首页 > 其他分享 >关于加速乐cookie加密的分析

关于加速乐cookie加密的分析

时间:2024-06-21 12:29:57浏览次数:24  
标签:function __ 加密 0xdc3c cookie var return 加速

声明:该文章为学习使用,严禁用于商业用途和非法用途,违者后果自负,由此产生的一切后果均与作者无关

一、加速乐特点

  1. 加速乐参数:__jsluid_s ,是加速乐拼音简称 jsl
  2. 请求情况:
    • 第一次:状态码 521,响应 cookie 为 __jsluid_s,返回 js 代码,通过 js 代码生成新 cookie,  __jsl_clearance_s
    • 第二次:带上上次 cookie 请求,状态码 521,返回 js 代码(加密方式有MD5,SHA1, SHA256),重新生成 __jsl_clearance_s
    • 第三次:带上第二次的 cookie,正常请求

二、过程分析和代码实现

请求网址:https://www.mafengwo.cn/

 第一次请求:

document.cookie由下面返回的代码生成

document.cookie = ('_') + ('_') + ('j') + ('s') + ('l') + ('_') + ('c') + ('l') + ('e') + ('a') + ('r') + ('a') + ('n') + ('c') + ('e') + ('_') + ('s') + ('=') + ((+true) + '') + (1 + 6 + '') + ((+true) + '') + (1 + 7 + '') + (9 + '') + (~~false + '') + (-~{} + '') + ((1 << 1) + '') + ((1 + [0]) / [2] + '') + ([3] * (3) + '') + ('.') + (-~false + '') + (~~'' + '') + ((1 << 3) + '') + ('|') + ('-') + (-~{} + '') + ('|') + ('e') + ('G') + ('I') + ('R') + ('Q') + ('H') + ('G') + ('o') + ('H') + ('c') + (~~{} + '') + ('a') + ('D') + ('p') + ('u') + ('u') + ('x') + ('j') + ('m') + ('j') + ('q') + ('Y') + ((1 + [2] >> 2) + '') + ('j') + ('T') + ('f') + ('I') + ('%') + ((1 + [2] >> 2) + '') + ('D') + (';') + (' ') + ('M') + ('a') + ('x') + ('-') + ('a') + ('g') + ('e') + ('=') + (1 + 2 + '') + (2 + 4 + '') + (~~false + '') + ((+false) + '') + (';') + (' ') + ('P') + ('a') + ('t') + ('h') + ('=') + ('/') + (';') + (' ') + ('S') + ('a') + ('m') + ('e') + ('S') + ('i') + ('t') + ('e') + ('=') + ('N') + ('o') + ('n') + ('e') + (';') + (' ') + ('S') + ('e') + ('c') + ('u') + ('r') + ('e');    

在控制台打印得到新生成cookie,__jsl_clearance_s的明文信息:

__jsl_clearance_s=1718901259.108|-1|eGIRQHGoHc0aDpuuxjmjqY3jTfI%3D; Max-age=3600; Path=/; SameSite=None; Secure

实际上第二次请求的cookie,可以看出是去掉了后面的Max-age=3600; Path=/; SameSite=None; Secure

1718901259.108|-1|eGIRQHGoHc0aDpuuxjmjqY3jTfI%3D

第一次请求python代码实现:

import requests
import execjs
import re


def fir_req():
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers)
    __jsl_clearance_s = execjs.eval(re.findall("document.cookie=(.*?);lo", response.text)[0]).split("e_s=")[-1].split(";")[0]
    __jsluid_s = response.cookies.get('__jsluid_s')
    print(__jsl_clearance_s, __jsluid_s)


fir_req()

第二次请求:

使用hook脚本定位cookie加密位置

(function () {
    cookieTemp = document.cookie;
    Object.defineProperty(document, 'cookie', {
        set: function (val) {
            if (val.indexOf('__jsl_clearance_s') != -1) {
                debugger;
            }
            console.log('Hook捕获到cookie设置->', val);
            cookieTemp = val;
        },
        get: function () {
            return cookieTemp;
        },
    });
})()

跟栈

在处理相关代码时,可以看到返回的是经过 OB 混淆后的代码。这个JS代码是变化的,每次请求返回的代码不是固定的,但是代码逻辑是一样的,本次请求中,Cookie 的赋值位置为:

document[_0xdc3c('0x15e', 'tl@D') + 'ie'] = _0xd3bab4;

在控制台解码:

document["cookie"] = _0xd3bab4

接下来,选择全扣代码,使用吐环境脚本查看缺失的环境,缺什么就补什么。

function get_enviroment(proxy_array) {
    for (var i = 0; i < proxy_array.length; i++) {
        handler = '{\n' +
            '    get: function(target, property, receiver) {\n' +
            '        console.log("方法:", "get  ", "对象:", ' +
            '"' + proxy_array[i] + '" ,' +
            '"  属性:", property, ' +
            '"  属性类型:", ' + 'typeof property, ' +
            // '"  属性值:", ' + 'target[property], ' +
            '"  属性值类型:", typeof target[property]);\n' +
            '        return target[property];\n' +
            '    },\n' +
            '    set: function(target, property, value, receiver) {\n' +
            '        console.log("方法:", "set  ", "对象:", ' +
            '"' + proxy_array[i] + '" ,' +
            '"  属性:", property, ' +
            '"  属性类型:", ' + 'typeof property, ' +
            // '"  属性值:", ' + 'target[property], ' +
            '"  属性值类型:", typeof target[property]);\n' +
            '        return Reflect.set(...arguments);\n' +
            '    }\n' +
            '}'
        eval('try{\n' + proxy_array[i] + ';\n'
            + proxy_array[i] + '=new Proxy(' + proxy_array[i] + ', ' + handler + ')}catch (e) {\n' + proxy_array[i] + '={};\n'
            + proxy_array[i] + '=new Proxy(' + proxy_array[i] + ', ' + handler + ')}')
    }
}

proxy_array = ['window', 'document', 'location', 'navigator', 'history', 'screen']


get_enviroment(proxy_array)

缺失的环境为

window = global;
navigator = {
    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0'
}

全扣代码之后要导出代码的数据,然而在 document["cookie"] = _0xd3bab4, 这一赋值语句之后打印 cookie ,console.log(document.cookie) ,控制台输出的是 undefined 。经过查看代码,发现是因为在上面使用了定时器 setTimeout ,导致已经打印完了,但是代码还没执行。可以通过将定时器置空或者删除定时器。

cookie 的值 _0xd3bab4 由下面代码生成。

var _0xd3bab4 = _0x1ee99b[_0xdc3c('0x169', 'p)D7') + 'Q'](_0x5d8c59['tn'] + '=' + _0x388eff[0x0], _0xdc3c('0x92', '[&Do') + _0xdc3c('0x44', 'I72b') + '=') + _0x5d8c59['vt'] + (_0xdc3c('0x2c', 'vjGQ') + _0xdc3c('0x38', 'a%Xx') + '\x20/');

在控制台查看每一项的值,发现_0x388eff[0x0] 是cookie值, _0x388eff的赋值语句为:

var _0x388eff = _0x27a7e7(_0x5d8c59['ct'], _0x5d8c59[_0xdc3c('0x59', 'G&aA')]);

_0x5d8c59则是由function go(_0x5d8c59)传参而来。

go函数的参数如下:

{
    "bts": ["1718908786.06|0|oKVL", "21qG3a7jxfgEGHNekECRc%3D"],
    "chars": "DZEqpWlXLBkpdjJMAjdjRx",
    "ct": "4fc6210ec2afafb9907b9e8878c4e37e72f6cedb78942d3c77aaa6e4dcb41fd1",
    "ha": "sha256",
    "is": true,
    "tn": "__jsl_clearance_s",
    "vt": "3600",
    "wt": "1500"
}

多次请求发现go里面的参数是变化的,其中:

  • tn:表示 cookie 的名字。
  • bts:是服务器返回的 cookie 组成部分。
  • chars:服务器返回的随机字符串。
  • ha:代表 cookie 的加密算法。
  • ct:cookie 经过加密后的值。

经过_0x27a7e7函数传递两个值得到正确的 cookie:

第一个值:ct,是服务器返回的 cookie 经过加密算法后生成的值

第二个值:bts参数

分析_0x27a7e7 函数

        function _0x27a7e7(_0x3d2f57, _0x49822d) {
            var _0x5df995 = _0x5d8c59[_0xdc3c('0x93', '[&Do') + 's'][_0xdc3c('0xd5', 'G%k$') + 'th'];
            for (var _0x186921 = 0x0; _0x1ee99b[_0xdc3c('0x79', 'r64s') + 'z'](_0x186921, _0x5df995); _0x186921++) {
                for (var _0x4e7fd0 = 0x0; _0x1ee99b[_0xdc3c('0x7a', 'Ehk)') + 'z'](_0x4e7fd0, _0x5df995); _0x4e7fd0++) {
                    var _0x31355c = _0x1ee99b[_0xdc3c('0x83', 'ly!k') + 'w'](_0x1ee99b[_0xdc3c('0x13c', 'a%Xx') + 'w'](_0x49822d[0x0], _0x5d8c59[_0xdc3c('0x6e', '5m@Z') + 's'][_0xdc3c('0x11c', 'mcN2') + 'tr'](_0x186921, 0x1)) + _0x5d8c59[_0xdc3c('0xff', '3UFz') + 's'][_0xdc3c('0x70', 'DpB^') + 'tr'](_0x4e7fd0, 0x1), _0x49822d[0x1]);
                    if (_0x1ee99b[_0xdc3c('0xc8', 'Sttp') + 'U'](hash, _0x31355c) == _0x3d2f57) {
                        return [_0x31355c, new Date() - _0x3f266e];
                    }
                }
            }
        }

逻辑为:

1、在循环中生成cookie,cookie值 = bts[0] + 从chars中随机取出的两个数据 + bts[1]

2、将随机生成的cookie经过,ha对应的加密算法进行加密

3、当随机生成的cookie经过加密算法后得到的值和服务器返回的ct值相等时,则证明是正确的cookie

逆向时go函数里面的参数的加密方法ha一共有三种:MD5,SHA1, SHA256, 而页面返回的js代码只携带一个ha对应的加密方法,因此需要补全加密方法,导入crypto-js包

完整JS代码为:

const CryptoJS = require('crypto-js');
function get_enviroment(proxy_array) {
    for (var i = 0; i < proxy_array.length; i++) {
        handler = '{\n' +
            '    get: function(target, property, receiver) {\n' +
            '        console.log("方法:", "get  ", "对象:", ' +
            '"' + proxy_array[i] + '" ,' +
            '"  属性:", property, ' +
            '"  属性类型:", ' + 'typeof property, ' +
            // '"  属性值:", ' + 'target[property], ' +
            '"  属性值类型:", typeof target[property]);\n' +
            '        return target[property];\n' +
            '    },\n' +
            '    set: function(target, property, value, receiver) {\n' +
            '        console.log("方法:", "set  ", "对象:", ' +
            '"' + proxy_array[i] + '" ,' +
            '"  属性:", property, ' +
            '"  属性类型:", ' + 'typeof property, ' +
            // '"  属性值:", ' + 'target[property], ' +
            '"  属性值类型:", typeof target[property]);\n' +
            '        return Reflect.set(...arguments);\n' +
            '    }\n' +
            '}'
        eval('try{\n' + proxy_array[i] + ';\n'
            + proxy_array[i] + '=new Proxy(' + proxy_array[i] + ', ' + handler + ')}catch (e) {\n' + proxy_array[i] + '={};\n'
            + proxy_array[i] + '=new Proxy(' + proxy_array[i] + ', ' + handler + ')}')
    }
}

proxy_array = ['window', 'document', 'location', 'navigator', 'history', 'screen']

window = global;
navigator = {
    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0'
}


get_enviroment(proxy_array)



// 大数组
var _0x1b44 = ['OMOcVgA=', 'KMOBw7g5', 'wr3Cm28s', 'wqXCsBBG', 'D8OmJsOP', 'R8O5VcKY', 'B8OhHsOi', 'MV9YcQ==', 'w4LDtcOXQw==', 'w7XCtDHCqg==', 'w6FlfQE=', 'FhIjCg==', 'TjjCnHg=', 'D8O5ZsKv', 'AsK/FTE=', 'HMKoSEM=', 'wpZnK8K7', 'w5lRwp3DqQ==', 'aMOXV8Kb', 'worChyXCqg==', 'wpHCuRl+', 'IsKdamk=', 'BXZtw5Q=', 'wo7DqAzCtw==', 'w5vDr8OXJw==', 'DcK4DCQ=', 'eFlnVA==', 'wqdhOcK7', 'b0J7WA==', 'HWVTw6I=', 'N0VdcQ==', 'AQxoPg==', 'V8KOK1A=', 'Z25Vwq8=', 'NMOXcj8=', 'FsOOTzs=', 'wqAHEkA=', 'VBrCkcKY', 'DsOTw609', 'wrDDpsOfBA==', 'w7XCuSzChw==', 'wqZ/OMK/', 'w57DoMKUZg==', 'f8OcaMKV', 'wqAAF1c=', 'worDssO8Gg==', 'TWFlbg==', 'YMKUw5IL', 'H8Oha8K0', 'GcKqQsOJ', 'wpHDsiNC', 'ZWpQwrU=', 'w6wfQw4=', 'YHQ9Sg==', '6K2s5rCk6amE6K6/', 'wo7DrwnCoA==', 'w6PDo8K0Pw==', 'BDxjKA==', 'wqVQG8Ki', 'w4EKwoI7', 'NMOUVBk=', 'wqbDlsONGA==', 'w6nCv2dV', 'wrVWFsKK', 'C8OMC8Kw', 'w7bDocOFKw==', 'w5FgwpnDiA==', 'IVJfw4c=', 'wpLDssOlBg==', 'w7lZMsOy', 'w6d5O8O1', 'wrvCiC/CuQ==', 'wpjCtBfCnA==', 'dsKyw6TClw==', 'NmNIw5I=', 'IMORwpXDhw==', 'fXl6ZA==', 'w4LCj1p1', 'cEtBwog=', 'RQjDsw4=', 'w7UKwoIn', 'woDDu8OcBQ==', 'R8Kdw4jDuA==', 'GW5Hw4c=', 'wozDpgFy', 'wr9dGMKk', 'JiB9Jg==', 'Pm5Gw4Q=', 'AihKGw==', 'bibCgRU=', 'GWJTWw==', 'A8O8SsKH', 'wpzDncOCFQ==', 'wr1xDcKt', 'LsKxeMOw', 'Z8Kaw43Drw==', 'D2pYw7U=', 'wpxqD8Kc', 'w5sZXjM=', 'PTY3Ow==', 'w6gWwqQX', 'FwfDnMKM', 'DnB2w6Q=', 'M0c6wrc=', 'w6IjQTI=', 'wpJTEcKh', 'CH96w48=', 'fHfDkVY=', 'MTLDnMKs', 'X29lQw==', 'wqrCt2wZ', 'ecOewpfCkw==', 'BcOOG8O6', 'wobCuA3CkQ==', 'McOTYQU=', 'wprCuBDClA==', 'wpnDjDpN', 'NMOWw7Eh', 'DEbDvWY=', 'UcK9F8Kj', 'HsKucMO8', 'w77DssOcLw==', 'w5bCrAXCuw==', 'DRPDq8Kv', 'wo8KHVU=', 'BCzDo8Kr', 'CQfDhcKB', 'wrXDpD/Chw==', 'wrrDlDzCpg==', 'IcOiwqLDiw==', 'wpklBX0=', 'wooBF1c=', 'DTHCoTA=', 'JjvCiSc=', 'DMOQw6wE', 'D3dzSA==', 'wr7DlitU', 'X3I4GQ==', 'w4tWIMO5', 'F8KxU0c=', 'wp9SHMKI', 'AGxjw4s=', 'Y8KWR0E=', 'K8OdScK0', 'EWLDnnE=', 'PcOGw64H', 'Bj0BHA==', 'w4LCmxnChg==', 'VHZ9Yw==', 'w5ZaXQI=', 'wrLCtQrCvA==', 'CsOjaMKw', 'wpjCg8KoGg==', 'MnFiw6E=', 'ByJgSQ==', 'P8OHwrTDqg==', 'L8ONWys=', 'w5PCihfCiQ==', 'w7vDr8KNCw==', 'eRXCnEg=', 'wot2CMKF', 'Flx+Tg==', 'WMKyCsO3', 'w4FOUQI=', 'XWrDin4=', 'EMKme8Ot', 'FHt8w4o=', 'w4BlwqbDtg==', 'wrw1Pko=', 'w58uLcK/', 'wrPCqz54', 'YElkwqY=', 'V8OUwr/Cpw==', 'wqnClyjCtg==', 'wpx0FMKF', 'wrXDsCd3', 'B8OqH8OF', 'wrTDiC9U', 'w5LDnsK7Dw==', 'NyR7Fg==', 'w6gDwqkM', 'wqrCuETDpg==', 'DcONRC0=', 'AsKYa1s=', 'PU9Bw4o=', 'woLDoS5U', 'I8OjCsOn', 'az/CoXQ=', 'W8OZS8Kn', 'LsK0bcOK', 'w7dhNsOu', 'wqrDlMOAEA==', 'LsOHw6QY', 'c2bDkns=', 'wpcAHg==', 'w6XClTLCpA==', 'JMOwXj4=', 'AiPDmMKL', 'w43DmcOSOg==', 'w5ZyasKi', 'Ei7Ckzw=', 'JxZHXg==', 'w6LCgl1J', 'wqbDsMOKEw==', 'EDUZBw==', 'wqLDoBjDqA==', 'w7t7cgU=', 'w5FyacKi', 'KMOXSjI=', 'wpwsNmA=', 'w4zDrMOWKg==', 'wpjDuinCsw==', 'DU5xSw==', 'EMKie8Ov', 'CcOLWA==', 'NmRNw4U=', 'w5LCun9G', 'w4DCjVlB', 'AcO7wq/DgA==', 'EyNcbA==', 'D1RWRg==', 'w4LCqmFy', 'w7ZoIT0=', 'OUhdw6o=', 'wrXCgsK3IA==', 'V27DtHc=', 'CT9Vwpk=', 'wpDClkY+', 'QRrCi3o=', 'wpNJEcKz', 'JHJfw78=', 'GCgaFQ==', 'HmVDcQ==', 'wrbCtxVN', 'OsOLWRA=', 'eW3Dn0k=', 'Iz3Cjjk=', 'TsOFWcK/', 'w4bChk9X', 'JFlIw6U=', 'w7LDr8KJCw==', 'DMOuBcOy', 'IXNKw4I=', 'F8OuCcOx', 'wpvCpcKyHQ==', 'FMOeYQ==', 'w70PwrgV', 'XsOQwoLClg==', 'wo57HsKV', 'acOJV8Kd', 'wrZPFcKm', 'DMKdU2A=', 'WQjDtC8=', 'KsK9dVo=', 'w4kFTRE=', 'wpEsPlk=', 'BcOTIMO3', 'wpfDuCzCjw==', 'w65wKyM=', 'IyXCgRg=', 'w6DDusKDDQ==', 'w4nCi0BC', 'cMOcwpPCmQ==', 'egN3w7o=', 'w4nDicOUBQ==', 'wpjCoyvCiw==', 'QVd4wqc=', 'RMKIwo7Diw==', 'QTHDhw==', 'w7fDusKkOQ==', 'O8O1asKz', 'w6vDk8OXJw==', 'wrPDtsOXLQ==', 'wqfDnztz', 'bAPDqzA=', 'P8OQWw8=', 'wqLCvBxG', 'eQnDlwo=', 'W8OieMKv', 'wozDuwhU', 'wp9dCMKj', 'ThXCrkk=', 'GCs8Mw==', 'w5bDqsOJDg==', 'BH/DtFQ=', 'woVeEMK6', 'wo1hEMKS', 'w4vCrWdL', 'CBHClzE=', 'JAnDjMKB', 'IsKKZ0g=', 'csKhw53Dgg==', 'GsOCBcOB', 'w40BRSA=', 'CMO1YA8=', 'OHbDvFU=', 'BW9lw74=', 'w57DtMOmJg==', 'wrHCshTCkA==', 'ET1+WA==', 'wpEuLV4=', 'VcOpwpfCkw==', 'KChqSw==', 'w7nDhMKkMw==', 'IGxFw7c=', 'bmfDkEs=', 'wozCrh9e', 'aA/Cs38=', 'YSLCmWk=', 'C1NCw6c=', 'CUkAcQ==', 'UMKOLx4=', 'w4RXwqvDkQ==', 'ZDnDtBA=', 'OUPDukk=', 'dERwQA==', 'aCHCmXE=', 'LMOIH8Of', 'QwLDqBI=', 'AcOuwpDDgA==', 'B8OqH8O6', 'FHxzcw==', 'JTdq', 'YsOVTcKt', 'J0nDu1w=', 'UWdKwow=', 'wrglI30=', 'KMOxwrTDlw==', 'wp3DqAzCqw==', 'dHfDnEg=', 'bkxYXA==', 'wr7Dmi9A', 'w6BLM8OJ', 'w6FoI8O5', 'w6ZsdCU=', 'w7t8wovDoQ==', 'L8OSSsKs', 'wofCrmMq', 'Ejw9OQ==', 'NsOoasKX', 'BVJew6k=', 'HRzDmMKS', 'F8O+AsOd', 'OisjNQ==', 'w4/ClENR', 'BTNhQw==', 'w6TCiBrCjg==', 'wolGN8KR', 'w4IneQ0=', 'cHDDvXA=', 'w5TDjMOaJg==', 'EsOxZQI=', 'VhrCn8KY', 'FCM+Kg==', 'BsOjMsO8', 'wrJTGsKv', 'wpJUH8K4', 'dcKBw5vDmg==', 'wpAaCmE=', 'PsKgeMO1', 'wpDCqcKRHw==', 'HsKpdcOr', 'CjY+', 'wqDDg8O3JQ==', 'XsK/w5/DhQ==', 'wqNiLsKy', 'wr5YJ8KN', 'fVpASA==', 'b1RGwoc=', 'CRrCkDM='];
// 对大数组进行偏移的设置
(function (_0x615d91, _0x1b448b) {
    var _0xdc3c6d = function (_0x142570) {
        while (--_0x142570) {
            _0x615d91['push'](_0x615d91['shift']());
        }
    };
    _0xdc3c6d(++_0x1b448b);
}(_0x1b44, 0x7d));
// ob混淆的解密函数
var _0xdc3c = function (_0x615d91, _0x1b448b) {
    _0x615d91 = _0x615d91 - 0x0;
    var _0xdc3c6d = _0x1b44[_0x615d91];
    if (_0xdc3c['KOEPxH'] === undefined) {
        (function () {
            var _0x129928 = function () {
                var _0x5796b5;
                try {
                    _0x5796b5 = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
                } catch (_0x17867f) {
                    _0x5796b5 = window;
                }
                return _0x5796b5;
            };
            var _0x31928a = _0x129928();
            var _0x950ed5 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
            _0x31928a['atob'] || (_0x31928a['atob'] = function (_0x53e699) {
                    var _0x5eab95 = String(_0x53e699)['replace'](/=+$/, '');
                    var _0x5e3dbc = '';
                    for (var _0x4f8687 = 0x0, _0xb0dbd4, _0x4c0e40, _0x3f4769 = 0x0; _0x4c0e40 = _0x5eab95['charAt'](_0x3f4769++); ~_0x4c0e40 && (_0xb0dbd4 = _0x4f8687 % 0x4 ? _0xb0dbd4 * 0x40 + _0x4c0e40 : _0x4c0e40,
                    _0x4f8687++ % 0x4) ? _0x5e3dbc += String['fromCharCode'](0xff & _0xb0dbd4 >> (-0x2 * _0x4f8687 & 0x6)) : 0x0) {
                        _0x4c0e40 = _0x950ed5['indexOf'](_0x4c0e40);
                    }
                    return _0x5e3dbc;
                }
            );
        }());
        var _0x53a7b7 = function (_0x374f78, _0x25e65a) {
            var _0x2583a6 = [], _0x2ad3f5 = 0x0, _0x940f8f, _0x4f8ee8 = '', _0x56d616 = '';
            _0x374f78 = atob(_0x374f78);
            for (var _0x44c901 = 0x0, _0x2b3e1d = _0x374f78['length']; _0x44c901 < _0x2b3e1d; _0x44c901++) {
                _0x56d616 += '%' + ('00' + _0x374f78['charCodeAt'](_0x44c901)['toString'](0x10))['slice'](-0x2);
            }
            _0x374f78 = decodeURIComponent(_0x56d616);
            var _0x11daca;
            for (_0x11daca = 0x0; _0x11daca < 0x100; _0x11daca++) {
                _0x2583a6[_0x11daca] = _0x11daca;
            }
            for (_0x11daca = 0x0; _0x11daca < 0x100; _0x11daca++) {
                _0x2ad3f5 = (_0x2ad3f5 + _0x2583a6[_0x11daca] + _0x25e65a['charCodeAt'](_0x11daca % _0x25e65a['length'])) % 0x100;
                _0x940f8f = _0x2583a6[_0x11daca];
                _0x2583a6[_0x11daca] = _0x2583a6[_0x2ad3f5];
                _0x2583a6[_0x2ad3f5] = _0x940f8f;
            }
            _0x11daca = 0x0;
            _0x2ad3f5 = 0x0;
            for (var _0x5a2744 = 0x0; _0x5a2744 < _0x374f78['length']; _0x5a2744++) {
                _0x11daca = (_0x11daca + 0x1) % 0x100;
                _0x2ad3f5 = (_0x2ad3f5 + _0x2583a6[_0x11daca]) % 0x100;
                _0x940f8f = _0x2583a6[_0x11daca];
                _0x2583a6[_0x11daca] = _0x2583a6[_0x2ad3f5];
                _0x2583a6[_0x2ad3f5] = _0x940f8f;
                _0x4f8ee8 += String['fromCharCode'](_0x374f78['charCodeAt'](_0x5a2744) ^ _0x2583a6[(_0x2583a6[_0x11daca] + _0x2583a6[_0x2ad3f5]) % 0x100]);
            }
            return _0x4f8ee8;
        };
        _0xdc3c['yTaHUI'] = _0x53a7b7;
        _0xdc3c['BbGdds'] = {};
        _0xdc3c['KOEPxH'] = !![];
    }
    var _0x142570 = _0xdc3c['BbGdds'][_0x615d91];
    if (_0x142570 === undefined) {
        if (_0xdc3c['vaOAfb'] === undefined) {
            _0xdc3c['vaOAfb'] = !![];
        }
        _0xdc3c6d = _0xdc3c['yTaHUI'](_0xdc3c6d, _0x1b448b);
        _0xdc3c['BbGdds'][_0x615d91] = _0xdc3c6d;
    } else {
        _0xdc3c6d = _0x142570;
    }
    return _0xdc3c6d;
};
// hash函数

hash1 = {
    "sha1": function (aa) {
        return CryptoJS.SHA1(aa).toString()
    },
    "sha256": function (aa) {
        return CryptoJS.SHA256(aa).toString()
    },
    "md5": function (aa) {
        return CryptoJS.MD5(aa).toString()
    },
}
// 主要代码逻辑
function go(_0x5d8c59) {
    if (_0x5d8c59['ha'] === 'sha1'){
        hash = hash1['sha1']
    }
    if (_0x5d8c59['ha'] === 'md5'){
        hash = hash1['md5']
    }
    if (_0x5d8c59['ha'] === 'sha256'){
        hash = hash1['sha256']
    }

    var _0x291b08 = {};
    _0x291b08[_0xdc3c('0x1c', '#@f@') + 'H'] = _0xdc3c('0xf8', 'Y#Wa') + _0xdc3c('0xed', 'G%k$');
    _0x291b08[_0xdc3c('0xeb', 'o$cH') + 'z'] = function (_0x44e0a1, _0x4d5a9f) {
        return _0x44e0a1 < _0x4d5a9f;
    }
    ;
    _0x291b08[_0xdc3c('0xb6', 'c$aF') + 'w'] = function (_0x206cc7, _0x582abc) {
        return _0x206cc7 + _0x582abc;
    }
    ;
    _0x291b08[_0xdc3c('0x166', 'a%Xx') + 'U'] = function (_0x1de06b, _0x9c3d59) {
        return _0x1de06b(_0x9c3d59);
    }
    ;
    _0x291b08[_0xdc3c('0x8c', 'a%Xx') + 'A'] = _0xdc3c('0xb9', 'q97j') + _0xdc3c('0x15c', 'ou]J') + _0xdc3c('0x4a', 'vjGQ') + _0xdc3c('0x21', 'mcN2') + '6';
    _0x291b08[_0xdc3c('0xad', 'a%Xx') + 'F'] = function (_0x57dd7b, _0x3e871c) {
        return _0x57dd7b < _0x3e871c;
    }
    ;
    _0x291b08[_0xdc3c('0x14c', 'ha9@') + 'w'] = function (_0x214efd, _0x2c433e, _0x5e44e5) {
        return _0x214efd(_0x2c433e, _0x5e44e5);
    }
    ;
    _0x291b08[_0xdc3c('0x130', 'r64s') + 'T'] = function (_0x251845, _0x10e2e3) {
        return _0x251845 - _0x10e2e3;
    }
    ;
    _0x291b08[_0xdc3c('0x123', 'q97j') + 'O'] = function (_0x40c685, _0x1f0612, _0xca0062) {
        return _0x40c685(_0x1f0612, _0xca0062);
    }
    ;
    _0x291b08[_0xdc3c('0x3e', 'c$aF') + 'K'] = function (_0xa8d1a4, _0x241cfd) {
        return _0xa8d1a4 << _0x241cfd;
    }
    ;
    _0x291b08[_0xdc3c('0x1f', 'G&aA') + 'Q'] = function (_0x5bc1a7, _0x543071) {
        return _0x5bc1a7 + _0x543071;
    }
    ;
    _0x291b08[_0xdc3c('0x91', 'wGvq') + 'K'] = _0xdc3c('0xfc', 'X^K4') + 'E';
    _0x291b08[_0xdc3c('0x47', 'msr#') + 'd'] = function (_0x2a1c44, _0x1ae87) {
        return _0x2a1c44 === _0x1ae87;
    }
    ;
    _0x291b08[_0xdc3c('0xcd', 'q97j') + 'B'] = _0xdc3c('0xf7', '7ihb') + 'c';
    _0x291b08[_0xdc3c('0x134', 'vjGQ') + 'r'] = function (_0x24639d, _0x446fc5) {
        return _0x24639d(_0x446fc5);
    }
    ;
    _0x291b08[_0xdc3c('0x3b', 'ha9@') + 'B'] = function (_0xa2f1ed, _0x33b7a6) {
        return _0xa2f1ed(_0x33b7a6);
    }
    ;
    _0x291b08[_0xdc3c('0x5d', 'ReTq') + 'Q'] = function (_0x389317, _0x4b1f6f, _0x309889) {
        return _0x389317(_0x4b1f6f, _0x309889);
    }
    ;
    var _0x1ee99b = _0x291b08;

    function _0x5cb9af() {
        var _0x2b63e0 = window[_0xdc3c('0x15f', '#@f@') + _0xdc3c('0x4', 'ReTq') + 'r'][_0xdc3c('0x43', 'ZdCa') + _0xdc3c('0x164', 'Ehk)') + 't']
            , _0x1a76d2 = [_0x1ee99b[_0xdc3c('0x96', 'msr#') + 'H']];
        for (var _0x596ed0 = 0x0; _0x1ee99b[_0xdc3c('0x3f', 'DpB^') + 'z'](_0x596ed0, _0x1a76d2[_0xdc3c('0x148', '&bxg') + 'th']); _0x596ed0++) {
            if (_0x2b63e0[_0xdc3c('0x6', '%^Ru') + _0xdc3c('0x78', 'wGvq')](_0x1a76d2[_0x596ed0]) != -0x1) {
                return !![];
            }
        }
        if (window[_0xdc3c('0xea', 'JJDs') + _0xdc3c('0xcb', 'BT)[') + _0xdc3c('0x45', '%^Ru')] || window[_0xdc3c('0x20', '$Gqz') + _0xdc3c('0xdc', 'mMs3')] || window[_0xdc3c('0x89', 'Ehk)') + _0xdc3c('0x128', 'Sttp')] || window[_0xdc3c('0x116', 'Sttp') + _0xdc3c('0xc9', 'W@@4') + 'r'][_0xdc3c('0x76', 'ly!k') + _0xdc3c('0x105', 'vjGQ') + 'r'] || window[_0xdc3c('0x136', 'mFCq') + _0xdc3c('0x36', 'MXab') + 'r'][_0xdc3c('0x3c', 'p)D7') + _0xdc3c('0x34', 'p)D7') + _0xdc3c('0xc6', 'DpB^') + _0xdc3c('0xb7', 'c$aF') + 'e'] || window[_0xdc3c('0x9b', 'tl@D') + _0xdc3c('0xc3', 'ly!k') + 'r'][_0xdc3c('0xd', 'kIcJ') + _0xdc3c('0xd7', 'ha9@') + _0xdc3c('0x14b', 'MXab') + _0xdc3c('0xbf', 'c$aF') + _0xdc3c('0xd0', 'kIcJ')]) {
            return !![];
        }
    }
    ;
    if (_0x5cb9af()) {
        return;
    }
    var _0x3f266e = new Date();

    function _0x27a7e7(_0x3d2f57, _0x49822d) {
        var _0x5df995 = _0x5d8c59[_0xdc3c('0x93', '[&Do') + 's'][_0xdc3c('0xd5', 'G%k$') + 'th'];
        for (var _0x186921 = 0x0; _0x1ee99b[_0xdc3c('0x79', 'r64s') + 'z'](_0x186921, _0x5df995); _0x186921++) {
            for (var _0x4e7fd0 = 0x0; _0x1ee99b[_0xdc3c('0x7a', 'Ehk)') + 'z'](_0x4e7fd0, _0x5df995); _0x4e7fd0++) {
                var _0x31355c = _0x1ee99b[_0xdc3c('0x83', 'ly!k') + 'w'](_0x1ee99b[_0xdc3c('0x13c', 'a%Xx') + 'w'](_0x49822d[0x0], _0x5d8c59[_0xdc3c('0x6e', '5m@Z') + 's'][_0xdc3c('0x11c', 'mcN2') + 'tr'](_0x186921, 0x1)) + _0x5d8c59[_0xdc3c('0xff', '3UFz') + 's'][_0xdc3c('0x70', 'DpB^') + 'tr'](_0x4e7fd0, 0x1), _0x49822d[0x1]);
                if (_0x1ee99b[_0xdc3c('0xc8', 'Sttp') + 'U'](hash, _0x31355c) == _0x3d2f57) {
                    return [_0x31355c, new Date() - _0x3f266e];
                }
            }
        }
    }
    ;var _0x388eff = _0x27a7e7(_0x5d8c59['ct'], _0x5d8c59[_0xdc3c('0x59', 'G&aA')]);
    if (_0x388eff) {
        // var _0x5774fc;
        // if (_0x5d8c59['wt']) {
        //     if (_0x1ee99b[_0xdc3c('0x80', ')BFX') + 'd'](_0x1ee99b[_0xdc3c('0x7c', 'DpB^') + 'B'], _0x1ee99b[_0xdc3c('0x12e', 'MXab') + 'B'])) {
        //         _0x5774fc = _0x1ee99b[_0xdc3c('0x149', 'p)D7') + 'r'](parseInt, _0x5d8c59['wt']) > _0x388eff[0x1] ? _0x1ee99b[_0xdc3c('0x122', '[&Do') + 'T'](_0x1ee99b[_0xdc3c('0xd6', 'wGvq') + 'B'](parseInt, _0x5d8c59['wt']), _0x388eff[0x1]) : 0x1f4;
        //     } else {
        //         utftext += String[_0xdc3c('0x2e', 'ou]J') + _0xdc3c('0x53', 'G&aA') + _0xdc3c('0x6c', 'Y#Wa')](c);
        //     }
        // } else {
        //     _0x5774fc = 0x5dc;
        // }
        // _0x1ee99b[_0xdc3c('0xa5', ')BFX') + 'Q'](setTimeout,
        !function () {
            var _0x3f26be = {};
            _0x3f26be[_0xdc3c('0x4e', 'mcN2') + 'G'] = _0x1ee99b[_0xdc3c('0x2d', 'Y#Wa') + 'A'];
            _0x3f26be[_0xdc3c('0x144', 'vP7U') + 't'] = function (_0x4617d5, _0x1a3467) {
                return _0x1ee99b[_0xdc3c('0x16a', 'ZdCa') + 'F'](_0x4617d5, _0x1a3467);
            }
            ;
            _0x3f26be[_0xdc3c('0x17', 'q97j') + 'O'] = function (_0x3240f3, _0x37a62d, _0x15c5f2) {
                return _0x3240f3(_0x37a62d, _0x15c5f2);
            }
            ;
            _0x3f26be[_0xdc3c('0x9c', 'c$aF') + 'T'] = function (_0x28a328, _0x5bfc92, _0x48bc4b) {
                return _0x28a328(_0x5bfc92, _0x48bc4b);
            }
            ;
            _0x3f26be[_0xdc3c('0xaf', 'W@@4') + 'B'] = function (_0x42428e, _0x227aa7) {
                return _0x42428e < _0x227aa7;
            }
            ;
            _0x3f26be[_0xdc3c('0x23', 'tl@D') + 'l'] = function (_0x57b1d1, _0x288aff, _0x163c24) {
                return _0x1ee99b[_0xdc3c('0x14c', 'ha9@') + 'w'](_0x57b1d1, _0x288aff, _0x163c24);
            }
            ;
            _0x3f26be[_0xdc3c('0xf0', 'vjGQ') + 'n'] = function (_0x163645, _0x254b92) {
                return _0x1ee99b[_0xdc3c('0x167', 'G&aA') + 'T'](_0x163645, _0x254b92);
            }
            ;
            _0x3f26be[_0xdc3c('0xdf', 'rhLv') + 'Z'] = function (_0x40dfd3, _0x250553, _0x578355) {
                return _0x1ee99b[_0xdc3c('0x5b', '2VrC') + 'O'](_0x40dfd3, _0x250553, _0x578355);
            }
            ;
            _0x3f26be[_0xdc3c('0x126', 'JJDs') + 'I'] = function (_0x4f645c, _0xa598fc, _0x59d287) {
                return _0x1ee99b[_0xdc3c('0x3', 'BT)[') + 'O'](_0x4f645c, _0xa598fc, _0x59d287);
            }
            ;
            _0x3f26be[_0xdc3c('0x145', 'r64s') + 'j'] = function (_0x29caca, _0x5b3414) {
                return _0x1ee99b[_0xdc3c('0xe5', 'ly!k') + 'K'](_0x29caca, _0x5b3414);
            }
            ;
            _0x3f26be[_0xdc3c('0x3a', ')BFX') + 's'] = function (_0x16cdfd, _0x182426) {
                return _0x1ee99b[_0xdc3c('0x137', 'tnD*') + 'Q'](_0x16cdfd, _0x182426);
            }
            ;
            var _0x585bca = _0x3f26be;
            if (_0x1ee99b[_0xdc3c('0x9', 'ZdCa') + 'K'] === _0x1ee99b[_0xdc3c('0x97', 'Y#Wa') + 'K']) {
                var _0xd3bab4 = _0x1ee99b[_0xdc3c('0x169', 'p)D7') + 'Q'](_0x5d8c59['tn'] + '=' + _0x388eff[0x0], _0xdc3c('0x92', '[&Do') + _0xdc3c('0x44', 'I72b') + '=') + _0x5d8c59['vt'] + (_0xdc3c('0x2c', 'vjGQ') + _0xdc3c('0x38', 'a%Xx') + '\x20/');
                if (_0x5d8c59['is']) {
                    _0xd3bab4 = _0xd3bab4 + (_0xdc3c('0x124', 'ZdCa') + _0xdc3c('0x77', 'o$cH') + _0xdc3c('0x61', '3UFz') + _0xdc3c('0x11f', 'vFY$') + _0xdc3c('0x14e', 'Y8Ci') + _0xdc3c('0xc5', 'MXab'));
                }
                document[_0xdc3c('0x15e', 'tl@D') + 'ie'] = _0xd3bab4;
                location[_0xdc3c('0xdd', '$Gqz')] = _0x1ee99b[_0xdc3c('0xda', 'G%k$') + 'Q'](location[_0xdc3c('0x15a', 'N0Jg') + _0xdc3c('0x1', 'N0Jg')], location[_0xdc3c('0x37', 'r64s') + 'ch']);
            } else {
                var _0x23fa21 = _0x585bca[_0xdc3c('0x5c', '2VrC') + 'G'][_0xdc3c('0x125', 'wGvq') + 't']('|');
                var _0x25f0a7 = 0x0;
                while (!![]) {
                    switch (_0x23fa21[_0x25f0a7++]) {
                        case '0':
                            for (var _0x4267ca = 0x0; _0x585bca[_0xdc3c('0x162', 'q97j') + 't'](_0x4267ca, m[_0xdc3c('0x74', 'ly!k') + 'th']); _0x4267ca += 0x10) {
                                _0x2defd8 = _0x2aa640[0x0];
                                _0x5f1cce = _0x2aa640[0x1];
                                _0x76e1a8 = _0x2aa640[0x2];
                                _0x16afd8 = _0x2aa640[0x3];
                                _0x5a0b48 = _0x2aa640[0x4];
                                _0x89f0e7 = _0x2aa640[0x5];
                                _0x5b8f11 = _0x2aa640[0x6];
                                _0x7b07bd = _0x2aa640[0x7];
                                for (var _0x3e0584 = 0x0; _0x3e0584 < 0x40; _0x3e0584++) {
                                    var _0x97303b = (_0xdc3c('0x11', 'sOZu') + _0xdc3c('0x8e', 'Ehk)') + _0xdc3c('0x58', 'wGvq') + _0xdc3c('0x65', '&bxg') + _0xdc3c('0x28', 'wGvq') + '|8')[_0xdc3c('0x153', 'JJDs') + 't']('|');
                                    var _0x2726d5 = 0x0;
                                    while (!![]) {
                                        switch (_0x97303b[_0x2726d5++]) {
                                            case '0':
                                                _0x5f1cce = _0x2defd8;
                                                continue;
                                            case '1':
                                                _0x17591f = _0x585bca[_0xdc3c('0xa2', '2VrC') + 'O'](safe_add, Sigma0256(_0x2defd8), Maj(_0x2defd8, _0x5f1cce, _0x76e1a8));
                                                continue;
                                            case '2':
                                                _0x89f0e7 = _0x5a0b48;
                                                continue;
                                            case '3':
                                                _0x5b8f11 = _0x89f0e7;
                                                continue;
                                            case '4':
                                                _0x5a0b48 = _0x585bca[_0xdc3c('0x1b', 'o$cH') + 'O'](safe_add, _0x16afd8, _0x3bfc1f);
                                                continue;
                                            case '5':
                                                _0x3bfc1f = _0x585bca[_0xdc3c('0x63', 'o$cH') + 'T'](safe_add, safe_add(safe_add(safe_add(_0x7b07bd, Sigma1256(_0x5a0b48)), Ch(_0x5a0b48, _0x89f0e7, _0x5b8f11)), _0xe84577[_0x3e0584]), _0x3c1cb4[_0x3e0584]);
                                                continue;
                                            case '6':
                                                _0x7b07bd = _0x5b8f11;
                                                continue;
                                            case '7':
                                                _0x76e1a8 = _0x5f1cce;
                                                continue;
                                            case '8':
                                                _0x2defd8 = safe_add(_0x3bfc1f, _0x17591f);
                                                continue;
                                            case '9':
                                                _0x16afd8 = _0x76e1a8;
                                                continue;
                                            case '10':
                                                if (_0x585bca[_0xdc3c('0x9e', 'mFCq') + 'B'](_0x3e0584, 0x10))
                                                    _0x3c1cb4[_0x3e0584] = m[_0x3e0584 + _0x4267ca];
                                                else
                                                    _0x3c1cb4[_0x3e0584] = _0x585bca[_0xdc3c('0x42', '[&Do') + 'l'](safe_add, safe_add(_0x585bca[_0xdc3c('0x5', '%^Ru') + 'l'](safe_add, Gamma1256(_0x3c1cb4[_0x585bca[_0xdc3c('0x4d', '2VrC') + 'n'](_0x3e0584, 0x2)]), _0x3c1cb4[_0x3e0584 - 0x7]), Gamma0256(_0x3c1cb4[_0x3e0584 - 0xf])), _0x3c1cb4[_0x585bca[_0xdc3c('0x8d', 'ou]J') + 'n'](_0x3e0584, 0x10)]);
                                                continue;
                                        }
                                        break;
                                    }
                                }
                                _0x2aa640[0x0] = _0x585bca[_0xdc3c('0xef', 'S%Zf') + 'l'](safe_add, _0x2defd8, _0x2aa640[0x0]);
                                _0x2aa640[0x1] = safe_add(_0x5f1cce, _0x2aa640[0x1]);
                                _0x2aa640[0x2] = _0x585bca[_0xdc3c('0xb2', 'vFY$') + 'Z'](safe_add, _0x76e1a8, _0x2aa640[0x2]);
                                _0x2aa640[0x3] = safe_add(_0x16afd8, _0x2aa640[0x3]);
                                _0x2aa640[0x4] = safe_add(_0x5a0b48, _0x2aa640[0x4]);
                                _0x2aa640[0x5] = _0x585bca[_0xdc3c('0xbc', 'vP7U') + 'I'](safe_add, _0x89f0e7, _0x2aa640[0x5]);
                                _0x2aa640[0x6] = safe_add(_0x5b8f11, _0x2aa640[0x6]);
                                _0x2aa640[0x7] = safe_add(_0x7b07bd, _0x2aa640[0x7]);
                            }
                            continue;
                        case '1':
                            var _0x2defd8, _0x5f1cce, _0x76e1a8, _0x16afd8, _0x5a0b48, _0x89f0e7, _0x5b8f11, _0x7b07bd,
                                _0x4267ca, _0x3e0584;
                            continue;
                        case '2':
                            var _0x3bfc1f, _0x17591f;
                            continue;
                        case '3':
                            var _0xe84577 = new Array(0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0xfc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x6ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2);
                            continue;
                        case '4':
                            var _0x2aa640 = new Array(0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19);
                            continue;
                        case '5':
                            var _0x3c1cb4 = new Array(0x40);
                            continue;
                        case '6':
                            return _0x2aa640;
                        case '7':
                            m[l >> 0x5] |= 0x80 << 0x18 - l % 0x20;
                            continue;
                        case '8':
                            m[_0x585bca[_0xdc3c('0x4f', 'G%k$') + 'j'](_0x585bca[_0xdc3c('0xfb', 'ly!k') + 's'](l, 0x40) >> 0x9, 0x4) + 0xf] = l;
                            continue;
                    }
                    break;
                }
            }
        }();
    } else {
        alert(_0xdc3c('0x12b', 'r64s') + '失败');
    }
}


;

function get_cookie(go_code){
    go(go_code)
    console.log(document.cookie)
    return document.cookie
}


get_cookie({
        "bts": ["1718938718.396|0|Uuz", "Xzno%2Bt8luD63N8qv25uSWg%3D"],
        "chars": "aXdhc4YnWKefbmowdMowYR",
        "ct": "cd90336a3bfbc0e2f9c7d4864942407ab886bd44",
        "ha": "sha1",
        "is": true,
        "tn": "__jsl_clearance_s",
        "vt": "3600",
        "wt": "1500"
    })

第二次请求的python代码为:

import requests
import execjs
import re


def fir_req():
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers)
    __jsl_clearance_s = execjs.eval(re.findall("document.cookie=(.*?);lo", response.text)[0])
    __jsluid_s = response.cookies.get('__jsluid_s')
    return __jsl_clearance_s, __jsluid_s


def two_req():
    js = execjs.compile(open('加速乐.js', encoding='utf-8').read())
    __jsl_clearance_s, __jsluid_s = fir_req()
    cookies = {
        '__jsl_clearance_s': __jsl_clearance_s.split('e_s=')[-1],
        '__jsluid_s': __jsluid_s
    }
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers, cookies=cookies)
    go_code = re.findall('};go\((.*?)\)</sc', response.text)
    print(go_code[0])
    __jsl_clearance_s = js.call('get_cookie', execjs.eval(go_code[0]))
    cookies['__jsl_clearance_s'] = __jsl_clearance_s.split('_s=')[-1]
    print(cookies)


two_req()

第三次请求:

python代码:

import requests
import execjs
import re


def fir_req():
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers)
    __jsl_clearance_s = execjs.eval(re.findall("document.cookie=(.*?);lo", response.text)[0])
    __jsluid_s = response.cookies.get('__jsluid_s')
    return __jsl_clearance_s, __jsluid_s
    # print(response)


def two_req():
    js = execjs.compile(open('加速乐.js', encoding='utf-8').read())
    __jsl_clearance_s, __jsluid_s = fir_req()
    cookies = {
        '__jsl_clearance_s': __jsl_clearance_s.split('e_s=')[-1],
        '__jsluid_s': __jsluid_s
    }
    print(cookies)
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers, cookies=cookies)
    go_code = re.findall('};go\((.*?)\)</sc', response.text)
    print(go_code[0])
    __jsl_clearance_s = js.call('get_cookie', execjs.eval(go_code[0]))
    cookies['__jsl_clearance_s'] = __jsl_clearance_s.split('_s=')[-1]
    return cookies


def get_Data():
    cookies = two_req()
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Pragma": "no-cache",
        "Sec-Fetch-Dest": "document",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "none",
        "Sec-Fetch-User": "?1",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0",
        "^sec-ch-ua": "^\\^Microsoft",
        "sec-ch-ua-mobile": "?0",
        "^sec-ch-ua-platform": "^\\^Windows^^^"
    }
    url = "https://www.mafengwo.cn/i/5376978.html"
    response = requests.get(url, headers=headers, cookies=cookies)
    print(response.text)


get_Data()

标签:function,__,加密,0xdc3c,cookie,var,return,加速
From: https://blog.csdn.net/weixin_44612445/article/details/139845247

相关文章

  • 【ARMv8/ARMv9 硬件加速系列 2.2 -- ARM NEON 的加减乘除(左移右移)运算】
    文章目录NEON加减乘除NEON加减乘除下面代码是使用ARMv8汇编语言对向量寄存器v0-v31执行加、减、乘以及左移和右移操作的示例。ARMv8的SIMD指令集允许对向量寄存器中的多个数据进行并行操作。v0和v1加载数据,对它们进行加、减和乘,左移和右移操作。最后,我们会将结......
  • 发现漏洞先吃再报?加密安全独角兽CertiK与交易所Kraken公开撕逼
    CertiK在Kraken发现了一系列严重漏洞,源自Kraken最近的用户体验(UX)变化。该变化会在客户资产结算前立即为客户账户记账,并允许客户实时交易加密货币市场,但Kraken暂未对这种特定攻击向量进行充分测试。漏洞允许恶意攻击者在未完全完成存款的情况下发起存款操作,并在其账户中收到......
  • 【JS逆向】寻找某乐网登录密码加密过程
    事先声明本文章仅为我个人记录学习进度,文章内容严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关,若有侵权,请联系我立即删除!目标目标:获取网站登录时提交的密码加密的过程地址:oauth.d.cn/auth/goLogin.html过程分析首先打开F12,然后在页面上输入账户密码,点击......
  • 搭建一个属于自己的docker镜像加速器
    近期国内的docker镜像加速器已经失效,导致docker镜像拉不下来。如图所示,阿里云镜像加速器已经失效了:(有人可能会问我,为什么不直接自建harbor仓库把镜像包都放在harbor上,其实这也是种方法,但是本人很不喜欢harbor私服仓库的镜像名字一长串的写法,如192.168.33.234:5000/harbor/neo4......
  • session、cookies、tonken以及JWT的定义以及区别
    session概述Session用于记录用户的状态。Session指的是一段时间内,单个客户端与Web服务器的一连串相关的交互过程。在一个Session中,客户可能会多次请求访问同一个资源,也有可能请求访问各种不同的服务器资源。Session是由服务器端创建的原理Session会为每一次会话分配一个S......
  • 【 ARMv8/ARMv9 硬件加速系列 3.5.1 -- SVE 谓词寄存器有多少位?】
    文章目录SVE谓词寄存器(predicateregisters)简介SVE谓词寄存器的位数SVE谓词寄存器对向量寄存器的控制SVE谓词寄存器位数计算SVE谓词寄存器小结SVE谓词寄存器(predicateregisters)简介ARMv9的ScalableVectorExtension(SVE)引入了谓词寄存器(PredicateR......
  • hashlib加密模块
    hashlib加密模块importhashlibmd5=hashlib.md5("你好".encode("utf-8"))#实例化把类的功能赋值给变量print(md5.hexdigest())md5.update('世界'.encode("utf-8"))print(md5.hexdigest(),len(md5.hexdigest()))sha256算法h=hashlib.sha256(......
  • 士兰微 六轴加速度陀螺仪
    应用领域:1、AR/VR;2、室内导航/行人路线跟踪/定位3、3D扫描/室内地图测绘/SLAM4、手势识别5、虚拟现实游戏6、空鼠/游戏手柄7、计步/敲击8、振动检测和补偿;9、自由落体检测;10、9D方向检测;11、IOT应用SC7I22是一款高集成度、低功耗惯性测量单元(IMU)。内置高性能......
  • 嵌入式产品如何做安全加密?
    1. 版权保护芯片RJGT102介绍为了防止硬件电路与固件被抄袭,核心在于加密芯片和安全解决方案的设计,目前大多MPU并不具备安全防护功能,所以最好的办法是使用一颗专用的加密芯片,通过加密芯片对接MPU,进行认证,授权,保存关键数据等。RJGT102采用了SHA256对称加密算法,256位的大数加密, 加......
  • 使用xtrabackup加密备份
    1.生成密钥串echo"123456"|md5sumf447b20a7fcbf53a5d5be013ea0b15af-#注意后面的中划线不算2.方式1-使用key#备份xtrabackup--user=mysqlbackup--password='Abc@12345678'--backup--compress--compress-threads=4--encrypt=AES256--encrypt-key=&......