【100个JS逆向案例】cnki学术翻译AES加密分析

时间：2023-03-26 11:30:44 Python

关注微信公众号:BrotherKcrawler,QQexchangegroup:808574309,continuetosharetechnicaldrygoodssuchascrawleradvancement,JS/Androidreverseengineering!Itisdeclaredthatallthecontentinthisarticleisforlearningandcommunicationonly.Thecapturedcontent,sensitiveURLs,anddatainterfaceshavebeendesensitized,andarestrictlyprohibitedfrombeingusedforcommercialorillegalpurposes.Otherwise,allconsequencesarisingtherefromhavenothingtodowiththeauthor.Infringement,pleasecontactmetodeleteimmediately!逆向目标目标：cnki学术翻译AES加密主页：aHR0cHM6Ly9kaWN0LmNua2kubmV0L2luZGV4接口：aHR0cHM6Ly9kaWN0LmNua2kubmV0L2Z5enMtZnJvbnQtYXBpL3RyYW5zbGF0ZS9saXRlcmFsdHJhbnNsYXRpb24=逆向参数：RequestPayload：words:"kufhG_UJw_k3Sfr3j0BLAA=="逆向过程本期逆向素材来源于K哥爬虫交流群里某位群友的求助，Thegoaliscnkiacademictranslation,andfanswanttoachievetwofunctions:1.Breakthroughthelimitof1000charactersinEnglish;2.Reversetheencryptionprocess.Gotothetranslationhomepage,grabthepacketandlocatethetranslationinterface,youcanseethatintheRequestPayload,thetexttobetranslatedwillbeencrypted,asshowninthefigurebelow:Ifyousearchforthekeywordwordsdirectly,youwillfindalotofresults,whichisnoteasytofind,noticethatthereisalsoatranslateTypeinthePayloadparameter,thenyoucandirectlysearchfortranslateType,becausethesetwoparametersareusuallynexttoeachother,ofcourse,youcanalsouseXHRbreakpointstofindit,butitismoretroublesome,andthesearchresultsareallInapp.9fb42bb0.js,noticethatthereisencryptinthelastresult,whichmeansencryption,whichisbasicallytheplaceofencryption:print(0,h.encrypto)(this.inputWord)ontheconsole,whichistheencryptedresult:Continuetofollowuph.encrypto,obviouslyAESencryption,n="4e87183cfd3a45fe",nisthekey,modeECB,fillPkcs7,andfinallydosomestringreplacementprocessing,asshowninthefigurebelow:knowtheencryptionalgorithm,keyandotherkeyparameters,thenitisOKtodirectlyreferencethecrypto-jsmoduletoimplement,theJavaScriptcodeisasfollows://referencethecrypto-jsencryptionmodulevarCryptoJS=require('crypto-js')functions(t){varn="4e87183cfd3a45fe"vare={mode:CryptoJS.mode.ECB,padding:CryptoJS.pad.Pkcs7},i=CryptoJS.enc.Utf8.parse(n),s=CryptoJS.AES.encrypt(t,i,e),r=s.toString().replace(/\//g,"_");returnr=r.replace(/\+/g,"-"),r}console.log(s("Test"))//kufhG_UJw_k3Sfr3j0BLAA==使用Python翻译的小demo:#=====================================#--*--编码：utf-8--*--#@Time:2021-11-05#@作者:微信：K哥笨虫#@FileName:cnki.py#@Software:PyCharm#==================================importexecjsimportrequeststoken_url="https://dict.cnki.net/fyzs-front-api/getToken"translation_api="https://dict.cnki.net/fyzs-front-api/translate/literaltranslation"UA="Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/94.0.4606.81Safari/537.36"session=requests.session()defget_token():headers={"User-Agent":UA}response=session.get(url=token_url,headers=headers).json()token=response["data"]returntokendefget_encrypted_word(word):withopen('cnki_encrypt.js','r',编码='utf-8')asf:cnki_js=f.read()encrypted_word=execjs.compile(cnki_js).call('s',word)returnencrypted_worddefget_translation_result(encrypted_word,token):payload={"translateType":无，“words”：encrypted_word}headers={“Token”：token，“User-Agent”：UA}response=session.post(url=translation_api,headers=headers,json=payload).json()result=response["data"]["mResult"]returnresultdefmain():word=input("请输入为translatedString:")token=get_token()encrypted_word=get_encrypted_word(word)result=get_translation_result(encrypted_word,token)print("Thetranslationresultis:",result)if__name__=="__main__":main()粉丝有一个more问题是字符数的限制。看看能不能突破。实际测试限制是英文1000个字符，中文500个字符，如下图所示：其实这种限制不仅是前端限制，服务器端也有限制。您可以携带500个以上的中文字符来请求。第一个字符是“Test1”，最后三个字符是“Test2”。此时，已经超过了500个字符。我们可以看到，Test2并没有出现在翻译结果中，所以如果要翻译很多字符串，只能分成几部分进行处理。

上一篇：Python列表理解-迭代器-生成器-匿名函数详解

下一篇：Python一键获取Top100榜单电影信息

【100个JS逆向案例】cnki学术翻译AES加密分析相关文章