首页 > 其他分享 >今日JS解密日记

今日JS解密日记

时间:2022-12-06 17:31:55浏览次数:67  
标签:x61 x72 x74 x73 x65 解密 JS && 日记

干货从来不废话,直接上源代码,源码很大,单拎一个函数出来

function _0x486eb9(_0xfeca11, _0x4a4275) {
    if (!_0xfeca11) return !![];
    if (!_0xfeca11['\x63\x6c\x69\x65\x6e\x74']) return !![];
    if (!_0xfeca11['\x63\x6c\x69\x65\x6e\x74']['\x69\x64']) return !![];
    if (_0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x35' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x36' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x39\x30' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x39\x34' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x39\x33' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x39\x38' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x37') {
        var _0x2d4374 = _0xfeca11['\x63\x6c\x69\x65\x6e\x74']['\x69\x64'];
    } else {
        return !![];
    }
    if (!_0x46db4d['\x65\x78\x69\x73\x74\x73\x53\x79\x6e\x63'](_0x9d9be5 + '\x2f' + _0x2d4374 + '\x2f\x75\x73\x65\x72\x2e\x6a\x73\x6f\x6e')) {
        return ![];
    }
    var _0x263ce4 = _0x46db4d['\x72\x65\x61\x64\x46\x69\x6c\x65\x53\x79\x6e\x63'](_0x9d9be5 + '\x2f' + _0x2d4374 + '\x2f\x75\x73\x65\x72\x2e\x6a\x73\x6f\x6e', '\x75\x74\x66\x38');
    try {
        _0x2eb628 = JSON['\x70\x61\x72\x73\x65'](_0x263ce4);
    } catch (_0x3c48e9) {
        console['\x65\x72\x72\x6f\x72']('\u6570\u636e\u7ed3\u6784\u975e\u6cd5\x3a\x25\x6a', _0x2eb628);
        return;
    }
    var _0x10b98d = JSON['\x70\x61\x72\x73\x65'](_0x263ce4);
    if (_0x10b98d && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x5f\x6a\x6f\x62') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6c\x61\x73\x74\x6d\x61\x70') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x5f\x74\x67') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x6a\x62') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x72\x79') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x7a\x73') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x6a\x66') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x73\x6d') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x63\x7a') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x67\x75\x61\x6e\x6b\x61') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x6c\x69\x6e\x67\x7a\x68\x75') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x62\x6f\x73\x73') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x6e\x76\x73\x68\x65\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x73\x69\x73\x68\x65\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x63\x7a') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x73\x6b') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x64\x6a') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x73\x74\x72') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x64\x65\x78') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x6c\x75\x6b') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x69\x6e\x74') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x6e\x76\x73\x68\x65\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x6d\x61\x78\x5f\x73\x69\x73\x68\x65\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x75\x72\x6c') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x67') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x6c\x79') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x5f\x71\x71') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x61\x6c\x6c\x54\x69\x6d\x65') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x42\x61\x67\x73\x41\x72\x72') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x51\x75\x65\x73\x74\x49\x64') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x51\x75\x65\x73\x74\x53\x74\x65\x70') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x51\x75\x65\x73\x74\x73') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x77\x65\x61\x70\x6f\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x66\x77\x65\x61\x70\x6f\x6e') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x63\x61\x70') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x6c\x6f\x6e\x67\x63\x6f\x61\x74') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x74\x65\x73\x74\x6e\x61\x6d\x65') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x75\x73\x65\x72') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x70\x61\x73\x73\x77\x6f\x72\x64') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x70\x61\x73\x73\x77\x6f\x72\x64\x32') && _0x10b98d['\x68\x61\x73\x4f\x77\x6e\x50\x72\x6f\x70\x65\x72\x74\x79']('\x68\x65\x72\x6f\x64\x61\x74\x61')) {
        return !![];
    } else if (_0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x35' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x36' || _0x4a4275['\x78\x69\x65\x79\x69'] == '\x31\x31\x30\x38\x37') {
        var _0x2eb628 = null;
        try {
            _0x2eb628 = JSON['\x70\x61\x72\x73\x65'](_0x4a4275['\x6d\x73\x64\x61\x74\x61']);
        } catch (_0x5c20fd) {
            return ![];
        }
        if (_0x2eb628['\x6d\x61\x70\x49\x64'] == '\x39\x31\x30\x30\x30\x30\x30\x30\x30\x2e\x69\x6d\x67' || _0x2eb628['\x6d\x61\x70\x49\x64'] == '\x39\x38\x30\x30\x30\x30\x30\x30\x30\x2e\x69\x6d\x67' || _0x2eb628['\x6d\x61\x70\x49\x64'] == '\x30\x30\x30\x30\x32\x30\x30\x30\x2e\x69\x6d\x67' || _0x2eb628['\x6d\x61\x70\x49\x64'] == '\x30\x30\x30\x30\x31\x30\x30\x30\x30\x2e\x69\x6d\x67' || _0x2eb628['\x6d\x61\x70\x49\x64'] == '\x32\x32\x32\x30\x31\x30\x34\x30\x32\x5f\x67\x61\x69\x2e\x69\x6d\x67') {
            return !![];
        }
    }
    return ![];
}

直接先贴解密后

function checkCharacter(character, req) {
    if (!character) {
        return true;
    }

    if (!character.client) {
        return true;
    }

    if (!character.client.id) {
        return true;
    }

    if (req.xieyi == "11085" || req.xieyi == "11086" || req.xieyi == "11090" || req.xieyi == "11094" || req.xieyi == "11093" || req.xieyi == "11098" || req.xieyi == "11087") {
        var clientId = character.client.id;
    } else {
        return true;
    }

    if (!fs.existsSync("user/" + clientId + "/user.json")) {
        return false;
    }

    var data = fs.readFileSync("user/" + clientId + "/user.json", "utf8");

    try {
        dataJson = JSON.parse(data);
    } catch (e) {
        console.error("数据结构非法:%j", dataJson);
        return;
    }

    var localDataJson = JSON.parse(data);

    if (localDataJson && localDataJson.hasOwnProperty("m_job") && localDataJson.hasOwnProperty("lastmap") && localDataJson.hasOwnProperty("m_tg") && localDataJson.hasOwnProperty("ajb") && localDataJson.hasOwnProperty("ary") && localDataJson.hasOwnProperty("azs") && localDataJson.hasOwnProperty("ajf") && localDataJson.hasOwnProperty("asm") && localDataJson.hasOwnProperty("acz") && localDataJson.hasOwnProperty("test_guanka") && localDataJson.hasOwnProperty("test_lingzhu") && localDataJson.hasOwnProperty("test_boss") && localDataJson.hasOwnProperty("test_nvshen") && localDataJson.hasOwnProperty("test_sishen") && localDataJson.hasOwnProperty("test_cz") && localDataJson.hasOwnProperty("test_sk") && localDataJson.hasOwnProperty("test_dj") && localDataJson.hasOwnProperty("max_str") && localDataJson.hasOwnProperty("max_dex") && localDataJson.hasOwnProperty("max_luk") && localDataJson.hasOwnProperty("max_int") && localDataJson.hasOwnProperty("max_nvshen") && localDataJson.hasOwnProperty("max_sishen") && localDataJson.hasOwnProperty("test_url") && localDataJson.hasOwnProperty("test_g") && localDataJson.hasOwnProperty("test_ly") && localDataJson.hasOwnProperty("test_qq") && localDataJson.hasOwnProperty("allTime") && localDataJson.hasOwnProperty("tBagsArr") && localDataJson.hasOwnProperty("QuestId") && localDataJson.hasOwnProperty("QuestStep") && localDataJson.hasOwnProperty("tQuests") && localDataJson.hasOwnProperty("testweapon") && localDataJson.hasOwnProperty("testfweapon") && localDataJson.hasOwnProperty("testcap") && localDataJson.hasOwnProperty("testlongcoat") && localDataJson.hasOwnProperty("testname") && localDataJson.hasOwnProperty("user") && localDataJson.hasOwnProperty("password") && localDataJson.hasOwnProperty("password2") && localDataJson.hasOwnProperty("herodata")) {
        return true;
    } else {
        if (req.xieyi == "11085" || req.xieyi == "11086" || req.xieyi == "11087") {
            var dataJson = null;

            try {
                dataJson = JSON.parse(req.msdata);
            } catch (e) {
                return false;
            }

            if (dataJson.mapId == "910000000.img" || dataJson.mapId == "980000000.img" || dataJson.mapId == "00002000.img" || dataJson.mapId == "000010000.img" || dataJson.mapId == "222010402_gai.img") {
                return true;
            }
        }
    }

    return false;
}

分析

说个题外话,解开后发现这个和我玩的一个游戏代码很像......看上去像某岛手游的源代码,我也是写文章才发现的。

该解密的难度不是很大,大部分地方都很简单。

解密步骤

1.国际惯例,咱们把加密的代码复制黏贴丢到​JS业界最强加密解密工具站​,先一键解密一下。

这个代码有比较多的编码字符,通过这个初步解码后,直接就清晰明了了

2.在代码字面量清晰后,再来分析代码结构,因为自动解密解不开了,我们直接人工解密。直接得出上述源代码。


今日JS解密日记_JS解密

今日JS解密日记_JS解密_02


标签:x61,x72,x74,x73,x65,解密,JS,&&,日记
From: https://blog.51cto.com/u_15781271/5916424

相关文章

  • jsdelivr被墙,hexo-next切换为自定义CDN
    1.Next主题需要升级到8.9以上,我的是多少忘记了,最好升级到最新使用npm管理gitclonehttps://github.com/next-theme/hexo-theme-nextthemes/next2.替换链接官方......
  • 03.Nodejs中的路由与接口
    路由与接口目录目录路由与接口express基本使用托管静态资源nodemonExpress中的路由路由的匹配路由的使用模块化路由Express中间件中间件的格式全局生效的中间件局部生效......
  • 04.Nodejs操作MySQL
    在Nodejs中操作MySQL数据库目录在Nodejs中操作MySQL数据库MySQL数据库SQL的基本使用SELECT语句INSERTINTO语句UPDATE语句DELETE语句WHERE子句AND与OR运算符ORDERBY子......
  • 05.Nodejs_web开发模式
    Web开发目录目录Web开发Web开发模式服务端渲染的传统Web开发模式前后端分离的Web开发模式Session认证机制在项目中使用Session向session中存入数据:从session中获取数......
  • 00.Nodejs环境搭建
    Nodejs的环境搭建目录Nodejs的环境搭建安装node搭建服务器环境查看本地ip项目复活安装node英文官网:https://nodejs.org/en/中文官网下载node地址https://nodejs.or......
  • JS复制文本方法总结
    1.document.execCommand()【即将废弃】functioncopy(textValue){//动态创建textarea标签consttextarea=document.createElement('textarea')//将该......
  • Nestjs-Authentication 文档翻译
    Authentication认证是大多数应用程序中非常重要的部分.有很多不同的方法和策略去处理认证,根据不同的要求决定。本章节展示了几种不同方式,这些方式通常是能够适用于......
  • python 处理docker inspect json 数据
    #+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++#pipinstallpandas#pipinstallopenpyxl####http://192.168.145.37:8090/nationExchang......
  • JSON解析
    Android开发中,与服务器交互80%是通过JSON方式传输数据,JSON也是基于纯文本的数据格式,JSON具有跨平台的优势,相对XML,JSON解析起来更方便,简单,解析数据所消耗的流量也会比XML少,而......
  • JS特殊语法 流程控制语句
    语局以;结尾如果一行只有一条语句则;可以省略(不建议)变量的定义使用var关键字也可以不使用用:定义的变量是局部变量不用:定义的变量是全局变量(不建议)  ......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99