记一次js逆向破解数据接口加密实现抓取采集
小编需要对某网站进行数据抓取,但该网站为商业平台,存在部分加密。
一、抓取前分析:
1、平台存在行为统计,浏览页面都会被计数(通过接口获取的数据也被计数),未发现可以越权的渠道。部分数据被展示到前台,如下图:
2、通过DevTools测试发现除一级列表外,二级列表、三级内容等所有接口都在本页面使用ajax通过post方式获取。我们注意到分配了PHPSESSID以及可能用于身份验证的cookie,cookie中标记了当前页面的ID。
3、通过Postman进行初步测试,不携带cookie及相应头信息,返回信息为空(通过UA等的简单伪装无效)。
4、通过携带cookie和头信息,通过Postman再次测试,返回信息仍为空。
5、分析后发现,目标平台是通过jquery框架实现的ajax请求,在header中增加了“X-Requested-With:XMLHttpRequest”参数(该参数一般只在jquery编写的ajax请求中才有,原生ajax没有),该参数主要实现ajax的异步处理。再次测试成功获取到返回信息,解构后与平台实际值一致。
5、由于目标平台用户量不大,通过真实的PHPsessionID抓取数据,存在被平台发现封号的可能。尝试伪装PHPsessionID和cookie测试无法获取到值。另外请求列表接口时必须在cookie中携带当前频道的ID、加密字符串和时间戳,但当前有数千个频道列表,实际编写时应该谨慎对待。
二、JS逆向:
1、本以为到这一步可以进行抓取了,实际抓取时发现获取到的信息中有混淆。根据经验,混淆的信息一定是在前端解构时通过js反混淆后将正确信息展示给用户的。
获取到的json信息经过unicode转中文、格式化后如下:
{
"rows": [{
"cz": "1",
"cz1": "0",
"q": "0wjGX1DnKozQ6LYXZ2PNk4BbOAaW3dpJ",
"qflag": "1",
"title": "秦皇品美亦食岛包装制品有限公司",
"etitle": "",
"e": "2AD8o6Yb4wym1LwpJrEMWqXpBOjNZzQ7",
"liup": "1",
"times": "2024年3月04日",
"d": "Y7JVx8jo3X0wlLKzGnyPAZy26aOBqv1m",
"ennum": "6",
"photonum": true,
"timezh": "2023-05-22",
"cname": "曹勇",
"timecr": "2017-08-31",
"city": "秦皇岛市",
"numcz": "15",
"web": null,
"followstatus": null,
"img": "/exhibitor/exhibitor264/1318420.jpg",
"imgti": "秦",
"a": "06DT",
"b": "06D7",
"nums_contact": 3,
"lives": ""
}]
}
2、信息中的错误示例如下:
错误1:秦皇品美亦食岛包装制品有限公司
正确1:秦皇岛美亦食品包装制品有限公司
错误2:辉山乳业(阳沈)销售有限公司
正确2:辉山乳业(沈阳)销售有限公司
3、混淆信息主要是title字段(以及其他部分不太重要的字段),混淆方式主要为单字符位置对调,但调换规则无迹可寻。
4、查看页面的DOM结构(页面禁用了控制台和按键,手法相对幼稚),填充主体容器ID为#searchListTemplate,页面代码是通过artTemplate编写的,是一个轻量javascript模板引擎。页面引用的js文件较多,最终在liveview.js中找到了请求“/lvinfo”接口的踪迹,但代码也被混淆加密了。完整代码如下:
var _0x2b21=['此功能','.options-item-list>li.active','find','each','li[data-type=x27keywordsx27]','text','post','x22x20data-text=x22','<spanx20data-value=x22','body','span','x22x20x20class=x22tag-keywordsx22>','click.search_order','searchCountryTemplate','click.needLogin1','append','.company-main-new','x22x20class=x22tag-defaultx22>','data','active-clear','hasClass','addClass','toggleClass','.total>em','.company-main.company-main-new','none','iid','data-text','openPopupLayer','.filter-tag-box>li','.btn_more','/livedata','replace','#column_menu','toggle','actives','closest','active','.filter-tag-box>li[data-type=x27keywordsx27]','value','span.tag-keywords','data-value','500','.leftmenut','keywords','removeClass','empty','attenx20follow','.options-item-list','trim','livePopup','><h2>','follow','.floating_frame','#country_menu','.filter-options-box','html','</li>','#list_search','prepend','parents','.thumbnail.company-main-new','length','.no-data','/lvinfo','.moreintro','hide','.column_menu','li[data-type=x27','<lix20data-type=x22keywordsx22>','x22><spanx20data-value=x22','.search_order','remove','attr','.columnOptions','checked','.list-page-info','.list-page-info.second','open','<divx20class=x22info-linex22x20','li[data-type]','click','/lvcountry','#clear_all','/view_follow','.logo-box-new','.pdfimg','display','div.icheckbox_flat-red','.filter-tag-box','type','</h2>','preventDefault'];var _0x206b=function(_0x2b218a,_0x206b07){_0x2b218a=_0x2b218a-0x0;var _0x4cc17e=_0x2b21[_0x2b218a];return _0x4cc17e;};ajax_data_in();var orderfiled='';var new_temp='';var ccmo=!![];$(function(){$('.options-item-list')['on']('click','li',function(_0x984f33){if(!vpc){novipc(_0x206b('0x0'));return![];}var _0x39ced5=$(this),_0x224316=_0x39ced5['closest']('li[data-type],ul[data-type]'),_0x4be712=_0x224316['data']('type'),_0x800662=_0x39ced5[_0x206b('0x12')](_0x206b('0x27')),_0x56a170=_0x39ced5[_0x206b('0x5')]();f=$('.filter-tag-box>li[data-type=x27'+_0x4be712+'x27]');if(_0x39ced5[_0x206b('0x14')](_0x206b('0x25'))){_0x39ced5[_0x206b('0x2d')](_0x206b('0x25'));if(f[_0x206b('0x2')]('span')[_0x206b('0x3e')]==0x1){f[_0x206b('0x48')]();}else{f[_0x206b('0x2')]('[data-value=x22'+_0x800662+'x22]')['remove']();}}else{_0x39ced5[_0x206b('0x15')]('active');0x0===f[_0x206b('0x3e')]?$('.filter-tag-box')['append']('<lix20data-type=x22'+_0x4be712+_0x206b('0x46')+_0x800662+'x22x20data-text=x22'+_0x56a170+'x22x20class=x22tag-defaultx22>'+_0x56a170+'<ix20class=x22iconfontx20icon-shanchux22> </i></span></li>'):(r=f['find']('[data-value=x22'+_0x4be712+'x22]'),0x0===r[_0x206b('0x3e')]&&f[_0x206b('0xf')](_0x206b('0x8')+_0x800662+'x22x20data-text=x22'+_0x56a170+_0x206b('0x11')+_0x56a170+'<ix20class=x22iconfontx20icon-shanchux22> </i></span>'));}ajax_data_in();});$('body')['on']('click','div.icheckbox_flat-red',function(_0x1fa0d7){var _0x35585d=$(this);if(_0x35585d[_0x206b('0x24')]('li')['index']()===0x0){_0x35585d=$(_0x206b('0x58'));}if($(this)[_0x206b('0x14')](_0x206b('0x4b'))){_0x35585d['removeClass'](_0x206b('0x4b'));}else{_0x35585d[_0x206b('0x15')](_0x206b('0x4b'));}});$(_0x206b('0x59'))['on']('click','.icon-shanchu',function(_0x154f5b){if($(this)['closest'](_0x206b('0x50'))[_0x206b('0x12')]('type')==_0x206b('0x2c')){if($(_0x206b('0x59'))[_0x206b('0x2')](_0x206b('0x4'))[_0x206b('0x2')](_0x206b('0x28'))[_0x206b('0x3e')]==0x1){$('.filter-tag-box')['find']('li[data-type=x27keywordsx27]')['remove']();}else{$(this)[_0x206b('0x24')](_0x206b('0x28'))['remove']();}if($('.filter-tag-box>li')['length']===0x0){$('#clear_all')[_0x206b('0x2d')](_0x206b('0x13'));}else{$('#clear_all')[_0x206b('0x15')]('active-clear');}ajax_data_in();}else{$(_0x206b('0x37'))['find'](_0x206b('0x44')+$(this)['closest'](_0x206b('0x50'))['data']('type')+'x27]')[_0x206b('0x2')](_0x206b('0x30'))['find']('li[data-value=x27'+$(this)['closest'](_0x206b('0xa'))[_0x206b('0x12')]('value')+'x27]')[_0x206b('0x51')]();}});$(_0x206b('0x9'))['on']('click.active-clear','.active-clear',function(_0x1b4ac1){_0x1b4ac1[_0x206b('0x5c')]();if($(this)[_0x206b('0x14')](_0x206b('0x13'))){$(_0x206b('0x1'))[_0x206b('0x2d')](_0x206b('0x25'));$(this)[_0x206b('0x2d')]('active-clear');$(_0x206b('0x59'))[_0x206b('0x2e')]();}ajax_data_in();});$(document)['on'](_0x206b('0xe'),'.needLogin1',function(){if(!gbid){nologin('即可关注');return![];}var _0x3798a6=this;var _0x46af18=$(_0x3798a6)['find']('span')['hasClass'](_0x206b('0x34'))?0x0:0x1;var _0x2fa73a=_0x46af18?$(_0x3798a6)[_0x206b('0x49')](_0x206b('0x1b')):$(_0x3798a6)['attr'](_0x206b('0x29'));$['post'](_0x206b('0x54'),{'id':_0x2fa73a,'flag':_0x46af18},function(_0xe137){resu=eval('('+_0xe137+')');if(resu){if(_0x46af18){$(_0x3798a6)[_0x206b('0x49')]('data-value',resu);$(_0x3798a6)[_0x206b('0x2')]('span')['attr']({'title':'已关注','class':_0x206b('0x2f'),'data-value':resu});toast('已关注x20'+$(_0x3798a6)[_0x206b('0x49')](_0x206b('0x12'))+'x20,进入用户中心查看已关注企业',0x1);}else{$(_0x3798a6)['attr']('data-value','');$(_0x3798a6)[_0x206b('0x2')](_0x206b('0xa'))[_0x206b('0x49')]({'title':'立即关注','class':'attenx20nfollow','data-value':''});toast('已取消关注x20'+$(_0x3798a6)['attr']('data'),0x1);}}});});$(_0x206b('0x3a'))['on']('keydown',function(_0x35085e){if(!vpc){novipc('此功能');return![];}if(0xd!==_0x35085e['keyCode'])return!0x0;var _0x558df5=$(this)['val']();if(!_0x558df5||$[_0x206b('0x31')](_0x558df5)==''||$['trim'](_0x558df5)[_0x206b('0x3e')]<0x2){toast('至少2个关键字');return![];}var _0x81fa27=$(_0x206b('0x26'));var _0x49001d='<spanx20data-value=x22'+_0x558df5+_0x206b('0x7')+_0x558df5+_0x206b('0xb')+_0x558df5+'<ix20class=x22iconfontx20icon-shanchux22> </i></span>';if(_0x81fa27[_0x206b('0x3e')]){$(_0x206b('0x59'))['find']('li[data-type=x27keywordsx27]')[_0x206b('0xf')](_0x49001d);}else{$(_0x206b('0x59'))[_0x206b('0x3b')](_0x206b('0x45')+_0x49001d+_0x206b('0x39'));}$(this)['val']('');ajax_data_in();});$(_0x206b('0x4a'))['on']('click',function(){if($(_0x206b('0x21'))['css'](_0x206b('0x57'))!=_0x206b('0x19')){$(_0x206b('0x10'))['css']('float','unset');}else{$('.company-main-new')['css']('float','right');}$('.thumbnail.company-main-new')[_0x206b('0x16')]('col-md-11');$(_0x206b('0x3d'))[_0x206b('0x16')]('col-md-9');$(_0x206b('0x18'))['toggleClass']('col-md-11');$(_0x206b('0x18'))[_0x206b('0x16')]('col-md-9');$('.column_menu')[_0x206b('0x22')](_0x206b('0x2a'));});$(_0x206b('0x9'))['on']('click.column_click','.column_click',function(_0x4d96ab){if(!vpc){novipc('此功能');return![];}$(_0x206b('0x35'))['hide']('200');$(_0x206b('0x43'))[_0x206b('0x2')]('.actives')['removeClass']('actives');$(this)[_0x206b('0x15')](_0x206b('0x23'));if($(this)[_0x206b('0x2')](_0x206b('0x56'))[_0x206b('0x3e')]){window[_0x206b('0x4e')]('/p'+$(this)['data']('value')+'.html');return![];}$(_0x206b('0x59'))[_0x206b('0x2e')]();var _0x341a15=cloneObjectFn(newjson);_0x341a15[_0x206b('0x1a')]=iid;$[_0x206b('0x6')](_0x206b('0x52'),_0x341a15,function(_0x32005d){var _0x1ca80c=eval('('+_0x32005d+')');$(_0x206b('0x36'))['html'](template(_0x206b('0xd'),_0x1ca80c));});ajax_data_in();var _0x1dc0d1='';$['each']($(this)[_0x206b('0x2')](_0x206b('0x2b')),function(_0x2e2692,_0x29972d){_0x1dc0d1+=_0x206b('0x4f');if(_0x2e2692){_0x1dc0d1+='x20x20style=x22margin-top:10px;x22><p>'+$(_0x29972d)[_0x206b('0x5')]()[_0x206b('0x20')](/(^s*)|(s*$)/g,'')+'</p>';}else{_0x1dc0d1+=_0x206b('0x33')+$(_0x29972d)['text']()['replace'](/(^s*)|(s*$)/g,'')+_0x206b('0x5b');}_0x1dc0d1+='</div>';});$('.list-page-info.second')['html'](_0x1dc0d1);$(_0x206b('0x4c'))[_0x206b('0x42')]();$(_0x206b('0x4d'))['removeClass'](_0x206b('0x42'));$('.list-page-info.second')['show']();stopevent(_0x4d96ab);});setScrollBar($('#column_menu'),![]);$(_0x206b('0x9'))['on'](_0x206b('0xc'),_0x206b('0x47'),function(_0x582130){if(!vpc){novipc(_0x206b('0x0'));return![];}$(_0x206b('0x47'))[_0x206b('0x2d')](_0x206b('0x25'));$(this)[_0x206b('0x15')](_0x206b('0x25'));orderfiled=$(this)['attr']('data-value');ajax_data_in();});$(_0x206b('0x9'))['on']('click.logo-box-new',_0x206b('0x55'),function(_0x6cef59){if($(this)['parents']('li')[_0x206b('0x12')]('e')||$(this)['parents']('li')[_0x206b('0x12')]('q')){openname(this,$(this)['parents']('li')['data']('q'),$(this)[_0x206b('0x3c')]('li')[_0x206b('0x12')]('e'));}else{var _0x1ae3bf=$(this)['parents']('li')[_0x206b('0x12')]('d');$[_0x206b('0x1c')]({'name':_0x206b('0x32'),'url':_0x206b('0x1f'),'width':'710','parameters':{'data':_0x1ae3bf},'method':_0x206b('0x6')});}});$(_0x206b('0x1e'))['on'](_0x206b('0x51'),function(){$(_0x206b('0x41'))[_0x206b('0x22')]();});});function ajax_data_in(){if($(_0x206b('0x1d'))[_0x206b('0x3e')]===0x0){$(_0x206b('0x53'))[_0x206b('0x2d')](_0x206b('0x13'));}else{$('#clear_all')['addClass'](_0x206b('0x13'));}var _0x4533dc=cloneObjectFn(newjson);_0x4533dc['cnt']=0x1;var _0x4fefb5=!![];$[_0x206b('0x3')]($('.filter-tag-box')[_0x206b('0x2')]('li'),function(_0x14187c,_0x2bad23){_0x4fefb5=![];_0x4533dc[$(_0x2bad23)[_0x206b('0x12')](_0x206b('0x5a'))]=[];$[_0x206b('0x3')]($(_0x2bad23)[_0x206b('0x2')]('span'),function(_0x1ea4dd,_0x16cbc7){_0x4533dc[$(_0x2bad23)['data'](_0x206b('0x5a'))][_0x1ea4dd]=$(_0x16cbc7)[_0x206b('0x12')]('value');});});_0x4533dc['l']=iids;_0x4533dc['iid']=iid;$['post'](_0x206b('0x40'),_0x4533dc,function(_0x5b8c95){item1=eval('('+_0x5b8c95+')');pag_page(item1[0x1],!![],pageshows);$(_0x206b('0x17'))['text'](item1[0x0]);});}function pageselectCallback(_0x2aa9c8,_0x5033aa){var _0x46d6de=cloneObjectFn(newjson);_0x46d6de['page']=_0x2aa9c8;$[_0x206b('0x3')]($(_0x206b('0x59'))['find']('li'),function(_0x19faab,_0x273336){_0x46d6de[$(_0x273336)[_0x206b('0x12')](_0x206b('0x5a'))]=[];$['each']($(_0x273336)['find'](_0x206b('0xa')),function(_0x3293ae,_0x39f807){_0x46d6de[$(_0x273336)['data']('type')][_0x3293ae]=$(_0x39f807)['data']('value');});});if(orderfiled){_0x46d6de['orderfiled']=orderfiled;}_0x46d6de['l']=iids;_0x46d6de[_0x206b('0x1a')]=iid;requestquerys=$['post'](_0x206b('0x40'),_0x46d6de,function(_0x5ef13f){postdeals(_0x5ef13f);$(_0x206b('0x3f'))['hide']();});}function ajax_data_gj_country_list(){var _0x4277d9=cloneObjectFn(newjson);$[_0x206b('0x6')]('/lvcountry',_0x4277d9,function(_0x619870){var _0x54e27c=eval('('+_0x619870+')');$('#country_menu')[_0x206b('0x38')](template(_0x206b('0xd'),_0x54e27c));});}
5、代码是16进制混淆加密,变量名方法名也完全没有可读性,通过jsjiami工具解密后代码如下,文件具备了一定的可读性,但仍存在大量16进制代码:
var _0x2b21 = ['此功能', '.options-item-list>li.active', 'find', 'each', 'li[data-type='keywords']', 'text', 'post', '" data-text="', '<span data-value="', 'body', 'span', '" class="tag-keywords">', 'click.search_order', 'searchCountryTemplate', 'click.needLogin1', 'append', '.company-main-new', '" class="tag-default">', 'data', 'active-clear', 'hasClass', 'addClass', 'toggleClass', '.total>em', '.company-main.company-main-new', 'none', 'iid', 'data-text', 'openPopupLayer', '.filter-tag-box>li', '.btn_more', '/livedata', 'replace', '#column_menu', 'toggle', 'actives', 'closest', 'active', '.filter-tag-box>li[data-type='keywords']', 'value', 'span.tag-keywords', 'data-value', '500', '.leftmenut', 'keywords', 'removeClass', 'empty', 'atten follow', '.options-item-list', 'trim', 'livePopup', '><h2>', 'follow', '.floating_frame', '#country_menu', '.filter-options-box', 'html', '</li>', '#list_search', 'prepend', 'parents', '.thumbnail.company-main-new', 'length', '.no-data', '/lvinfo', '.moreintro', 'hide', '.column_menu', 'li[data-type='', '<li data-type="keywords">', '"><span data-value="', '.search_order', 'remove', 'attr', '.columnOptions', 'checked', '.list-page-info', '.list-page-info.second', 'open', '<div class="info-line" ', 'li[data-type]', 'click', '/lvcountry', '#clear_all', '/view_follow', '.logo-box-new', '.pdfimg', 'display', 'div.icheckbox_flat-red', '.filter-tag-box', 'type', '</h2>', 'preventDefault'];
var _0x206b = function(_0x2b218a, _0x206b07) {
_0x2b218a = _0x2b218a - 0x0;
var _0x4cc17e = _0x2b21[_0x2b218a];
return _0x4cc17e;
};
ajax_data_in();
var orderfiled = '';
var new_temp = '';
var ccmo = !![];
$(function() {
$('.options-item-list')['on']('click', 'li', function(_0x984f33) {
if (!vpc) {
novipc(_0x206b('0x0'));
return ![];
}
var _0x39ced5 = $(this),
_0x224316 = _0x39ced5['closest']('li[data-type],ul[data-type]'),
_0x4be712 = _0x224316['data']('type'),
_0x800662 = _0x39ced5[_0x206b('0x12')](_0x206b('0x27')),
_0x56a170 = _0x39ced5[_0x206b('0x5')]();
f = $('.filter-tag-box>li[data-type='' + _0x4be712 + '']');
if (_0x39ced5[_0x206b('0x14')](_0x206b('0x25'))) {
_0x39ced5[_0x206b('0x2d')](_0x206b('0x25'));
if (f[_0x206b('0x2')]('span')[_0x206b('0x3e')] == 0x1) {
f[_0x206b('0x48')]();
} else {
f[_0x206b('0x2')]('[data-value="' + _0x800662 + '"]')['remove']();
}
} else {
_0x39ced5[_0x206b('0x15')]('active');
0x0 === f[_0x206b('0x3e')] ? $('.filter-tag-box')['append']('<li data-type="' + _0x4be712 + _0x206b('0x46') + _0x800662 + '" data-text="' + _0x56a170 + '" class="tag-default">' + _0x56a170 + '<i class="iconfont icon-shanchu"> </i></span></li>') : (r = f['find']('[data-value="' + _0x4be712 + '"]'), 0x0 === r[_0x206b('0x3e')] && f[_0x206b('0xf')](_0x206b('0x8') + _0x800662 + '" data-text="' + _0x56a170 + _0x206b('0x11') + _0x56a170 + '<i class="iconfont icon-shanchu"> </i></span>'));
}
ajax_data_in();
});
$('body')['on']('click', 'div.icheckbox_flat-red', function(_0x1fa0d7) {
var _0x35585d = $(this);
if (_0x35585d[_0x206b('0x24')]('li')['index']() === 0x0) {
_0x35585d = $(_0x206b('0x58'));
}
if ($(this)[_0x206b('0x14')](_0x206b('0x4b'))) {
_0x35585d['removeClass'](_0x206b('0x4b'));
} else {
_0x35585d[_0x206b('0x15')](_0x206b('0x4b'));
}
});
$(_0x206b('0x59'))['on']('click', '.icon-shanchu', function(_0x154f5b) {
if ($(this)['closest'](_0x206b('0x50'))[_0x206b('0x12')]('type') == _0x206b('0x2c')) {
if ($(_0x206b('0x59'))[_0x206b('0x2')](_0x206b('0x4'))[_0x206b('0x2')](_0x206b('0x28'))[_0x206b('0x3e')] == 0x1) {
$('.filter-tag-box')['find']('li[data-type='keywords']')['remove']();
} else {
$(this)[_0x206b('0x24')](_0x206b('0x28'))['remove']();
} if ($('.filter-tag-box>li')['length'] === 0x0) {
$('#clear_all')[_0x206b('0x2d')](_0x206b('0x13'));
} else {
$('#clear_all')[_0x206b('0x15')]('active-clear');
}
ajax_data_in();
} else {
$(_0x206b('0x37'))['find'](_0x206b('0x44') + $(this)['closest'](_0x206b('0x50'))['data']('type') + '']')[_0x206b('0x2')](_0x206b('0x30'))['find']('li[data-value='' + $(this)['closest'](_0x206b('0xa'))[_0x206b('0x12')]('value') + '']')[_0x206b('0x51')]();
}
});
$(_0x206b('0x9'))['on']('click.active-clear', '.active-clear', function(_0x1b4ac1) {
_0x1b4ac1[_0x206b('0x5c')]();
if ($(this)[_0x206b('0x14')](_0x206b('0x13'))) {
$(_0x206b('0x1'))[_0x206b('0x2d')](_0x206b('0x25'));
$(this)[_0x206b('0x2d')]('active-clear');
$(_0x206b('0x59'))[_0x206b('0x2e')]();
}
ajax_data_in();
});
$(document)['on'](_0x206b('0xe'), '.needLogin1', function() {
if (!gbid) {
nologin('即可关注');
return ![];
}
var _0x3798a6 = this;
var _0x46af18 = $(_0x3798a6)['find']('span')['hasClass'](_0x206b('0x34')) ? 0x0 : 0x1;
var _0x2fa73a = _0x46af18 ? $(_0x3798a6)[_0x206b('0x49')](_0x206b('0x1b')) : $(_0x3798a6)['attr'](_0x206b('0x29'));
$['post'](_0x206b('0x54'), {
'id': _0x2fa73a,
'flag': _0x46af18
}, function(_0xe137) {
resu = eval('(' + _0xe137 + ')');
if (resu) {
if (_0x46af18) {
$(_0x3798a6)[_0x206b('0x49')]('data-value', resu);
$(_0x3798a6)[_0x206b('0x2')]('span')['attr']({
'title': '已关注',
'class': _0x206b('0x2f'),
'data-value': resu
});
toast('已关注 ' + $(_0x3798a6)[_0x206b('0x49')](_0x206b('0x12')) + ' ,进入用户中心查看已关注企业', 0x1);
} else {
$(_0x3798a6)['attr']('data-value', '');
$(_0x3798a6)[_0x206b('0x2')](_0x206b('0xa'))[_0x206b('0x49')]({
'title': '立即关注',
'class': 'atten nfollow',
'data-value': ''
});
toast('已取消关注 ' + $(_0x3798a6)['attr']('data'), 0x1);
}
}
});
});
$(_0x206b('0x3a'))['on']('keydown', function(_0x35085e) {
if (!vpc) {
novipc('此功能');
return ![];
}
if (0xd !== _0x35085e['keyCode']) return !0x0;
var _0x558df5 = $(this)['val']();
if (!_0x558df5 || $[_0x206b('0x31')](_0x558df5) == '' || $['trim'](_0x558df5)[_0x206b('0x3e')] < 0x2) {
toast('至少2个关键字');
return ![];
}
var _0x81fa27 = $(_0x206b('0x26'));
var _0x49001d = '<span data-value="' + _0x558df5 + _0x206b('0x7') + _0x558df5 + _0x206b('0xb') + _0x558df5 + '<i class="iconfont icon-shanchu"> </i></span>';
if (_0x81fa27[_0x206b('0x3e')]) {
$(_0x206b('0x59'))['find']('li[data-type='keywords']')[_0x206b('0xf')](_0x49001d);
} else {
$(_0x206b('0x59'))[_0x206b('0x3b')](_0x206b('0x45') + _0x49001d + _0x206b('0x39'));
}
$(this)['val']('');
ajax_data_in();
});
$(_0x206b('0x4a'))['on']('click', function() {
if ($(_0x206b('0x21'))['css'](_0x206b('0x57')) != _0x206b('0x19')) {
$(_0x206b('0x10'))['css']('float', 'unset');
} else {
$('.company-main-new')['css']('float', 'right');
}
$('.thumbnail.company-main-new')[_0x206b('0x16')]('col-md-11');
$(_0x206b('0x3d'))[_0x206b('0x16')]('col-md-9');
$(_0x206b('0x18'))['toggleClass']('col-md-11');
$(_0x206b('0x18'))[_0x206b('0x16')]('col-md-9');
$('.column_menu')[_0x206b('0x22')](_0x206b('0x2a'));
});
$(_0x206b('0x9'))['on']('click.column_click', '.column_click', function(_0x4d96ab) {
if (!vpc) {
novipc('此功能');
return ![];
}
$(_0x206b('0x35'))['hide']('200');
$(_0x206b('0x43'))[_0x206b('0x2')]('.actives')['removeClass']('actives');
$(this)[_0x206b('0x15')](_0x206b('0x23'));
if ($(this)[_0x206b('0x2')](_0x206b('0x56'))[_0x206b('0x3e')]) {
window[_0x206b('0x4e')]('/p' + $(this)['data']('value') + '.html');
return ![];
}
$(_0x206b('0x59'))[_0x206b('0x2e')]();
var _0x341a15 = cloneObjectFn(newjson);
_0x341a15[_0x206b('0x1a')] = iid;
$[_0x206b('0x6')](_0x206b('0x52'), _0x341a15, function(_0x32005d) {
var _0x1ca80c = eval('(' + _0x32005d + ')');
$(_0x206b('0x36'))['html'](template(_0x206b('0xd'), _0x1ca80c));
});
ajax_data_in();
var _0x1dc0d1 = '';
$['each']($(this)[_0x206b('0x2')](_0x206b('0x2b')), function(_0x2e2692, _0x29972d) {
_0x1dc0d1 += _0x206b('0x4f');
if (_0x2e2692) {
_0x1dc0d1 += ' style="margin-top:10px;"><p>' + $(_0x29972d)[_0x206b('0x5')]()[_0x206b('0x20')](/(^s*)|(s*$)/g, '') + '</p>';
} else {
_0x1dc0d1 += _0x206b('0x33') + $(_0x29972d)['text']()['replace'](/(^s*)|(s*$)/g, '') + _0x206b('0x5b');
}
_0x1dc0d1 += '</div>';
});
$('.list-page-info.second')['html'](_0x1dc0d1);
$(_0x206b('0x4c'))[_0x206b('0x42')]();
$(_0x206b('0x4d'))['removeClass'](_0x206b('0x42'));
$('.list-page-info.second')['show']();
stopevent(_0x4d96ab);
});
setScrollBar($('#column_menu'), ![]);
$(_0x206b('0x9'))['on'](_0x206b('0xc'), _0x206b('0x47'), function(_0x582130) {
if (!vpc) {
novipc(_0x206b('0x0'));
return ![];
}
$(_0x206b('0x47'))[_0x206b('0x2d')](_0x206b('0x25'));
$(this)[_0x206b('0x15')](_0x206b('0x25'));
orderfiled = $(this)['attr']('data-value');
ajax_data_in();
});
$(_0x206b('0x9'))['on']('click.logo-box-new', _0x206b('0x55'), function(_0x6cef59) {
if ($(this)['parents']('li')[_0x206b('0x12')]('e') || $(this)['parents']('li')[_0x206b('0x12')]('q')) {
openname(this, $(this)['parents']('li')['data']('q'), $(this)[_0x206b('0x3c')]('li')[_0x206b('0x12')]('e'));
} else {
var _0x1ae3bf = $(this)['parents']('li')[_0x206b('0x12')]('d');
$[_0x206b('0x1c')]({
'name': _0x206b('0x32'),
'url': _0x206b('0x1f'),
'width': '710',
'parameters': {
'data': _0x1ae3bf
},
'method': _0x206b('0x6')
});
}
});
$(_0x206b('0x1e'))['on'](_0x206b('0x51'), function() {
$(_0x206b('0x41'))[_0x206b('0x22')]();
});
});
function ajax_data_in() {
if ($(_0x206b('0x1d'))[_0x206b('0x3e')] === 0x0) {
$(_0x206b('0x53'))[_0x206b('0x2d')](_0x206b('0x13'));
} else {
$('#clear_all')['addClass'](_0x206b('0x13'));
}
var _0x4533dc = cloneObjectFn(newjson);
_0x4533dc['cnt'] = 0x1;
var _0x4fefb5 = !![];
$[_0x206b('0x3')]($('.filter-tag-box')[_0x206b('0x2')]('li'), function(_0x14187c, _0x2bad23) {
_0x4fefb5 = ![];
_0x4533dc[$(_0x2bad23)[_0x206b('0x12')](_0x206b('0x5a'))] = [];
$[_0x206b('0x3')]($(_0x2bad23)[_0x206b('0x2')]('span'), function(_0x1ea4dd, _0x16cbc7) {
_0x4533dc[$(_0x2bad23)['data'](_0x206b('0x5a'))][_0x1ea4dd] = $(_0x16cbc7)[_0x206b('0x12')]('value');
});
});
_0x4533dc['l'] = iids;
_0x4533dc['iid'] = iid;
$['post'](_0x206b('0x40'), _0x4533dc, function(_0x5b8c95) {
item1 = eval('(' + _0x5b8c95 + ')');
pag_page(item1[0x1], !![], pageshows);
$(_0x206b('0x17'))['text'](item1[0x0]);
});
}
function pageselectCallback(_0x2aa9c8, _0x5033aa) {
var _0x46d6de = cloneObjectFn(newjson);
_0x46d6de['page'] = _0x2aa9c8;
$[_0x206b('0x3')]($(_0x206b('0x59'))['find']('li'), function(_0x19faab, _0x273336) {
_0x46d6de[$(_0x273336)[_0x206b('0x12')](_0x206b('0x5a'))] = [];
$['each']($(_0x273336)['find'](_0x206b('0xa')), function(_0x3293ae, _0x39f807) {
_0x46d6de[$(_0x273336)['data']('type')][_0x3293ae] = $(_0x39f807)['data']('value');
});
});
if (orderfiled) {
_0x46d6de['orderfiled'] = orderfiled;
}
_0x46d6de['l'] = iids;
_0x46d6de[_0x206b('0x1a')] = iid;
requestquerys = $['post'](_0x206b('0x40'), _0x46d6de, function(_0x5ef13f) {
postdeals(_0x5ef13f);
$(_0x206b('0x3f'))['hide']();
});
}
function ajax_data_gj_country_list() {
var _0x4277d9 = cloneObjectFn(newjson);
$[_0x206b('0x6')]('/lvcountry', _0x4277d9, function(_0x619870) {
var _0x54e27c = eval('(' + _0x619870 + ')');
$('#country_menu')[_0x206b('0x38')](template(_0x206b('0xd'), _0x54e27c));
});
}
6、特别是代码的2-6行,在16进制下看似是一个复杂的运算,通过替换为简单的变量名后,逻辑变得清晰,显然是一个迷惑人的过程,仅实现了对第一行数组的退位,去掉了第0位,并对变量名进行了重新赋值,起到一定的迷惑作用,没有多大意义。
原代码:
var _0x206b = function(_0x2b218a, _0x206b07) {
_0x2b218a = _0x2b218a - 0x0;
var _0x4cc17e = _0x2b21[_0x2b218a];
return _0x4cc17e;
};
替换为可读性高的代码:
var _0x206b = function(vala, valb) {
//原值 = 原值 - 0,意义不大
vala = vala - 0;
//取了一个新的数组值,原来减0是为了退一位数组
var newval = _0x2b21[vala];
return newval;
};
7、这样破解逻辑就变得清晰了,我们先将所有16进制符号替换为10进制,就得到了一个完整的数组引用。
例如:
_0x206b('0x2e') 替换为 _0x206b(46)
_0x206b('0x23') 替换为 _0x206b(35)
_0x206b('0x57') 替换为 _0x206b(87)
8、替换后的代码仍然可读性差,我们再把所有数组引用替换为真实字符串,在代码中找打了以下代码。
function pageselectCallback(_0x2aa9c8, _0x5033aa) {
var _0x46d6de = cloneObjectFn(newjson);
_0x46d6de['page'] = _0x2aa9c8;
$.each($('.filter-tag-box').find('li'), function(_0x19faab, _0x273336) {
_0x46d6de[$(_0x273336).data('type')] = [];
$.each($(_0x273336).find('span'), function(_0x3293ae, _0x39f807) {
_0x46d6de[$(_0x273336).data('type')][_0x3293ae] = $(_0x39f807).data('value');
});
});
if (orderfiled) {
_0x46d6de['orderfiled'] = orderfiled;
}
_0x46d6de['l'] = iids;
_0x46d6de['iid'] = iid;
requestquerys = $.post('/lvinfo', _0x46d6de, function(e) {
postdeals(e);
$('.no-data').hide();
});
}
9、发现在post中还引用了一个postdeals()方法,但在本文件中未找到。最终在common.js中找到了这个方法。
10、找到其中引用的dealgjs()方法。
11、postdeals()方法也仅仅是将接收到的代码简单解构后通过模板引擎输出,关键在于其中引用的dealgjs()方法,通过前述步骤如法炮制,将代码恢复可读性,部分已经被严重混淆无法恢复的代码根据编程经验进行了替换。两个方法的代码如下:
function postdeals(e) {
item1 = eval('(' + e+ ')');
item1s = dealgjs(item1);
$('#list')['html'](template('searchListTemplate', item1)).show();
$('.no-data').hide();
}
function dealgjs(res) {
var ndata = [];
$.each(res['rows'], function(i, val) {
var subdata = [];
subdata = val['title'].split('');
var qa = subdata[nums_conf[val['a']]];
subdata[nums_conf[val['a']]] = subdata[nums_conf[val['b']]];
subdata[nums_conf[val['b']]] = qa;
val['title'] = subdata.join('');
ndata.push(val);
});
return ndata;
}
12、在循环中主要对title、a、b字段进行处理,其中似乎引用了nums_conf这个数组,但本文件中没有找到这个数组,最终在其他文件中找到,数组如下:
nums_conf = {"06DR":0,"06DS":1,"06DT":2,"06DU":3,"06DV":4,"06D6":5,"06D7":6,"06DH":7,"06DE":8,"06DL":9};
13、结合第一步中获取到的返回信息,将数组引入后代码如下:
function dealgjs(res) {
var ndata = [];
//循环输出
$.each(res['rows'], function(i, val) {
//定义一个新数组
var subdata = [];
//将title字段的字符打散为数组
subdata = val['title'].split('');
//将subdata数组中a位置的值赋给qa
var qa = subdata[nums_conf[val['a']]];
//将subdata数组中b位置的值覆盖到a位置
subdata[nums_conf[val['a']]] = subdata[nums_conf[val['b']]];
//将qa(a位置暂存过来的)的值赋给subdata数组b位置
subdata[nums_conf[val['b']]] = qa;
//subdata数组拼接为字符串覆盖title字段
val['title'] = subdata.join('');
//推回数组
ndata.push(val);
});
return ndata;
}
14、组合一段代码进行验证,可以看到成功解出了正确的公司名:
15、接下来就可以在抓取过程中通过以上加密方法解密。
平台接口还存在其他干扰方法,由于相对简单不再记录。