Shulou(Shulou.com)06/01 Report--

This article is about how to do signature analysis. The editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article. Let's take a look at it with the editor.

Open Jinri Toutiao.

Take hot spots as an example

There will be no xhr breakpoint here.

You can search for _ signature directly.

F8 until url is "/ toutiao/api/pc/feed/"

And then go inside the function.

Basically, get the url and then encrypt the url.

Let's see.

Window.byted_acrawler.sign? Window.byted_acrawler.sign (o): ""

Three-eye operation algorithm.

Let's take a look at the function byted_acrawler.

An encryption

An entrance.

One is true.

See that the functions are bound to window. Then sign encrypts.

Let's find byted_acrawler first. Where is this.

Search the whole world.

Find him in html.

Here, understand it this way.

The html that the web page loads first. Is this all right?

Then, the js in the script begins to execute.

Well, did you notice the uh js file in the script tag on the byted_acrawler on the picture?

Function

After the js file is executed

Execute the following entry function.

So you can see how they set up a connection.

Window is global.

Then let's look at the sign function.

Go directly inside the function.

Here's the thing.

Let's copy the code here, all of it.

Well, nodejs is recommended.

Change it to something like this.

The following is the error message.

Window is not defined

Modified to: window = global

Cannot read property 'body' of undefined:

This is from document.

The most classic error report.

Cannot read property'x'of undefined

Missing functions, what is missing, can be added according to debugging.

Cannot read property 'href' of undefined

It's location.href.

Many people have no idea.

Cannot read property 'length' of undefined

The specific reason is that when you take a value, you get null.

The specific debugging can be known.

Cannot read property 'userAgent' of undefined

This is probably very common for everyone.

Navigtor.userAgent

After completing the things on it, you will find out.

In fact, this result can be used.

Don't look short.

But as long as it works.

Cannot read property 'width' of undefined

This is the width and height of the screen.

After you add it, you won't make a mistake.

You can use it, right? Why go on, huh?

I'm just lazy here.

Let's print it.

Found that there is also a cookie.

We add cookie.

Run.

I hope you're satisfied.

In fact, it has proved a lot of things.

There's no need to go any further.

Use it, slutty years.

-dividing line-

Next.

Douyin

_ signature

Explain.

Still searching globally. Signature

And then go down and up the breakpoint.

It's already been said here.

No more explanation.

Get in the car.

Copy it all.

There are two ways to write it, or even more.

The first kind. Set _ _ M function, troublesome

Second, it depends on how you buckle it.

And then run.

E is not defined

_ bytedAcrawler is not defined

Modify to

E = _ bytedAcrawler = {}

Cannot read property 'userAgent' of undefined

Navigtor.userAgent

And then I found out that the results came out.

And then verify it over and over again, it's all wrong.

The result has never been fixed.

Because of try drop.

According to the error message, add document.

And canvas painting.

Document = {

CreateElement:function () {return {getContext:function getContext () {return {fillRect: function fillRect () {}, fill: function fill () {}, stroke: function () {}, fillText: function () {} Arc: function () {},} }, toDataURL:function toDataURL () {return _ "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYAAABkW7XSAAAEYklEQVR4Xu3UAQkAAAwCwdm/9HI83BLIOdw5AgQIRAQWySkmAQIEzmB5AgIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlAABg+UHCBDICBisTFWCEiBgsPwAAQIZAYOVqUpQAgQMlh8gQCAjYLAyVQlKgIDB8gMECGQEDFamKkEJEDBYfoAAgYyAwcpUJSgBAgbLDxAgkBEwWJmqBCVAwGD5AQIEMgIGK1OVoAQIGCw/QIBARsBgZaoSlACBB1YxAJfjJb2jAAAAAElFTkSuQmCC"

},}

It can also be improved on its own.

Add the most important tac, in HTML.

And then run it.

Here, because of the browser, there may be four or five differences between the generated signature and the characters generated by the browser. This can be filtered.

You can also access data normally.

Just generate it according to his encryption rules.

This is how to conduct signature analysis. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.