声明
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
大部分补环境代码
//仅供学习使用
window = global
self = window
top=window
window.origin='###'
window.addEventListener = function addEventListener() {
console.log('window.addEventListener', arguments)
}
document = {}
navigator = {}
window.localStorage = {
getItem: function (key) {
return window.localStorage[key] || null;
},
setItem: function (key, value) {
window.localStorage[key] = value.toString();
this.length = Object.keys(window.localStorage).length;
},
removeItem: function (key) {
delete window.localStorage[key];
this.length = Object.keys(window.localStorage).length;
},
clear: function () {
window.localStorage = {};
window.localStorage.length = 0;
},
key: function (index) {
return Object.keys(window.localStorage)[index] || null;
}
}
location = {
"ancestorOrigins": {},
"href": "#####",
"origin": "##",
"protocol": "https:",
"host": "##",
"hostname": "##",
"port": "",
"pathname": "#",
"search": "#",
"hash": "",
toString: function toString() {
return location.href
}
}
screen = {}
screen.availWidth = 1536
window.screenTop=0
window.outerWidth = 1536
navigator.getBattery = function getBattery() {
console.log('navigator.getBattery', arguments)
}
document.hidden = false
HTMLCanvasElement=function HTMLCanvasElement(){}
HTMLMediaElement=function HTMLMediaElement(){}
HTMLCanvasElement.prototype.toDataURL=function toDataURL(){
throw new TypeError('Illegal invocation')
}
a={href:""}
document.createElement = function createElement(tagName) {
console.log('createElement', arguments)
if (tagName === 'canvas') {
return canvas
}
if(tagName==='a'){
return a
}
}
window.performance={
"timeOrigin": 1708407536616.6,
"timing": {
"connectStart": 0,
"navigationStart": 1708407536617,
"secureConnectionStart": 0,
"fetchStart": 0,
"domContentLoadedEventStart": 1708407536619,
"responseStart": 0,
"domInteractive": 1708407536619,
"domainLookupEnd": 0,
"responseEnd": 1708407536619,
"redirectStart": 0,
"requestStart": 0,
"unloadEventEnd": 0,
"unloadEventStart": 0,
"domLoading": 1708407536617,
"domComplete": 1708407536621,
"domainLookupStart": 0,
"loadEventStart": 1708407536621,
"domContentLoadedEventEnd": 1708407536619,
"loadEventEnd": 1708407536621,
"redirectEnd": 0,
"connectEnd": 0
},
}
navigator.plugins= [
{name: "PDF Viewer", description: "Portable Document Format", filename: "internal-pdf-viewer"},
{name: "Chrome PDF Viewer", description: "Portable Document Format", filename: "internal-pdf-viewer"},
{name: "Chromium PDF Viewer", description: "Portable Document Format", filename: "internal-pdf-viewer"},
{name: "Microsoft Edge PDF Viewer", description: "Portable Document Format", filename: "internal-pdf-viewer"},
{name: "WebKit built-in PDF", description: "Portable Document Format", filename: "internal-pdf-viewer"},
]
navigator.mimeTypes= [
{type: 'application/aliedit', suffixes: '', description: 'npaliedit'},
{type: 'application/asx', suffixes: '*', description: ''},
{type: 'application/cenroll.cenroll.version.1', suffixes: '',description: 'CEnroll'},
{type: 'application/hwepass2001.installepass2001', suffixes: '', description: 'HwEpass2001'},
{type: 'application/hwpta.itrushwpta', suffixes: '', description: 'hwPTA'},
{type: 'application/hwwdkey.installwdkey', suffixes: '', description: 'hwWDkey'},
{type: 'application/itrusenroll.certenroll.version.1', suffixes: '', description: 'IEnroll'},
{type: 'application/java-deployment-toolkit', suffixes: '', description: ''},
{type: 'application/pdf', suffixes: 'pdf', description: ''},
{type: 'application/pta.itruspta.version.1', suffixes: '*', description: 'PTA'},
{type: 'application/qscall-plugin', suffixes: 'dll', description: 'DLL'},
{type: 'application/tecent-qqlive-plugin', suffixes: '', description: ''},
{type: 'application/tecent-qzonemusic-plugin', suffixes: 'rts', description: "This plug-in is transfers of QzoneMusic when opening Qzone in a web page with Firefox."},
{type: 'application/tencent-qqphotodrawex2-plugin', suffixes: 'rts', description: ''},
{type: 'application/x-alisecctrl-plugin', suffixes: '*', description: 'npAliSecCtrl.dll'},
{type: 'application/x-google-chrome-pdf', suffixes: 'pdf', description: 'Portable Document Format'},
{type: 'application/x-java-applet', suffixes: '', description: 'Java Applet'},
{type: 'application/x-java-applet;deploy=11.321.2', suffixes: '', description: ''},
{type: 'application/x-java-applet;javafx=8.0.321', suffixes: '', description: ''},
{type: 'application/x-java-applet;jpi-version=1.8.0_321', suffixes: '', description: ''},
{type: 'application/x-java-applet;version=1.1', suffixes: '', description: ''},
]
分析思路过程截图
思路
阿里一般都是jsvmp直接找哪个文件是jsvmp文件调用的,一般点进去就是加密的了。