Shulou(Shulou.com)06/01 Report--

This article mainly introduces "the case study of AES in Python crawler". In the daily operation, I believe that many people have doubts about the case study of AES in Python crawler. Xiaobian consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "case analysis of AES in Python crawler". Next, please follow the editor to study!

XX property insurance

AHR0cHM6Ly90aWFuYXcuOTU1MDUuY24vdGFjcGMvIy9sb2dpbg==

Bag grab analysis

Grasp packet analysis, analyze encryption field jsonKey

Encrypted location

A direct global search for jsonKey shows that there is only one related file.

Click on the search results to continue the search, find the suspected location, and hit the breakpoint to continue to initiate the request.

If you successfully hit the breakpoint, you can see that the generation of this variable V is a very standard AES encryption, using CBC padding.

XX Happy go

AHR0cDovL2xvZ2luLjE4OS5jbi93ZWIvbG9naW4=

Bag grab analysis

For packet capture analysis, you can see the encryption parameter upwd

Encrypted location

Global direct retrieval of the encryption parameter upwd

Go straight in and retrieve it again according to the results of the search.

You can see that the variable b is the encryption result we need, but the b here is obviously difficult to locate. since this b is a parameter of ValidatePwd, let's try to retrieve the method name directly.

This is where our password is passed in, so let's chase it in and see the logic.

This is the obvious AES encryption.

XX travel

AHR0cHM6Ly9ob3RlbC5iZXN0d2Vob3RlbC5jb20vTmV3TG9naW4vP2dvPWh0dHBzJTNBJTJGJTJGaG90ZWwuYmVzdHdlaG90ZWwuY29tJTJG

Bag grab analysis

The encryption parameter password is included in the submitted parameter

Encrypted location

If you directly retrieve the encryption parameter password, you can find many encryption-related parameters, and they are not strongly related to the encryption parameters.

Finally found the code related to password encryption in the following file.

Chase the file and retrieve it again, find the suspected encrypted place and hit the breakpoint.

The new request was successfully cut off.

Two more steps inside and you'll see this AES encryption.

At this point, the study of "case study of AES in Python crawler" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.