逆向目标
- 网站:
https://www.fastmoss.com/shop-marketing/tiktok
- 接口:
https://www.fastmoss.com/api/shop/shopList/
- 参数:
fm-sign
逆向分析
我们今天要分析的是店铺排名,先分析网络请求,找到目标接口
按照上图操作Copy as cURL
,将curl
转为 python request
直接分析测试 python
代码,加密点只能是 cookie
或 fm-sign参数
,先来测试 cookie
,代码里直接设置为 None
然后运行依然可以拿到请求结果,说明加密和 cookie
无关,那就只能是 fm-sign
参数了,如下
import requestsheaders = {"fm-sign": "479f735a55570d174198e5c1ce93f515","lang": "EN_US","priority": "u=1, i","referer": "https://www.fastmoss.com/shop-marketing/tiktok","region": "US","user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36"
}
url = "https://www.fastmoss.com/api/shop/shopList/"
params = {"page": "1","pagesize": "10","order": "1,2","region": "US","_time": "1727184797","cnonce": "57869802"
}
response = requests.get(url, headers=headers, cookies=None, params=params)print(response.json())
逆向过程
搜索关键词 fm-sign
跟进去打上断点并刷新网页
p = m.encryptParams({...d}, h);
i["fm-sign"] = p
加密入口我门找到了,跟进去看下
把这个函数拷贝到本地执行
window = global;
function encryptParams(e) {let t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : "", n = window.Object.keys(e).sort(), o = "";n.forEach(t => {o += t + e[t] + this.salt});let r = d()(o + t).toString(), a = "", i = 0, l = r.length - 1;for (; i < r.length && !(i >= l); i++,l--)a += (window.parseInt(r[i], 16) ^ window.parseInt(r[l], 16)).toString(16);return a + r.substring(i)
}
var e = {"page": 1,"pagesize": 10,"order": "1,2","region": "US","_time": 1727185503,"cnonce": 83043105
};
var result = encryptParams(e);
console.log(result);
执行报错 let r = d()(o + t).toString() ^ReferenceError: d is not defined
,我们去网站执行到这步分析
r是 32位
的 16进制
字符串,猜测大概率是 md5
值,我们直接来验证下有没有魔改,分别在网页上和本地对字符串 1
做 md5
,然后比较结果
// 网站求 md5 值
d()('1').toString()
>> c4ca4238a0b923820dcc509a6f75849b
// 本地求 md5 值
var CryptoJS = require("crypto-js");
console.log(CryptoJS.MD5('1').toString());
>> c4ca4238a0b923820dcc509a6f75849b
网页和本地结果一致,说明网站的 md5
方法是没有魔改的标准方法,到这几 fm-sign
就分析完了,我们直接使用 CryptoJS.MD5
替换 d()
方法即可
逆向总结
完整的 js
代码如下
var CryptoJS = require("crypto-js");
window = global;
this.salt = "asjdfoaur3ur829322";
function encryptParams(e) {let t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : "", n = window.Object.keys(e).sort(), o = "";n.forEach(t => {o += t + e[t] + this.salt});let r = CryptoJS.MD5(o + t).toString(), a = "", i = 0, l = r.length - 1;for (; i < r.length && !(i >= l); i++,l--)a += (window.parseInt(r[i], 16) ^ window.parseInt(r[l], 16)).toString(16);return a + r.substring(i)
}
var e = {"page": 1,"pagesize": 10,"order": "1,2","region": "US","_time": 1727185503,"cnonce": 83043105
};
var result = encryptParams(e);
console.log(result);
原创声明:未经许可,不得转载。
如有侵权,请联系作者删除删除