首页 > 编程语言 >某某网站AES算法JS逆向分析(JS逆向第八期)

某某网站AES算法JS逆向分析(JS逆向第八期)

时间:2023-02-02 10:37:28浏览次数:46  
标签:oo 逆向 AES text self iv 参数 key JS

某某网站AES算法JS逆向分析(JS逆向第八期)_2d

    时隔一周,我又回来更新了!本期继续分享JS逆向章节;今天分享的内容是某某网站的Response响应体加密,如果不够细心,甚至都不知道内容从哪里加载生成的。全程高能,在阅读的同时不要忘记点赞+关注!


特别声明:本公众号文章只作为学术研究,不用于其它用途。


鼓励一下

某某网站AES算法JS逆向分析(JS逆向第八期)_bc_02

赞完再看


 目录



①    前言介绍

②    参数分析

③    断点调试

④    算法还原

⑤    总结分享



趣味模块


      小明是一名工程师,有一次他去相亲,正好相亲对象也是一名工程师。两人见面后,女孩递给小明一张纸条,上面的内容是一段经过加密处理后的字符串,小明看得有点懵逼。女孩对小明说,你要能解开这个加密,就能知道我的联系方式,然后女孩留下两条关键信息就走了。小明看着这张纸条,思考了很久,不知道女孩子葫芦里卖的什么瓜!你能帮小明破解这条加密数据吗?



一、前言介绍


      我们在以往的文章中都是提到了如何从Request对象体:data、params、Headers中去还原加密参数。而今天的文章中,你会发现,和之前的套路不一样了,Request的参数都是明文的,而我们无法定位到Response在哪里,遇到这样的问题,该如何解决这类型的问题获取明文信息呢?带着这些疑问耐心看完本篇文章,你就豁然开朗了!



二、参数分析


1、首先打开我们今天要模拟的网站,刷新当前页面,刷新后查看开发者工具如下:


某某网站AES算法JS逆向分析(JS逆向第八期)_3c_03


2、经过分析可以确定该接口即为我们要获取数据的地址,因为翻页时候参数地址会变动,求证如下:


某某网站AES算法JS逆向分析(JS逆向第八期)_2d_04


3、对该接口参数进行分析


request参数分析:

isFake:固定值。

pg:当前页面(第几页)。

pgsz:每页的展示数量。


headers参数分析:

说明:由于headers参数没有重要参数影响,故不作说明。


response响应体分析(图片如下):

某某网站AES算法JS逆向分析(JS逆向第八期)_2d_05


通过分析,我们可以确定response是被加密处理了。如果要还原加密前的值,我们需要进行JS断点调试分析了。



三、断点调试


使用xhr打上断点,当该请求发包的时候,捕获断点如下:

某某网站AES算法JS逆向分析(JS逆向第八期)_2d_06


进入该函数,截取断点片段如下:

某某网站AES算法JS逆向分析(JS逆向第八期)_2d_07


某某网站AES算法JS逆向分析(JS逆向第八期)_bc_08


此时,我们看到参数t.data即为我们想要获取的加密参数,这个地方我们怀疑是做了参数解密处理,进入该函数,截图如下:

某某网站AES算法JS逆向分析(JS逆向第八期)_3c_09


我们先不看函数的逻辑,直接在第823打上断点,执行操作,如下图所示:

某某网站AES算法JS逆向分析(JS逆向第八期)_bc_10


此时的return返回值即为我们想要获取的明文信息,整个流程贯通后,我们只需要对js代码进行还原即可。




四、算法还原


1、JS版本算法还原

/*使用的是AES cbc模式,需要key,iv。加密前对数据转变为16进制字节数组。
/* 对数组进行base64编码,传递给aes进行解密。
var oo = require('crypto-js');
function h(t) {
    var f = oo.enc.Utf8.parse("jo8j9wGw%6HbxfFn")
    var m = oo.enc.Utf8.parse("0123456789ABCDEF");
    var e = oo.enc.Hex.parse(t)
      , n = oo.enc.Base64.stringify(e)
      , a = oo.AES.decrypt(n, f, {
        iv: m,
        mode: oo.mode.CBC,
        padding: oo.pad.Pkcs7
    })
      , r = a.toString(oo.enc.Utf8);
    return r.toString()
}
var result = h("95780ba0943730051dccb5fe3918f9fe6360062598c69818168caf265cf7a8217631bfec9352f2f3fc4b9a7cb476f55fad4517a109b994d5ca76ee4ac5373fdd0c23e942fabcfa683563086d44700889742d63daa303ec2db982dd35bc03a50d4f84808eb6b9b904d562f50c226a8ea619983bc896bfa9a31bbf3de7d29eb52e74bf96dfd10f05ccacd66df14e56927b70d8bf52712d74d1cb6205b9f7f0dd9a98dc70406c4963023266c6814ab73e7b2f95f8fa06f13fc141d3706b5539ba2c8bf3ca7839a74515d05de37e854e00db53048013ed5b657697e8da352093fbd5fd8fe65c36853a524b17da0ddc9136652d398500b0460c0cd21e507e17d5f1ed37e45f6d90c401dbd82ff2efe0278fb556e741deca5920b6cd649f182eec85fc93f8560438efa2ea0170259829420deabdcb7cbaa928aac6d68678a9646c2b72c3c4bd76ae0e98ba6d2ee96d5f4f96d879e665b872127e23588f566b76c8ad4bce8379230d6c078065f7fdeea4b637f7c0cf241bbe59bcb6989ff36c2d9328cfe4e969c664bb6eaeb243c7f13ef437175a4e072bdd1a4db12c12888e95bbfcbf820d0a949b01076a1a9be3735533d74424a1bc25f8850edd4da21147da0b0fe46bcf13a2feed281670178be8d39bd19874881ae97f6512e16c46f4a11f06107c875ae4bd139b3047cfe96d96c331f104834184377a7a6f3b626818dfa0e12f26bd23fd544dbd684ddab3468aa6364ab0c7463f68c7d42be25aad7db7c130ef95c4890cb5abb24abfea3ca57baea9d7c5a2f1c9c4345f2af9ce0e76fee753569c97b684c684d76cc2c05ffa393235afd8704291dea7a6a084a2622c0701abdce1cd99262d4911a6da35b6da6b6e6748152848ec1391261cf10c984b668ca38cad191d4b739f8294b723bbd5b4cf42903cc09ca00c19155cb6a17bc6738d0cb1ade264f27acbb20e0526514373e50b351b9d13b393f8490bef02195899a0ad312390e05a76d0da5a7d60d79d0cd892941204e843cba821aabe034f405d3efb63c7496e638d9311942279550fd465fd150d0ec7ee83bbbc11aab5abf89ebdd8181b13daefd216647d7c3057789e0d65386f803c9a37e51cfc0d89b9c49bf041fe1b0a80c2296f4d0a58a39d052c5e8520af158dca8529bfd9b6bb3b2a39344040f24a63404166d1b797a640de551119ab7027b22913f454503c8dea6f42afcf4a5b1c114c0614ec424b21da8404847f63ee7458176e888cbfce162d775c8b84275be79136a537bb9b181498fefaece500e5ad5083bf4ee45fa757cfe7ad865cc46eca6e508d5c9f8fff1fbbd5e27ace7ce621d768554f8296666717791733c393a33a9483a3f8fe03f3f43c4b3d086768ac7dc884a313a588f4f0b27d6a0e2317f5247de5c2d4d1f81d126dbf4bde099615eb0028c6a45aa9ca1f53ff6328afb19d89816de2322f7d55e69ee13a3da750ec72d7a913ae55380b4887cf4cc4871c9bad1f70e66ea64fc67bedd431d6e3b6dd1fd89aca773bb383fb24733a03a88d5aaaa67112daeebb046fac1478bc6240f2bcf7c77b4c77bbe74263f3f8a6bd2d39e2f3ee26d07925c54c77045d366bd20ca6552ebbdaaeb5849479d26f8ca07652bae73f9654e90905d4b307c8f6483672a6da220f87e5630070194a4d6275e12342a84e5dab6fec5db7ec1b2210fa15e3cdbf6a5adbea7dbf80b99f3f7d715e77f404413eb2a3c810ae0186e9afa778d808549d1dad3bf326046400ba09f002387aaa5bc5ffe6227ca73427c9a2686be2332d53840caa00c0bb2702bb82ca974709855af9d78b4cf1b09102dae5aa50c4096c91dedc8d19244fae4ec763963a24edc41c407b32a30659591afd64235e9dceba3770325cb9728d52142045d8c26262b99b36b31ee1db9104c6856b8766871042bb955b9ccd1aea961b04fcaaf3f81e1c0dba17badbb3a577de6623943b307e03e47e8313cb2ab8251f6bcd7f7ea587f7c3d9f41a83b1d5b29277dcc77c01a5b8a5288d7637fb81ef8e49733bd39f3d2f29cd26302ab63c0fb2b28be7154f383e19647f6bb51b005b1cda40cac6c7c8a23fc33f48d0e04dc8bc42f382fb5e9ceb7e8fdb58aa775a872ae1eb57dc3275966544b031bd9bc94e66fa316caffd64f328900987d599c0f7fd62d8e8a7d142232d895ea0ec6b5dfb19e30db9383dde8827e585ba943db70f4225f9203f99623b6bd4999390d4e6dc35324ccaa0484924ee9071293ac7c5550290017e91c854e339ff0121ac25aa9c8656a5956402c02f5ec2547d7ca454eef98b7ded431a0be16a6a36c7881e965fca4e054b8f56d44fd20459e1d7fdfb21cdbe0c4a27455ee4637c6ddfc041900bb1770624a491dd355fc9f84aacc8de3d1dce0ee87480d765412dc25a72c86c84d8d65d843384ee08204554a21656d1acaa4b17b343441e5247068f9b8435192f89f30536a523f0de0036e0b552c42f4cc0bbe29e86f9883ee80598db5ac80387cdea2114c0d1261cfcb39860031311c0ef03b48d3ccdb37ae91a2f933b65ccb6dd56d4bd17ecb8b163dcee9fdfeac27e10af6a0300726300e8fccd1d19db0648cda6350b45ea1f340d0003b402dd839bcc51174b09bcb257e883c7501620c6e6c88083685d6d44572172ce2e5079f18009205103202d13ee815cb67d7c68cb717d0fdf46ea2735061adbaa5e8d65e91f719b576b7cd07ff7cac323e993182f5c5602623e1ce221e0381234ea58d73dd7cb0842c4f3dd4fbb90a05b0ca269186b836b736116ece36eff3357f90a033ecf8d44aa9d4f60c8573fd24de19a058ed019f853437b3b437bd38b0d0417e3b637edb0c598f9a1061fd42686d942f4a9bd3132b533d1b77b2bc29fc9644866e7b843acdaf13457275ea1a343c664e8d8de47a30cfc71d0c5d47b95217d31b49def9a97bcfeeaeba1be9c575407e0f5043c4d74ef05cf6b6a572eaaadd442ce93c88102d1764dc1b5366e1a5ccaf4be7d3669b40c7ad4332c80ee520e8e1ea9385490eea1265ffc0e2a370febb160ccf3c0706571586be9963f5ec54c0e4eb9b4c36dd3aa22f77418927941087882f9030849c3e831210b3882579717fd6635c38da3c6a267d19588e61355378d0fbeb476395de39440399b479623b6c5954a8d1accfea4495570d143d6943c0129a826456953f2b461d3349810228e9b03b06d4c2733d847cf755dd0960800d034205fc5a22470d82baa02d2904693ff5919c568d934aff71a60bea14e13c390a3ba000868b7c71f1c21af687a70e5df8b3c1300e1eaaeba3062d72054c82a185b232728653a4640ed2337e7225aa2742b2fcfb31b087d0a63dd0a8d3b0d88046d368937ef86f74a902e08dab4901eb882c74e81faa8521b5a929954b42e08e151d761610d3436f51921aa8304efc3e775ef9ef0c96fe90d23494aa12742eb1277a89f29870320afbbe51d5f38c504b141318266645f3eca78ad130bc3c40c30337925b7bb25dbcb4783d67c4b37cadd1bc36bf089705036abaabc61505e3e393f83027f08cf8e7e6fff1bcc6694f3988f3260c6bb3c928124f1b768b5a2325ee59bdf67dc83cee36092ec88853c26875e7d3608a91fab2910b57063a88363e1daeb10b7a8bb651236e25ebad1e9b5b4f167f9ce0580d5da19ca5d1bd41c6c0756c90a85109e5919657be33853ca0e7af4421568b60fc40dd61bdcfa35446e717993fc3c6f0388464756ab0e5bdb21802ee4a848f6e31a890be3731b0e1c69e362e2f47faf9cfd32d0f84c15cea1ce8f7e93468f4763b60b003f77d1b286eda18c841cfa01b1ea1fe48f3b94a64c987676c937ce1d56036f8cffd73eb61aad41d84cb52c6152094ce2c16f084ce8889b85e3865e2669e79450606617e5a96b23e25ac0675d009ff6fd3c5f48c4db52f2e3dc4bcdf8ba9a4387bda8dd7392e5f2148e8dcfc7ae762bb57a2183428baa10252b7b431cfcdec007b2ac6d3efe3e8c05cc05faf3471d810cfa1f01e8685e9b6c251d37b00da78289c7fdabf071e521999979841fab52e4e77f7be721f0b0dbce3e71b0dc6de7b13d81143a53210e72626af27304a8186029ef0beebd662330fd1e34cc1340de85089df1fa00a938787bef2f13ab3444488636a4b261c3e84dddc05b7ce10d4d9e5678b3c8348533ccd48b5514839462455a3d50b3cf1adcf4f45955ccc2c2e7c5187c3729cae0f258f7e904f5c520695036a7eaf4b608b54d03918a418482d6ec3523b4d96b4e2ce1c5e631412dc9ed26223e5e65cd193f9a4f247ee0006fe5fee98e1277d07fb8d9d784dbedeb597065847823e4cb02ee34fdd2508125cf7b13c98604ebf650a4d4040d5cc7b60e41cdbdaceeb7def1ef20bc7cddc92f15f16b5a67f9231aa5f0701152ab830dd7b27f7992e67ef7d0d44c34cd056b0fe4bfab724819af2ee51f8b02c95dbc11ede3389f40c447bc5400d775507f6285f737e33973504adb0c81dda804ba2d2d560781e0262b5da15f0e984021c21515d575ea7376cafe23f69f7b7b14db759ec5fe5c3cfc43fda35d6540526abcf7de5e0c78bcc421b0822dc47c148dd88497868e56352bf2c76995463fce36ec7059cf81ef55df30bc225fa195c52e1e7eb35d4d79d42e3b07985fcbe26920956248f60c3f235cca210beaccfd456bc919706b17d924c9ac49c690a54e410ee8da4930a7395a56a8a3c4c7302b358df11b4398bdcd2a0383054d73610631a17f686c146dafbdbde2f6b220ee2ed2fbb7c008fe0c7178d3d8da4facc93e61e09a5c9951692b989bcb7ca93325b0d4e5ce5cb12b463620bc092e4e9fbfbbfc6c07ed58a01e4b9d6f4b214237e699b9776e1ff2b99b7e56a3fabf7f5605ada724d2045227e90e04d5a8860d4336d789cba492aaa5b233d62cd0cefbeb8512cdfb32cd0203965b1f9654be770287c3277399ed2e86ff693779b2ba42993b897c27258b6f8c0cf8afc61be4ce24ba0e3a4df59501aee52d63ee9add98159b5612b723ec1af141d5ce21c119686472cc7032ec3e60a34a13b2c613f0a90c547abadb3399bc9846ffc6bdba48efc7968912cad51c5523172e7d6069e579ecedd124591873517f99f9a9156bb6fc987f918ecd78b5975934b8c6a41533e583a1c4b90ad7fc31fe028288e414e16deab6355bfba20d8688d1e9af63dd3d73aa0c4c7982d494fe43640dcb7b0a42ae95aabacc44e5694be6a31631667589a15bfa5bc0a5a7f8a6ec24c31b827315b578b1391f60bf16b0088a4132631ef47d8b52301fde3ef81f9511ec28588975ffcb124a8c6565e4b91ad21bed1bba008d41a652363fc2d5fecb0cafd97a9c624f7fe0035d0cec42ca23f806ab75816e0737fd333caeac915f0508c1c36d2ce1d634074735f51ee63cab6652f744f05717a7bc17436144a27d59abda308aeb83b75f53718cd3f75f5f03b8af95bb17b7859e2e86be1570b30c46c8fd9c1c38b8ab3744dadfc9439cd4fa992560e2f72b12ec7a703e3a21e897bda760566a51cf6303300862182a1e55f654c9334c1721925e35b57ac3e90480364e14cd9fa0e19a2a40d773da91213a8168bd247113ee2055fd94874c1a7a93a2a85a8430bbe714a915c564597988988305ac4bf94ea87b77b6cf8a33f420a8c663fec3f8646b30228fa9fa380e4982c42781e175048c0b3b03b32eadb36722a69219f6d21332f1614ee90126c8f5c8945804311244e8b0d8381f34aa39662cd9cdd2cfdd409fa93ea2b4e94555cba0d1a9c81a40276280b12df471eb984cf46c94327287d8bb51469591770d264873c4659623c095f7628aafa1cb7f3d34537eb30292fc1344180efed6dea21a21f3c08c1f678da97804f30a3c9e9438a68fc42b8a3e9804fc786cd30e60ce2297822858fa68c11625c0e9443d2b3f1c0bb5300446e80de8396fdb4ccf53b818d9d3da858e586d73fa3a8da030de7bf5292edc807487632fefbb381403b2c9c86f30a48799adfcd2033e9ae7228de46c7e3b7ee0fe4242468f4f131a2df28e81cb2b6ba4d5005f494ba794a6dc3955435f248cef375dbe059f37813803f7bd64e31bf081acbe14157457d45d554710795321a55772d65f943d0411559769888ddfc159212ea52c34c77208fe36ca445c9883376015b9fb4f7b7d54e124310380d1b4f8d958eabb982d8a91fa6745892f6bc95ec81d6e1f1679eb88a4f3ef1c3aeb58afc55418710a6183608322d5e832a07db4266caf985497f34e656b8d6a057001061f54d7250d7f2f17041a223dd6c25997c6f706d54a114dcf5eca1cd0295139fc5b8bbfbe0f0f6bcf48502b71e2be9b94b888d4543bb56100f0fb7ad61b726429e5fe39e2b9ee2988a91f4407a38971d4516c0d48678039e71a1d7bf44611ac37006b8cb028291c39606866443ec7d7ea4064d8a9e4c41db5891c6f5b8eb39d1830ad541ce7ea79690c7ede226d64af1817ae53a505536d436736acae0c22bf04b3123b5db86b7c1eee5b7a1c482a8181a025a393240d6e15ac3b9f0e6312ddaae0eaf2f0b3584f3e4a3984239493b57905ba8702cf5b01924119a5fc938430dc1e0e18a1ae4ceb50bf5049d3afcb8944046e9f23382fa305ca78c5f52f82391cf519fe032742503162b63deecd84d9882770b3d7d57fc6351bf6705fde18f33decc4be118db88ffd5169e70547ed27ae6ca7c238a1ce56abdc88496abfb04108933fb9b3907a5101c87d32cc34cbd7faa2c4c816d99d0c2b83960581b51ca5c60af62465fb45b0bac9f2ab044c22aa2140dfc67d7f52a32300bd05bae6c5837ed992fba6cd13fa77063c4d5c9a885100c34166f1520ccb3bb0fc9153a082ee1b66559d7f7ba77aad2de29035a40bf47cb8ac3e6da49dde671b3eb277f2dd33b4f0aa3a9c951c3c3d6de1d7e19f429c642f9750a9245044fdb92f27d64a6558669e961919d570330c42834e442fd0ae419edbe9f32c73fd903aafaba317130e22983a9b564cb63940b67f753733e69a7b9925e16832c66e732be32724695bbd9f079936889b9bd56a992b03b000bde64f62d61e244e73c2036384c2104821e2741384588dc52140e4ef93f5160880712338d93049b37efd49e5df66d98f47e4ffbc603e95b5af0a71184e5496e0329d6979af9f4a256e1d07cf79abf066cd1f4c3db31cfea17648c097ad9b15edaadd106d5b6d5996f64197751b7680b41e0676c03e8b32867ae04e8b93b552afb53de4b7061301f85d37e14da4d61d95ffe110285b9b8f4e9459b5723943b29e2e6bd6020a01aa25563cc97ef190121de755c1e288ad21a1a252bb7138dc402cc59c3df33b0bfe7793aaaae7a9e9e4b5975ea8a647974e5878af9414bc60b60cb5eebd8d1932a6efb560abd0458b49c4b5f1b4bcd9e35f1ca0885869c2828d4039654767b9af370315008e0234787f37a87675158617816267ce32f8a4dfb7b0b86943d336d8fa5a6556a6511058b9c20ec71f3124caa9c7fc4cd00c3b6f48016166f16629f32018e278d279506d148c914a3ee118ba03d118600243ddf15661bed7d6ee89d9377ca851e2afb9354600d5baac124eaeedafee623415089759521c45a0989c561a475a9123aa9b4a252fb49407f5161be3df926f50f3f6af6311e7d95196d8af5f6dad5beb78f35fe24739e080bf584eeafff1446fd1fcde22808e764913a0f778e6f9ee7d4eef58a1537106277c0e754d749c25a5c115844ded7fae5cf8635c5cbfe75d35844060731dbd6e94d9acc4bdb51e9f5b6b78ba850dafa5a18150639bfdbe5085a7b53cac71c90ee8dbbd1db4d5d85342c80f28c6a9a8a290824cae329a9d7ef13fbb0bdfa2e5de407745ddcadc39a14bd2191f4e6a0b6460801019ae4086deebbc5b2842f13749214da23f9182e9649676a4e7c6a4b4c04c455fe2ace525e5d7c3e124521dcf17c78c91d3ee190dffd6232fbaf5ee8dfd5931e1014a8f6aad5bfe5d12ff08f1df4b5ec7f5c793587a8a9131fc5da079b46eb08e763247e9fe061d3c3787da35a84dfa77b3d30dada8f758b8374a66f416ddf9145a35ba9dc18a4cca800c17ae16d1c7fca48d9016e5919e2f0c1e95855c70557415011cf0f05f7d02b808f67128abd506d4fc7f97c065c5c869f39e6a8d7b434ea4cf862b85a597fc69967d9b31e678b8b975b2f08143710007380035fa01bfa84f3c7a7dca3e229039ec766555a74c3e128e43c8f932a38bf8bc812c55c95385d07a15f8625bae1c37dac6ea501b5ede14ab7aaf8da4c5ab6b4ac80944e8e7aaffa2a732988c5b672d6a2984a8e94e940c84dbef3872e06f1f234aeb1f470371a8d6e27c5bd511013adeadc913537117042ed6603bca091b34715577165b7b1f39a9042476f94d50c2f6400d5be9ef13d35c49694fa6cd35c713f456adffdd877e6d9cdb922a72e27d9d284b8418cb4b948aa5bcab2e4405e648956e791a8496f791fdc8916d7bb8669a13ea7beeb30390f9c2939b48bfe0d060bda613a7dc8e50415edad9918ac9db1f2d82c7d22dfa1b484ec5c527d541256efaa44eec7084b3bb3628519637a6fbcc0373aafa60ee12a9b20447a3e1dd3612802268d38a8ea4df132cf998927387bd4d2bfab69c3cb3a2ef549f7a260c4c539efd57c7dd6f6595f0068fd9af284bfb52ed38dc7159071f9ed394fb3af2acf3bc88ea2e23447e7c307a9a1307b52f83d7e35069693d03133315b59c2285da9ac7952f819fb84885879b731df79137ee59caef2e3a4b83cf645cca4fbb328ad58a208362d710eef1899513ede16f17806ee49a34f26778ba2b5c054cb704126ede4f57b61bace59b60357ccf136a8e82d72f6e824f68c20297104b83f7a4ee723f820654f488baf7e384f86d697fdba91b272025262cafdbdfa15fc57eaa0e50b232ea7e451696d47ff86421d2580c40e7f48fefa0224d4c16784aa813deee6397a101b265a384194236b0cecedc5270fd36004dc4fa9bfa3b66c3e3b1a1dc295e7fde3a54ee7d16af955e56decc4a8ca126e818a17471db01aeb75b6c45528ceec0120eef623512ce651883842ce5ffdf049738a04f9a80979e97807c66abcf724ee3cd02c99e3af6db9388ad72fb27b4d58a7d6456f28b374e8ae521ec6e1538997c9b386f68ea89c926147d730dd5d56ec5f2a9711667862a29e9dd0333b462ffc204f9979548cafcbe884205cdf2f63e3fe9e5ec2b466ec0302610ae6f326c7cf393077f75f2165b986bfa9dd4036b2229d8c379063737d9986ee6623caa11ea000b56b45a2d75add60e39fdaac33b262c1fbb9a49361b73f5ab27ad447c6500aeb0ca9ffa858a262eb629889ed8c16b6bbb16345d98ee159ffd785264c5aea8e03be7929f5db7804a4dfb27a99668ad72e1dd9fbc1becde179cead93033b815a1f8a7dee477ba856a3af3099e25c37f708188c92746b5e1e7a6bce9ee5d3fac13d670fddf923ed8ceab2d79dd5224e1dfac4e1a2438309af8ebf2a000c0ba206f1110e194c039b083dd1d918a9fa7be81858dd78dd67aaa4ee79424c9a8418ee26435d012e67b5f6ed3c599be0306a4a18150f8b0b035bf954b998065a4b8556c2934eab7acc33480f9f139ba8f6fe975c0dece4d3daf03752fbb069ed6c3ee7363519776acbb5ab7b5f245fa9601241daa70932688331a513dd25cc2f9c978ab203979e10c3b344279d30432ee47215026473c3cab456516c1771f6e5e2aead900589d40dbb2967af17ff250da97ec00f9c8ecd1eff13ed4747d9d988eaa1691e6964c80725444eb71e30b1316a7904380952353ed094ba84381964fc6d5de4654d3bc4b93368b2b7592f0544879f401c91eb8e030695231311444a713b1b963c231c3e6ea7bfa7fba65aec6401300f8e57250236515180d86503519262727d87602e39eb67c3cc2251b1157ad3b8f83507b367358f06aa1670b86520e9fc9e13337bdfdb2fc827b175c26fb45cc5d91ad4371f93e80d7eb51ad65a5a62934ad1065f539473ae745c86f8ee69033175dd7ade286d362a9887c6203127e871900c68a139e9240c1e13d2d65ebc39304728aa74750b4481801ad978127d2e83abd7996bdfd394bce2d326014a9e15f0e04b69453fc3e9611d13b0fc878bd3f523c33af8e0ed84dcf6f24d081056d183114453289aca85856f5d402b116a266bf9099242d76a091bf6bbf594c56d66241a2c22255a6888c741b44c49fb8123e3dbf59a3ae92af9328e128bba37dc5b741302f16c3820b63ffa5525b032636c7ecd78a73f5202560cfd10f8b8111b23e56ecc6c8dd3af255b1844b2864b7d6d1c31ac262c68605088415bdebb54b8e3eeeaec45cf41a38ae30a33ddccb76ba27ff390719064f593e102b5fb6cca94e167cdfa0fee69db5cabb4dd00c54e97cdcd21424eec0d78eee97a8f82106dc26eacc70a77d3e9519c2941fba5814e8bee5561a15dc06d73578d612fe3ec645165c8fdf5f430dc70487a1a08325af494179f04d20ea44550de64a2a92c555b892bbe91945c876c135daa5f009e593d08eb2c09ad6c53291f824bc6a2fa55bb46d53f5d27e9a456e755684245f11139694bdd2247c72a90a97aa2ce424da0d7e298733118eb83e841bf7c29026ad4ee23404968b244c8b0f9d0af0f08f3bab62a045e0ac56a284e1da7d825b9f8b5147529a6ed4dff1e18191ec553f04945e75c66d4b7554727b6455ec1b6ee5fc522a5b88ddccecce807187b34c423831a94a6659e016aa5ded61bfaceeeeacbca61ea44a8c571eb4a8f7c1");
console.log(result)


console打印结果如下:

某某网站AES算法JS逆向分析(JS逆向第八期)_bc_11


2、Python版本算法还原

class AESUtil(object):
    """
    算法:AES
    模式:CBC
    补全算法:PKCS7
    """


    def __init__(self, key: str, iv: str, block_size=AES.block_size):
        self.key = key.encode("utf-8") if (key and isinstance(key, str)) else key
        self.iv = iv.encode("utf-8") if (iv and isinstance(iv, str)) else iv
        self.mode = AES.MODE_CBC
        self.block_size = block_size


    def _unpad(self, text: bytes) -> str:
        return text[:-ord(text[len(text) - 1:])].decode('utf-8')


    def decrypt(self, text: str) -> str:
        text = bytearray.fromhex(text)
        data = base64.b64encode(text)
        _text = base64.b64decode(data)
        cipher = AES.new(self.key, self.mode, self.iv)
        return self._unpad(cipher.decrypt(_text))




if __name__ == '__main__':
    h = "95780ba0943730051dccb5fe3918f9fe6360062598c69818168caf265cf7a8217631bfec9352f2f3fc4b9a7cb476f55fad4517a109b994d5ca76ee4ac5373fdd0c23e942fabcfa683563086d44700889742d63daa303ec2db982dd35bc03a50d4f84808eb6b9b904d562f50c226a8ea619983bc896bfa9a31bbf3de7d29eb52e74bf96dfd10f05ccacd66df14e56927b70d8bf52712d74d1cb6205b9f7f0dd9a98dc70406c4963023266c6814ab73e7b2f95f8fa06f13fc141d3706b5539ba2c8bf3ca7839a74515d05de37e854e00db53048013ed5b657697e8da352093fbd5fd8fe65c36853a524b17da0ddc9136652d398500b0460c0cd21e507e17d5f1ed37e45f6d90c401dbd82ff2efe0278fb556e741deca5920b6cd649f182eec85fc93f8560438efa2ea0170259829420deabdcb7cbaa928aac6d68678a9646c2b72c3c4bd76ae0e98ba6d2ee96d5f4f96d879e665b872127e23588f566b76c8ad4bce8379230d6c078065f7fdeea4b637f7c0cf241bbe59bcb6989ff36c2d9328cfe4e969c664bb6eaeb243c7f13ef437175a4e072bdd1a4db12c12888e95bbfcbf820d0a949b01076a1a9be3735533d74424a1bc25f8850edd4da21147da0b0fe46bcf13a2feed281670178be8d39bd19874881ae97f6512e16c46f4a11f06107c875ae4bd139b3047cfe96d96c331f104834184377a7a6f3b626818dfa0e12f26bd23fd544dbd684ddab3468aa6364ab0c7463f68c7d42be25aad7db7c130ef95c4890cb5abb24abfea3ca57baea9d7c5a2f1c9c4345f2af9ce0e76fee753569c97b684c684d76cc2c05ffa393235afd8704291dea7a6a084a2622c0701abdce1cd99262d4911a6da35b6da6b6e6748152848ec1391261cf10c984b668ca38cad191d4b739f8294b723bbd5b4cf42903cc09ca00c19155cb6a17bc6738d0cb1ade264f27acbb20e0526514373e50b351b9d13b393f8490bef02195899a0ad312390e05a76d0da5a7d60d79d0cd892941204e843cba821aabe034f405d3efb63c7496e638d9311942279550fd465fd150d0ec7ee83bbbc11aab5abf89ebdd8181b13daefd216647d7c3057789e0d65386f803c9a37e51cfc0d89b9c49bf041fe1b0a80c2296f4d0a58a39d052c5e8520af158dca8529bfd9b6bb3b2a39344040f24a63404166d1b797a640de551119ab7027b22913f454503c8dea6f42afcf4a5b1c114c0614ec424b21da8404847f63ee7458176e888cbfce162d775c8b84275be79136a537bb9b181498fefaece500e5ad5083bf4ee45fa757cfe7ad865cc46eca6e508d5c9f8fff1fbbd5e27ace7ce621d768554f8296666717791733c393a33a9483a3f8fe03f3f43c4b3d086768ac7dc884a313a588f4f0b27d6a0e2317f5247de5c2d4d1f81d126dbf4bde099615eb0028c6a45aa9ca1f53ff6328afb19d89816de2322f7d55e69ee13a3da750ec72d7a913ae55380b4887cf4cc4871c9bad1f70e66ea64fc67bedd431d6e3b6dd1fd89aca773bb383fb24733a03a88d5aaaa67112daeebb046fac1478bc6240f2bcf7c77b4c77bbe74263f3f8a6bd2d39e2f3ee26d07925c54c77045d366bd20ca6552ebbdaaeb5849479d26f8ca07652bae73f9654e90905d4b307c8f6483672a6da220f87e5630070194a4d6275e12342a84e5dab6fec5db7ec1b2210fa15e3cdbf6a5adbea7dbf80b99f3f7d715e77f404413eb2a3c810ae0186e9afa778d808549d1dad3bf326046400ba09f002387aaa5bc5ffe6227ca73427c9a2686be2332d53840caa00c0bb2702bb82ca974709855af9d78b4cf1b09102dae5aa50c4096c91dedc8d19244fae4ec763963a24edc41c407b32a30659591afd64235e9dceba3770325cb9728d52142045d8c26262b99b36b31ee1db9104c6856b8766871042bb955b9ccd1aea961b04fcaaf3f81e1c0dba17badbb3a577de6623943b307e03e47e8313cb2ab8251f6bcd7f7ea587f7c3d9f41a83b1d5b29277dcc77c01a5b8a5288d7637fb81ef8e49733bd39f3d2f29cd26302ab63c0fb2b28be7154f383e19647f6bb51b005b1cda40cac6c7c8a23fc33f48d0e04dc8bc42f382fb5e9ceb7e8fdb58aa775a872ae1eb57dc3275966544b031bd9bc94e66fa316caffd64f328900987d599c0f7fd62d8e8a7d142232d895ea0ec6b5dfb19e30db9383dde8827e585ba943db70f4225f9203f99623b6bd4999390d4e6dc35324ccaa0484924ee9071293ac7c5550290017e91c854e339ff0121ac25aa9c8656a5956402c02f5ec2547d7ca454eef98b7ded431a0be16a6a36c7881e965fca4e054b8f56d44fd20459e1d7fdfb21cdbe0c4a27455ee4637c6ddfc041900bb1770624a491dd355fc9f84aacc8de3d1dce0ee87480d765412dc25a72c86c84d8d65d843384ee08204554a21656d1acaa4b17b343441e5247068f9b8435192f89f30536a523f0de0036e0b552c42f4cc0bbe29e86f9883ee80598db5ac80387cdea2114c0d1261cfcb39860031311c0ef03b48d3ccdb37ae91a2f933b65ccb6dd56d4bd17ecb8b163dcee9fdfeac27e10af6a0300726300e8fccd1d19db0648cda6350b45ea1f340d0003b402dd839bcc51174b09bcb257e883c7501620c6e6c88083685d6d44572172ce2e5079f18009205103202d13ee815cb67d7c68cb717d0fdf46ea2735061adbaa5e8d65e91f719b576b7cd07ff7cac323e993182f5c5602623e1ce221e0381234ea58d73dd7cb0842c4f3dd4fbb90a05b0ca269186b836b736116ece36eff3357f90a033ecf8d44aa9d4f60c8573fd24de19a058ed019f853437b3b437bd38b0d0417e3b637edb0c598f9a1061fd42686d942f4a9bd3132b533d1b77b2bc29fc9644866e7b843acdaf13457275ea1a343c664e8d8de47a30cfc71d0c5d47b95217d31b49def9a97bcfeeaeba1be9c575407e0f5043c4d74ef05cf6b6a572eaaadd442ce93c88102d1764dc1b5366e1a5ccaf4be7d3669b40c7ad4332c80ee520e8e1ea9385490eea1265ffc0e2a370febb160ccf3c0706571586be9963f5ec54c0e4eb9b4c36dd3aa22f77418927941087882f9030849c3e831210b3882579717fd6635c38da3c6a267d19588e61355378d0fbeb476395de39440399b479623b6c5954a8d1accfea4495570d143d6943c0129a826456953f2b461d3349810228e9b03b06d4c2733d847cf755dd0960800d034205fc5a22470d82baa02d2904693ff5919c568d934aff71a60bea14e13c390a3ba000868b7c71f1c21af687a70e5df8b3c1300e1eaaeba3062d72054c82a185b232728653a4640ed2337e7225aa2742b2fcfb31b087d0a63dd0a8d3b0d88046d368937ef86f74a902e08dab4901eb882c74e81faa8521b5a929954b42e08e151d761610d3436f51921aa8304efc3e775ef9ef0c96fe90d23494aa12742eb1277a89f29870320afbbe51d5f38c504b141318266645f3eca78ad130bc3c40c30337925b7bb25dbcb4783d67c4b37cadd1bc36bf089705036abaabc61505e3e393f83027f08cf8e7e6fff1bcc6694f3988f3260c6bb3c928124f1b768b5a2325ee59bdf67dc83cee36092ec88853c26875e7d3608a91fab2910b57063a88363e1daeb10b7a8bb651236e25ebad1e9b5b4f167f9ce0580d5da19ca5d1bd41c6c0756c90a85109e5919657be33853ca0e7af4421568b60fc40dd61bdcfa35446e717993fc3c6f0388464756ab0e5bdb21802ee4a848f6e31a890be3731b0e1c69e362e2f47faf9cfd32d0f84c15cea1ce8f7e93468f4763b60b003f77d1b286eda18c841cfa01b1ea1fe48f3b94a64c987676c937ce1d56036f8cffd73eb61aad41d84cb52c6152094ce2c16f084ce8889b85e3865e2669e79450606617e5a96b23e25ac0675d009ff6fd3c5f48c4db52f2e3dc4bcdf8ba9a4387bda8dd7392e5f2148e8dcfc7ae762bb57a2183428baa10252b7b431cfcdec007b2ac6d3efe3e8c05cc05faf3471d810cfa1f01e8685e9b6c251d37b00da78289c7fdabf071e521999979841fab52e4e77f7be721f0b0dbce3e71b0dc6de7b13d81143a53210e72626af27304a8186029ef0beebd662330fd1e34cc1340de85089df1fa00a938787bef2f13ab3444488636a4b261c3e84dddc05b7ce10d4d9e5678b3c8348533ccd48b5514839462455a3d50b3cf1adcf4f45955ccc2c2e7c5187c3729cae0f258f7e904f5c520695036a7eaf4b608b54d03918a418482d6ec3523b4d96b4e2ce1c5e631412dc9ed26223e5e65cd193f9a4f247ee0006fe5fee98e1277d07fb8d9d784dbedeb597065847823e4cb02ee34fdd2508125cf7b13c98604ebf650a4d4040d5cc7b60e41cdbdaceeb7def1ef20bc7cddc92f15f16b5a67f9231aa5f0701152ab830dd7b27f7992e67ef7d0d44c34cd056b0fe4bfab724819af2ee51f8b02c95dbc11ede3389f40c447bc5400d775507f6285f737e33973504adb0c81dda804ba2d2d560781e0262b5da15f0e984021c21515d575ea7376cafe23f69f7b7b14db759ec5fe5c3cfc43fda35d6540526abcf7de5e0c78bcc421b0822dc47c148dd88497868e56352bf2c76995463fce36ec7059cf81ef55df30bc225fa195c52e1e7eb35d4d79d42e3b07985fcbe26920956248f60c3f235cca210beaccfd456bc919706b17d924c9ac49c690a54e410ee8da4930a7395a56a8a3c4c7302b358df11b4398bdcd2a0383054d73610631a17f686c146dafbdbde2f6b220ee2ed2fbb7c008fe0c7178d3d8da4facc93e61e09a5c9951692b989bcb7ca93325b0d4e5ce5cb12b463620bc092e4e9fbfbbfc6c07ed58a01e4b9d6f4b214237e699b9776e1ff2b99b7e56a3fabf7f5605ada724d2045227e90e04d5a8860d4336d789cba492aaa5b233d62cd0cefbeb8512cdfb32cd0203965b1f9654be770287c3277399ed2e86ff693779b2ba42993b897c27258b6f8c0cf8afc61be4ce24ba0e3a4df59501aee52d63ee9add98159b5612b723ec1af141d5ce21c119686472cc7032ec3e60a34a13b2c613f0a90c547abadb3399bc9846ffc6bdba48efc7968912cad51c5523172e7d6069e579ecedd124591873517f99f9a9156bb6fc987f918ecd78b5975934b8c6a41533e583a1c4b90ad7fc31fe028288e414e16deab6355bfba20d8688d1e9af63dd3d73aa0c4c7982d494fe43640dcb7b0a42ae95aabacc44e5694be6a31631667589a15bfa5bc0a5a7f8a6ec24c31b827315b578b1391f60bf16b0088a4132631ef47d8b52301fde3ef81f9511ec28588975ffcb124a8c6565e4b91ad21bed1bba008d41a652363fc2d5fecb0cafd97a9c624f7fe0035d0cec42ca23f806ab75816e0737fd333caeac915f0508c1c36d2ce1d634074735f51ee63cab6652f744f05717a7bc17436144a27d59abda308aeb83b75f53718cd3f75f5f03b8af95bb17b7859e2e86be1570b30c46c8fd9c1c38b8ab3744dadfc9439cd4fa992560e2f72b12ec7a703e3a21e897bda760566a51cf6303300862182a1e55f654c9334c1721925e35b57ac3e90480364e14cd9fa0e19a2a40d773da91213a8168bd247113ee2055fd94874c1a7a93a2a85a8430bbe714a915c564597988988305ac4bf94ea87b77b6cf8a33f420a8c663fec3f8646b30228fa9fa380e4982c42781e175048c0b3b03b32eadb36722a69219f6d21332f1614ee90126c8f5c8945804311244e8b0d8381f34aa39662cd9cdd2cfdd409fa93ea2b4e94555cba0d1a9c81a40276280b12df471eb984cf46c94327287d8bb51469591770d264873c4659623c095f7628aafa1cb7f3d34537eb30292fc1344180efed6dea21a21f3c08c1f678da97804f30a3c9e9438a68fc42b8a3e9804fc786cd30e60ce2297822858fa68c11625c0e9443d2b3f1c0bb5300446e80de8396fdb4ccf53b818d9d3da858e586d73fa3a8da030de7bf5292edc807487632fefbb381403b2c9c86f30a48799adfcd2033e9ae7228de46c7e3b7ee0fe4242468f4f131a2df28e81cb2b6ba4d5005f494ba794a6dc3955435f248cef375dbe059f37813803f7bd64e31bf081acbe14157457d45d554710795321a55772d65f943d0411559769888ddfc159212ea52c34c77208fe36ca445c9883376015b9fb4f7b7d54e124310380d1b4f8d958eabb982d8a91fa6745892f6bc95ec81d6e1f1679eb88a4f3ef1c3aeb58afc55418710a6183608322d5e832a07db4266caf985497f34e656b8d6a057001061f54d7250d7f2f17041a223dd6c25997c6f706d54a114dcf5eca1cd0295139fc5b8bbfbe0f0f6bcf48502b71e2be9b94b888d4543bb56100f0fb7ad61b726429e5fe39e2b9ee2988a91f4407a38971d4516c0d48678039e71a1d7bf44611ac37006b8cb028291c39606866443ec7d7ea4064d8a9e4c41db5891c6f5b8eb39d1830ad541ce7ea79690c7ede226d64af1817ae53a505536d436736acae0c22bf04b3123b5db86b7c1eee5b7a1c482a8181a025a393240d6e15ac3b9f0e6312ddaae0eaf2f0b3584f3e4a3984239493b57905ba8702cf5b01924119a5fc938430dc1e0e18a1ae4ceb50bf5049d3afcb8944046e9f23382fa305ca78c5f52f82391cf519fe032742503162b63deecd84d9882770b3d7d57fc6351bf6705fde18f33decc4be118db88ffd5169e70547ed27ae6ca7c238a1ce56abdc88496abfb04108933fb9b3907a5101c87d32cc34cbd7faa2c4c816d99d0c2b83960581b51ca5c60af62465fb45b0bac9f2ab044c22aa2140dfc67d7f52a32300bd05bae6c5837ed992fba6cd13fa77063c4d5c9a885100c34166f1520ccb3bb0fc9153a082ee1b66559d7f7ba77aad2de29035a40bf47cb8ac3e6da49dde671b3eb277f2dd33b4f0aa3a9c951c3c3d6de1d7e19f429c642f9750a9245044fdb92f27d64a6558669e961919d570330c42834e442fd0ae419edbe9f32c73fd903aafaba317130e22983a9b564cb63940b67f753733e69a7b9925e16832c66e732be32724695bbd9f079936889b9bd56a992b03b000bde64f62d61e244e73c2036384c2104821e2741384588dc52140e4ef93f5160880712338d93049b37efd49e5df66d98f47e4ffbc603e95b5af0a71184e5496e0329d6979af9f4a256e1d07cf79abf066cd1f4c3db31cfea17648c097ad9b15edaadd106d5b6d5996f64197751b7680b41e0676c03e8b32867ae04e8b93b552afb53de4b7061301f85d37e14da4d61d95ffe110285b9b8f4e9459b5723943b29e2e6bd6020a01aa25563cc97ef190121de755c1e288ad21a1a252bb7138dc402cc59c3df33b0bfe7793aaaae7a9e9e4b5975ea8a647974e5878af9414bc60b60cb5eebd8d1932a6efb560abd0458b49c4b5f1b4bcd9e35f1ca0885869c2828d4039654767b9af370315008e0234787f37a87675158617816267ce32f8a4dfb7b0b86943d336d8fa5a6556a6511058b9c20ec71f3124caa9c7fc4cd00c3b6f48016166f16629f32018e278d279506d148c914a3ee118ba03d118600243ddf15661bed7d6ee89d9377ca851e2afb9354600d5baac124eaeedafee623415089759521c45a0989c561a475a9123aa9b4a252fb49407f5161be3df926f50f3f6af6311e7d95196d8af5f6dad5beb78f35fe24739e080bf584eeafff1446fd1fcde22808e764913a0f778e6f9ee7d4eef58a1537106277c0e754d749c25a5c115844ded7fae5cf8635c5cbfe75d35844060731dbd6e94d9acc4bdb51e9f5b6b78ba850dafa5a18150639bfdbe5085a7b53cac71c90ee8dbbd1db4d5d85342c80f28c6a9a8a290824cae329a9d7ef13fbb0bdfa2e5de407745ddcadc39a14bd2191f4e6a0b6460801019ae4086deebbc5b2842f13749214da23f9182e9649676a4e7c6a4b4c04c455fe2ace525e5d7c3e124521dcf17c78c91d3ee190dffd6232fbaf5ee8dfd5931e1014a8f6aad5bfe5d12ff08f1df4b5ec7f5c793587a8a9131fc5da079b46eb08e763247e9fe061d3c3787da35a84dfa77b3d30dada8f758b8374a66f416ddf9145a35ba9dc18a4cca800c17ae16d1c7fca48d9016e5919e2f0c1e95855c70557415011cf0f05f7d02b808f67128abd506d4fc7f97c065c5c869f39e6a8d7b434ea4cf862b85a597fc69967d9b31e678b8b975b2f08143710007380035fa01bfa84f3c7a7dca3e229039ec766555a74c3e128e43c8f932a38bf8bc812c55c95385d07a15f8625bae1c37dac6ea501b5ede14ab7aaf8da4c5ab6b4ac80944e8e7aaffa2a732988c5b672d6a2984a8e94e940c84dbef3872e06f1f234aeb1f470371a8d6e27c5bd511013adeadc913537117042ed6603bca091b34715577165b7b1f39a9042476f94d50c2f6400d5be9ef13d35c49694fa6cd35c713f456adffdd877e6d9cdb922a72e27d9d284b8418cb4b948aa5bcab2e4405e648956e791a8496f791fdc8916d7bb8669a13ea7beeb30390f9c2939b48bfe0d060bda613a7dc8e50415edad9918ac9db1f2d82c7d22dfa1b484ec5c527d541256efaa44eec7084b3bb3628519637a6fbcc0373aafa60ee12a9b20447a3e1dd3612802268d38a8ea4df132cf998927387bd4d2bfab69c3cb3a2ef549f7a260c4c539efd57c7dd6f6595f0068fd9af284bfb52ed38dc7159071f9ed394fb3af2acf3bc88ea2e23447e7c307a9a1307b52f83d7e35069693d03133315b59c2285da9ac7952f819fb84885879b731df79137ee59caef2e3a4b83cf645cca4fbb328ad58a208362d710eef1899513ede16f17806ee49a34f26778ba2b5c054cb704126ede4f57b61bace59b60357ccf136a8e82d72f6e824f68c20297104b83f7a4ee723f820654f488baf7e384f86d697fdba91b272025262cafdbdfa15fc57eaa0e50b232ea7e451696d47ff86421d2580c40e7f48fefa0224d4c16784aa813deee6397a101b265a384194236b0cecedc5270fd36004dc4fa9bfa3b66c3e3b1a1dc295e7fde3a54ee7d16af955e56decc4a8ca126e818a17471db01aeb75b6c45528ceec0120eef623512ce651883842ce5ffdf049738a04f9a80979e97807c66abcf724ee3cd02c99e3af6db9388ad72fb27b4d58a7d6456f28b374e8ae521ec6e1538997c9b386f68ea89c926147d730dd5d56ec5f2a9711667862a29e9dd0333b462ffc204f9979548cafcbe884205cdf2f63e3fe9e5ec2b466ec0302610ae6f326c7cf393077f75f2165b986bfa9dd4036b2229d8c379063737d9986ee6623caa11ea000b56b45a2d75add60e39fdaac33b262c1fbb9a49361b73f5ab27ad447c6500aeb0ca9ffa858a262eb629889ed8c16b6bbb16345d98ee159ffd785264c5aea8e03be7929f5db7804a4dfb27a99668ad72e1dd9fbc1becde179cead93033b815a1f8a7dee477ba856a3af3099e25c37f708188c92746b5e1e7a6bce9ee5d3fac13d670fddf923ed8ceab2d79dd5224e1dfac4e1a2438309af8ebf2a000c0ba206f1110e194c039b083dd1d918a9fa7be81858dd78dd67aaa4ee79424c9a8418ee26435d012e67b5f6ed3c599be0306a4a18150f8b0b035bf954b998065a4b8556c2934eab7acc33480f9f139ba8f6fe975c0dece4d3daf03752fbb069ed6c3ee7363519776acbb5ab7b5f245fa9601241daa70932688331a513dd25cc2f9c978ab203979e10c3b344279d30432ee47215026473c3cab456516c1771f6e5e2aead900589d40dbb2967af17ff250da97ec00f9c8ecd1eff13ed4747d9d988eaa1691e6964c80725444eb71e30b1316a7904380952353ed094ba84381964fc6d5de4654d3bc4b93368b2b7592f0544879f401c91eb8e030695231311444a713b1b963c231c3e6ea7bfa7fba65aec6401300f8e57250236515180d86503519262727d87602e39eb67c3cc2251b1157ad3b8f83507b367358f06aa1670b86520e9fc9e13337bdfdb2fc827b175c26fb45cc5d91ad4371f93e80d7eb51ad65a5a62934ad1065f539473ae745c86f8ee69033175dd7ade286d362a9887c6203127e871900c68a139e9240c1e13d2d65ebc39304728aa74750b4481801ad978127d2e83abd7996bdfd394bce2d326014a9e15f0e04b69453fc3e9611d13b0fc878bd3f523c33af8e0ed84dcf6f24d081056d183114453289aca85856f5d402b116a266bf9099242d76a091bf6bbf594c56d66241a2c22255a6888c741b44c49fb8123e3dbf59a3ae92af9328e128bba37dc5b741302f16c3820b63ffa5525b032636c7ecd78a73f5202560cfd10f8b8111b23e56ecc6c8dd3af255b1844b2864b7d6d1c31ac262c68605088415bdebb54b8e3eeeaec45cf41a38ae30a33ddccb76ba27ff390719064f593e102b5fb6cca94e167cdfa0fee69db5cabb4dd00c54e97cdcd21424eec0d78eee97a8f82106dc26eacc70a77d3e9519c2941fba5814e8bee5561a15dc06d73578d612fe3ec645165c8fdf5f430dc70487a1a08325af494179f04d20ea44550de64a2a92c555b892bbe91945c876c135daa5f009e593d08eb2c09ad6c53291f824bc6a2fa55bb46d53f5d27e9a456e755684245f11139694bdd2247c72a90a97aa2ce424da0d7e298733118eb83e841bf7c29026ad4ee23404968b244c8b0f9d0af0f08f3bab62a045e0ac56a284e1da7d825b9f8b5147529a6ed4dff1e18191ec553f04945e75c66d4b7554727b6455ec1b6ee5fc522a5b88ddccecce807187b34c423831a94a6659e016aa5ded61bfaceeeeacbca61ea44a8c571eb4a8f7c1"
    aes = AESUtil(key="jo8j9wGw%6HbxfFn", iv="0123456789ABCDEF")
    print(aes.decrypt(h))


打印结果如下:

某某网站AES算法JS逆向分析(JS逆向第八期)_2d_12



五、总结分享


回顾整个分析流程,本次难点主要概括为以下几点:


  • 如何快速定位加密参数的位置
  • 对AES CBC模式算法有所了解
  • 能够还原JS代码并能运行
  • 能够通过Python还原加密算法
  • 对数据类型之间互相转换有深刻认识


本篇分享到这里就结束了,欢迎大家关注下一期,我们不见不散☀️☀️

标签:oo,逆向,AES,text,self,iv,参数,key,JS
From: https://blog.51cto.com/u_15950943/6033039

相关文章

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99