某安网别逆向,一不小心就......

大家好,我是TheWeiJun,欢迎来到我的公众号。在现代互联网中,cookie成为了网站管理的重要工具。某些网站会对cookie进行加密,以加强数据的安全性和保密性。然而,逆向加密算法并不是一件简单的事情。本文将探讨如何逆向某安网站的cookie加密参数,向读者介绍这一过程中所涉及的技术和工具,并提供详细的步骤和示例代码,以帮助读者更好地理解和掌握Cookie加密的原理与实现。

特别声明:本公众号文章只作为学术研究,不作为其他不法用途;如有侵权请联系作者删除。

 目录

一、前言介绍

二、网站分析

三、参数分析

四、算法还原

五、思路总结

趣味模块

小明是一个喜欢在网上冲浪的年轻人,有一天他发现自己的浏览历史被一个神秘网站所掌握。他决定追踪这个网站,最终发现了一个逆向cookie的方法。于是小明开始了他的行动——他开始了一场刺激的冒险,试图找出那个神秘的网站,并摧毁他的逆向cookie技术。这是一场令人兴奋的旅程,让小明不仅仅是拯救了自己的隐私,还成为了一个网络安全的英雄。(故事情节虚构😂) 小明公众号如下:

逆向与爬虫的故事(公众号

专注于网络爬虫、JS逆向、APP逆向、安全攻防实战经验分享及总结。


一、前言介绍

前言:在现代互联网中,cookie成为了网站管理的重要工具。某些网站会对cookie进行加密,以加强数据的安全性和保密性。然而,逆向加密算法并不是一件简单的事情。本文将探讨如何逆向某安网站的cookie加密参数,向读者介绍这一过程中所涉及的技术和工具,并提供详细的步骤和示例代码,以帮助读者更好地理解和掌握Cookie加密的原理与实现。


二、网站分析

1、首先打开我们本次分析的网址,通过curl复制请求信息,截图如下:

2、将刚刚Copy as cURL的信息粘贴到curl在线工具中转换为Python代码,截图如下:

3、复制上面的代码到pycharm工具中,运行代码后,截图如下所示:

4、很显然,网站可以正常访问。我们将cookie去掉后,再次运行代码,截图如下所示:

5、观察上图,我们发现网站不能够正常展示了。紧接着,我们一起分析下cookie中的参数都有哪些吧!经过测试,以下参数会影响网站首页正常展示:

  • __jsluid_s

  • __jsl_clearance_s

说明:接下来让我们通过技术手段去分析这些参数如何生成,并能够正常访问该网站吧。


三、参数分析

1、我们将pycharm中cookie全部清空,再次发送请求包,此刻注意观察接口状态码,截图如下所示:

总结:得到状态码信息后,如果我们想要通过代码去重现浏览器的请求,则需要浏览器清除cookie后,捕获网站的请求栈则即可分析出cookie中的加密值是如何生成的。

2、接下来,我们使用EditThisCookie插件清空该网站cookie,截图如下所示:

总结:如果不知道插件如何下载的,可以通过公众号后台或者私聊我进行获取。

3、执行清空cookie命令后,要确保当前网站cookie信息如下图所示即可:

4、接下来我们打开开发者工具,捕获新的请求,重现cookie加载获取过程,截图如下所示:

5、观察第一个521状态码的请求,分析下Response、Request信息,截图如下所示:

总结:我们在第一个index.html请求中发现了__jsluid_s参数,该参数是通过Response Headers中的SetCookie返回的。但是我们在第一个index.html的Response中并没有看到pycharm中的那些js代码,此刻我比较疑惑;接下来我们一起分析下第二个521请求。

6、我们观察第二个521状态的请求,分析Response、Request信息,截图如下所示:

环节总结:此刻我们发现Request请求头中两个参数都已经填充,我们点击Response栏目,发现依旧为空,此刻我更加好奇,这些参数是如何自己填充进去的?于是我想到了,想看看正常请求成功后,index.html的堆栈信息吧。response体中空数据截图如下:

7、接下来,我们查看200状态码的index.html的请求信息,截图如下所示:

总结:我们发现200状态码的请求和刚刚第二次521状态码请求中的cookie参数是一致的,哦不对,仔细观察,发现__jsl_clearance_s参数还是不一样的。那么200状态这次请求,他到底中间进行了哪些运算呢?

8、接下来,我们输出一下该请求堆栈截图,如下所示:

总结:很明显,这个堆栈信息和我们刚刚看到的两个521请求、1个200请求刚好对应,可我们观察发现,该堆栈信息都是html页面返回给我们的,而并不像往常一样是通过js文件计算生成的。而我们在两次521请求的页面中,看不到任何response信息,cookie的参数到底如何计算的呢?接下来,我们进入重要环节。

9、先给浏览器设置代理,然后使用charles工具分析该网站,捕获完整请求,我们这么做的目的是怀疑浏览器把response的响应内容给提前拦截了,而我们使用charles,能看到完整的信息,再次捕获请求后,截图如下所示:

总结:哈哈,果然不出我所料,这不就是pycharm中,我们执行看到的response内容吗?那么我们看看第二个521请求的代码内容是什么。截图如下:

总结:经过分析,我们发现第二个521请求的response内容也是一段js代码,总算有点思路了。参数分析环节浪费时间太多了,接下来我们进入算法还原环节去实现js代码还原吧。


四、算法还原

1、先把第一个521请求的内容粘贴出来,复制到浏览器Console界面执行,截图如下所示:

总结:好家伙,这不就是第二个请求的__jsl_clearance_s参数么?那么我们接下来编辑下代码,使用python发包获取第二次521请求的响应内容吧。

2、我们先对第一次521请求发包,然后组装请求并进行第二次发包,完整代码如下:

3、代码运行后,我们在pycharm中查看信息,截图如下:

总结:完美啊,这不就是刚刚charles工具中看到的代码么?那么接下来我们将js代码整理出来,进行分析并还原吧。

4、复制response返回的js代码到Console界面执行,截图如下所示:

5、代码运行后,我发现network中,index.html请求立马全部重新发了一次包,截图如下:

总结:此刻可以肯定,这段js代码有点类似与瑞数类型的网站,我们想要看到网站首页,就要对这段js代码进行还原。

6、复制代码并创建index.js文件,截图如下所示:

总结:我的第一感觉,这个代码混淆好厉害啊,本来想着使用AST解除混淆,但是想想也就600多行代码,不用绝招了,直接开干。

7、在js代码最后,我发现了一个重要信息,截图如下:

总结:这个go函数方法,我们在前面的index.html的状态码为200请求堆栈中见到过。现在整个流程一下子一目了然了,接下来,我们只需要还原这个go方法,然后将获取的json数据传递进去进行加密计算就能完成对这个网站的还原。

8、为了还原js代码,我们对js代码进行补环境,这个过程有点棘手,补环境截图如下:

总结:这里我也没啥技巧,缺啥补啥,环境补完后,运行代码,截图如下图所示:

9、不说废话,直接附上补完环境后的完整JS代码:

window = global;
window.navigator = {"userAgent": 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36'
}
window.document = {"referrer": "https://xxx/index.html",}
window.location = {"ancestorOrigins": {},"href": "https://xxxx/index.html","origin": "https://xxxx","protocol": "https:","host": "xxxxx","hostname": "xxxx","port": "","pathname": "/index.html","search": "","hash": ""
}
var _0x39ca = ['wqwHwq/Dng==', 'wo7Dh8KHw6I=', 'PsK1QjE=', 'w60iwpMJ', 'CsOaw5zCiw==', 'IcOAw5DChQ==', 'VMKzCcOq', 'c8KUw6tu', 'w4psL00=', 'wq4sf8OZ', 'w6bDpCku', 'R8OkIUA=', 'wqlkJ8OQ', 'w6bCj8OTw60=', 'dCBKwqQ=', 'woJQRGY=', 'wo9GMsOB', 'T8Ohbz8=', 'w41cw7PDtQ==', 'KMOOwq1o', 'wp1dw6RJ', 'J8K4w6/Dig==', 'w5NKNsK+', 'w5sEwqF7', 'TXUbWg==', 'wrDDmsK6w4w=', 'woTCm15l', 'w7NbwqoY', 'V8OSLFo=', 'EAHDhcK8', 'J2phKw==', 'wpEjYsO4', 'wqJBe2E=', 'w6hUw6rDnQ==', 'w4UPwp4C', 'ES99wpo=', 'wrkPwqBC', 'wrDDhCDDpQ==', 'wqpXWkU=', 'Lz/Di8KJ', 'csK4ICA=', 'K8Oaw7TChQ==', 'wrfDlsKRw4g=', 'wpUIQhg=', 'w7luJWA=', 'wo4ZwoZQ', 'w7hPJXM=', 'JsKJTMKi', 'w5zDuAoo', 'DMKAwpbCgA==', 'VUZcw5A=', 'OVPDtcKj', 'wogewrlO', 'DMOAwr1i', 'woPDgmM1', 'wpjCvEsO', 'FVLDqMKw', 'AUzDv8Ow', 'J8KRVyU=', 'w7tHOcKT', 'QsKaE8Or', 'w5VnD3Y=', 'w7HDqgvDiA==', 'WsKCDBE=', 'wr7Di8Kuw5g=', 'D0lrwrI=', 'DMKxwpnCjw==', 'wqcTwqXDtg==', 'Yg/CjSk=', 'wr3Dm17Dsw==', 'H8OHw4sh', 'w70wwqlB', 'wrYgwqdZ', 'wq4zwrhg', 'O8KUw7PDhw==', 'wr3Cvnd2', 'w6RPGcKE', 'eW0CZQ==', 'SMKNEsOh', 'wpXCpWHCnw==', 'WkTCv3s=', 'DC3DsMKO', 'YWZ7w5A=', 'w5Baw6RI', 'w5fDojsu', 'CitDwoY=', 'w7/CisO0w6c=', 'w67DhTdk', 'wpdtCMOf', 'QsKwB8Oa', 'wpgAwqXDiA==', 'eMKPBMOm', 'L8OAw5rCjg==', 'wpvDoFMP', 'ZlglUA==', 'RRFOwoE=', 'wq7DqcKQw6o=', 'GijDjcKo', 'w6lTw4TDkA==', 'wrhBVGw=', 'wo4mwo7Dmg==', 'wobDlsKrw4s=', 'wobCsUww', 'QsKIG8O4', 'w6PCvsOZw4A=', 'GDfDlMKq', 'Pk3Do8KJ', 'WsKQEA==', 'wo1sS2w=', 'ZRrCpyY=', 'wrAowqNq', 'ZTvCmRI=', 'wo3DnwvDmA==', 'w5kZwqJ3', 'E8O/w73Cgg==', 'w5ZBwqQH', 'wrjDtnw5', 'CMOVw5DCjQ==', 'woN+LsOL', 'wrjDlyLDrQ==', 'wo3Dh8Kgw7o=', 'wq3Cm0PCsw==', 'wrDCr1hq', 'wpvDgQHDgw==', 'ccO+L0M=', 'H2zDicK4', 'HsKRwrDCqA==', 'J8KVZ8K9', 'w4vClMO8w4c=', 'B8OSD8KV', 'SsKew5FR', 'Pl3DvcKu', 'a2R5w6c=', 'wovCsGEE', 'GsKTwrRl', 'Pytlwr4=', 'w7UHw70M', 'wpvCkH5e', 'fsK/CAI=', 'w5vDuyvDgw==', 'T8KPD8OG', 'w7h6A8Kq', 'OCFGwoM=', 'G8Kzw7TDkQ==', 'bMKww5N6', 'UDDCsAc=', 'w4U/w44K', 'V8OZehw=', 'AUrDv8O0', 'woNgBsOy', 'w6QvwqQm', 'YsKXw4NN', 'PcKZw67DmA==', 'wqU3wrvDuQ==', 'AsKxeA4=', 'IsOPwoNg', 'A2N8LA==', 'djrCqxU=', 'PcKGBcOi', 'YsOow545', 'Pxlpwp0=', 'IsKXwpPCig==', 'fUTCuMK+', 'wpfDucKJw7M=', 'H3tHwqM=', 'Yl0PTw==', 'wopQX1I=', 'wosQwpBb', 'F8KYwrU9', 'C8KIwrpn', 'CsKVwpVp', 'NMKwby8=', 'w6dVAMKH', 'CMKxwrrCiw==', 'wqw1wpXDnQ==', 'w4EBwoc=', 'X8KLw51v', 'wo7CrFAm', 'wocqd8Ov', 'w4nCvcOUw5M=', 'wpvDsFAO', 'wq9zG8O2', 'w7XDvS0B', 'LERvEg==', 'w4YMwoRZ', 'w5YBw6g4', 'w4TCjMOrw5I=', 'YsKBw5pQ', 'fMOXUhY=', 'LsK+w6fDvA==', 'wrDDsTTDlw==', 'wqzDr38W', 'AcOHw6DCgA==', 'wq7DlsK4w6U=', 'w6Zyf8OU', 'aGJWw4A=', 'Z8O7UQ==', 'dll7w6Q=', 'wqxROMO9', 'DQ9pwpg=', 'IiTDp8K2', 'XcKVw75a', 'VMOjPUI=', 'OERz', 'fsKbw5Z2', 'wrLCm0DCtA==', 'NTHDm8Kr', 'wrLDgD7Dsw==', 'e8OOwo3Cnw==', 'CcKYX8KT', 'SsKmw59q', 'woRCeFg=', 'AMKsw4DDtg==', 'wp8fwqLDqg==', 'wrc5Fg4=', 'w5F7IcKO', 'ektTw4U=', 'Oj9dwq4=', 'w67DoScP', 'HlRkwos=', 'w6lSwocI', 'dcKEw6FW', 'wpDCgGwu', 'w7/Dmg0C', 'wpxNTU8=', 'ecOfGkU=', 'c01bw7M=', 'B3Njwr8=', 'wrDDplbCkg==', 'LcKrYCM=', 'w752LsKb', 'I8OpwodV', 'RQVEwrs=', 'Fm/Dg8KE', 'wqvCn302', 'BRRmwoI=', 'KU7DrMKu', 'w7Ysw7oy', 'XMOVfDE=', 'w4fDtxkT', 'w4wxTkY=', 'wpbCgmcA', 'P8KVwr7Cgg==', 'w5HDvTTDkQ==', 'wrsfcSA=', 'BU19Hg==', 'w57DqQBM', 'w7hqwqUp', 'wog7woXDlw==', '6K2H5rGx6amH6K6r', 'wrnDrDgu', 'wqkgwpI=', 'w4Eawql3', 'EcOiE8K7', 'w6zDoynDjw==', 'w7sQwoxo', 'KMOuTFw=', 'w7oHfUw=', 'PMKNVxk=', 'YTFIwpM=', 'Uh3Do34=', 'LMKeRcK8', 'w6skN8KI', 'OcKowrDCiw==', 'ccOOG1w=', 'w6jCvGo3', 'wrnCjMK+wpo=', 'XQNMwpk=', 'wogLwqBK', 'w6EtRk0=', 'wrZnSUU=', 'w4EqQ1o=', 'GMKCwoTChw==', 'w5jDjSnDpw==', 'wrcQwox0', 'wrnCt2Jr', 'woo6X8OW', 'I8OEwqhp', 'QsOyK0s=', 'wo3ChU86', 'wp90HsOQ', 'N8Kdw4nDoA==', 'IcKeX8K5', 'WMK6DsOI', 'LcKawpzCnw==', 'w75NBHg=', 'UsKJw7Fw', 'w7YBwo4P', 'csK+w4ps', 'a8KBw5hw', 'w77Cq1HDnQ==', 'wpbCvEsP', 'woFGNMOf', 'wqU1wpfDmw==', 'w6x/Y8Ox', 'w5FpKcKd', 'XBnCswU=', 'L8OWI8Kd', 'w6scwqxg', 'wrQNfsOL', 'f2w+fw==', 'ER7DrcKj', 'TMKmw797', 'woFLblM=', 'X8KTw4p2', 'WMK2w4Rc', 'VsO2w7bDrw=='];
(function (_0x35faff, _0x39ca66) {var _0x348da6 = function (_0x19bbf7) {while (--_0x19bbf7) {_0x35faff['push'](_0x35faff['shift']());}};_0x348da6(++_0x39ca66);
}(_0x39ca, 0x146));
var _0x348d = function (_0x35faff, _0x39ca66) {_0x35faff = _0x35faff - 0x0;var _0x348da6 = _0x39ca[_0x35faff];if (_0x348d['vXrXzl'] === undefined) {(function () {var _0x599304 = function () {var _0x460dd1;try {_0x460dd1 = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();} catch (_0xebd55) {_0x460dd1 = window;}return _0x460dd1;};var _0xa30b95 = _0x599304();var _0x3b85b0 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';_0xa30b95['atob'] || (_0xa30b95['atob'] = function (_0x538592) {var _0x8b27de = String(_0x538592)['replace'](/=+$/, '');var _0x406019 = '';for (var _0x42a791 = 0x0, _0x357eae, _0x495e41, _0x13d4a9 = 0x0; _0x495e41 = _0x8b27de['charAt'](_0x13d4a9++); ~_0x495e41 && (_0x357eae = _0x42a791 % 0x4 ? _0x357eae * 0x40 + _0x495e41 : _0x495e41, _0x42a791++ % 0x4) ? _0x406019 += String['fromCharCode'](0xff & _0x357eae >> (-0x2 * _0x42a791 & 0x6)) : 0x0) {_0x495e41 = _0x3b85b0['indexOf'](_0x495e41);}return _0x406019;});}());var _0x347c19 = function (_0x1a4caf, _0x39334e) {var _0x513065 = [], _0x3ae5bc = 0x0, _0x30f95a, _0x5a71d6 = '', _0xa0c4d5 = '';_0x1a4caf = atob(_0x1a4caf);for (var _0xc10171 = 0x0, _0x292b42 = _0x1a4caf['length']; _0xc10171 < _0x292b42; _0xc10171++) {_0xa0c4d5 += '%' + ('00' + _0x1a4caf['charCodeAt'](_0xc10171)['toString'](0x10))['slice'](-0x2);}_0x1a4caf = decodeURIComponent(_0xa0c4d5);var _0x3cbf1d;for (_0x3cbf1d = 0x0; _0x3cbf1d < 0x100; _0x3cbf1d++) {_0x513065[_0x3cbf1d] = _0x3cbf1d;}for (_0x3cbf1d = 0x0; _0x3cbf1d < 0x100; _0x3cbf1d++) {_0x3ae5bc = (_0x3ae5bc + _0x513065[_0x3cbf1d] + _0x39334e['charCodeAt'](_0x3cbf1d % _0x39334e['length'])) % 0x100;_0x30f95a = _0x513065[_0x3cbf1d];_0x513065[_0x3cbf1d] = _0x513065[_0x3ae5bc];_0x513065[_0x3ae5bc] = _0x30f95a;}_0x3cbf1d = 0x0;_0x3ae5bc = 0x0;for (var _0x4354b3 = 0x0; _0x4354b3 < _0x1a4caf['length']; _0x4354b3++) {_0x3cbf1d = (_0x3cbf1d + 0x1) % 0x100;_0x3ae5bc = (_0x3ae5bc + _0x513065[_0x3cbf1d]) % 0x100;_0x30f95a = _0x513065[_0x3cbf1d];_0x513065[_0x3cbf1d] = _0x513065[_0x3ae5bc];_0x513065[_0x3ae5bc] = _0x30f95a;_0x5a71d6 += String['fromCharCode'](_0x1a4caf['charCodeAt'](_0x4354b3) ^ _0x513065[(_0x513065[_0x3cbf1d] + _0x513065[_0x3ae5bc]) % 0x100]);}return _0x5a71d6;};_0x348d['TrRvFr'] = _0x347c19;_0x348d['cvxCUg'] = {};_0x348d['vXrXzl'] = !![];}var _0x19bbf7 = _0x348d['cvxCUg'][_0x35faff];if (_0x19bbf7 === undefined) {if (_0x348d['qceoVq'] === undefined) {_0x348d['qceoVq'] = !![];}_0x348da6 = _0x348d['TrRvFr'](_0x348da6, _0x39ca66);_0x348d['cvxCUg'][_0x35faff] = _0x348da6;} else {_0x348da6 = _0x19bbf7;}return _0x348da6;
};function hash(_0x18974e) {var _0x51ab30 = {};_0x51ab30[_0x348d('0xac', 'yolJ') + 'f'] = function (_0x5580cb, _0x354d0a) {return _0x5580cb & _0x354d0a;};_0x51ab30[_0x348d('0x47', 'ENm)') + 'x'] = function (_0x4f5197, _0x140fdd) {return _0x4f5197 & _0x140fdd;};_0x51ab30[_0x348d('0x10d', '0]K5') + 'P'] = function (_0x22e5c5, _0x176022) {return _0x22e5c5 >> _0x176022;};_0x51ab30[_0x348d('0x3f', 'U5T%') + 'W'] = function (_0x29d063, _0x528a7b) {return _0x29d063 | _0x528a7b;};_0x51ab30[_0x348d('0xce', 'kPfA') + 'M'] = function (_0x4f4b70, _0x15bd55) {return _0x4f4b70 & _0x15bd55;};_0x51ab30[_0x348d('0x17', 'TYI#') + 'f'] = _0x348d('0x1', '@[DX') + _0x348d('0x3d', '$po5') + _0x348d('0x4c', 'U5T%') + _0x348d('0x95', 'ZSd[') + _0x348d('0x32', 'S3^t') + '|3';_0x51ab30[_0x348d('0x127', '(FPo') + 's'] = function (_0x5bc0e3, _0x2b2643) {return _0x5bc0e3(_0x2b2643);};_0x51ab30[_0x348d('0x36', 'bxDh') + 'W'] = function (_0x389136, _0x2c174c, _0x4d35b4, _0x3cde50) {return _0x389136(_0x2c174c, _0x4d35b4, _0x3cde50);};_0x51ab30[_0x348d('0xd6', 'G#nw') + 'z'] = function (_0x2ea63f, _0xea95d8, _0x4e476d) {return _0x2ea63f(_0xea95d8, _0x4e476d);};_0x51ab30[_0x348d('0x118', 'YMlY') + 'e'] = function (_0xba7891, _0x44055f) {return _0xba7891 - _0x44055f;};_0x51ab30[_0x348d('0x3', 'nU59') + 'a'] = _0x348d('0x3e', '[HWx') + 'u';_0x51ab30[_0x348d('0x106', 'zRV7') + 'c'] = function (_0x423f15, _0x1df435) {return _0x423f15 >>> _0x1df435;};_0x51ab30[_0x348d('0x94', 'bxDh') + 'R'] = function (_0x29604d, _0x18dbaa) {return _0x29604d << _0x18dbaa;};_0x51ab30[_0x348d('0x23', 'yolJ') + 'H'] = function (_0x3fec90, _0x45852b) {return _0x3fec90 & _0x45852b;};_0x51ab30[_0x348d('0xd', 'AGXa') + 'u'] = function (_0x454b18, _0x2b7c6f) {return _0x454b18 ^ _0x2b7c6f;};_0x51ab30[_0x348d('0xe2', 'Rtgy') + 'Y'] = function (_0x43e4d5, _0x312ff2) {return _0x43e4d5 & _0x312ff2;};_0x51ab30[_0x348d('0x37', 'zRV7') + 'E'] = function (_0x202ada, _0x473fce) {return _0x202ada ^ _0x473fce;};_0x51ab30[_0x348d('0xc9', 'hqry') + 'i'] = function (_0x4f54c4, _0x1118cb, _0x50b680) {return _0x4f54c4(_0x1118cb, _0x50b680);};_0x51ab30[_0x348d('0x4e', '[HWx') + 'N'] = function (_0x52d636, _0x4f2c48) {return _0x52d636 ^ _0x4f2c48;};_0x51ab30[_0x348d('0xb3', 'orhZ') + 'y'] = function (_0x4b896c, _0x429cdd) {return _0x4b896c ^ _0x429cdd;};_0x51ab30[_0x348d('0x122', 'm%Fh') + 'S'] = function (_0x699e77, _0x454fcf, _0x50b106) {return _0x699e77(_0x454fcf, _0x50b106);};_0x51ab30[_0x348d('0x12d', '!jdL') + 'g'] = function (_0x43c165, _0x254562, _0x3f242e) {return _0x43c165(_0x254562, _0x3f242e);};_0x51ab30[_0x348d('0x46', '^J5D') + 'l'] = function (_0x27b453, _0x3f7f8b, _0xee8f32) {return _0x27b453(_0x3f7f8b, _0xee8f32);};_0x51ab30[_0x348d('0xc7', 'nr&J') + 'K'] = function (_0x123905, _0x51f7a2) {return _0x123905 >> _0x51f7a2;};_0x51ab30[_0x348d('0x1d', 'nr&J') + 'a'] = function (_0x3dbfe6, _0x156cf8) {return _0x3dbfe6 < _0x156cf8;};_0x51ab30[_0x348d('0x4f', 'qo6P') + 'i'] = _0x348d('0xc3', '%6S(') + _0x348d('0x10f', '1oFq') + _0x348d('0xf3', 'orhZ') + _0x348d('0xbd', 'w!2h') + _0x348d('0x33', 'NRJ5') + _0x348d('0x8b', 'fe9y') + _0x348d('0x40', '@[DX') + _0x348d('0x81', '[HWx') + _0x348d('0xf6', 'nr&J') + _0x348d('0xd1', '1oFq');_0x51ab30[_0x348d('0xff', 'bxDh') + 'c'] = _0x348d('0x8f', 'G#nw') + _0x348d('0xe3', 'yolJ') + _0x348d('0x18', 'AGXa') + _0x348d('0x26', '[HWx') + _0x348d('0xf7', '^caq') + '|3';_0x51ab30[_0x348d('0x52', '^caq') + 'i'] = function (_0x2e3fbc, _0x459a52) {return _0x2e3fbc + _0x459a52;};_0x51ab30[_0x348d('0x7', 'bgHV') + 'Y'] = function (_0x5b01bd, _0x53e886, _0x42734b) {return _0x5b01bd(_0x53e886, _0x42734b);};_0x51ab30[_0x348d('0xcb', 'GVpO') + 'Q'] = function (_0x2a2687, _0x481e4e) {return _0x2a2687 - _0x481e4e;};_0x51ab30[_0x348d('0x2c', 'FnP1') + 'T'] = function (_0x531f1a, _0x457369, _0xe685b1) {return _0x531f1a(_0x457369, _0xe685b1);};_0x51ab30[_0x348d('0x2d', 'TYI#') + 'E'] = function (_0x5a2557, _0xe02cbf, _0x53ebe7) {return _0x5a2557(_0xe02cbf, _0x53ebe7);};_0x51ab30[_0x348d('0xae', '^caq') + 'F'] = function (_0xc77f12, _0x5a54b2) {return _0xc77f12(_0x5a54b2);};_0x51ab30[_0x348d('0xe0', '1oFq') + 'C'] = function (_0x32b68a, _0x23ca71, _0x12013d) {return _0x32b68a(_0x23ca71, _0x12013d);};_0x51ab30[_0x348d('0x9d', 'NRJ5') + 'I'] = function (_0x2f0545, _0xf3e878) {return _0x2f0545 - _0xf3e878;};_0x51ab30[_0x348d('0x3c', 'S3^t') + 's'] = function (_0x2ad770, _0x18f93e) {return _0x2ad770 << _0x18f93e;};_0x51ab30[_0x348d('0x61', 'yolJ') + 'n'] = function (_0x154e20, _0x19ddcd) {return _0x154e20 / _0x19ddcd;};_0x51ab30[_0x348d('0x111', '3X1r') + 'd'] = function (_0x5e115f, _0x4aea4a) {return _0x5e115f % _0x4aea4a;};_0x51ab30[_0x348d('0xec', 'jBZD') + 'u'] = function (_0x3904e8, _0x596e42) {return _0x3904e8 < _0x596e42;};_0x51ab30[_0x348d('0xdc', 'nr&J') + 'o'] = function (_0x8fc0e6, _0x34e21e) {return _0x8fc0e6 > _0x34e21e;};_0x51ab30[_0x348d('0x116', 'fe9y') + 'j'] = function (_0x15b5ae, _0x4c75c8) {return _0x15b5ae >> _0x4c75c8;};_0x51ab30[_0x348d('0xef', 'm%Fh') + 'a'] = function (_0x36c10c, _0x4db2b7) {return _0x36c10c | _0x4db2b7;};_0x51ab30[_0x348d('0x72', 'GVpO') + 'A'] = function (_0x46611e, _0x48b6c5) {return _0x46611e | _0x48b6c5;};_0x51ab30[_0x348d('0xea', 'fe9y') + 'U'] = function (_0x49ae41, _0x5e8868) {return _0x49ae41 & _0x5e8868;};_0x51ab30[_0x348d('0x88', 'ZSd[') + 'J'] = _0x348d('0x8c', '(95B') + _0x348d('0xe1', '01z4') + _0x348d('0xd5', 'ylod') + _0x348d('0x43', '!jdL');_0x51ab30[_0x348d('0x130', '3X1r') + 'K'] = _0x348d('0x44', 'GVpO') + _0x348d('0xed', 'FnP1') + _0x348d('0x131', 'FVwu') + _0x348d('0x103', 'kPfA');_0x51ab30[_0x348d('0xa7', '!jdL') + 'y'] = function (_0x1a4c99, _0x58fa19) {return _0x1a4c99 - _0x58fa19;};_0x51ab30[_0x348d('0x10e', 'NRJ5') + 'v'] = function (_0x5de6e5, _0xb380de) {return _0x5de6e5 % _0xb380de;};_0x51ab30[_0x348d('0x67', 'bgHV') + 'g'] = function (_0x49d76d, _0x342565) {return _0x49d76d >> _0x342565;};_0x51ab30[_0x348d('0xbf', '(FPo') + 'O'] = function (_0x33b5c5, _0x25f286) {return _0x33b5c5 * _0x25f286;};_0x51ab30[_0x348d('0x6f', '(FPo') + 'z'] = function (_0x5f4645, _0x257a5c) {return _0x5f4645 - _0x257a5c;};_0x51ab30[_0x348d('0x114', 'nU59') + 'z'] = function (_0xb9c259, _0x1bdb2d) {return _0xb9c259 % _0x1bdb2d;};_0x51ab30[_0x348d('0xa9', 'eB[$') + 'Q'] = function (_0x2d2380, _0x119681, _0x341741) {return _0x2d2380(_0x119681, _0x341741);};_0x51ab30[_0x348d('0x1e', 'EKre') + 'C'] = function (_0x565986, _0x5b6cee) {return _0x565986(_0x5b6cee);};_0x51ab30[_0x348d('0xb7', 'kPfA') + 't'] = function (_0x31224e, _0x1d109e) {return _0x31224e * _0x1d109e;};var _0x255a4b = _0x51ab30;var _0xf3f8f4 = 0x8;var _0x44611d = 0x0;function _0x3a38c9(_0x339416, _0x52ed08) {var _0x1e38c7 = _0x255a4b[_0x348d('0x31', '$po5') + 'f'](_0x339416, 0xffff) + _0x255a4b[_0x348d('0x6a', 'G#nw') + 'x'](_0x52ed08, 0xffff);var _0x31c034 = _0x255a4b[_0x348d('0x5c', '$po5') + 'P'](_0x339416, 0x10) + (_0x52ed08 >> 0x10) + (_0x1e38c7 >> 0x10);return _0x255a4b[_0x348d('0x53', 'GVpO') + 'W'](_0x31c034 << 0x10, _0x255a4b[_0x348d('0xaf', 'hKNx') + 'M'](_0x1e38c7, 0xffff));}function _0x533e87(_0x4fa225, _0x36b4cd) {var _0x350bfb = {};_0x350bfb[_0x348d('0xde', 'GVpO') + 'F'] = _0x255a4b[_0x348d('0xb2', 'U5T%') + 'f'];_0x350bfb[_0x348d('0x83', '4Hrm') + 'z'] = function (_0x50aac9, _0x80e62) {return _0x255a4b[_0x348d('0x1a', 'bxDh') + 's'](_0x50aac9, _0x80e62);};_0x350bfb[_0x348d('0x7f', '@[DX') + 'i'] = function (_0x240aa7, _0x34c5f6, _0x521d74) {return _0x240aa7(_0x34c5f6, _0x521d74);};_0x350bfb[_0x348d('0xd7', 'GVpO') + 'r'] = function (_0x3a6e45, _0x57c944, _0x4682f9) {return _0x3a6e45(_0x57c944, _0x4682f9);};_0x350bfb[_0x348d('0x6d', '!jdL') + 'J'] = function (_0x10bd90, _0x1a4416, _0x4542db, _0x35b6a0) {return _0x255a4b[_0x348d('0xe4', 'hqry') + 'W'](_0x10bd90, _0x1a4416, _0x4542db, _0x35b6a0);};_0x350bfb[_0x348d('0xa5', 'jBZD') + 'R'] = function (_0x3e6816, _0x34252a) {return _0x3e6816 < _0x34252a;};_0x350bfb[_0x348d('0x113', 'hKNx') + 'V'] = function (_0x1e3fa9, _0x8151e9) {return _0x1e3fa9 + _0x8151e9;};_0x350bfb[_0x348d('0x48', '^J5D') + 'i'] = function (_0x30b8c0, _0x3422e7, _0x3fc438) {return _0x255a4b[_0x348d('0xfe', '1oFq') + 'z'](_0x30b8c0, _0x3422e7, _0x3fc438);};_0x350bfb[_0x348d('0x9e', 'GVpO') + 'f'] = function (_0x33ad9a, _0x5a8cd6) {return _0x33ad9a - _0x5a8cd6;};_0x350bfb[_0x348d('0x57', 'G#nw') + 'S'] = function (_0x51fc1a, _0xd039ea) {return _0x255a4b[_0x348d('0x85', 'zRV7') + 'e'](_0x51fc1a, _0xd039ea);};var _0x4e6a4f = _0x350bfb;if (_0x255a4b[_0x348d('0xab', '$)5g') + 'a'] === _0x348d('0x11b', 'NRJ5') + 'W') {var _0x3e5461 = _0x4e6a4f[_0x348d('0x6', 'TYI#') + 'F'][_0x348d('0x12c', 'orhZ') + 't']('|');var _0x2a707c = 0x0;while (!![]) {switch (_0x3e5461[_0x2a707c++]) {case'0':d = c;continue;case'1':T2 = _0x3a38c9(_0x4e6a4f[_0x348d('0x4b', 'yP5J') + 'z'](_0x1a4bce, a), _0x2b4d2c(a, b, c));continue;case'2':g = f;continue;case'3':a = _0x4e6a4f[_0x348d('0xd2', 'm%Fh') + 'i'](_0x3a38c9, T1, T2);continue;case'4':b = a;continue;case'5':c = b;continue;case'6':f = e;continue;case'7':T1 = _0x3a38c9(_0x3a38c9(_0x3a38c9(_0x4e6a4f[_0x348d('0x20', 'G#nw') + 'r'](_0x3a38c9, h, _0x4e6a4f[_0x348d('0x80', 'eB[$') + 'z'](_0x167b3f, e)), _0x4e6a4f[_0x348d('0xf4', 'EKre') + 'J'](_0xb393ef, e, f, g)), K[j]), W[j]);continue;case'8':h = g;continue;case'9':e = _0x3a38c9(d, T1);continue;case'10':if (_0x4e6a4f[_0x348d('0x101', 'YMlY') + 'R'](j, 0x10)) W[j] = m[_0x4e6a4f[_0x348d('0x14', '[HWx') + 'V'](j, i)]; else W[j] = _0x4e6a4f[_0x348d('0x65', 'TYI#') + 'r'](_0x3a38c9, _0x4e6a4f[_0x348d('0x74', 'Brcn') + 'i'](_0x3a38c9, _0x4e6a4f[_0x348d('0xfd', 'EKre') + 'i'](_0x3a38c9, _0x4ea376(W[_0x4e6a4f[_0x348d('0xf5', 'kPfA') + 'f'](j, 0x2)]), W[_0x4e6a4f[_0x348d('0x2e', 'ylod') + 'S'](j, 0x7)]), _0x275b5d(W[_0x4e6a4f[_0x348d('0x105', '3X1r') + 'S'](j, 0xf)])), W[j - 0x10]);continue;}break;}} else {return _0x255a4b[_0x348d('0x99', 'nU59') + 'c'](_0x4fa225, _0x36b4cd) | _0x255a4b[_0x348d('0xc1', 'zRV7') + 'R'](_0x4fa225, 0x20 - _0x36b4cd);}}function _0x1e132e(_0x4970f3, _0x2f9888) {return _0x4970f3 >>> _0x2f9888;}function _0xb393ef(_0x544eb0, _0x4f8666, _0x1b87a4) {return _0x255a4b[_0x348d('0xcc', 'nr&J') + 'H'](_0x544eb0, _0x4f8666) ^ _0x255a4b[_0x348d('0x4d', '^caq') + 'H'](~_0x544eb0, _0x1b87a4);}function _0x2b4d2c(_0x49a82a, _0x263c37, _0x53bedb) {return _0x255a4b[_0x348d('0x121', '^caq') + 'u'](_0x255a4b[_0x348d('0x128', '01z4') + 'Y'](_0x49a82a, _0x263c37) ^ _0x255a4b[_0x348d('0x76', 'bgHV') + 'Y'](_0x49a82a, _0x53bedb), _0x263c37 & _0x53bedb);}function _0x1a4bce(_0x2c5e0d) {return _0x255a4b[_0x348d('0x5b', 'bxDh') + 'E'](_0x255a4b[_0x348d('0x8d', 'Brcn') + 'E'](_0x533e87(_0x2c5e0d, 0x2), _0x533e87(_0x2c5e0d, 0xd)), _0x255a4b[_0x348d('0x78', '1oFq') + 'i'](_0x533e87, _0x2c5e0d, 0x16));}function _0x167b3f(_0x28595e) {return _0x255a4b[_0x348d('0x120', 'ENm)') + 'N'](_0x255a4b[_0x348d('0x11e', 'NRJ5') + 'y'](_0x533e87(_0x28595e, 0x6), _0x533e87(_0x28595e, 0xb)), _0x533e87(_0x28595e, 0x19));}function _0x275b5d(_0x2c9464) {return _0x255a4b[_0x348d('0x108', '^J5D') + 'y'](_0x255a4b[_0x348d('0x126', '^J5D') + 'S'](_0x533e87, _0x2c9464, 0x7) ^ _0x533e87(_0x2c9464, 0x12), _0x1e132e(_0x2c9464, 0x3));}function _0x4ea376(_0x52465c) {return _0x255a4b[_0x348d('0x7e', '$po5') + 'y'](_0x533e87(_0x52465c, 0x11), _0x255a4b[_0x348d('0xda', '@[DX') + 'g'](_0x533e87, _0x52465c, 0x13)) ^ _0x255a4b[_0x348d('0xa4', 'Rtgy') + 'l'](_0x1e132e, _0x52465c, 0xa);}function _0x433ab7(_0x1e0fb4, _0x5d2f70) {var _0x8cc3f8 = new Array(0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0xfc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x6ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2);var _0x541d06 = new Array(0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19);var _0x295ee3 = new Array(0x40);var _0x34bf1b, _0x53c533, _0x4d7983, _0x10c28f, _0x56e11c, _0x2cf5c7, _0x3f4858, _0x2eb53d, _0x4e51d8,_0x5d53ce;var _0x1e1699, _0x3aa3c1;_0x1e0fb4[_0x255a4b[_0x348d('0x45', '3X1r') + 'K'](_0x5d2f70, 0x5)] |= _0x255a4b[_0x348d('0xc0', 'AGXa') + 'R'](0x80, _0x255a4b[_0x348d('0x8a', '$po5') + 'e'](0x18, _0x5d2f70 % 0x20));_0x1e0fb4[_0x255a4b[_0x348d('0xa', '[HWx') + 'R'](_0x5d2f70 + 0x40 >> 0x9, 0x4) + 0xf] = _0x5d2f70;for (var _0x4e51d8 = 0x0; _0x255a4b[_0x348d('0x119', 'yP5J') + 'a'](_0x4e51d8, _0x1e0fb4[_0x348d('0x8e', 'EKre') + 'th']); _0x4e51d8 += 0x10) {var _0x48ca56 = _0x255a4b[_0x348d('0x16', 'w!2h') + 'i'][_0x348d('0x2b', '1oFq') + 't']('|');var _0xa15470 = 0x0;while (!![]) {switch (_0x48ca56[_0xa15470++]) {case'0':_0x541d06[0x4] = _0x3a38c9(_0x56e11c, _0x541d06[0x4]);continue;case'1':_0x541d06[0x3] = _0x3a38c9(_0x10c28f, _0x541d06[0x3]);continue;case'2':_0x541d06[0x6] = _0x255a4b[_0x348d('0xd8', 'Brcn') + 'l'](_0x3a38c9, _0x3f4858, _0x541d06[0x6]);continue;case'3':for (var _0x5d53ce = 0x0; _0x5d53ce < 0x40; _0x5d53ce++) {var _0x5da90d = _0x255a4b[_0x348d('0x7b', 'Brcn') + 'c'][_0x348d('0x4', 'jBZD') + 't']('|');var _0x3ed8ab = 0x0;while (!![]) {switch (_0x5da90d[_0x3ed8ab++]) {case'0':_0x3f4858 = _0x2cf5c7;continue;case'1':if (_0x5d53ce < 0x10) _0x295ee3[_0x5d53ce] = _0x1e0fb4[_0x255a4b[_0x348d('0x89', 'Rtgy') + 'i'](_0x5d53ce, _0x4e51d8)]; else _0x295ee3[_0x5d53ce] = _0x3a38c9(_0x255a4b[_0x348d('0x5f', 'w!2h') + 'Y'](_0x3a38c9, _0x3a38c9(_0x4ea376(_0x295ee3[_0x255a4b[_0x348d('0x3a', 'yP5J') + 'Q'](_0x5d53ce, 0x2)]), _0x295ee3[_0x255a4b[_0x348d('0xdd', '%6S(') + 'Q'](_0x5d53ce, 0x7)]), _0x255a4b[_0x348d('0x11c', 'AGXa') + 's'](_0x275b5d, _0x295ee3[_0x5d53ce - 0xf])), _0x295ee3[_0x5d53ce - 0x10]);continue;case'2':_0x4d7983 = _0x53c533;continue;case'3':_0x34bf1b = _0x3a38c9(_0x1e1699, _0x3aa3c1);continue;case'4':_0x10c28f = _0x4d7983;continue;case'5':_0x1e1699 = _0x3a38c9(_0x255a4b[_0x348d('0xdb', 'eB[$') + 'Y'](_0x3a38c9, _0x255a4b[_0x348d('0x2a', '01z4') + 'Y'](_0x3a38c9, _0x255a4b[_0x348d('0x28', 'nU59') + 'T'](_0x3a38c9, _0x2eb53d, _0x167b3f(_0x56e11c)), _0xb393ef(_0x56e11c, _0x2cf5c7, _0x3f4858)), _0x8cc3f8[_0x5d53ce]), _0x295ee3[_0x5d53ce]);continue;case'6':_0x3aa3c1 = _0x255a4b[_0x348d('0x132', 'qo6P') + 'E'](_0x3a38c9, _0x255a4b[_0x348d('0x12f', 'AGXa') + 'F'](_0x1a4bce, _0x34bf1b), _0x2b4d2c(_0x34bf1b, _0x53c533, _0x4d7983));continue;case'7':_0x56e11c = _0x3a38c9(_0x10c28f, _0x1e1699);continue;case'8':_0x2cf5c7 = _0x56e11c;continue;case'9':_0x53c533 = _0x34bf1b;continue;case'10':_0x2eb53d = _0x3f4858;continue;}break;}}continue;case'4':_0x541d06[0x0] = _0x3a38c9(_0x34bf1b, _0x541d06[0x0]);continue;case'5':_0x34bf1b = _0x541d06[0x0];continue;case'6':_0x541d06[0x2] = _0x255a4b[_0x348d('0x6e', 'fe9y') + 'E'](_0x3a38c9, _0x4d7983, _0x541d06[0x2]);continue;case'7':_0x541d06[0x1] = _0x255a4b[_0x348d('0xbe', 'O0pG') + 'E'](_0x3a38c9, _0x53c533, _0x541d06[0x1]);continue;case'8':_0x2cf5c7 = _0x541d06[0x5];continue;case'9':_0x2eb53d = _0x541d06[0x7];continue;case'10':_0x10c28f = _0x541d06[0x3];continue;case'11':_0x53c533 = _0x541d06[0x1];continue;case'12':_0x56e11c = _0x541d06[0x4];continue;case'13':_0x541d06[0x7] = _0x3a38c9(_0x2eb53d, _0x541d06[0x7]);continue;case'14':_0x3f4858 = _0x541d06[0x6];continue;case'15':_0x541d06[0x5] = _0x255a4b[_0x348d('0x84', '0]K5') + 'C'](_0x3a38c9, _0x2cf5c7, _0x541d06[0x5]);continue;case'16':_0x4d7983 = _0x541d06[0x2];continue;}break;}}return _0x541d06;}function _0x2ecdbe(_0x581fc6) {var _0x31c6c5 = Array();var _0x9816b5 = _0x255a4b[_0x348d('0x9d', 'NRJ5') + 'I'](0x1 << _0xf3f8f4, 0x1);for (var _0x1dfe33 = 0x0; _0x255a4b[_0x348d('0xad', 'w!2h') + 'a'](_0x1dfe33, _0x581fc6[_0x348d('0x11a', '[HWx') + 'th'] * _0xf3f8f4); _0x1dfe33 += _0xf3f8f4) {_0x31c6c5[_0x1dfe33 >> 0x5] |= _0x255a4b[_0x348d('0xc2', 'ENm)') + 's'](_0x581fc6[_0x348d('0x9f', 'YMlY') + _0x348d('0xfc', '%6S(') + 'At'](_0x255a4b[_0x348d('0x6b', 'EKre') + 'n'](_0x1dfe33, _0xf3f8f4)) & _0x9816b5, 0x18 - _0x255a4b[_0x348d('0x30', 'ENm)') + 'd'](_0x1dfe33, 0x20));}return _0x31c6c5;}function _0x5ebc0f(_0x4a3744) {var _0x17ff73 = new RegExp('\x0a', 'g');_0x4a3744 = _0x4a3744[_0x348d('0x70', 'G#nw') + _0x348d('0xb1', 'eB[$')](_0x17ff73, '\x0a');var _0x5aae16 = '';for (var _0x218d22 = 0x0; _0x255a4b[_0x348d('0xc6', 'Brcn') + 'u'](_0x218d22, _0x4a3744[_0x348d('0xc4', 'nU59') + 'th']); _0x218d22++) {var _0x337590 = _0x4a3744[_0x348d('0x38', 'bgHV') + _0x348d('0x10c', '4Hrm') + 'At'](_0x218d22);if (_0x337590 < 0x80) {_0x5aae16 += String[_0x348d('0x64', '$)5g') + _0x348d('0x98', 'FVwu') + _0x348d('0xe5', 'ENm)')](_0x337590);} else if (_0x255a4b[_0x348d('0x5d', '$)5g') + 'o'](_0x337590, 0x7f) && _0x337590 < 0x800) {_0x5aae16 += String[_0x348d('0x60', 'hqry') + _0x348d('0x8', 'hqry') + _0x348d('0x0', 'ZSd[')](_0x255a4b[_0x348d('0x86', 'ENm)') + 'j'](_0x337590, 0x6) | 0xc0);_0x5aae16 += String[_0x348d('0x64', '$)5g') + _0x348d('0x117', 'jBZD') + _0x348d('0x13', 'AGXa')](_0x255a4b[_0x348d('0x10', 'Brcn') + 'a'](_0x255a4b[_0x348d('0x12e', 'py]l') + 'Y'](_0x337590, 0x3f), 0x80));} else {_0x5aae16 += String[_0x348d('0x12b', 'kPfA') + _0x348d('0xd3', 'nU59') + _0x348d('0x41', 'nr&J')](_0x255a4b[_0x348d('0x92', 'yP5J') + 'A'](_0x255a4b[_0x348d('0xca', '(FPo') + 'j'](_0x337590, 0xc), 0xe0));_0x5aae16 += String[_0x348d('0x3b', '^J5D') + _0x348d('0xc5', 'U5T%') + _0x348d('0x5a', '$po5')](_0x255a4b[_0x348d('0xf0', 'py]l') + 'U'](_0x255a4b[_0x348d('0x11d', '0]K5') + 'j'](_0x337590, 0x6), 0x3f) | 0x80);_0x5aae16 += String[_0x348d('0x49', 'w!2h') + _0x348d('0xaa', 'zRV7') + _0x348d('0x13', 'AGXa')](_0x255a4b[_0x348d('0x34', 'jBZD') + 'A'](_0x337590 & 0x3f, 0x80));}}return _0x5aae16;}function _0x4ec834(_0x267d4a) {var _0x39a464 = _0x44611d ? _0x255a4b[_0x348d('0x10b', '(FPo') + 'J'] : _0x255a4b[_0x348d('0x91', 'ylod') + 'K'];var _0x32460f = '';for (var _0x1babeb = 0x0; _0x1babeb < _0x267d4a[_0x348d('0xf8', 'py]l') + 'th'] * 0x4; _0x1babeb++) {_0x32460f += _0x255a4b[_0x348d('0x124', 'w!2h') + 'i'](_0x39a464[_0x348d('0x27', 'm%Fh') + 'At'](_0x267d4a[_0x255a4b[_0x348d('0x15', 'FnP1') + 'j'](_0x1babeb, 0x2)] >> _0x255a4b[_0x348d('0xee', '%6S(') + 'y'](0x3, _0x255a4b[_0x348d('0x51', 'ENm)') + 'v'](_0x1babeb, 0x4)) * 0x8 + 0x4 & 0xf), _0x39a464[_0x348d('0x109', 'EKre') + 'At'](_0x255a4b[_0x348d('0xea', 'fe9y') + 'U'](_0x267d4a[_0x255a4b[_0x348d('0xeb', '1oFq') + 'g'](_0x1babeb, 0x2)] >> _0x255a4b[_0x348d('0xb0', 'U5T%') + 'O'](_0x255a4b[_0x348d('0x50', 'AGXa') + 'z'](0x3, _0x255a4b[_0x348d('0x54', '^J5D') + 'z'](_0x1babeb, 0x4)), 0x8), 0xf)));}return _0x32460f;}_0x18974e = _0x5ebc0f(_0x18974e);return _0x4ec834(_0x255a4b[_0x348d('0xd0', 'ylod') + 'Q'](_0x433ab7, _0x255a4b[_0x348d('0xa2', '3X1r') + 'C'](_0x2ecdbe, _0x18974e), _0x255a4b[_0x348d('0xcd', 'AGXa') + 't'](_0x18974e[_0x348d('0xb6', '0]K5') + 'th'], _0xf3f8f4)));
};function go(_0x5cea20) {var _0x19ceb1 = {};_0x19ceb1[_0x348d('0x59', 'AGXa') + 'R'] = _0x348d('0x9a', 'EKre') + 'i';_0x19ceb1[_0x348d('0x75', '@[DX') + 'm'] = function (_0x241cf8, _0xd2c906) {return _0x241cf8 < _0xd2c906;};_0x19ceb1[_0x348d('0xdf', 'EKre') + 'H'] = function (_0x5b0ba5, _0x2799b7) {return _0x5b0ba5 != _0x2799b7;};_0x19ceb1[_0x348d('0x71', 'U5T%') + 'h'] = function (_0x370d9d, _0x11a897) {return _0x370d9d !== _0x11a897;};_0x19ceb1[_0x348d('0x2f', 'EKre') + 'K'] = _0x348d('0x104', 'GVpO') + 'A';_0x19ceb1[_0x348d('0x19', '01z4') + 'l'] = function (_0x44efce, _0x6a1f54) {return _0x44efce < _0x6a1f54;};_0x19ceb1[_0x348d('0x115', '$po5') + 'V'] = function (_0x109193, _0x5e7c21) {return _0x109193 + _0x5e7c21;};_0x19ceb1[_0x348d('0xbb', '[HWx') + 'f'] = function (_0xb576bc, _0x24c17c) {return _0xb576bc >>> _0x24c17c;};_0x19ceb1[_0x348d('0x123', '4Hrm') + 'B'] = function (_0x1be6ab, _0x6821d3) {return _0x1be6ab << _0x6821d3;};_0x19ceb1[_0x348d('0xcf', 'U5T%') + 'g'] = function (_0x19f152, _0x5ebfb1) {return _0x19f152 - _0x5ebfb1;};_0x19ceb1[_0x348d('0x87', 'm%Fh') + 'r'] = function (_0x4bc5cd, _0xca45e4) {return _0x4bc5cd + _0xca45e4;};_0x19ceb1[_0x348d('0x7a', 'nU59') + 'q'] = _0x348d('0x11f', 'zRV7') + _0x348d('0xf1', '$po5') + '\x20/';_0x19ceb1[_0x348d('0x56', '[HWx') + 'h'] = _0x348d('0x79', '^J5D') + 'A';_0x19ceb1[_0x348d('0x39', 'nU59') + 'U'] = function (_0x1d5ecb, _0x2045f0) {return _0x1d5ecb(_0x2045f0);};_0x19ceb1[_0x348d('0xd4', 'ZSd[') + 'b'] = _0x348d('0x5e', 'jBZD') + 'q';var _0x92a453 = _0x19ceb1;function _0x32e6e3() {if (_0x348d('0x6c', 'O0pG') + 'j' === _0x92a453[_0x348d('0xb4', 'Brcn') + 'R']) {return;} else {var _0x5afd8f = window[_0x348d('0x82', '3X1r') + _0x348d('0x9b', 'ENm)') + 'r'][_0x348d('0xa0', '!jdL') + _0x348d('0x62', 'w!2h') + 't'],_0x39bd45 = [_0x348d('0xb9', 'NRJ5') + _0x348d('0x9c', '4Hrm')];for (var _0x1a5e00 = 0x0; _0x92a453[_0x348d('0x25', 'G#nw') + 'm'](_0x1a5e00, _0x39bd45[_0x348d('0x1f', 'U5T%') + 'th']); _0x1a5e00++) {if (_0x92a453[_0x348d('0x10a', '01z4') + 'H'](_0x5afd8f[_0x348d('0xe9', 'jBZD') + _0x348d('0xb8', 'Rtgy')](_0x39bd45[_0x1a5e00]), -0x1)) {return !![];}}if (window[_0x348d('0xf2', 'O0pG') + _0x348d('0x69', 'kPfA') + _0x348d('0x58', '^J5D')] || window[_0x348d('0x55', '!jdL') + _0x348d('0x21', 'bxDh')] || window[_0x348d('0x102', 'ZSd[') + _0x348d('0xbc', '$)5g')] || window[_0x348d('0x107', 'O0pG') + _0x348d('0xb', 'Rtgy') + 'r'][_0x348d('0x1b', '01z4') + _0x348d('0x12a', 'nr&J') + 'r'] || window[_0x348d('0x112', 'ENm)') + _0x348d('0x100', 'bgHV') + 'r'][_0x348d('0xb5', '[HWx') + _0x348d('0x1c', 'O0pG') + _0x348d('0x11', 'bxDh') + _0x348d('0x66', 'S3^t') + 'e'] || window[_0x348d('0xf9', 'bxDh') + _0x348d('0x22', 'ZSd[') + 'r'][_0x348d('0xfb', 'AGXa') + _0x348d('0x77', 'FnP1') + _0x348d('0x7c', 'zRV7') + _0x348d('0xd9', 'G#nw') + _0x348d('0xc', 'YMlY')]) {return !![];}}};if (_0x32e6e3()) {return;}var _0x5ec855 = new Date();function _0x4a5800(_0x487efe, _0x389ac6) {var _0x246487 = _0x5cea20[_0x348d('0x93', 'AGXa') + 's'][_0x348d('0x29', '^J5D') + 'th'];for (var _0xcf6732 = 0x0; _0x92a453[_0x348d('0x63', 'orhZ') + 'm'](_0xcf6732, _0x246487); _0xcf6732++) {if (_0x92a453[_0x348d('0x90', '^caq') + 'h'](_0x348d('0xa8', '0]K5') + 'A', _0x92a453[_0x348d('0x7d', 'NRJ5') + 'K'])) {return !![];} else {for (var _0x5aad4f = 0x0; _0x92a453[_0x348d('0x9', 'kPfA') + 'l'](_0x5aad4f, _0x246487); _0x5aad4f++) {var _0x4ddf38 = _0x92a453[_0x348d('0xa6', '@[DX') + 'V'](_0x389ac6[0x0], _0x5cea20[_0x348d('0xfa', '%6S(') + 's'][_0x348d('0x4a', 'yolJ') + 'tr'](_0xcf6732, 0x1)) + _0x5cea20[_0x348d('0xc8', 'ylod') + 's'][_0x348d('0xba', 'S3^t') + 'tr'](_0x5aad4f, 0x1) + _0x389ac6[0x1];if (hash(_0x4ddf38) == _0x487efe) {return _0x4ddf38;}}}}};var _0x7ef8a3 = _0x4a5800(_0x5cea20['ct'], _0x5cea20[_0x348d('0xe8', 'ENm)')]);return _0x7ef8a3;
};const data = {"bts": ["1680689291.03|0|wOcr", "3TzkKwfJAARP6mGt0%2FYOQ%3D"],"chars": "FbrIrYPARG11IQIDgBSMuI","ct": "d1559831de206f2384083e9f0a4f391778996e6607e50b0c08ca11d098336b64","ha": "md5","tn": "__jsl_clearance_s","vt": "3600","wt": "1500"
};function getCookies(_0x238288) {var __jsl_clearance_s = go(_0x238288)return {'__jsl_clearance_s': __jsl_clearance_s};
};
cookies = getCookies(data);
console.log(cookies);

10、接下来编辑python代码,调用刚刚写好的js代码,输出截图如下:

总结:此刻首页截图完美输出内容,就在我以为本次逆向已经结束的时刻,我再发送多次请求,结果翻车了,有的请求还是返回如下截图:

11、经过分析后,我定位到了问题,每次521第二次请求返回的json数据中,会携带当前参数执行sha1、md5、sha256等方式的加密标记,截图如下:

12、问题定位后,我们只需要将所有的加密方法实现一下即可,最后完整js加密部分代码如下图所示:(可以在上面js代码中替换这块加密即可)

13、最后附上python完整代码,相关敏感参数已经过滤:

# -*- coding: utf-8 -*-
# --------------------------------------
# @author : 逆向与爬虫的故事
# @time   : 2023.04.05 19:49:44
# --------------------------------------
import json
import re
from typing import Dictimport execjs
import requests
from requests import Session
from parsel import Selectorclass GovSpider(object):def __init__(self):self.url: str = "https://xxxx/index.html"self.headers: Dict[str, str] = {'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7','Accept-Language': 'zh-CN,zh;q=0.9','Cache-Control': 'no-cache','Connection': 'keep-alive','Pragma': 'no-cache','Sec-Fetch-Dest': 'document','Sec-Fetch-Mode': 'navigate','Sec-Fetch-Site': 'none','Sec-Fetch-User': '?1','Upgrade-Insecure-Requests': '1','User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36','sec-ch-ua': '"Google Chrome";v="111", "Not(A:Brand";v="8", "Chromium";v="111"','sec-ch-ua-mobile': '?0','sec-ch-ua-platform': '"macOS"',}self.session: Session = requests.Session()self.js = self.js_load()def js_load(self):with open('encrypt.js', 'r', encoding='utf-8') as f:jsl_js = f.read()result = execjs.compile(jsl_js)return resultdef get_cookies(self) -> Dict[str, str]:first_cookies = self.get_first_cookies()cookies = self.get_second_cookies(first_cookies)return cookiesdef get_first_cookies(self) -> Dict[str, str]:response = self.session.get(url=self.url, headers=self.headers)pattern = re.compile('<script>document\.cookie=(.*?);location', re.S)js = re.findall(pattern, response.text)[0]jsl_clearance_s = execjs.eval(js).split(';')[0]first_cookies = jsl_clearance_s.split("=")cookies = {"__jsl_clearance_s": first_cookies[1],"__jsluid_s": response.cookies.get("__jsluid_s"),}return cookiesdef get_second_cookies(self, first_cookies: Dict[str, str]):response = requests.get(url=self.url, headers=self.headers, cookies=first_cookies)data_str = re.findall(';go\((.*?)\)</script>', response.text)[0]data = json.loads(data_str)cookies = self.js.call('getCookies', data)cookies['__jsluid_s'] = first_cookies['__jsluid_s']return cookiesdef start_requests(self):cookies = self.get_cookies()res = self.session.get(url=self.url, headers=self.headers, cookies=cookies)res.encoding = 'utf-8'response = Selector(res.text)print(response.xpath("//text()").extract())if __name__ == '__main__':cs = GovSpider()cs.start_requests()

总结:本篇文章分析到这里就结束了,我们已经能够还原该网站cookie加密参数了,小明遇到的难题我们已经完美解决,整篇文章字数有点多,感谢大家耐心观看❤️


五、思路总结

回顾整个分析流程,本次难点主要概括为以下几点:

  • 如何快速确定加密参数

  • 合理使用各种分析工具

  • Js代码补环境及运行成功

  • Python代码流程输出

  • 对混淆的Js代码还原分析

  • 熟练掌握加密方法及运算

本篇分享到这里就结束了,欢迎大家关注下期,我们不见不散☀️☀️😊


往期推荐

微信自动聊天机器狗,配置chatGPT,比Siri还智能!

被魔改md5加密坑了?某网站魔改md5加密逆向还原 (多种语言还原)

爬虫最快框架collyx,今天开源了...

某站弹幕Protobuf协议逆向分析  |  Go语言版本

某游戏社区App | So层逆向分析

最近ChatGPT爆火,推荐一个干货满满的公众号:

逆向与爬虫的故事

专注于网络爬虫、JS逆向、APP逆向、安全攻防实战经验分享及总结。


作者简介

我是TheWeiJun,有着执着的追求,信奉终身成长,不定义自己,热爱技术但不拘泥于技术,爱好分享,喜欢读书和乐于结交朋友,欢迎加我微信与我交朋友。

分享日常学习中关于爬虫、逆向和分析的一些思路,文中若有错误的地方,欢迎大家多多交流指正☀️

文章来源:逆向与爬虫的故事(公众号)

原文链接:某安网别逆向,一不小心就......

微信搜:逆向与爬虫的故事;给我一个关注!

粉丝福利:公众号后台回复 chatgpt 即可获取机器狗完整代码

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.rhkb.cn/news/30678.html

如若内容造成侵权/违法违规/事实不符,请联系长河编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

群晖docker实现IPV6访问

概述&#xff1a; 群晖docker默认没有没有开启ipv6&#xff0c;需要修改docker的配置文件。 修改过程&#xff1a; 一、首先确认自己的网络已经支持IPV6&#xff08;需要光猫及路由器支持ipv6&#xff09; 1.登陆www.test-ipv6.com查看是否已经接入IPV6 2.登陆自己的群晖查…

群晖传文件到服务器,文件上传到群晖服务器

文件上传到群晖服务器 内容精选 换一换 监控数据上报功能可以将系统中采集到的监控数据写入到文本文件&#xff0c;并以FTP或SFTP的形式上传到指定的服务器中。使用该功能前&#xff0c;管理员需要在FusionInsight Manager页面进行相关配置。“监控数据上传”默认为不启用&…

群晖硬盘警告修复

群晖硬盘警告修复 为了更好的浏览体验&#xff0c;欢迎光顾勤奋的凯尔森同学个人博客http://www.huerpu.cc:7000 我的群晖每次被我拿出来的时候&#xff0c;由于震动等原因&#xff0c;会时不时出现硬盘警告的提示&#xff0c;从而导致无法使用&#xff0c;现在我们来屏蔽一下…

安装群晖显示服务器忙,云服务器安装群晖

云服务器安装群晖 内容精选 换一换 华为云帮助中心,为用户提供产品简介、价格说明、购买指南、用户指南、API参考、最佳实践、常见问题、视频帮助等技术文档,帮助您快速上手使用华为云服务。 登录Windows操作系统的弹性云服务器时,需使用密码方式登录。因此,用户需先根据创…

群晖php mysql网站博客,群晖建博客详细教程

群晖建博客详细教程 2017-03-01 14:23:01 36点赞 419收藏 44评论 小编注:此篇文章来自即可瓜分10万金币,周边好礼达标就有,邀新任务奖励无上限,点击查看活动详情 群晖NAS功能强大,除了大家都知道的存储文件,代替各种公有云以外,还可以当成一个网站服务器来使用。配合DDN…

群晖web文件服务器docker,群晖docker搭建数据库服务器

群晖docker搭建数据库服务器 内容精选 换一换 本手册基于华为云关系型数据库实践所编写,用于指导您完成相关设置,购买更符合业务的数据库实例。 创建一个外部服务器。外部服务器是存储OBS服务器信息或其他同构集群信息的载体。默认只有系统管理员才可以创建外部服务器,否则需…

群晖系统ftp服务器,群晖对接云服务器ftp

群晖对接云服务器ftp 内容精选 换一换 用户可以在MRS Manager界面上配置监控指标数据对接参数,使集群内各监控指标数据通过FTP或SFTP协议保存到指定的FTP服务器,与第三方系统进行对接。FTP协议未加密数据可能存在安全风险,建议使用SFTP。MRS Manager支持采集当前管理的集群内…

群晖服务器+微信同步,群晖服务器 云同步

群晖服务器 云同步 内容精选 换一换 集群中的每一个节点对应一台弹性云服务器或物理机,集群节点创建成功后,您仍可以根据需求,修改云服务器的名称或变更规格。CCE节点的部分信息是独立于弹性云服务器ECS维护的,当您在ECS控制台中修改云服务的名称、弹性公网IP,以及变更计费…

群晖使用心得

近期采购了群晖的DS920和DS220&#xff0c;又对比了DS420J和DS220J&#xff0c;总结出一些心得体会&#xff1a; 1、群晖的操作系统是嵌入式Linux&#xff08;DSM&#xff09;&#xff0c;支持x86和ARM 两种架构&#xff0c;安装ipkg或opkg&#xff0c;再安装一些常用软件就能…

群晖DS218+部署GitLab

欢迎访问我的GitHub https://github.com/zq2599/blog_demos 内容&#xff1a;所有原创文章分类汇总及配套源码&#xff0c;涉及Java、Docker、Kubernetes、DevOPS等&#xff1b; 起因是懒 最近开始折腾GitLab的CI功能&#xff0c;就打算在家部署一个GitLab&#xff0c;通常做…

群晖安装aria2

下载镜像&#xff1a;oldiy-aria2-ui-ng1 新建文件夹&#xff1a;aria2 -conf 设置rpc密钥&#xff0c;之前环境变量里面设置的secret 设置bt服务器地址 https://edam.top/tk/ 最后&#xff0c;需要一个热门的文件来下载&#xff0c;我这边使用的是【ubuntu-21.10-desktop-amd…

虚拟机安装群晖

1.准备文件 下载链接 群晖助手、群晖pat文件、虚拟机文件 2.记事本编辑虚拟机vmx文件 修改版本号与虚拟机版本一致 3.双击vmx文件 选择虚拟机 右键设置参数如图 4.安装群晖助手 启动虚拟机打开助手 搜索联机 等待加载 点击安装 选择pat 等待安装 配置账号信息登录

CentOS7设置登录次数限制

最近我的1核2G服务器居然都被人盯上了&#xff08;逃 每天都有大量登录失败的记录&#xff0c;防止被暴力破解&#xff0c;修改了ssh默认的22端口&#xff0c;结果还是被人扫描出了修改后的端口。遂添加如下登录次数限制。 使用系统版本&#xff1a;CentOS7.6 修改文件&#…

金蝶K3WISE V14.0注册方法

金蝶K3WISE V14.0破解注册码&#xff0c;安全可靠&#xff0c;使用稳定。K3 WISE的最后一个离线版本。也是最稳定的版本。欢迎联系&#xff0c;联系方式见下图。 经常长期测试&#xff0c;该版本可以使用。 正版K3WISE&#xff0c;价格在几万-几十万&#xff0c;如果你使用破解…

PyTorch中的Element-wise operations

1. What does element-wise mean? 逐个元素操作是两个tensor之间的操作,该操作在相应tensor内的对应元素上进行, t1和t2中的1和9就是tensor中的对应元素。 加法是按element-wise进行的运算,实际上,所有算术运算(加,减,乘和除)都是按逐个元素进行的运算。 标量值是Ran…

SoftMax温度系数temperature parameter

深度学习中的temperature parameter是什么 问题来源 在google的论文《Sampling-Bias-Corrected Neural Modeling for Large Corpus Item Recommendations》中看到这个公式: 对于这个t很好奇。 先简单介绍一下这篇论文&#xff0c;用双塔做推荐&#xff0c;左侧是user特征&…

采用热电偶温度传感器实现超高精度温度跟踪控制的解决方案

摘要&#xff1a;针对温度跟踪控制中存在热电堆信号小致使控制器温度跟踪控制精度差&#xff0c;以及热电阻形式的温度跟踪控制中需要额外配置惠斯特电桥进行转换的问题&#xff0c;本文提出相应的解决方案。解决方案的核心是采用一个多功能的超高精度PID控制器&#xff0c;具有…

Linux如何通过sensors来监控CPU温度

当你在linux系统下运行一下比较占用CPU资源的程序时&#xff0c;你会很关心你的CPU是否超温&#xff0c;小编就在介绍下如何实时监控CPU的温度 1、首先查看是否安装sensors包&#xff0c;使用以下命令查看&#xff1a; rpm -qa|grep sensors 2、如果没有安装&#xff0c;Cent…

s-tui:在 Linux 中监控 CPU 温度、频率、功率和使用率的终端工具

一般每个 Linux 管理员都会使用 lm_sensors 监控 CPU 温度。lm_sensors &#xff08;Linux 监控传感器&#xff09;是一个自由开源程序&#xff0c;它提供了监控温度、电压和风扇的驱动和工具。 如果你正在找替代的 CLI 工具&#xff0c;我会建议你尝试 s-tui。 它其实是一个…