看漫画漫画柜mhgui，Python爬虫之神奇的eval，附赠一个压缩模块

看漫画漫画柜mhgui，Python爬虫之神奇的eval，附赠一个压缩模块

@[toc]

⛳️ 看漫画漫画柜 mhgui 实战分析

m，其余参数都比较容易猜到其含义。

%E7%AC%AC01%E8%AF%9D：第一话； e：时间戳。

window["\x65\x76\x61\x6c"](function(i, k, a, n, m, an) { m = function(a) { return (a < k ? "" : m(window["\x70\x61\x72\x73\x65\x49\x6e\x74"](a / k))) + ((a = a % k) > 35 ? window["\x53\x74\x72\x69\x6e\x67"]["\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65"](a + 29) : a["\x74\x6f\x53\x74\x72\x69\x6e\x67"](36)) } ; if (!''["\x72\x65\x70\x6c\x61\x63\x65"](/^/, window["\x53\x74\x72\x69\x6e\x67"])) { while (a--) an[m(a)] = n[a] || m(a); n = [function(m) { return an[m] } ]; m = function() { return '\\\x77\x2b' } ; a = 1 } ;while (a--) if (n[a]) i = i["\x72\x65\x70\x6c\x61\x63\x65"](new window["\x52\x65\x67\x45\x78\x70"]('\\\x62' + m(a) + '\\\x62','\x67'), n[a]); return i }('\x72 \x41\x3d\x28\x78\x28\x29\x7b\x72 \x6c\x69\x74"]('\x7c'), 0, {}));

别看上述代码长，但是当我使用在线工具解密之后，得到了下面一段代码。

function(f){return LZString.decompressFromBase64(this).split(f)}

但是这里并没有前文的关键字参数 m=T-uqjbcgI-eyVGgsIsnjLw，接下来我们在源码中查看一下，看是否存在关键性信息。

得到的代码段如下所示

window["\x65\x76\x61\x6c"]( (function (p, a, c, k, e, d) { e = function (c) { return ( (c < a ? "" : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36)) ); }; if (!"".replace(/^/, String)) { while (c--) d[e(c)] = k[c] || e(c); k = [ function (e) { return d[e]; }, ]; e = function () { return "\\w+"; }; c = 1; } while (c--) if (k[c]) p = p.replace(new RegExp("\\b" + e(c) + "\\b", "g"), k[c]); return p; })( 'U.k({"F":i,"E":"D","C":"i.a","B":A,"z":"f","y":["1.a.b","2.a.b","3.a.b","4.a.b","5.a.b","6.a.b","7.a.b","8.a.b","9.a.b","%x%w%v%c%t%G%d%g%h%r.4.1%q.a.b","%p%j%o%c%j%n%c%l%I%d%H%P%d%g%h.a.b"],"J":W,"Y":11,"Z":"/12/u/X/V/f/","10":1,"S":"","R":Q,"O":0,"N":{"e":M,"m":"T-L-K"}}).s();', 62, 65, "D41hWAODmwO4FMBGlgFECs6CcJA03gAwCMgu9HACCRwAQlgMzbYBMVAHNcAJYC20AIgEMALgOCtWIbADFg2DmgBswJriasWwSACcEASQB2nIbLqSAwjT7oALMABmnADYIAzsADG+gdwTAMGVgB2YI9OABNgFE53YEBIm0ANvMAQt0BavUBbtUivH0jwsTYsViUHQxcACwQIhABPADUAcWgXXRd9cAAZOGAAVwBHcCR3aF1gIgUMayY6AgJrJRdHTR0AN10I1it/IMCJfQQADyEVyMcAe3cAawB9dxjgAGUAWQAJD24woUr7AUcXXyJAtUCwGc+k0whKwBcIiEnTcmhcRCAA="[ "\x73\x70\x6c\x69\x63" ]("\x7c"), 0, {} ) );

此时关键信息逐渐出现，我们重点解密该代码段即可。

console.log('\x65\x76\x61\x6c') 16:42:45.372 VM251:1 eval

function(f){return LZString.decompressFromBase64(this).split(f)}

可以试着用 Python 解密一下上述代码段，而且 Python 中恰好有同名第三方模块。

pip install lzstring

直接解密加密字符串即可。

import lzstring x = lzstring.LZString() decompressed = x.decompressFromBase64( 'D41hWAODmwO4FMBGlgF加密字符串AA=') print(decompressed)

得到的信息如下所示，变得越来越清楚了。

||||||||||jpg|webp|E5|E9||第01话|A1|B5|39921|8B|imgData|88||9F|9B|E6|29|2821|preInit|93||9C|BD|E4|files|cname|558777|cid|bpic|沉默的庭园|bname|bid|81|85|86|finished|eyVGgsIsnjLw|uqjbcgI|1654230046|sl|prevId|8D|558778|nextId|block_cc||S MH|cmdty|false|17287|len|path|status||ps1

将 lzstring 解密字符串，然后手动使用 split 函数进行分隔，因为上述代码 \x73\x70\x6c\x69\x63 解析出来竟然是 splic 函数。

谷歌开发者工具的控制台中运行下述代码即可。

"||||||||||jpg|webp|E5|E9||第01话|A1|B5|39921|8B|imgData|88||9F|9B|E6|29|2821|preInit|93||9C|BD|E4|files|cname|558777|cid|bpic|沉默的庭园|bname|bid|81|85|86|finished|eyVGgsIsnjLw|uqjbcgI|1654230046|sl|prevId|8D|558778|nextId|block_cc||SMH|cmdty|false|17287|len|path|status||ps1".split( "|" );

得到的信息如下所示。

[ "", "", "", "", "", "", "", "", "", "", "jpg", "webp", "E5", "E9", "", "第01话", "A1", "B5", "39921", "8B", "imgData", "88", "", "9F", "9B", "E6", "29", "2821", "preInit", "93", "", "9C", "BD", "E4", "files", "cname", "558777", "cid", "bpic", "沉默的庭园", "bname", "bid", "81", "85", "86", "finished", "eyVGgsIsnjLw", "uqjbcgI", "1654230046", "sl", "prevId", "8D", "558778", "nextId", "block_cc", "", "SMH", "cmdty", "false", "17287", "len", "path", "status", "", "ps1", ];

然后将其替换到上述 JS 中，使用解密工具直接在线解析。

SMH.imgData({ bid: 39921, bname: "沉默的庭园", bpic: "39921.jpg", cid: 558777, cname: "第01话", files: [ "1.jpg.webp", "2.jpg.webp", "3.jpg.webp", "4.jpg.webp", "5.jpg.webp", "6.jpg.webp", "7.jpg.webp", "8.jpg.webp", "9.jpg.webp", "%E4%BD%9C%E5%93%81%E9%A1%B5%2821.4.1%29.jpg.webp", "%E6%8B%9B%E5%8B%9F%E5%88%86%E9%85%8D%E9%A1%B5.jpg.webp", ], finished: false, len: 11, path: "/ps1/u/17287/cmdty/第01话/", status: 1, block_cc: "", nextId: 558778, prevId: 0, sl: { e: 1654230046, m: "T-uqjbcgI-eyVGgsIsnjLw" }, }).preInit();

此时，一些关键参数都已经得到了，例如 e 的值，m 的值。

接下来的 Python 编码就变的索然无味 了，大家加油~

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。