入口:
传递的参数值:
sign函数
function() {
var _0x36c5d3 = _0x79c1ce;
let _0x479298 = arguments[_0x36c5d3(0x5a9, 'PHXL')] > 0x0 && void 0x0 !== arguments[0x0] ? arguments[0x0] : {};
try {
var _0x1a6f66;
if (!_0x32d6a8[_0x36c5d3(0x4d7, 'l!Uo')][_0x36c5d3(0x3a7, 'yS(K')]) return _0x347d76[_0x36c5d3(0x514, 'j7Mt')][_0x36c5d3(0x323, 'a$#V')](_0x36c5d3(0x543, 'XEk5'), {
'reason': _0x36c5d3(0x56a, 'an)q')
}),
Promise[_0x36c5d3(0x3cd, 'aSrl')]({});
const _0x48393f = (0x0, _0xbae138[_0x36c5d3(0x5fd, 't[mc')])(),
_0x4085c6 = '' [_0x36c5d3(0x536, 'J0hY')](Date[_0x36c5d3(0x37b, 'aO!D')]());
let _0x3a0e53 = _0x479298;
_0x36c5d3(0x230, 'R90F') != typeof _0x479298 && (_0x3a0e53 = {});
const _0x209c05 = _0x4438f3(_0x4438f3({},
_0x3a0e53), {},
{
'random': _0x48393f,
'timestamp': _0x4085c6
}),
_0x2c4733 = JSON[_0x36c5d3(0x44c, '3z04')](_0x209c05) + (0x0, _0x167d7d[_0x36c5d3(0x5a5, 'hjcQ')])();
return (null === (_0x1a6f66 = (0x0, _0x438ffe[_0x36c5d3(0x40b, 'J0hY')])(_0x2c4733)) || void 0x0 === _0x1a6f66 ? void 0x0: _0x1a6f66[_0x36c5d3(0x44d, '$@]b')](function(_0x1eacf4) {
return {
'pcSign': _0x1eacf4 || '',
'random': _0x48393f,
'timestamp': _0x4085c6
};
})) || Promise[_0x36c5d3(0x266, 'aO!D')]({});
} catch(_0x51361c) {
return _0x347d76[_0x36c5d3(0x57d, 'PR!R')][_0x36c5d3(0x4b0, 'JEGu')](_0x36c5d3(0x21d, 'UAr['), {
'reason': '' [_0x36c5d3(0x4de, 'gf^x')](_0x51361c)
}),
Promise[_0x36c5d3(0x629, '7n#R')]({});
}
}
定位security.SDK.umd.js
_0x10bdff[_0x79c1ce(0x475, '[wa(')] = function() {
var _0x36c5d3 = _0x79c1ce;
let _0x479298 = arguments[_0x36c5d3(0x5a9, 'PHXL')] > 0x0 && void 0x0 !== arguments[0x0] ? arguments[0x0] : {};
try {
var _0x1a6f66;
if (!_0x32d6a8[_0x36c5d3(0x4d7, 'l!Uo')][_0x36c5d3(0x3a7, 'yS(K')])
return _0x347d76[_0x36c5d3(0x514, 'j7Mt')][_0x36c5d3(0x323, 'a$#V')](_0x36c5d3(0x543, 'XEk5'), {
'reason': _0x36c5d3(0x56a, 'an)q')
}),
Promise[_0x36c5d3(0x3cd, 'aSrl')]({});
const _0x48393f = (0x0,
_0xbae138[_0x36c5d3(0x5fd, 't[mc')])()
, _0x4085c6 = ''[_0x36c5d3(0x536, 'J0hY')](Date[_0x36c5d3(0x37b, 'aO!D')]());
let _0x3a0e53 = _0x479298;
_0x36c5d3(0x230, 'R90F') != typeof _0x479298 && (_0x3a0e53 = {});
const _0x209c05 = _0x4438f3(_0x4438f3({}, _0x3a0e53), {}, {
'random': _0x48393f,
'timestamp': _0x4085c6
})
, _0x2c4733 = JSON[_0x36c5d3(0x44c, '3z04')](_0x209c05) + (0x0,
_0x167d7d[_0x36c5d3(0x5a5, 'hjcQ')])();
return (null === (_0x1a6f66 = (0x0,
_0x438ffe[_0x36c5d3(0x40b, 'J0hY')])(_0x2c4733)) || void 0x0 === _0x1a6f66 ? void 0x0 : _0x1a6f66[_0x36c5d3(0x44d, '$@]b')](function(_0x1eacf4) {
return {
'pcSign': _0x1eacf4 || '',
'random': _0x48393f,
'timestamp': _0x4085c6
};
})) || Promise[_0x36c5d3(0x266, 'aO!D')]({});
} catch (_0x51361c) {
return _0x347d76[_0x36c5d3(0x57d, 'PR!R')][_0x36c5d3(0x4b0, 'JEGu')](_0x36c5d3(0x21d, 'UAr['), {
'reason': ''[_0x36c5d3(0x4de, 'gf^x')](_0x51361c)
}),
Promise[_0x36c5d3(0x629, '7n#R')]({});
}
}
;
const _0x32d6a8 = _0x535b3(0x53)
, _0xbae138 = _0x535b3(0xfd)
, _0x167d7d = _0x535b3(0x3ba)
, _0x438ffe = _0x535b3(0x1b5)
, _0x347d76 = _0x535b3(0x2a4);
},
打断点调试
1.
此时拿到random(_0x48393f)的值
const _0x48393f = (0x0,_0xbae138[_0x36c5d3(0x5fd, 't[mc')])(), _0x4085c6 = ''[_0x36c5d3(0x536, 'J0hY')](Date[_0x36c5d3(0x37b, 'aO!D')]());
根据上述函数,已知函数标量_0x36c5d3
function(_0x457ace, _0x349832) {
_0x457ace = _0x457ace - 0x18a;
var _0x4c6e1a = _0x19971f[_0x457ace];
if (a0_0x457a['pIaRKj'] === undefined) {
var _0x2a073e = function(_0x3f86c9) {
var _0x153ef8 = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';
var _0x6873a5 = '',
_0x41c8da = '';
for (var _0x5c7b8d = 0x0,
_0x27fa83, _0x3f32c6, _0xef38ce = 0x0; _0x3f32c6 = _0x3f86c9['charAt'](_0xef38ce++);~_0x3f32c6 && (_0x27fa83 = _0x5c7b8d % 0x4 ? _0x27fa83 * 0x40 + _0x3f32c6: _0x3f32c6, _0x5c7b8d++%0x4) ? _0x6873a5 += String['fromCharCode'](0xff & _0x27fa83 >> ( - 0x2 * _0x5c7b8d & 0x6)) : 0x0) {
_0x3f32c6 = _0x153ef8['indexOf'](_0x3f32c6);
}
for (var _0x56ffc6 = 0x0,
_0x2026b1 = _0x6873a5['length']; _0x56ffc6 < _0x2026b1; _0x56ffc6++) {
_0x41c8da += '%' + ('00' + _0x6873a5['charCodeAt'](_0x56ffc6)['toString'](0x10))['slice']( - 0x2);
}
return decodeURIComponent(_0x41c8da);
};
var _0x384326 = function(_0x5a7df8, _0x68a587) {
var _0x46b693 = [],
_0xb659b6 = 0x0,
_0x38697a,
_0x299539 = '';
_0x5a7df8 = _0x2a073e(_0x5a7df8);
var _0x3b9660;
for (_0x3b9660 = 0x0; _0x3b9660 < 0x100; _0x3b9660++) {
_0x46b693[_0x3b9660] = _0x3b9660;
}
for (_0x3b9660 = 0x0; _0x3b9660 < 0x100; _0x3b9660++) {
_0xb659b6 = (_0xb659b6 + _0x46b693[_0x3b9660] + _0x68a587['charCodeAt'](_0x3b9660 % _0x68a587['length'])) % 0x100,
_0x38697a = _0x46b693[_0x3b9660],
_0x46b693[_0x3b9660] = _0x46b693[_0xb659b6],
_0x46b693[_0xb659b6] = _0x38697a;
}
_0x3b9660 = 0x0,
_0xb659b6 = 0x0;
for (var _0x271a01 = 0x0; _0x271a01 < _0x5a7df8['length']; _0x271a01++) {
_0x3b9660 = (_0x3b9660 + 0x1) % 0x100,
_0xb659b6 = (_0xb659b6 + _0x46b693[_0x3b9660]) % 0x100,
_0x38697a = _0x46b693[_0x3b9660],
_0x46b693[_0x3b9660] = _0x46b693[_0xb659b6],
_0x46b693[_0xb659b6] = _0x38697a,
_0x299539 += String['fromCharCode'](_0x5a7df8['charCodeAt'](_0x271a01) ^ _0x46b693[(_0x46b693[_0x3b9660] + _0x46b693[_0xb659b6]) % 0x100]);
}
return _0x299539;
};
a0_0x457a['mlzgZn'] = _0x384326,
_0x348322 = arguments,
a0_0x457a['pIaRKj'] = !![];
}
var _0x2a2c40 = _0x19971f[0x0],
_0x17806e = _0x457ace + _0x2a2c40,
_0x4fed40 = _0x348322[_0x17806e];
return ! _0x4fed40 ? (a0_0x457a['kveOFi'] === undefined && (a0_0x457a['kveOFi'] = !![]), _0x4c6e1a = a0_0x457a['mlzgZn'](_0x4c6e1a, _0x349832), _0x348322[_0x17806e] = _0x4c6e1a) : _0x4c6e1a = _0x4fed40,
_0x4c6e1a;
}
拆解0x48393f构成
- 解析_0x4085c6的生成
_0x4085c6 = ''[_0x36c5d3(0x536, 'J0hY')](Date[_0x36c5d3(0x37b, 'aO!D')]())
继续对function(_0x457ace, _0x349832),即_0x36c5d3函数打断点
