Python中如何解密这种JS代码的思路?
如图
Python中如何解密这种JS代码的思路?
要解密JS代码,通常的思路是分析其加密逻辑并用Python实现对应的解密算法。
首先得搞清楚JS代码用了什么加密方式。常见的有Base64、AES、RSA,或者自定义的混淆算法。你得先找到解密函数,看看它怎么处理数据的。
比如,如果JS里用的是简单的Base64,那Python解密就很简单:
import base64
encoded_data = "aGVsbG8gd29ybGQ="
decoded_data = base64.b64decode(encoded_data).decode('utf-8')
print(decoded_data) # 输出: hello world
如果是AES加密,你得找到密钥和加密模式。比如CBC模式:
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
import base64
def decrypt_aes_cbc(encrypted_data, key, iv):
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = cipher.decrypt(base64.b64decode(encrypted_data))
return unpad(decrypted, AES.block_size).decode('utf-8')
# 示例
key = b'0123456789abcdef' # 16字节密钥
iv = b'abcdef0123456789' # 16字节IV
encrypted = "加密后的Base64字符串"
result = decrypt_aes_cbc(encrypted, key, iv)
对于混淆的JS,可能需要用execjs库直接执行JS代码来解密:
import execjs
# 假设decrypt_func是JS中的解密函数
js_code = """
function decrypt(data) {
// JS解密逻辑
return decryptedData;
}
"""
ctx = execjs.compile(js_code)
result = ctx.call("decrypt", "加密数据")
关键步骤:
- 用浏览器开发者工具下断点,跟踪解密过程
- 找到核心解密函数,分析输入输出
- 在Python中重现代码逻辑或直接调用JS引擎
总结:逆向分析JS逻辑,用Python实现对应解密。
<br>var _0xca1090 = function(_0x1aaf37, _0x29b82e){<br> var _0x4e8b5e = [], _0xadfde5 = 0x0, _0x36ed1d, _0d1b2026 = '', _0x54dfc9 = '';<br> _0x1aaf37 = atob(_0x1aaf37);<br> for( var _0x5aca77 = 0x0, _0x295d15 = _0x1aaf37['length']; _0x5aca77 < _0x295d15; _0x5aca77++){<br> _0x54dfc9 += '%' + ('00' + _0x1aaf37['charCodeAt'](_0x5aca77)['toString'](0x10))['slice'](-0x2);<br> }<br> _0x1aaf37 = decodeURIComponent(_0x54dfc9);<br> for(var _0x4a8ad3 = 0x0; _0x4a8ad3 < 0x100; _0x4a8ad3++){<br> _0x4e8b5e[_0x4a8ad3] = _0x4a8ad3;<br> }<br> for(_0x4a8ad3 = 0x0; _0x4a8ad3 < 0x100; _0x4a8ad3++){<br> _0xadfde5 = (_0xadfde5 + _0x4e8b5e[_0x4a8ad3] + _0x29b82e['charCodeAt'](_0x4a8ad3 % _0x29b82e['length'])) % 0x100;<br> _0x36ed1d = _0x4e8b5e[_0x4a8ad3];<br> _0x4e8b5e[_0x4a8ad3] = _0x4e8b5e[_0xadfde5];<br> _0x4e8b5e[_0xadfde5] = _0x36ed1d;<br> }<br> _0x4a8ad3 = 0x0;<br> _0xadfde5 = 0x0;<br> for(var _0x49d438 = 0x0; _0x49d438 < _0x1aaf37['length']; _0x49d438++){<br> _0x4a8ad3 = (_0x4a8ad3 + 0x1) % 0x100;<br> _0xadfde5 = (_0xadfde5 + _0x4e8b5e['_0x4a8ad3']) % 0x100;<br> _0x36ed1d = _0x4e8b5e[_0x4a8ad3];<br> _0x4e8b5e[_0x4a8ad3] = _0x4e8b5e[_0xadfde5];<br> _0x4e8b5e[_0xadfde5] = _0x36ed1d;<br> _0x1b2026 += String['fromCharCode'](_0x1aaf37['charCodeAt'](_0x49d438) ^ _0x4e8b5e[(_0x4e8b5e[_0x4a8ad3] + _0x4e8b5e[_0xadfde5]) % 0x100]);<br> }<br> return _0x1b2026;<br>}<br><br>var func_1 = function(param_1, param_2){<br> var empty_array = [], start_at = 0, undefined_var, str_1 = '', wait_decode_uri = '';<br> param_1 = atob(param_1); // base64_decode<br> for( var for_i_1 = 0, param_1_length = param_1['length']; for_i_1 < param_1_length; for_i_1++){<br> wait_decode_uri += '%' + ('00' + param_1['charCodeAt'](for_i_1)['toString'](16))['slice'](-2);<br> }<br> param_1 = decodeURIComponent(wait_decode_uri);<br> for(var for_i_2 = 0; for_i_2 < 256; for_i_2++){<br> empty_array[for_i_2] = for_i_2;<br> }<br> for(for_i_2 = 0; for_i_2 < 256; for_i_2++){<br> start_at = (start_at + empty_array[for_i_2] + param_2['charCodeAt'](for_i_2 % param_2['length'])) % 256;<br> undefined_var = empty_array[for_i_2];<br> empty_array[for_i_2] = empty_array[start_at];<br> empty_array[start_at] = undefined_var;<br> }<br> for_i_2 = 0;<br> start_at = 0;<br> for(var for_i_3 = 0; for_i_3 < param_1['length']; for_i_3++){<br> for_i_2 = (for_i_2 + 1) % 256;<br> start_at = (start_at + empty_array[for_i_2]) % 256;<br> undefined_var = empty_array[for_i_2];<br> empty_array[for_i_2] = empty_array[start_at];<br> empty_array[start_at] = undefined_var;<br> return_value += String['fromCharCode'](param_1['charCodeAt'](for_i_3) ^ empty_array[(empty_array[for_i_2] + empty_array[start_at]) % 256]);<br> }<br> return return_value;<br>}<br>
你的代码不全,而且,粘贴代码不是比传到图床再粘贴更简单么
ocr 出来缺太多了
问你要代码还需要等,几分钟自己敲好了。。。。
先把 16 进制的换了
再查找替换变量名
