爬虫入门到放弃系列07:js混淆、eval加密、字体加密三大反爬技术
前言
如果再说IP请求次数检测、验证码这种最常见的反爬虫技术,可能大家听得耳朵都出茧子了。当然,也有的同学写了了几天的爬虫,觉得爬虫太简单、没有啥挑战性。所以特地找了三个有一定难度的网站,希望可以有兴趣的手动实践一下。
此篇文章只作知识扩展和思路引导,其中涉及的网站反爬技术,仅做技术学习探讨。
字体加密
字体加密总结成一句话:你看到的不是你看到的。
地址
猫眼电影:https://maoyan.com/films/343568
问题还原
最近的哥斯拉大战金刚看了没啊,好看不,评分高不高,票房多少了?让我们去猫眼看一看吧。
这一看问题就来了:为什么评分和票房在源码里都是”口口”?在页面中看到的评分和票房去哪儿了?
追根溯源
话不多说,先看源码:
看完更疑问了,这个&#x又是啥?这个其实是html中的转义序列,表示后面跟着的是十六进制,处理后在控制台打印一下,如图:
这些数字和票房目前是一分钱关系都没有。那就想办法让他们有所关联。
从网页中找到了以下代码:
其实这就是在css中使用@font-face通过woff文件自定义了字体,源码中的十六进制数字必须通过这个字体映射才能正确显示。就像UTF-8和GBK的关系,编码和解码一致才不会出现乱码。
这里我将woff字体文件下载到本地并用工具打开。
从网页上看到票房是5.74亿,这里就主要关注数字5。从上图可以看出5对应的是glyph11。
使用工具将woff文件转换成xml格式:
glyph11对应的是id=11的glyph,其对应的name为uniE8CD。接着在xml中找到uniE8CD对应的十六进制:
如图,uniE8CD对应的是0xe8cd,也就是说数字5对应的是0xe8cd,正是在控制台输出的第一个数字。
eval() & JS加密
js被加密后放在eval()中执行。如果想还原js,在开发者控制台使用console.log()输出解密后的js。因为不论是eval()还是log(),js解析执行最终都依赖于浏览器内核。
地址
TV猫:https://www.tvmao.com/program/CCTV
问题还原
在频道剧集页,分为早间、午间、晚间节目。如图:
在发起请求获取频道剧集数据的时候,发现返回内容只有早间节目数据,12点以后的剧集数据获取不到。
查看网页源码:
追根溯源
我们在控制台的请求中,搜索网页中的关键字”熊熊乐园”,害,果不其然,还真搜着了。
这个响应结果是一个数组,下标0代表标志位:1代表获取到了数据,0代表没有获取到数据;下标1是数据位,对应接口的返回数据。
解析此响应结果的代码比较繁杂,需要对多余内容进行替换。
代码如下:
其实上面代码它并不重要!!接着我们顺着网线去看他的请求部分:
从请求头中可以看出,请求就一个参数p,1、2、3… 整整186位,你看这个参数它又长悠长,像那寂寥的雨巷。虽然等不来那撑着油纸伞的姑娘,但是至少可以先看看这个参数p是怎么生成的。
在搜索框搜索api和pg关键字,找到下面代码:
别管其他,带有ajax字样十有八九就是ajax请求了,参数p的值是变量a,在生成变量a的代码处设置断点,点击页面中的”查看更多”按钮触发断点,接着进入A.d()方法:
往上翻,查看js上部分:
其实到这里就已经可以结束了,你看在d()中又调用了w(),w()也调用了A中其他方法,将这个js中方法调用链搞清楚,将每个方法代码都内联起来,最后计算出参数p,就可以了。
那么,说好的eval呢,说好的加密的js呢?
少侠莫慌,这就带您继续看下去。如果你仔细看,你就会发现上面的js的文件名是匿名/临时的,所以说这不是网站原有的js文件,而是浏览器内核解析后的js。
那该怎么找到原来的js文件?
不知少侠可知搜索功能,你看上面的js中有keyStr这个关键字,咱不妨搜索一波。
这不,如图,eval()有了,加密js也有了,拷贝成文本如下:
eval(function(h, b, i, d, g, f) {
g = function(a) {
return (a < b ? "" : g(parseInt(a / b))) + ((a = a % b) > 35 ? String.fromCharCode(a + 29) : a.toString(36))
}
;
if (!"".replace(/^/, String)) {
while (i--) {
f[g(i)] = d[i] || g(i)
}
d = [function(a) {
return f[a]
}
];
g = function() {
return "\\w+"
}
;
i = 1
}
while (i--) {
if (d[i]) {
h = h.replace(new RegExp("\\b" + g(i) + "\\b","g"), d[i])
}
}
return h
}(\'5 A={z:"1o+/=",1b:"1l=1k",J:j(a){5 b="";5 c,L,M,14,16,O,N;5 i=0;a=A.1g(a);1t(i<a.R){c=a.S(i++);L=a.S(i++);M=a.S(i++);14=c>>2;16=((c&3)<<4)|(L>>4);O=((L&15)<<2)|(M>>6);N=M&Q;9(1f(L)){O=N=18}K 9(1f(M)){N=18}b=b+y.z.C(14)+y.z.C(16)+y.z.C(O)+y.z.C(N)}8 b},H:j(a){a=a.1G();5 b=\\'\\';Z(5 i=0;i<a.R;i++){b+=y.1b[a.C(i)]}Z(5 i=0;i<a.R;i++){b+=y.z[a.C(i)]}8 b},1g:j(a){a=a.1B(/\\r\\n/g,"\\n");5 b="";Z(5 n=0;n<a.R;n++){5 c=a.S(n);9(c<P){b+=I.G(c)}K 9((c>1x)&&(c<1w)){b+=I.G((c>>6)|1q);b+=I.G((c&Q)|P)}K{b+=I.G((c>>12)|1p);b+=I.G(((c>>6)&Q)|P);b+=I.G((c&Q)|P)}}8 b},E:j(a){$(\\':U[V="19"]\\',a).10(A.J(\\'l\\'+$(".19",a).10()+\\'o\\'))},B:j(a){5 b=(1c 1d()).1i();9(a!=m)8 A.J(a+\\'|\\'+b);K 8 A.J(\\'\\'+b)},e:j(u){5 x=1;5 f=$(\\'T\\').13();5 a=f.W("U[11=\\'1j\\']");9(a!=m){x=2}K 9(u!=m){x=u}9(f==m)8 x;8 f.D(\\'a\\')},c:j(e){5 v;5 f=$(\\'T\\').13();9(f==m)8"";5 s=f.W("*[17=\\'1m\\']");9(s==m){v=f.W("U[11=\\'1n\\']");9(v==m)8"";v=e}v=s.D(\\'Y\\');8 v},d:j(p,h){5 v=A.w(h);5 a=$("1r.1s");5 x=a||p;9(a!=m){x=h||$("s.1h")}x=A.c();5 b=1c 1d();5 c=b.1u();5 d=b.1v();5 i=d==0?7:d;i=i*i;5 F=y.z.C(i);8 F+A.J(x+"|"+A.e(p))+v},w:j(v){5 t=$("1y");5 a="|";9(t==m){X="/"}K{X=v}5 r=A.J(a+k(X));8 r},s:j(a,b){5 c=y.z.C(1z);8 A.J(c+a)}};5 k=j(a){5 f=$(\\'T\\').13();9(f==m)8"";5 b=f.D(\\'Y\\');9(b==m)f.D(\\'Y\\',a);8 f.D(\\'q\\')};$(j(){5 b=$(\\'<U 17="1A" V="1a"/>\\');b.10(A.B());$(\\'T[V="1C"]\\').1D(b);$(\\'a[11^="1E"]\\').1F(j(){5 a=$(y).D("1e")+"&1a="+1H(A.B());$(y).D("1e",a)})});\', 62, 106, "|||||var|||return|if||||||||||function|||undefined||||||||||||this|_keyStr|||charAt|attr|||fromCharCode||String||else|chr2|chr3|enc4|enc3|128|63|length|charCodeAt|form|input|name|find|tl|id|for|val|class||first|enc1||enc2|type|64|ed|ek|_keyStr2|new|Date|href|isNaN|_C|fix1|getTime|baidu|DVGO|KQMFS|submit|qq|ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789|224|192|div|fix|while|getUTCDate|getDay|2048|127|head|37|hidden|replace|frmlogin|append|by|each|toString|encodeURIComponent".split("|"), 0, {}))
在控制台中将eval()中的加密js使用console.log()打印出来,结果和之前的匿名js一样。
如图:
setCookie & 混淆加密
其实setCookie是一个js混淆加密,但是我之所以叫他setCookie,是因为它的代码起点和核心围绕着一个setCookie函数。
地址
智联招聘:https://jobs.zhaopin.com/beijing
问题还原
当对上面网址发起请求,发现返回的网页内容是一堆看不懂的”乱码”。
如图:
这里我把响应内容复制了出来,供大家阅读。
<html><script src="//aeu.alicdn.com/waf/antidomxss.js"></script><script>
var arg1=\'7CF8FE6084F244597FE93D42AFEB6C2ED7029D82\';
var _0x4818=[\'\x63\x73\x4b\x48\x77\x71\x4d\x49\',\'\x5a\x73\x4b\x4a\x77\x72\x38\x56\x65\x41\x73\x79\',\'\x55\x63\x4b\x69\x4e\x38\x4f\x2f\x77\x70\x6c\x77\x4d\x41\x3d\x3d\',\'\x4a\x52\x38\x43\x54\x67\x3d\x3d\',\'\x59\x73\x4f\x6e\x62\x53\x45\x51\x77\x37\x6f\x7a\x77\x71\x5a\x4b\x65\x73\x4b\x55\x77\x37\x6b\x77\x58\x38\x4f\x52\x49\x51\x3d\x3d\',\'\x77\x37\x6f\x56\x53\x38\x4f\x53\x77\x6f\x50\x43\x6c\x33\x6a\x43\x68\x4d\x4b\x68\x77\x36\x48\x44\x6c\x73\x4b\x58\x77\x34\x73\x2f\x59\x73\x4f\x47\',\'\x66\x77\x56\x6d\x49\x31\x41\x74\x77\x70\x6c\x61\x59\x38\x4f\x74\x77\x35\x63\x4e\x66\x53\x67\x70\x77\x36\x4d\x3d\',\'\x4f\x63\x4f\x4e\x77\x72\x6a\x43\x71\x73\x4b\x78\x54\x47\x54\x43\x68\x73\x4f\x6a\x45\x57\x45\x38\x50\x63\x4f\x63\x4a\x38\x4b\x36\',\'\x55\x38\x4b\x35\x4c\x63\x4f\x74\x77\x70\x56\x30\x45\x4d\x4f\x6b\x77\x34\x37\x44\x72\x4d\x4f\x58\',\'\x48\x4d\x4f\x32\x77\x6f\x48\x43\x69\x4d\x4b\x39\x53\x6c\x58\x43\x6c\x63\x4f\x6f\x43\x31\x6b\x3d\',\'\x61\x73\x4b\x49\x77\x71\x4d\x44\x64\x67\x4d\x75\x50\x73\x4f\x4b\x42\x4d\x4b\x63\x77\x72\x72\x43\x74\x6b\x4c\x44\x72\x4d\x4b\x42\x77\x36\x34\x64\',\'\x77\x71\x49\x6d\x4d\x54\x30\x74\x77\x36\x52\x4e\x77\x35\x6b\x3d\',\'\x44\x4d\x4b\x63\x55\x30\x4a\x6d\x55\x77\x55\x76\',\'\x56\x6a\x48\x44\x6c\x4d\x4f\x48\x56\x63\x4f\x4e\x58\x33\x66\x44\x69\x63\x4b\x4a\x48\x51\x3d\x3d\',\'\x77\x71\x68\x42\x48\x38\x4b\x6e\x77\x34\x54\x44\x68\x53\x44\x44\x67\x4d\x4f\x64\x77\x72\x6a\x43\x6e\x63\x4f\x57\x77\x70\x68\x68\x4e\x38\x4b\x43\x47\x63\x4b\x71\x77\x36\x64\x48\x41\x55\x35\x2b\x77\x72\x67\x32\x4a\x63\x4b\x61\x77\x34\x49\x45\x4a\x63\x4f\x63\x77\x72\x52\x4a\x77\x6f\x5a\x30\x77\x71\x46\x39\x59\x67\x41\x56\',\'\x64\x7a\x64\x32\x77\x35\x62\x44\x6d\x33\x6a\x44\x70\x73\x4b\x33\x77\x70\x59\x3d\',\'\x77\x34\x50\x44\x67\x63\x4b\x58\x77\x6f\x33\x43\x6b\x63\x4b\x4c\x77\x72\x35\x71\x77\x72\x59\x3d\',\'\x77\x72\x4a\x4f\x54\x63\x4f\x51\x57\x4d\x4f\x67\',\'\x77\x71\x54\x44\x76\x63\x4f\x6a\x77\x34\x34\x37\x77\x72\x34\x3d\',\'\x77\x35\x58\x44\x71\x73\x4b\x68\x4d\x46\x31\x2f\',\'\x77\x72\x41\x79\x48\x73\x4f\x66\x77\x70\x70\x63\',\'\x4a\x33\x64\x56\x50\x63\x4f\x78\x4c\x67\x3d\x3d\',\'\x77\x72\x64\x48\x77\x37\x70\x39\x5a\x77\x3d\x3d\',\'\x77\x34\x72\x44\x6f\x38\x4b\x6d\x4e\x45\x77\x3d\',\'\x49\x4d\x4b\x41\x55\x6b\x42\x74\',\'\x77\x36\x62\x44\x72\x63\x4b\x51\x77\x70\x56\x48\x77\x70\x4e\x51\x77\x71\x55\x3d\',\'\x64\x38\x4f\x73\x57\x68\x41\x55\x77\x37\x59\x7a\x77\x72\x55\x3d\',\'\x77\x71\x6e\x43\x6b\x73\x4f\x65\x65\x7a\x72\x44\x68\x77\x3d\x3d\',\'\x55\x73\x4b\x6e\x49\x4d\x4b\x57\x56\x38\x4b\x2f\',\'\x77\x34\x7a\x44\x6f\x63\x4b\x38\x4e\x55\x5a\x76\',\'\x63\x38\x4f\x78\x5a\x68\x41\x4a\x77\x36\x73\x6b\x77\x71\x4a\x6a\',\'\x50\x63\x4b\x49\x77\x34\x6e\x43\x6b\x6b\x56\x62\',\'\x4b\x48\x67\x6f\x64\x4d\x4f\x32\x56\x51\x3d\x3d\',\'\x77\x70\x73\x6d\x77\x71\x76\x44\x6e\x47\x46\x71\',\'\x77\x71\x4c\x44\x74\x38\x4f\x6b\x77\x34\x63\x3d\',\'\x77\x37\x77\x31\x77\x34\x50\x43\x70\x73\x4f\x34\x77\x71\x41\x3d\',\'\x77\x71\x39\x46\x52\x73\x4f\x71\x57\x4d\x4f\x71\',\'\x62\x79\x42\x68\x77\x37\x72\x44\x6d\x33\x34\x3d\',\'\x4c\x48\x67\x2b\x53\x38\x4f\x74\x54\x77\x3d\x3d\',\'\x77\x71\x68\x4f\x77\x37\x31\x35\x64\x73\x4f\x48\',\'\x55\x38\x4f\x37\x56\x73\x4f\x30\x77\x71\x76\x44\x76\x63\x4b\x75\x4b\x73\x4f\x71\x58\x38\x4b\x72\',\'\x59\x69\x74\x74\x77\x35\x44\x44\x6e\x57\x6e\x44\x72\x41\x3d\x3d\',\'\x59\x4d\x4b\x49\x77\x71\x55\x55\x66\x67\x49\x6b\',\'\x61\x42\x37\x44\x6c\x4d\x4f\x44\x54\x51\x3d\x3d\',\'\x77\x70\x66\x44\x68\x38\x4f\x72\x77\x36\x6b\x6b\',\'\x77\x37\x76\x43\x71\x4d\x4f\x72\x59\x38\x4b\x41\x56\x6b\x35\x4f\x77\x70\x6e\x43\x75\x38\x4f\x61\x58\x73\x4b\x5a\x50\x33\x44\x43\x6c\x63\x4b\x79\x77\x36\x48\x44\x72\x51\x3d\x3d\',\'\x77\x6f\x77\x2b\x77\x36\x76\x44\x6d\x48\x70\x73\x77\x37\x52\x74\x77\x6f\x39\x38\x4c\x43\x37\x43\x69\x47\x37\x43\x6b\x73\x4f\x52\x54\x38\x4b\x6c\x57\x38\x4f\x35\x77\x72\x33\x44\x69\x38\x4f\x54\x48\x73\x4f\x44\x65\x48\x6a\x44\x6d\x63\x4b\x6c\x4a\x73\x4b\x71\x56\x41\x3d\x3d\',\'\x4e\x77\x56\x2b\',\'\x77\x37\x48\x44\x72\x63\x4b\x74\x77\x70\x4a\x61\x77\x70\x5a\x62\',\'\x77\x70\x51\x73\x77\x71\x76\x44\x69\x48\x70\x75\x77\x36\x49\x3d\',\'\x59\x4d\x4b\x55\x77\x71\x4d\x4a\x5a\x51\x3d\x3d\',\'\x4b\x48\x31\x56\x4b\x63\x4f\x71\x4b\x73\x4b\x31\',\'\x66\x51\x35\x73\x46\x55\x6b\x6b\x77\x70\x49\x3d\',\'\x77\x72\x76\x43\x72\x63\x4f\x42\x52\x38\x4b\x6b\',\'\x4d\x33\x77\x30\x66\x51\x3d\x3d\',\'\x77\x36\x78\x58\x77\x71\x50\x44\x76\x4d\x4f\x46\x77\x6f\x35\x64\'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0[\'\x70\x75\x73\x68\'](_0x4c97f0[\'\x73\x68\x69\x66\x74\']());}};var _0x3cd6c6=function(){var _0xb8360b={\'\x64\x61\x74\x61\':{\'\x6b\x65\x79\':\'\x63\x6f\x6f\x6b\x69\x65\',\'\x76\x61\x6c\x75\x65\':\'\x74\x69\x6d\x65\x6f\x75\x74\'},\'\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65\':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+\'\x3d\'+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34[\'\x6c\x65\x6e\x67\x74\x68\'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+=\'\x3b\x20\'+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34[\'\x70\x75\x73\x68\'](_0xd79219);_0x178627=_0x20bf34[\'\x6c\x65\x6e\x67\x74\x68\'];if(_0xd79219!==!![]){_0xba82f0+=\'\x3d\'+_0xd79219;}}_0x5e8b26[\'\x63\x6f\x6f\x6b\x69\x65\']=_0xba82f0;},\'\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65\':function(){return\'\x64\x65\x76\';},\'\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65\':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp(\'\x28\x3f\x3a\x5e\x7c\x3b\x20\x29\'+_0x189946[\'\x72\x65\x70\x6c\x61\x63\x65\'](/([.$?*|{}()[]\/+^])/g,\'\x24\x31\')+\'\x3d\x28\x5b\x5e\x3b\x5d\x2a\x29\'));var _0x52d57c=function(_0x105f59,_0x3fd789){_0x105f59(++_0x3fd789);};_0x52d57c(_0x4db1c,_0x1742fd);return _0x25af93?decodeURIComponent(_0x25af93[0x1]):undefined;}};var _0x4a2aed=function(){var _0x124d17=new RegExp(\'\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d\');return _0x124d17[\'\x74\x65\x73\x74\'](_0xb8360b[\'\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65\'][\'\x74\x6f\x53\x74\x72\x69\x6e\x67\']());};_0xb8360b[\'\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65\']=_0x4a2aed;var _0x2d67ec=\'\';var _0x120551=_0xb8360b[\'\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65\']();if(!_0x120551){_0xb8360b[\'\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65\']([\'\x2a\'],\'\x63\x6f\x75\x6e\x74\x65\x72\',0x1);}else if(_0x120551){_0x2d67ec=_0xb8360b[\'\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65\'](null,\'\x63\x6f\x75\x6e\x74\x65\x72\');}else{_0xb8360b[\'\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65\']();}};_0x3cd6c6();}(_0x4818,0x15b));var _0x55f3=function(_0x4c97f0,_0x1742fd){var _0x4c97f0=parseInt(_0x4c97f0,0x10);var _0x48181e=_0x4818[_0x4c97f0];if(!_0x55f3[\'\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64\']){(function(){var _0xdf49c6=Function(\'\x72\x65\x74\x75\x72\x6e\x20\x28\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x28\x29\x20\'+\'\x7b\x7d\x2e\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72\x28\x22\x72\x65\x74\x75\x72\x6e\x20\x74\x68\x69\x73\x22\x29\x28\x29\'+\'\x29\x3b\');var _0xb8360b=_0xdf49c6();var _0x389f44=\'\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x2b\x2f\x3d\';_0xb8360b[\'\x61\x74\x6f\x62\']||(_0xb8360b[\'\x61\x74\x6f\x62\']=function(_0xba82f0){var _0xec6bb4=String(_0xba82f0)[\'\x72\x65\x70\x6c\x61\x63\x65\'](/=+$/,\'\');for(var _0x1a0f04=0x0,_0x18c94e,_0x41b2ff,_0xd79219=0x0,_0x5792f7=\'\';_0x41b2ff=_0xec6bb4[\'\x63\x68\x61\x72\x41\x74\'](_0xd79219++);~_0x41b2ff&&(_0x18c94e=_0x1a0f04%0x4?_0x18c94e*0x40+_0x41b2ff:_0x41b2ff,_0x1a0f04++%0x4)?_0x5792f7+=String[\'\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65\'](0xff&_0x18c94e>>(-0x2*_0x1a0f04&0x6)):0x0){_0x41b2ff=_0x389f44[\'\x69\x6e\x64\x65\x78\x4f\x66\'](_0x41b2ff);}return _0x5792f7;});}());_0x55f3[\'\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64\']=!![];}if(!_0x55f3[\'\x72\x63\x34\']){var _0x232678=function(_0x401af1,_0x532ac0){var _0x45079a=[],_0x52d57c=0x0,_0x105f59,_0x3fd789=\'\',_0x4a2aed=\'\';_0x401af1=atob(_0x401af1);for(var _0x124d17=0x0,_0x1b9115=_0x401af1[\'\x6c\x65\x6e\x67\x74\x68\'];_0x124d17<_0x1b9115;_0x124d17++){_0x4a2aed+=\'\x25\'+(\'\x30\x30\'+_0x401af1[\'\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74\'](_0x124d17)[\'\x74\x6f\x53\x74\x72\x69\x6e\x67\'](0x10))[\'\x73\x6c\x69\x63\x65\'](-0x2);}_0x401af1=decodeURIComponent(_0x4a2aed);for(var _0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x45079a[_0x2d67ec]=_0x2d67ec;}for(_0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec]+_0x532ac0[\'\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74\'](_0x2d67ec%_0x532ac0[\'\x6c\x65\x6e\x67\x74\x68\']))%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;}_0x2d67ec=0x0;_0x52d57c=0x0;for(var _0x4e5ce2=0x0;_0x4e5ce2<_0x401af1[\'\x6c\x65\x6e\x67\x74\x68\'];_0x4e5ce2++){_0x2d67ec=(_0x2d67ec+0x1)%0x100;_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec])%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;_0x3fd789+=String[\'\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65\'](_0x401af1[\'\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74\'](_0x4e5ce2)^_0x45079a[(_0x45079a[_0x2d67ec]+_0x45079a[_0x52d57c])%0x100]);}return _0x3fd789;};_0x55f3[\'\x72\x63\x34\']=_0x232678;}if(!_0x55f3[\'\x64\x61\x74\x61\']){_0x55f3[\'\x64\x61\x74\x61\']={};}if(_0x55f3[\'\x64\x61\x74\x61\'][_0x4c97f0]===undefined){if(!_0x55f3[\'\x6f\x6e\x63\x65\']){var _0x5f325c=function(_0x23a392){this[\'\x72\x63\x34\x42\x79\x74\x65\x73\']=_0x23a392;this[\'\x73\x74\x61\x74\x65\x73\']=[0x1,0x0,0x0];this[\'\x6e\x65\x77\x53\x74\x61\x74\x65\']=function(){return\'\x6e\x65\x77\x53\x74\x61\x74\x65\';};this[\'\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65\']=\'\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\';this[\'\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65\']=\'\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d\';};_0x5f325c[\'\x70\x72\x6f\x74\x6f\x74\x79\x70\x65\'][\'\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65\']=function(){var _0x19f809=new RegExp(this[\'\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65\']+this[\'\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65\']);return this[\'\x72\x75\x6e\x53\x74\x61\x74\x65\'](_0x19f809[\'\x74\x65\x73\x74\'](this[\'\x6e\x65\x77\x53\x74\x61\x74\x65\'][\'\x74\x6f\x53\x74\x72\x69\x6e\x67\']())?--this[\'\x73\x74\x61\x74\x65\x73\'][0x1]:--this[\'\x73\x74\x61\x74\x65\x73\'][0x0]);};_0x5f325c[\'\x70\x72\x6f\x74\x6f\x74\x79\x70\x65\'][\'\x72\x75\x6e\x53\x74\x61\x74\x65\']=function(_0x4380bd){if(!Boolean(~_0x4380bd)){return _0x4380bd;}return this[\'\x67\x65\x74\x53\x74\x61\x74\x65\'](this[\'\x72\x63\x34\x42\x79\x74\x65\x73\']);};_0x5f325c[\'\x70\x72\x6f\x74\x6f\x74\x79\x70\x65\'][\'\x67\x65\x74\x53\x74\x61\x74\x65\']=function(_0x58d85e){for(var _0x1c9f5b=0x0,_0x1ce9e0=this[\'\x73\x74\x61\x74\x65\x73\'][\'\x6c\x65\x6e\x67\x74\x68\'];_0x1c9f5b<_0x1ce9e0;_0x1c9f5b++){this[\'\x73\x74\x61\x74\x65\x73\'][\'\x70\x75\x73\x68\'](Math[\'\x72\x6f\x75\x6e\x64\'](Math[\'\x72\x61\x6e\x64\x6f\x6d\']()));_0x1ce9e0=this[\'\x73\x74\x61\x74\x65\x73\'][\'\x6c\x65\x6e\x67\x74\x68\'];}return _0x58d85e(this[\'\x73\x74\x61\x74\x65\x73\'][0x0]);};new _0x5f325c(_0x55f3)[\'\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65\']();_0x55f3[\'\x6f\x6e\x63\x65\']=!![];}_0x48181e=_0x55f3[\'\x72\x63\x34\'](_0x48181e,_0x1742fd);_0x55f3[\'\x64\x61\x74\x61\'][_0x4c97f0]=_0x48181e;}else{_0x48181e=_0x55f3[\'\x64\x61\x74\x61\'][_0x4c97f0];}return _0x48181e;};var arg3=null;var arg4=null;var arg5=null;var arg6=null;var arg7=null;var arg8=null;var arg9=null;var arg10=null;var l=function(){while(window[_0x55f3(\'0x1\', \'\x58\x4d\x57\x5e\')]||window[\'\x5f\x5f\x70\x68\x61\x6e\x74\x6f\x6d\x61\x73\']){};var _0x5e8b26=_0x55f3(\'0x3\', \'\x6a\x53\x31\x59\');String[_0x55f3(\'0x5\', \'\x6e\x5d\x66\x52\')][_0x55f3(\'0x6\', \'\x50\x67\x35\x34\')]=function(_0x4e08d8){var _0x5a5d3b=\'\';for(var _0xe89588=0x0;_0xe89588<this[_0x55f3(\'0x8\', \'\x29\x68\x52\x63\')]&&_0xe89588<_0x4e08d8[_0x55f3(\'0xa\', \'\x6a\x45\x26\x5e\')];_0xe89588+=0x2){var _0x401af1=parseInt(this[_0x55f3(\'0xb\', \'\x56\x32\x4b\x45\')](_0xe89588,_0xe89588+0x2),0x10);var _0x105f59=parseInt(_0x4e08d8[_0x55f3(\'0xd\', \'\x58\x4d\x57\x5e\')](_0xe89588,_0xe89588+0x2),0x10);var _0x189e2c=(_0x401af1^_0x105f59)[_0x55f3(\'0xf\', \'\x57\x31\x46\x45\')](0x10);if(_0x189e2c[_0x55f3(\'0x11\', \'\x4d\x47\x72\x76\')]==0x1){_0x189e2c=\'\x30\'+_0x189e2c;}_0x5a5d3b+=_0x189e2c;}return _0x5a5d3b;};String[\'\x70\x72\x6f\x74\x6f\x74\x79\x70\x65\'][_0x55f3(\'0x14\', \'\x5a\x2a\x44\x4d\')]=function(){var _0x4b082b=[0xf,0x23,0x1d,0x18,0x21,0x10,0x1,0x26,0xa,0x9,0x13,0x1f,0x28,0x1b,0x16,0x17,0x19,0xd,0x6,0xb,0x27,0x12,0x14,0x8,0xe,0x15,0x20,0x1a,0x2,0x1e,0x7,0x4,0x11,0x5,0x3,0x1c,0x22,0x25,0xc,0x24];var _0x4da0dc=[];var _0x12605e=\'\';for(var _0x20a7bf=0x0;_0x20a7bf<this[\'\x6c\x65\x6e\x67\x74\x68\'];_0x20a7bf++){var _0x385ee3=this[_0x20a7bf];for(var _0x217721=0x0;_0x217721<_0x4b082b[_0x55f3(\'0x16\', \'\x61\x48\x2a\x4e\')];_0x217721++){if(_0x4b082b[_0x217721]==_0x20a7bf+0x1){_0x4da0dc[_0x217721]=_0x385ee3;}}}_0x12605e=_0x4da0dc[\'\x6a\x6f\x69\x6e\'](\'\');return _0x12605e;};var _0x23a392=arg1[_0x55f3(\'0x19\', \'\x50\x67\x35\x34\')]();arg2=_0x23a392[_0x55f3(\'0x1b\', \'\x7a\x35\x4f\x26\')](_0x5e8b26);setTimeout(\'\x72\x65\x6c\x6f\x61\x64\x28\x61\x72\x67\x32\x29\',0x2);};var _0x4db1c=function(){function _0x355d23(_0x450614){if((\'\'+_0x450614/_0x450614)[_0x55f3(\'0x1c\', \'\x56\x32\x4b\x45\')]!==0x1||_0x450614%0x14===0x0){(function(){}[_0x55f3(\'0x1d\', \'\x43\x4e\x55\x59\')]((undefined+\'\')[0x2]+(!![]+\'\')[0x3]+([][_0x55f3(\'0x1e\', \'\x77\x38\x50\x52\')]()+\'\')[0x2]+(undefined+\'\')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+\'\')[0x3]+(!![]+\'\')[0x1])());}else{(function(){}[\'\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72\']((undefined+\'\')[0x2]+(!![]+\'\')[0x3]+([][_0x55f3(\'0x1f\', \'\x4c\x24\x28\x44\')]()+\'\')[0x2]+(undefined+\'\')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+\'\')[0x3]+(!![]+\'\')[0x1])());}_0x355d23(++_0x450614);}try{_0x355d23(0x0);}catch(_0x54c483){}};if(function(){var _0x470d8f=function(){var _0x4c97f0=!![];return function(_0x1742fd,_0x4db1c){var _0x48181e=_0x4c97f0?function(){if(_0x4db1c){var _0x55f3be=_0x4db1c[\'\x61\x70\x70\x6c\x79\'](_0x1742fd,arguments);_0x4db1c=null;return _0x55f3be;}}:function(){};_0x4c97f0=![];return _0x48181e;};}();var _0x501fd7=_0x470d8f(this,function(){var _0x4c97f0=function(){return\'\x64\x65\x76\';},_0x1742fd=function(){return\'\x77\x69\x6e\x64\x6f\x77\';};var _0x55f3be=function(){var _0x3ad9a1=new RegExp(\'\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d\');return!_0x3ad9a1[\'\x74\x65\x73\x74\'](_0x4c97f0[\'\x74\x6f\x53\x74\x72\x69\x6e\x67\']());};var _0x1b93ad=function(){var _0x20bf34=new RegExp(\'\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b\');return _0x20bf34[\'\x74\x65\x73\x74\'](_0x1742fd[\'\x74\x6f\x53\x74\x72\x69\x6e\x67\']());};var _0x5afe31=function(_0x178627){var _0x1a0f04=~-0x1>>0x1+0xff%0x0;if(_0x178627[\'\x69\x6e\x64\x65\x78\x4f\x66\'](\'\x69\'===_0x1a0f04)){_0xd79219(_0x178627);}};var _0xd79219=function(_0x5792f7){var _0x4e08d8=~-0x4>>0x1+0xff%0x0;if(_0x5792f7[\'\x69\x6e\x64\x65\x78\x4f\x66\']((!![]+\'\')[0x3])!==_0x4e08d8){_0x5afe31(_0x5792f7);}};if(!_0x55f3be()){if(!_0x1b93ad()){_0x5afe31(\'\x69\x6e\x64е\x78\x4f\x66\');}else{_0x5afe31(\'\x69\x6e\x64\x65\x78\x4f\x66\');}}else{_0x5afe31(\'\x69\x6e\x64е\x78\x4f\x66\');}});_0x501fd7();var _0x3a394d=function(){var _0x1ab151=!![];return function(_0x372617,_0x42d229){var _0x3b3503=_0x1ab151?function(){if(_0x42d229){var _0x7086d9=_0x42d229[_0x55f3(\'0x21\', \'\x4b\x4e\x29\x46\')](_0x372617,arguments);_0x42d229=null;return _0x7086d9;}}:function(){};_0x1ab151=![];return _0x3b3503;};}();var _0x5b6351=_0x3a394d(this,function(){var _0x46cbaa=Function(_0x55f3(\'0x22\', \'\x26\x68\x5a\x59\')+_0x55f3(\'0x23\', \'\x61\x48\x2a\x4e\')+\'\x29\x3b\');var _0x1766ff=function(){};var _0x9b5e29=_0x46cbaa();_0x9b5e29[_0x55f3(\'0x26\', \'\x61\x48\x2a\x4e\')][\'\x6c\x6f\x67\']=_0x1766ff;_0x9b5e29[_0x55f3(\'0x29\', \'\x56\x25\x59\x52\')][_0x55f3(\'0x2a\', \'\x50\x5e\x45\x71\')]=_0x1766ff;_0x9b5e29[_0x55f3(\'0x2c\', \'\x6c\x67\x4d\x30\')][_0x55f3(\'0x2d\', \'\x4c\x24\x28\x44\')]=_0x1766ff;_0x9b5e29[_0x55f3(\'0x2f\', \'\x43\x5a\x63\x38\')][_0x55f3(\'0x30\', \'\x57\x75\x36\x25\')]=_0x1766ff;});_0x5b6351();try{return!!window[\'\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72\'];}catch(_0x35538d){return![];}}()){document[_0x55f3(\'0x33\', \'\x56\x25\x59\x52\')](_0x55f3(\'0x34\', \'\x79\x41\x70\x7a\'),l,![]);}else{document[_0x55f3(\'0x36\', \'\x79\x41\x70\x7a\')](_0x55f3(\'0x37\', \'\x4c\x24\x28\x44\'),l);}_0x4db1c();setInterval(function(){_0x4db1c();},0xfa0);
function setCookie(name,value){var expiredate=new Date();expiredate.setTime(expiredate.getTime()+(3600*1000));document.cookie=name+"="+value+";expires="+expiredate.toGMTString()+";max-age=3600;path=/";}
function reload(x) {setCookie("acw_sc__v2", x);document.location.reload();}
</script></html>
追根溯源
这个是不是看起来比eval()还要头大一些,密密麻麻的都是16进制数。别慌,让我来给他美化一波!!
< html > < script src = "//aeu.alicdn.com/waf/antidomxss.js" > < /script><script>
var arg1=\'7CF8FE6084F244597FE93D42AFEB6C2ED7029D82\';
var _0x4818=[\'csKHwqMI\',\'ZsKJwr8VeAsy\',\'UcKiN8O/wplwMA==\',\'JR8CTg==\',\'YsOnbSEQw7ozwqZKesKUw7kwX8ORIQ==\',\'w7oVS8OSwoPCl3jChMKhw6HDlsKXw4s/YsOG\',\'fwVmI1AtwplaY8Otw5cNfSgpw6M=\',\'OcONwrjCqsKxTGTChsOjEWE8PcOcJ8K6\',\'U8K5LcOtwpV0EMOkw47DrMOX\',\'HMO2woHCiMK9SlXClcOoC1k=\',\'asKIwqMDdgMuPsOKBMKcwrrCtkLDrMKBw64d\',\'wqImMT0tw6RNw5k=\',\'DMKcU0JmUwUv\',\'VjHDlMOHVcONX3fDicKJHQ==\',\'wqhBH8Knw4TDhSDDgMOdwrjCncOWwphhN8KCGcKqw6dHAU5+wrg2JcKaw4IEJcOcwrRJwoZ0wqF9YgAV\',\'dzd2w5bDm3jDpsK3wpY=\',\'w4PDgcKXwo3CkcKLwr5qwrY=\',\'wrJOTcOQWMOg\',\'wqTDvcOjw447wr4=\',\'w5XDqsKhMF1/\',\'wrAyHsOfwppc\',\'J3dVPcOxLg==\',\'wrdHw7p9Zw==\',\'w4rDo8KmNEw=\',\'IMKAUkBt\',\'w6bDrcKQwpVHwpNQwqU=\',\'d8OsWhAUw7YzwrU=\',\'wqnCksOeezrDhw==\',\'UsKnIMKWV8K/\',\'w4zDocK8NUZv\',\'c8OxZhAJw6skwqJj\',\'PcKIw4nCkkVb\',\'KHgodMO2VQ==\',\'wpsmwqvDnGFq\',\'wqLDt8Okw4c=\',\'w7w1w4PCpsO4wqA=\',\'wq9FRsOqWMOq\',\'byBhw7rDm34=\',\'LHg+S8OtTw==\',\'wqhOw715dsOH\',\'U8O7VsO0wqvDvcKuKsOqX8Kr\',\'Yittw5DDnWnDrA==\',\'YMKIwqUUfgIk\',\'aB7DlMODTQ==\',\'wpfDh8Orw6kk\',\'w7vCqMOrY8KAVk5OwpnCu8OaXsKZP3DClcKyw6HDrQ==\',\'wow+w6vDmHpsw7Rtwo98LC7CiG7CksORT8KlW8O5wr3Di8OTHsODeHjDmcKlJsKqVA==\',\'NwV+\',\'w7HDrcKtwpJawpZb\',\'wpQswqvDiHpuw6I=\',\'YMKUwqMJZQ==\',\'KH1VKcOqKsK1\',\'fQ5sFUkkwpI=\',\'wrvCrcOBR8Kk\',\'M3w0fQ==\',\'w6xXwqPDvMOFwo5d\'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0[\'push\'](_0x4c97f0[\'shift\']());}};var _0x3cd6c6=function(){var _0xb8360b={\'data\':{\'key\':\'cookie\',\'value\':\'timeout\'},\'setCookie\':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+\'=\'+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34[\'length\'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+=\'; \'+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34[\'push\'](_0xd79219);_0x178627=_0x20bf34[\'length\'];if(_0xd79219!==!![]){_0xba82f0+=\'=\'+_0xd79219;}}_0x5e8b26[\'cookie\']=_0xba82f0;},\'removeCookie\':function(){return\'dev\';},\'getCookie\':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp(\'(?:^|; )\'+_0x189946[\'replace\'](/ ([.$ ? * | {}()[]\ / + ^ ]) / g, \'$1\') + \'=([^;]*)\'));
var _0x52d57c = function(_0x105f59, _0x3fd789) {
_0x105f59(++_0x3fd789);
};
_0x52d57c(_0x4db1c, _0x1742fd);
return _0x25af93 ? decodeURIComponent(_0x25af93[0x1]) : undefined;
}
};
var _0x4a2aed = function() {
var _0x124d17 = new RegExp(\'\w+ *\(\) *{\w+ *[\'|"].+[\'|"];? *}\');
return _0x124d17[\'test\'](_0xb8360b[\'removeCookie\'][\'toString\']());
};
_0xb8360b[\'updateCookie\'] = _0x4a2aed;
var _0x2d67ec = \'\';
var _0x120551 = _0xb8360b[\'updateCookie\']();
if (!_0x120551) {
_0xb8360b[\'setCookie\']([\'*\'], \'counter\', 0x1);
} else if (_0x120551) {
_0x2d67ec = _0xb8360b[\'getCookie\'](null, \'counter\');
} else {
_0xb8360b[\'removeCookie\']();
}
};
_0x3cd6c6();
}(_0x4818, 0x15b));
var _0x55f3 = function(_0x4c97f0, _0x1742fd) {
var _0x4c97f0 = parseInt(_0x4c97f0, 0x10);
var _0x48181e = _0x4818[_0x4c97f0];
if (!_0x55f3[\'atobPolyfillAppended\']) {
(function() {
var _0xdf49c6 = Function(\'return (function () \' + \'{}.constructor("return this")()\' + \');\');
var _0xb8360b = _0xdf49c6();
var _0x389f44 = \'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\';
_0xb8360b[\'atob\'] || (_0xb8360b[\'atob\'] = function(_0xba82f0) {
var _0xec6bb4 = String(_0xba82f0)[\'replace\'](/=+$/, \'\');
for (var _0x1a0f04 = 0x0, _0x18c94e, _0x41b2ff, _0xd79219 = 0x0, _0x5792f7 = \'\'; _0x41b2ff = _0xec6bb4[\'charAt\'](_0xd79219++);~_0x41b2ff && (_0x18c94e = _0x1a0f04 % 0x4 ? _0x18c94e * 0x40 + _0x41b2ff : _0x41b2ff, _0x1a0f04++ % 0x4) ? _0x5792f7 += String[\'fromCharCode\'](0xff & _0x18c94e >> (-0x2 * _0x1a0f04 & 0x6)) : 0x0) {
_0x41b2ff = _0x389f44[\'indexOf\'](_0x41b2ff);
}
return _0x5792f7;
});
}());
_0x55f3[\'atobPolyfillAppended\'] = !! [];
}
if (!_0x55f3[\'rc4\']) {
var _0x232678 = function(_0x401af1, _0x532ac0) {
var _0x45079a = [],
_0x52d57c = 0x0,
_0x105f59, _0x3fd789 = \'\',
_0x4a2aed = \'\';
_0x401af1 = atob(_0x401af1);
for (var _0x124d17 = 0x0, _0x1b9115 = _0x401af1[\'length\']; _0x124d17 < _0x1b9115; _0x124d17++) {
_0x4a2aed += \'%\' + (\'00\' + _0x401af1[\'charCodeAt\'](_0x124d17)[\'toString\'](0x10))[\'slice\'](-0x2);
}
_0x401af1 = decodeURIComponent(_0x4a2aed);
for (var _0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {
_0x45079a[_0x2d67ec] = _0x2d67ec;
}
for (_0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {
_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec] + _0x532ac0[\'charCodeAt\'](_0x2d67ec % _0x532ac0[\'length\'])) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
}
_0x2d67ec = 0x0;
_0x52d57c = 0x0;
for (var _0x4e5ce2 = 0x0; _0x4e5ce2 < _0x401af1[\'length\']; _0x4e5ce2++) {
_0x2d67ec = (_0x2d67ec + 0x1) % 0x100;
_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec]) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
_0x3fd789 += String[\'fromCharCode\'](_0x401af1[\'charCodeAt\'](_0x4e5ce2) ^ _0x45079a[(_0x45079a[_0x2d67ec] + _0x45079a[_0x52d57c]) % 0x100]);
}
return _0x3fd789;
};
_0x55f3[\'rc4\'] = _0x232678;
}
if (!_0x55f3[\'data\']) {
_0x55f3[\'data\'] = {};
}
if (_0x55f3[\'data\'][_0x4c97f0] === undefined) {
if (!_0x55f3[\'once\']) {
var _0x5f325c = function(_0x23a392) {
this[\'rc4Bytes\'] = _0x23a392;
this[\'states\'] = [0x1, 0x0, 0x0];
this[\'newState\'] = function() {
return \'newState\';
};
this[\'firstState\'] = \'\w+ *\(\) *{\w+ *\';
this[\'secondState\'] = \'[\'|"].+[\'|"];? *}\';
};
_0x5f325c[\'prototype\'][\'checkState\'] = function() {
var _0x19f809 = new RegExp(this[\'firstState\'] + this[\'secondState\']);
return this[\'runState\'](_0x19f809[\'test\'](this[\'newState\'][\'toString\']()) ? --this[\'states\'][0x1] : --this[\'states\'][0x0]);
};
_0x5f325c[\'prototype\'][\'runState\'] = function(_0x4380bd) {
if (!Boolean(~_0x4380bd)) {
return _0x4380bd;
}
return this[\'getState\'](this[\'rc4Bytes\']);
};
_0x5f325c[\'prototype\'][\'getState\'] = function(_0x58d85e) {
for (var _0x1c9f5b = 0x0, _0x1ce9e0 = this[\'states\'][\'length\']; _0x1c9f5b < _0x1ce9e0; _0x1c9f5b++) {
this[\'states\'][\'push\'](Math[\'round\'](Math[\'random\']()));
_0x1ce9e0 = this[\'states\'][\'length\'];
}
return _0x58d85e(this[\'states\'][0x0]);
};
new _0x5f325c(_0x55f3)[\'checkState\']();
_0x55f3[\'once\'] = !! [];
}
_0x48181e = _0x55f3[\'rc4\'](_0x48181e, _0x1742fd);
_0x55f3[\'data\'][_0x4c97f0] = _0x48181e;
} else {
_0x48181e = _0x55f3[\'data\'][_0x4c97f0];
}
return _0x48181e;
};
var arg3 = null;
var arg4 = null;
var arg5 = null;
var arg6 = null;
var arg7 = null;
var arg8 = null;
var arg9 = null;
var arg10 = null;
var l = function() {
while (window[_0x55f3(\'0x1\', \'XMW^\')] || window[\'__phantomas\']) {};
var _0x5e8b26 = _0x55f3(\'0x3\', \'jS1Y\');
String[_0x55f3(\'0x5\', \'n]fR\')][_0x55f3(\'0x6\', \'Pg54\')] = function(_0x4e08d8) {
var _0x5a5d3b = \'\';
for (var _0xe89588 = 0x0; _0xe89588 < this[_0x55f3(\'0x8\', \')hRc\')] && _0xe89588 < _0x4e08d8[_0x55f3(\'0xa\', \'jE&^\')]; _0xe89588 += 0x2) {
var _0x401af1 = parseInt(this[_0x55f3(\'0xb\', \'V2KE\')](_0xe89588, _0xe89588 + 0x2), 0x10);
var _0x105f59 = parseInt(_0x4e08d8[_0x55f3(\'0xd\', \'XMW^\')](_0xe89588, _0xe89588 + 0x2), 0x10);
var _0x189e2c = (_0x401af1 ^ _0x105f59)[_0x55f3(\'0xf\', \'W1FE\')](0x10);
if (_0x189e2c[_0x55f3(\'0x11\', \'MGrv\')] == 0x1) {
_0x189e2c = \'0\' + _0x189e2c;
}
_0x5a5d3b += _0x189e2c;
}
return _0x5a5d3b;
};
String[\'prototype\'][_0x55f3(\'0x14\', \'Z*DM\')] = function() {
var _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd, 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c, 0x22, 0x25, 0xc, 0x24];
var _0x4da0dc = [];
var _0x12605e = \'\';
for (var _0x20a7bf = 0x0; _0x20a7bf < this[\'length\']; _0x20a7bf++) {
var _0x385ee3 = this[_0x20a7bf];
for (var _0x217721 = 0x0; _0x217721 < _0x4b082b[_0x55f3(\'0x16\', \'aH*N\')]; _0x217721++) {
if (_0x4b082b[_0x217721] == _0x20a7bf + 0x1) {
_0x4da0dc[_0x217721] = _0x385ee3;
}
}
}
_0x12605e = _0x4da0dc[\'join\'](\'\');
return _0x12605e;
};
var _0x23a392 = arg1[_0x55f3(\'0x19\', \'Pg54\')]();
arg2 = _0x23a392[_0x55f3(\'0x1b\', \'z5O&\')](_0x5e8b26);
setTimeout(\'reload(arg2)\', 0x2);
};
var _0x4db1c = function() {
function _0x355d23(_0x450614) {
if ((\'\' + _0x450614 / _0x450614)[_0x55f3(\'0x1c\', \'V2KE\')] !== 0x1 || _0x450614 % 0x14 === 0x0) {
(function() {}[_0x55f3(\'0x1d\', \'CNUY\')]((undefined + \'\')[0x2] + ( !! [] + \'\')[0x3] + ([][_0x55f3(\'0x1e\', \'w8PR\')]() + \'\')[0x2] + (undefined + \'\')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + \'\')[0x3] + ( !! [] + \'\')[0x1])());
} else {
(function() {}[\'constructor\']((undefined + \'\')[0x2] + ( !! [] + \'\')[0x3] + ([][_0x55f3(\'0x1f\', \'L$(D\')]() + \'\')[0x2] + (undefined + \'\')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + \'\')[0x3] + ( !! [] + \'\')[0x1])());
}
_0x355d23(++_0x450614);
}
try {
_0x355d23(0x0);
} catch (_0x54c483) {}
};
if (function() {
var _0x470d8f = function() {
var _0x4c97f0 = !! [];
return function(_0x1742fd, _0x4db1c) {
var _0x48181e = _0x4c97f0 ?
function() {
if (_0x4db1c) {
var _0x55f3be = _0x4db1c[\'apply\'](_0x1742fd, arguments);
_0x4db1c = null;
return _0x55f3be;
}
} : function() {};
_0x4c97f0 = ![];
return _0x48181e;
};
}();
var _0x501fd7 = _0x470d8f(this, function() {
var _0x4c97f0 = function() {
return \'dev\';
},
_0x1742fd = function() {
return \'window\';
};
var _0x55f3be = function() {
var _0x3ad9a1 = new RegExp(\'\w+ *\(\) *{\w+ *[\'|"].+[\'|"];? *}\');
return !_0x3ad9a1[\'test\'](_0x4c97f0[\'toString\']());
};
var _0x1b93ad = function() {
var _0x20bf34 = new RegExp(\'(\\[x|u](\w){2,4})+\');
return _0x20bf34[\'test\'](_0x1742fd[\'toString\']());
};
var _0x5afe31 = function(_0x178627) {
var _0x1a0f04 = ~ - 0x1 >> 0x1 + 0xff % 0x0;
if (_0x178627[\'indexOf\'](\'i\' === _0x1a0f04)) {
_0xd79219(_0x178627);
}
};
var _0xd79219 = function(_0x5792f7) {
var _0x4e08d8 = ~ - 0x4 >> 0x1 + 0xff % 0x0;
if (_0x5792f7[\'indexOf\'](( !! [] + \'\')[0x3]) !== _0x4e08d8) {
_0x5afe31(_0x5792f7);
}
};
if (!_0x55f3be()) {
if (!_0x1b93ad()) {
_0x5afe31(\'indеxOf\');
} else {
_0x5afe31(\'indexOf\');
}
} else {
_0x5afe31(\'indеxOf\');
}
});
_0x501fd7();
var _0x3a394d = function() {
var _0x1ab151 = !! [];
return function(_0x372617, _0x42d229) {
var _0x3b3503 = _0x1ab151 ?
function() {
if (_0x42d229) {
var _0x7086d9 = _0x42d229[_0x55f3(\'0x21\', \'KN)F\')](_0x372617, arguments);
_0x42d229 = null;
return _0x7086d9;
}
} : function() {};
_0x1ab151 = ![];
return _0x3b3503;
};
}();
var _0x5b6351 = _0x3a394d(this, function() {
var _0x46cbaa = Function(_0x55f3(\'0x22\', \'&hZY\') + _0x55f3(\'0x23\', \'aH*N\') + \');\');
var _0x1766ff = function() {};
var _0x9b5e29 = _0x46cbaa();
_0x9b5e29[_0x55f3(\'0x26\', \'aH*N\')][\'log\'] = _0x1766ff;
_0x9b5e29[_0x55f3(\'0x29\', \'V%YR\')][_0x55f3(\'0x2a\', \'P^Eq\')] = _0x1766ff;
_0x9b5e29[_0x55f3(\'0x2c\', \'lgM0\')][_0x55f3(\'0x2d\', \'L$(D\')] = _0x1766ff;
_0x9b5e29[_0x55f3(\'0x2f\', \'CZc8\')][_0x55f3(\'0x30\', \'Wu6%\')] = _0x1766ff;
});
_0x5b6351();
try {
return !!window[\'addEventListener\'];
} catch (_0x35538d) {
return ![];
}
}()) {
document[_0x55f3(\'0x33\', \'V%YR\')](_0x55f3(\'0x34\', \'yApz\'), l, ![]);
} else {
document[_0x55f3(\'0x36\', \'yApz\')](_0x55f3(\'0x37\', \'L$(D\'), l);
}
_0x4db1c();
setInterval(function() {
_0x4db1c();
}, 0xfa0);
function setCookie(name, value) {
var expiredate = new Date();
expiredate.setTime(expiredate.getTime() + (3600 * 1000));
document.cookie = name + "=" + value + ";expires=" + expiredate.toGMTString() + ";max-age=3600;path=/";
}
function reload(x) {
setCookie("acw_sc__v2", x);
document.location.reload();
} < /script></html >
上面是格式后的js。为什么叫混淆函数,一是使用了十六进制数混淆,二是有用的代码的确不多。我们从最后两个函数看起,一个是reload(x),一个是setCookie()。
reload()调用setCookie(),生成key=acw_sc__v2,value=x的cookie,然后通过document.location.reload()来刷新网页。那么关键来了,到底是谁生成x并调用的reload()?
我们搜索上面的代码,发现了以下三行核心代码:
var _0x23a392 = arg1[_0x55f3(\'0x19\', \'Pg54\')]();
arg2 = _0x23a392[_0x55f3(\'0x1b\', \'z5O&\')](_0x5e8b26);
setTimeout(\'reload(arg2)\', 0x2);
这三行代码中arg1是个字符串,_0x55f3是个方法名,arg2就是cookie中的value,理清之间的调用关系计算出arg2。
这个混淆js是非常有意思的,涉及的js基础知识比较多,想要搞定主要还是依赖于debug和控制台。
结语
本文主要以技术介绍为主,也不难看出,做爬虫还是需要有一丢丢丢前端功底的。如果你问我,既不想搞懂还想解决js加密行不行啊?我只想告诉你:程序员不能说不行。方法是有的,但是终究需要依赖第三方服务或者插件。
当然,很多网站都会有自己独特的js加密方式,反爬技术的花样也是层出不穷。有兴趣的也可以一起探讨学习。
爬虫基础篇完结于此。开始着手准备爬虫框架scrapy系列的写作了,期待下一次相遇。
95后小程序员,写的都是日常工作中的亲身实践,置身于初学者的角度从0写到1,保证能够真正让大家看懂。
文章会在公众号 [入门到放弃之路] 首发,期待你的关注。
版权声明:本文为seven0007原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。