ), 12e4);
                script.onerror = script.onload = d,
                document.head.appendChild(script)
            }
        return Promise.all(n)
    }
    ,
    c.m = e,
    c.c = t,
    c.d = function(e, n, r) {
        c.o(e, n) || Object.defineProperty(e, n, {
            enumerable: !0,
            get: r
        })
    }
    ,
    c.r = function(e) {
        "undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, {
            value: "Module"
        }),
        Object.defineProperty(e, "__esModule", {
            value: !0
        })
    }
    ,
    c.t = function(e, n) {
        if (1 & n && (e = c(e)),
        8 & n)
            return e;
        if (4 & n && "object" == typeof e && e && e.__esModule)
            return e;
        var r = Object.create(null);
        if (c.r(r),
        Object.defineProperty(r, "default", {
            enumerable: !0,
            value: e
        }),
        2 & n && "string" != typeof e)
            for (var t in e)
                c.d(r, t, function(n) {
                    return e[n]
                }
                .bind(null, t));
        return r
    }
    ,
    c.n = function(e) {
        var n = e && e.__esModule ? function() {
            return e.default
        }
        : function() {
            return e
        }
        ;
        return c.d(n, "a", n),
        n
    }
    ,
    c.o = function(object, e) {
        return Object.prototype.hasOwnProperty.call(object, e)
    }
    ,
    c.p = "https://h5static.kuwo.cn/www/kw-www/",
    c.oe = function(e) {
        throw console.error(e),
        e
    }
    ;
    var l = window.webpackJsonp = window.webpackJsonp || []
      , f = l.push.bind(l);
    l.push = n,
    l = l.slice();
    for (var i = 0; i < l.length; i++)
        n(l[i]);
    var h = f;
    r()
    yangxin =c;
}({
    "110": function(t, e, n) {
    var r, o, l = n(145), c = n(146), d = 0, h = 0;
    t.exports = function(t, e, n) {
        var i = e && n || 0
          , b = e || []
          , f = (t = t || {}).node || r
          , v = void 0 !== t.clockseq ? t.clockseq : o;
        if (null == f || null == v) {
            var m = l();
            null == f && (f = r = [1 | m[0], m[1], m[2], m[3], m[4], m[5]]),
            null == v && (v = o = 16383 & (m[6] << 8 | m[7]))
        }
        var y = void 0 !== t.msecs ? t.msecs : (new Date).getTime()
          , w = void 0 !== t.nsecs ? t.nsecs : h + 1
          , dt = y - d + (w - h) / 1e4;
        if (dt < 0 && void 0 === t.clockseq && (v = v + 1 & 16383),
        (dt < 0 || y > d) && void 0 === t.nsecs && (w = 0),
        w >= 1e4)
            throw new Error("uuid.v1(): Can't create more than 10M uuids/sec");
        d = y,
        h = w,
        o = v;
        var x = (1e4 * (268435455 & (y += 122192928e5)) + w) % 4294967296;
        b[i++] = x >>> 24 & 255,
        b[i++] = x >>> 16 & 255,
        b[i++] = x >>> 8 & 255,
        b[i++] = 255 & x;
        var A = y / 4294967296 * 1e4 & 268435455;
        b[i++] = A >>> 8 & 255,
        b[i++] = 255 & A,
        b[i++] = A >>> 24 & 15 | 16,
        b[i++] = A >>> 16 & 255,
        b[i++] = v >>> 8 | 128,
        b[i++] = 255 & v;
        for (var _ = 0; _ < 6; ++_)
            b[i + _] = f[_];
        return e || c(b)
    }
},
    "145": function(t, e) {
    var n = "undefined" != typeof crypto && crypto.getRandomValues && crypto.getRandomValues.bind(crypto) || "undefined" != typeof msCrypto && "function" == typeof window.msCrypto.getRandomValues && msCrypto.getRandomValues.bind(msCrypto);
    if (n) {
        var r = new Uint8Array(16);
        t.exports = function() {
            return n(r),
            r
        }
    } else {
        var o = new Array(16);
        t.exports = function() {
            for (var t, i = 0; i < 16; i++)
                0 == (3 & i) && (t = 4294967296 * Math.random()),
                o[i] = t >>> ((3 & i) << 3) & 255;
            return o
        }
    }
},
    "146": function(t, e) {
    for (var n = [], i = 0; i < 256; ++i)
        n[i] = (i + 256).toString(16).substr(1);
    t.exports = function(t, e) {
        var i = e || 0
          , r = n;
        return [r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]]].join("")
    }
},
});

var l = yangxin(110)
      , c = yangxin.n(l)
var repid = c()()
console.log(repid)

结果展现:

酷我音乐网址:酷我音乐排行榜_在线试听_下载_酷我音乐高品质无损音乐

爬取排行榜歌曲,发现repid参数有加密。

下方参数搜索,定位到repid所在的js文件,打上断点,刷新页面。

加密参数为n,而n=c()(),进入c,发现是一个列表形式的webpack,下方列表中没有函数。

webpack的技巧:把加载器 抠出来,然后导出入口函数,然后补缺失函数

复制整个自执行函数,声明一个全局变量yangxin,在加载器末尾,用全局变量接收加载器c。

如何判断哪一个是加载器 ,为什么是令yangxin = c是因为有许多c.e,c.n的东西

代码:

javascript 复制代码
var yangxin;
window = global;
!function(e) {
    function n(data) {
        for (var n, t, c = data[0], l = data[1], f = data[2], i = 0, m = []; i < c.length; i++)
            t = c[i],
            Object.prototype.hasOwnProperty.call(o, t) && o[t] && m.push(o[t][0]),
            o[t] = 0;
        for (n in l)
            Object.prototype.hasOwnProperty.call(l, n) && (e[n] = l[n]);
        for (h && h(data); m.length; )
            m.shift()();
        return d.push.apply(d, f || []),
        r()
    }
    function r() {
        for (var e, i = 0; i < d.length; i++) {
            for (var n = d[i], r = !0, t = 1; t < n.length; t++) {
                var l = n[t];
                0 !== o[l] && (r = !1)
            }
            r && (d.splice(i--, 1),
            e = c(c.s = n[0]))
        }
        return e
    }
    var t = {}
      , o = {
        32: 0
    }
      , d = [];
    function c(n) {
        console.log(n)
        if (t[n])
            return t[n].exports;
        var r = t[n] = {
            i: n,
            l: !1,
            exports: {}
        };
        return e[n].call(r.exports, r, r.exports, c),
        r.l = !0,
        r.exports
    }
    c.e = function(e) {
        var n = []
          , r = o[e];
        if (0 !== r)
            if (r)
                n.push(r[2]);
            else {
                var t = new Promise((function(n, t) {
                    r = o[e] = [n, t]
                }
                ));
                n.push(r[2] = t);
                var d, script = document.createElement("script");
                script.charset = "utf-8",
                script.timeout = 120,
                c.nc && script.setAttribute("nonce", c.nc),
                script.src = function(e) {
                    return c.p + "" + ({
                        0: "commons/5b7f9e1d",
                        1: "vendors/f2d66b02",
                        2: "vendors/0f68e262",
                        5: "pages/album_detail/_index",
                        6: "pages/blackshark/index",
                        7: "pages/callback",
                        8: "pages/down/index",
                        9: "pages/downtingshu/index",
                        10: "pages/index",
                        11: "pages/logout/index",
                        12: "pages/musician/index",
                        13: "pages/musician/page",
                        14: "pages/mvplay/_index",
                        15: "pages/mvs/index",
                        16: "pages/play_detail/_index",
                        17: "pages/playlist_detail/_index",
                        18: "pages/playlists/index",
                        19: "pages/rankList/index",
                        20: "pages/search",
                        21: "pages/search/album",
                        22: "pages/search/list",
                        23: "pages/search/mv",
                        24: "pages/search/playlist",
                        25: "pages/search/singers",
                        26: "pages/singer_detail/_index",
                        27: "pages/singer_detail/index/album",
                        28: "pages/singer_detail/index/index",
                        29: "pages/singer_detail/index/info",
                        30: "pages/singer_detail/index/mv",
                        31: "pages/singers/index"
                    }[e] || e) + "." + {
                        0: "ef73991",
                        1: "98688b5",
                        2: "d916427",
                        5: "d002f84",
                        6: "cea87dd",
                        7: "ca61a17",
                        8: "7b70d55",
                        9: "f7fbbe2",
                        10: "9ea80c2",
                        11: "21c7805",
                        12: "4d659d0",
                        13: "0d3d4f1",
                        14: "7d675ec",
                        15: "60cff3a",
                        16: "7376d49",
                        17: "f7f3904",
                        18: "89c9054",
                        19: "5d582f0",
                        20: "42e9a82",
                        21: "b7f4adf",
                        22: "9d4a88d",
                        23: "73730b8",
                        24: "2b98591",
                        25: "8f164de",
                        26: "32393da",
                        27: "8eec705",
                        28: "4798c76",
                        29: "8f7afed",
                        30: "7bcccc2",
                        31: "c41a169"
                    }[e] + ".js"
                }(e);
                var l = new Error;
                d = function(n) {
                    script.onerror = script.onload = null,
                    clearTimeout(f);
                    var r = o[e];
                    if (0 !== r) {
                        if (r) {
                            var t = n && ("load" === n.type ? "missing" : n.type)
                              , d = n && n.target && n.target.src;
                            l.message = "Loading chunk " + e + " failed.\n(" + t + ": " + d + ")",
                            l.name = "ChunkLoadError",
                            l.type = t,
                            l.request = d,
                            r[1](l)
                        }
                        o[e] = void 0
                    }
                }
                ;
                var f = setTimeout((function() {
                    d({
                        type: "timeout",
                        target: script
                    })
                }
                ), 12e4);
                script.onerror = script.onload = d,
                document.head.appendChild(script)
            }
        return Promise.all(n)
    }
    ,
    c.m = e,
    c.c = t,
    c.d = function(e, n, r) {
        c.o(e, n) || Object.defineProperty(e, n, {
            enumerable: !0,
            get: r
        })
    }
    ,
    c.r = function(e) {
        "undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, {
            value: "Module"
        }),
        Object.defineProperty(e, "__esModule", {
            value: !0
        })
    }
    ,
    c.t = function(e, n) {
        if (1 & n && (e = c(e)),
        8 & n)
            return e;
        if (4 & n && "object" == typeof e && e && e.__esModule)
            return e;
        var r = Object.create(null);
        if (c.r(r),
        Object.defineProperty(r, "default", {
            enumerable: !0,
            value: e
        }),
        2 & n && "string" != typeof e)
            for (var t in e)
                c.d(r, t, function(n) {
                    return e[n]
                }
                .bind(null, t));
        return r
    }
    ,
    c.n = function(e) {
        var n = e && e.__esModule ? function() {
            return e.default
        }
        : function() {
            return e
        }
        ;
        return c.d(n, "a", n),
        n
    }
    ,
    c.o = function(object, e) {
        return Object.prototype.hasOwnProperty.call(object, e)
    }
    ,
    c.p = "https://h5static.kuwo.cn/www/kw-www/",
    c.oe = function(e) {
        throw console.error(e),
        e
    }
    ;
    var l = window.webpackJsonp = window.webpackJsonp || []
      , f = l.push.bind(l);
    l.push = n,
    l = l.slice();
    for (var i = 0; i < l.length; i++)
        n(l[i]);
    var h = f;
    r()
    yangxin =c;
}({
//     "110": function(t, e, n) {
//     var r, o, l = n(145), c = n(146), d = 0, h = 0;
//     t.exports = function(t, e, n) {
//         var i = e && n || 0
//           , b = e || []
//           , f = (t = t || {}).node || r
//           , v = void 0 !== t.clockseq ? t.clockseq : o;
//         if (null == f || null == v) {
//             var m = l();
//             null == f && (f = r = [1 | m[0], m[1], m[2], m[3], m[4], m[5]]),
//             null == v && (v = o = 16383 & (m[6] << 8 | m[7]))
//         }
//         var y = void 0 !== t.msecs ? t.msecs : (new Date).getTime()
//           , w = void 0 !== t.nsecs ? t.nsecs : h + 1
//           , dt = y - d + (w - h) / 1e4;
//         if (dt < 0 && void 0 === t.clockseq && (v = v + 1 & 16383),
//         (dt < 0 || y > d) && void 0 === t.nsecs && (w = 0),
//         w >= 1e4)
//             throw new Error("uuid.v1(): Can't create more than 10M uuids/sec");
//         d = y,
//         h = w,
//         o = v;
//         var x = (1e4 * (268435455 & (y += 122192928e5)) + w) % 4294967296;
//         b[i++] = x >>> 24 & 255,
//         b[i++] = x >>> 16 & 255,
//         b[i++] = x >>> 8 & 255,
//         b[i++] = 255 & x;
//         var A = y / 4294967296 * 1e4 & 268435455;
//         b[i++] = A >>> 8 & 255,
//         b[i++] = 255 & A,
//         b[i++] = A >>> 24 & 15 | 16,
//         b[i++] = A >>> 16 & 255,
//         b[i++] = v >>> 8 | 128,
//         b[i++] = 255 & v;
//         for (var _ = 0; _ < 6; ++_)
//             b[i + _] = f[_];
//         return e || c(b)
//     }
// },
//     "145": function(t, e) {
//     var n = "undefined" != typeof crypto && crypto.getRandomValues && crypto.getRandomValues.bind(crypto) || "undefined" != typeof msCrypto && "function" == typeof window.msCrypto.getRandomValues && msCrypto.getRandomValues.bind(msCrypto);
//     if (n) {
//         var r = new Uint8Array(16);
//         t.exports = function() {
//             return n(r),
//             r
//         }
//     } else {
//         var o = new Array(16);
//         t.exports = function() {
//             for (var t, i = 0; i < 16; i++)
//                 0 == (3 & i) && (t = 4294967296 * Math.random()),
//                 o[i] = t >>> ((3 & i) << 3) & 255;
//             return o
//         }
//     }
// },
//     "146": function(t, e) {
//     for (var n = [], i = 0; i < 256; ++i)
//         n[i] = (i + 256).toString(16).substr(1);
//     t.exports = function(t, e) {
//         var i = e || 0
//           , r = n;
//         return [r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], "-", r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]], r[t[i++]]].join("")
//     }
// },
});

// var l = yangxin(110)
//       , c = yangxin.n(l)
// var repid = c()()
console.log(yangxin)

加了两行代码

javascript 复制代码
var yangxin
yangxin=c
window = global;//将window声明为全局变量

此时打印yangxin,可以发现已经出现加载器函数。

再回到最开始js文件,分析代码,在断点的前面有定义c,打上断点,分析下面的代码。

第一个n是加载器所在的函数,也就是yangxin,但是现在加载器中是缺少模块的,是一个空列表,在这里加一个console.log(n),可以判断缺少多少模块的函数。

c(n)中的n是某个模块的序号 ,继续补全代码

因为现在断点的位置,在浏览器中,n就是自执行函数,可以直接在控制面板打出来函数,然后定位函数位置去复制函数,然后改写成字典格式的对象模块。

缺少啥复制啥,最后成功得到加密参数。

相关推荐
长风清留扬18 分钟前
小程序毕业设计-音乐播放器+源码(可播放)下载即用
javascript·小程序·毕业设计·课程设计·毕设·音乐播放器
m0_7482478032 分钟前
Flutter Intl包使用指南:实现国际化和本地化
前端·javascript·flutter
数据小爬虫@1 小时前
如何高效利用Python爬虫按关键字搜索苏宁商品
开发语言·爬虫·python
ZJ_.1 小时前
WPSJS:让 WPS 办公与 JavaScript 完美联动
开发语言·前端·javascript·vscode·ecmascript·wps
joan_852 小时前
layui表格templet图片渲染--模板字符串和字符串拼接
前端·javascript·layui
袁袁袁袁满2 小时前
100天精通Python(爬虫篇)——第113天:‌爬虫基础模块之urllib详细教程大全
开发语言·爬虫·python·网络爬虫·爬虫实战·urllib·urllib模块教程
还是大剑师兰特2 小时前
什么是尾调用,使用尾调用有什么好处?
javascript·大剑师·尾调用
Watermelo6172 小时前
详解js柯里化原理及用法,探究柯里化在Redux Selector 的场景模拟、构建复杂的数据流管道、优化深度嵌套函数中的精妙应用
开发语言·前端·javascript·算法·数据挖掘·数据分析·ecmascript
LucianaiB4 小时前
探索CSDN博客数据:使用Python爬虫技术
开发语言·爬虫·python
一个处女座的程序猿O(∩_∩)O4 小时前
小型 Vue 项目,该不该用 Pinia 、Vuex呢?
前端·javascript·vue.js