Shulou(Shulou.com)05/31 Report--

Editor to share with you NetEase Yun music hot review crawler how to use python to achieve decompilation encryption parameters, I believe that most people do not know much, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

First, understand the encryption process 1.1 by observing network requests

It is found that the following interface contains the required data. Contains the latest comments on this page, as well as all the hot comments

If you look at the parameters of its comments, it really makes people a little confused.

When many people see this string of characters, they may simply take a look at the front and rear interfaces for data and then give up. All right, don't sell it. This chapter analyzes the encryption process of the whole parameter and realizes the final simulation request to get the data.

1.2 find request parameters

As you can see, it has two parameters, one is params, the other is encSecKey and both are encrypted, so we need to analyze its location in js (F12 opens source to search encSecKey)

Enter the js, and after breakpoint debugging, it is found that this is the place where the final parameters are generated.

1.3 observe the changes of parameters

Simulate different paging requests and observe the changes. The effect is as follows:

By comparing the changes of parameters, the composition of parameters is obtained.

Csrf_token: always empty string

Cursor: the first page defaults to-1; this parameter is the last comment timestamp of the previous page when the next page is requested (to prevent data duplication)

Offset: number of mobile comments

OrderType: default 1

PageNo: page number

PageSize: default 20

Rid: Renewal SOF4 _ + song ID

ThreadId: Renewal SOF4 _ + song ID

Since then, we already know the composition of the whole parameter, so let's take a look at how NetEase encrypts the parameters.

Analyze the encryption function

As we already know through the breakpoint, the following js code is the focus of our analysis.

Var bZj0x = window.asrsea (JSON.stringify (i2x), bkk0x (["tears", "strong"), bkk0x (YS7L.md), bkk0x (["Love", "Girl", "panic", "laughter"]); e2x.data = j2x.cr3x ({params: bZj0x.encText, encSecKey: bZj0x.encSecKey})

As long as the bZj0x is solved, it will be ok. Here we mainly analyze several functions.

2.1 JSON.stringify (i2x)

Breakpoint modulation found i2x return content

It is the whole dictionary parameter analyzed above.

Csrf_token: "cursor:" 1610076350235 "offset:" 40 "orderType:" 1 "pageNo:" 2 "pageSize:" 20 "rid:" R_SO_4_1807537867 "threadId:" R_SO_4_1807537867 "2.2 bkk0x function

Bkk0x ([tears "," Qiang "), bkk0x (YS7L.md), bkk0x ([" Love "," Girl "," panic "," laughter "]) all use the same function. Let's take a look at the internal implementation of the bkk0x function.

Var bkk0x = function (cJj8b) {var m2x = []; j2x.bf2x (cJj8b, function (cJi8a) {m2x.push (YS7L.emj [cJi8a])}); return m2x.join (")}

Equivalent to python writing

Def get_bq_n1x (keys): m0x = [] for key in keys: m0x.append (emj [key]) return''.join (m0x)

YS7L.emj is a fixed dictionary

YS7L.emj = {"color": "00e0b", "flu": "509f6", "here": "259df", "weak": "8642d", "lips": "bc356", "pro": "62901", "happy": "477df", "bared teeth": "22677", "smirk": "ec152" "Cat": "b5ff6", "frown": "8ace6", "Ghost": "15bb7", "cake": "b7251", "anger": "52b3a", "crying": "b17a8", "Rabbit": "76aea", "Star": "8a5aa", "Love": "76d2e" "holding hands": "41762", "Rooster": "9ec4e", "Love": "e341f", "prohibition": "56135", "dog": "fccf6", "kiss": "95280", "fork": "104e0", "gift": "312ec", "dizzy": "bda92" "stupid": "557c9", "sick": "38701", "Diamond": "14af6", "bye": "c9d05", "anger": "c4f7f", "showing love": "0c368", "sweat": "5b7a4", "chicken": "6bee2", "pain": "55932" "mouth-lifting": "575cc", "fear": "e10b4", "mask": "24d81", "tongue spitting": "3cfe4", "heartbreak": "875d3", "angry": "e8204", "cute": "7b97d", "grimace": "def52", "dancing": "741d5" "Boys": "46b8e", "Smiles": "289dc", "Pig": "6935b", "Circle": "3ece0", "poop": "462db", "Alien": "0a22b", "Christmas": "8e7", "tears": "01000", "Qiang": "1" "Love": "0CoJU", "Girl": "m6Qyw", "panic": "8W8ju", "laughter": "d"}

YS7L.md is a fixed data

YS7L.md = [color "," flu "," here "," weak "," lips "," kiss "," happy "," bared teeth "," smile "," cat "," frown "," ghost "," cake "," angry "," cry "," rabbit "," star "," love "," holding hands "," rooster "," love "," forbidden " "Dog", "kiss", "fork", "gift", "dizziness", "daze", "illness", "diamond", "worship", "anger", "show of love", "sweat", "chicken", "pain", "mouth-lift", "fear", "mask", "tongue spitting", "heartbreak", "anger", "cute", "ghost face", "dancing" "Boy", "smirk", "pig", "circle", "poop", "alien", "Christmas"]

So the parameters of the entire window.asrsea are available, so let's take a look at window.asrsea () to see what the function does.

2.3 window.asrsea () function a (a) {var d, e, b = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", c = ""; for (d = 0; a > d; d + = 1) e = Math.random () * b.length, e = Math.floor (e), c + = b.charAt (e) Return c} function b (a, b) {var c = CryptoJS.enc.Utf8.parse (b), d = CryptoJS.enc.Utf8.parse ("0102030405060708"), e = CryptoJS.enc.Utf8.parse (a), f = CryptoJS.AES.encrypt (e, c, {iv: d, mode: CryptoJS.mode.CBC}) Return f.toString ()} function c (a, b, c) {var d, e; return setMaxDigits, d = new RSAKeyPair (b, ", c), e = encryptedString (d, a)} function d (d, e, f, g) {var h = {}, I = a (16) Return h.encText = b (d, g), h.encText = b (h.encText, I), h.encSecKey = c (I, e, f), h} function e (a, b, d, e) {var f = {}; return f.encText = c (a + e, b, d), f} window.asrsea = d

You can see that window.asrsea = d, so what we are going to do is the function d, which mainly performs three operations

A (16) to generate a 16-bit random number

Do AES encryption twice to get h.encText

Generate h.encSecKey through a series of operations such as displacement

3. Python implements the same encryption algorithm "NetEase Cloud request parameter decompiler: main breakpoint observation js, change to python implementation" emj = {"Color": "00e0b", "flu": "509f6", "this side": "259df", "weak": "8642d", "lips": "bc356", "pro": "62901", "happy": "477df" "grinning": "22677", "laughing": "ec152", "Cat": "b5ff6", "frowning": "8ace6", "Ghost": "15bb7", "Cake": "b7251", "angry": "52b3a", "crying": "b17a8", "Rabbit": "76aea", "Star": "8a5aa", "Love": "76d2e" "holding hands": "41762", "Rooster": "9ec4e", "Love": "e341f", "prohibition": "56135", "dog": "fccf6", "kiss": "95280", "fork": "104e0", "gift": "312ec", "dizzy": "bda92", "stay": "557c9", "sick": "38701" "Diamond": "14af6", "Bye": "c9d05", "anger": "c4f7f", "Love": "0c368", "Khan": "5b7a4", "Chicken": "6bee2", "pain": "55932", "mouth-lifting": "575cc", "fear": "e10b4", "Mask": "24d81", "tongue out": "3cfe4" "heartbreak": "875d3", "angry": "e8204", "cute": "7b97d", "grimace": "def52", "dance": "741d5", "boy": "46b8e", "smirk": "289dc", "pig": "6935b", "circle": "3ece0", "poop": "462db", "alien": "0a22b" "Christmas": "8e7", "tears": "01000", "strong": "1", "love": "0CoJU", "girl": "m6Qyw", "panic": "8W8ju", "laugh": "d"} md = ["color", "flu", "here", "weak", "lips", "kiss", "happy", "show your teeth" "laughing", "cat", "frowning", "ghost", "cake", "angry", "crying", "rabbit", "star", "love", "holding hands", "rooster", "love", "forbidden", "dog", "kiss", "fork", "gift", "dizzy", "stupid", "sick", "diamond" "worship", "anger", "show of love", "sweat", "chicken", "pain", "mouth-lift", "fear", "mask", "tongue out", "heartbreak", "anger", "cute", "ghost face", "dance", "boy", "smirk", "pig", "circle", "poop", "alien" "Christmas"] def get_bq_n1x (keys): m0x = [] for key in keys: m0x.append (emjkey]) return''.join (m0x) def _ _ get_random_str (): "" random string of Returns:16 bits "" str_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" random_str = "" for i in range (16): index = random.randint (0) Len (str_set)-1) random_str + = str_ set [index] return random_strarg2 = get_bq_n1x (["tears", "strong"]) arg3 = get_bq_n1x (md) arg4 = get_bq_n1x (["Love", "girl", "scared", "laugh"]) random_str = _ _ get_random_str () def _ aes_encrypt (text) Key): "get the data encrypted by ASW Args: text: first, CBC encryption method Text must have 16-bit data key: encrypted key Returns: encrypted string "# initial vector for encryption or decryption (16-bit) iv =" 0102030405060708 "# if not a multiple of 16, fill pad = 16-len (text)% 16 if isinstance (text) Str): text = text + pad * chr (pad) else: text = text.deocde ("utf-8") + pad * chr (pad) aes = AES.new (key=bytes (key, encoding= "utf-8"), mode=2, iv=bytes (iv, encoding= "utf-8") res = aes.encrypt (bytes (text) Encoding= "utf-8") res = base64.b64encode (res) .decode ("utf-8") return resdef _ _ get_enc_text (arg1): "symmetrically encrypted parameter Args: arg1: encryption parameter Returns:" enc_text = _ aes_encrypt (arg1, arg4) enc_text = _ aes_encrypt (enc_text) Random_str) return enc_textdef _ _ get_enc_sec_key (): symmetric encryption key by looking at the js code Get encSecKey "" # Random string in reverse order text = random_str [::-1] rs = int (codecs.encode (text.encode ('utf-8'),' hex_codec'), 16) * * int (arg2, 16)% int (arg3, 16) return format (rs,'x'). Zfill (text): # print (text) return textdef get_form_data (text) Method=''): "" decompile the form-data parameter of the request Args: text: track js, assemble the parameter method: method Returns:form-data parameter "if method= = 'linux': return linux_encrypt (text) text = str (text) return {" params ": _ _ get_enc_text (text) "encSecKey": _ _ get_enc_sec_key ()} IV. Simulate and request song comments

As long as the encryption process is known, many interfaces can simulate requests. This article is for learning only.

The final execution effect is as follows:

These are all the contents of this article entitled "how to use python to decompile encryption parameters in NetEYun Music Review Crawler". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.