Shulou(Shulou.com)06/01 Report--

JS reverse tips and XHR breakpoint case analysis, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

What should I do if the search parameters cannot be found? (XHR requests only)

Before analyzing the request, share a debugging tip.

Today, several people in the group stroke are struggling with how to determine whether the data is generated by js or loaded asynchronously.

There are two methods that I often use:

First, right-click to check the "web page source code", and then search the interface of the open web page source code to determine whether the data we want is in it.

Second, turn off the js loading function of the web page to see whether the data we need can be loaded smoothly or whether the data is complete. The steps are also very simple.

Step 1: click the location in the icon at the front of the address bar and select the site settings.

Step 2: select JavaScript to disable in the permission location, return to refresh the web page, and check whether the data is loaded smoothly.

The above two tips can greatly facilitate our debugging, so we don't have to guess.

Analysis request

Using the above method, we determine that the data is loaded through js, and that the requested and returned parameters are encrypted.

At this point, we need XHR breakpoints to help us locate the encryption.

Locate the encrypted location

Let's add a XHR breakpoint first.

Refresh the page.

You can see that the breakpoint already has the parameter encryption we need.

Encryption Analysis-Parameter encryption

Let's first find out where the parameters are not encrypted. Look up and soon see where the parameters are not encrypted.

You can see that the positions of the two breakpoints in figure 1 above are just operations such as serializing the data, and the location parameters of breakpoints 3 and 4 are encrypted. So we can refresh it and see how the data is encrypted.

When you get to this position, you can chase in and analyze it, and then it will be relatively simple.

You can see that here is the main encryption logic of the parameter:

And with regard to the sig parameters, the logic has also been analyzed.

The next step is to analyze the decrypted location of the returned parameters.

Encryption Analysis-data decryption

The location of the data decryption was quickly located, and we saw that l was the returned ciphertext.

I am now the position of the breakpoint, which is the location of the decryption. Follow the method of parameter encryption and you can see the method of decryption.

Deducting the decryption and decryption methods is the js code we need.

After reading the above, have you mastered the tips of JS reverse and the method of case study of XHR breakpoints? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.