91卡卷逆向
CreatedUpdated
南极洲
91卡卷逆向
妃爱目标网站:aHR0cHM6Ly9hY2NvdW50LmFnaXNvLmNvbS8=
最近在学ast解混淆(‘之前被某些站的各种混淆恶心到了…..’)
看视频时正好碰到这个网站准备练下手
解一半发现没混淆,想着来都来了,就把他逆完了,记录一下…
看了一下包,不出意外应该是rsa
偷个懒直接搜一下关键词,(准备hook stringify的 但不知道为啥没出数据。。。。)
发送请求后发现pw不是熟悉的e1083e,看了一下还是32位,应该是加盐后的md5
接着往上找初次加密位置
到这就很清晰了,用hi()试了一下又是熟悉的e1083e,_.$0就是盐值
拿到公钥后基本就可以还原加密代码了
pd md5加密值,ts时间戳,剩下那个是固定值
const CryptoJS = require('crypto-js');
_={}
_.$0='Dum6SKK%jb'
function Br(J) {
return CryptoJS.MD5("".concat(_.$0).concat(J).concat(_.$0)).toString()
}
pw=Br('1234567')
const crypto = require('crypto');
const base64PublicKey = `
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJY8fxeyyPIizBMHHXZcDDfyF9qLgSjt2aUjSKTI/awupe+YhSOOsRW1uTRYJTar8g8eK1KB+aDRXe7/+LCeMnk96ykpGiUZheqz/eRtPq6gZVNrcq/QplMuHZvOK4nh064zhlh6dH8pJBNtSn047JWk0v7hneHyTt0QBL5Y0YYv/DzCu3SdM3oP0Xo0heXaNm0M6/WJmZjL1pcBfcnJL2ydzocyuhbb5+nrlDdLvjrYjSoWdXxpAbaJtC69iuup8F8CPrPh6uzeD13q/rmHTWJj2Azd8ea+5MDQQ50kPbob3PSr6DsixmzFUSZFoeyiGBWCE6Y2hLRApAAkNwElsQIDAQAB
`.replace(/\s+/g, '');
const publicKeyPem = `-----BEGIN PUBLIC KEY-----\n${base64PublicKey}\n-----END PUBLIC KEY-----`;
const ts = Date.now();
const visitorId = "bb82afb48847e0512115567623f9bd4c";
const je = {
password: pw,
timestamp: ts,
visitorId: visitorId
};
const jsonString = JSON.stringify(je);
try {
const encrypted = crypto.publicEncrypt(
{
key: publicKeyPem,
padding: crypto.constants.RSA_PKCS1_PADDING || 1,
},
Buffer.from(jsonString)
);
console.log("Encrypted (Base64):", encrypted.toString("base64"));
} catch (error) {
console.error("Encryption error:", error.message);
}
|
