文章目錄

• 前言
• 一、頁面分析
• 二、參數來源
• 三、參數破解
• 四、扣源碼吧
• 五、運行調試
• 六、請求源碼

---

前言

某寶登入接口：https://login.taobao.com/

---

一、頁面分析

---

二、參數來源

loginId：輸入的手機號

password2：加密的登入密碼

ua：根據user-agent生成，可以直接拿來用

_csrf_token：從進入網頁的源碼中獲取

umidToken：從進入網頁的源碼中獲取

hsiz：從進入網頁的源碼中獲取

---

三、參數破解

我們了解到參數來源后，需要解決的就是password2的生成方式，我們直接搜password2

出來一個，直接點進去再搜一次，找到加密位置，下斷點重新請求

我們可以看出是一個典型的Rsa加密

---

四、扣源碼吧

這里需要補上一些環境變量，怎么補？自己運行缺啥補啥 var o, t, e; var window = {}; var navigator = {};function i(t, e, n) {null != t && ("number" == typeof t ? this.fromNumber(t, e, n) : null == e && "string" != typeof t ? this.fromString(t, 256) : this.fromString(t, e)) }function r() {return new i(null) }"Microsoft Internet Explorer" == navigator.appName ? (i.prototype.am = function (t, e, n, o, i, r) {for (var a = 32767 & e, s = e >> 15; --r >= 0;) {var c = 32767 & this[t], u = this[t++] >> 15, l = s * c + u * a;i = ((c = a * c + ((32767 & l) << 15) + n[o] + (1073741823 & i)) >>> 30) + (l >>> 15) + s * u + (i >>> 30),n[o++] = 1073741823 & c}return i },o = 30) : "Netscape" != navigator.appName ? (i.prototype.am = function (t, e, n, o, i, r) {for (; --r >= 0;) {var a = e * this[t++] + n[o] + i;i = Math.floor(a / 67108864),n[o++] = 67108863 & a}return i },o = 26) : (i.prototype.am = function (t, e, n, o, i, r) {for (var a = 16383 & e, s = e >> 14; --r >= 0;) {var c = 16383 & this[t], u = this[t++] >> 14, l = s * c + u * a;i = ((c = a * c + ((16383 & l) << 14) + n[o] + i) >> 28) + (l >> 14) + s * u,n[o++] = 268435455 & c}return i },o = 28),i.prototype.DB = o,i.prototype.DM = (1 << o) - 1,i.prototype.DV = 1 << o; i.prototype.FV = Math.pow(2, 52),i.prototype.F1 = 52 - o,i.prototype.F2 = 2 * o - 52; var a, s, c = "0123456789abcdefghijklmnopqrstuvwxyz", u = new Array; for (a = "0".charCodeAt(0),s = 0; s <= 9; ++s)u[a++] = s; for (a = "a".charCodeAt(0),s = 10; s < 36; ++s)u[a++] = s; for (a = "A".charCodeAt(0),s = 10; s < 36; ++s)u[a++] = s;function l(t) {return c.charAt(t) }function f(t, e) {var n = u[t.charCodeAt(e)];return null == n ? -1 : n }function p(t) {var e = r();return e.fromInt(t),e }function d(t) {var e, n = 1;return 0 != (e = t >>> 16) && (t = e,n += 16),0 != (e = t >> 8) && (t = e,n += 8),0 != (e = t >> 4) && (t = e,n += 4),0 != (e = t >> 2) && (t = e,n += 2),0 != (e = t >> 1) && (t = e,n += 1),n }function h(t) {this.m = t }function g(t) {this.m = t,this.mp = t.invDigit(),this.mpl = 32767 & this.mp,this.mph = this.mp >> 15,this.um = (1 << t.DB - 15) - 1,this.mt2 = 2 * t.t }function y() {this.i = 0,this.j = 0,this.S = new Array }h.prototype.convert = function (t) {return t.s < 0 || t.compareTo(this.m) >= 0 ? t.mod(this.m) : t },h.prototype.revert = function (t) {return t},h.prototype.reduce = function (t) {t.divRemTo(this.m, null, t)},h.prototype.mulTo = function (t, e, n) {t.multiplyTo(e, n),this.reduce(n)},h.prototype.sqrTo = function (t, e) {t.squareTo(e),this.reduce(e)},g.prototype.convert = function (t) {var e = r();return t.abs().dlShiftTo(this.m.t, e),e.divRemTo(this.m, null, e),t.s < 0 && e.compareTo(i.ZERO) > 0 && this.m.subTo(e, e),e},g.prototype.revert = function (t) {var e = r();return t.copyTo(e),this.reduce(e),e},g.prototype.reduce = function (t) {for (; t.t <= this.mt2;)t[t.t++] = 0;for (var e = 0; e < this.m.t; ++e) {var n = 32767 & t[e], o = n * this.mpl + ((n * this.mph + (t[e] >> 15) * this.mpl & this.um) << 15) & t.DM;for (t[n = e + this.m.t] += this.m.am(0, o, t, e, 0, this.m.t); t[n] >= t.DV;)t[n] -= t.DV,t[++n]++}t.clamp(),t.drShiftTo(this.m.t, t),t.compareTo(this.m) >= 0 && t.subTo(this.m, t)},g.prototype.mulTo = function (t, e, n) {t.multiplyTo(e, n),this.reduce(n)},g.prototype.sqrTo = function (t, e) {t.squareTo(e),this.reduce(e)},i.prototype.copyTo = function (t) {for (var e = this.t - 1; e >= 0; --e)t[e] = this[e];t.t = this.t,t.s = this.s},i.prototype.fromInt = function (t) {this.t = 1,this.s = t < 0 ? -1 : 0,t > 0 ? this[0] = t : t < -1 ? this[0] = t + this.DV : this.t = 0},i.prototype.fromString = function (t, e) {var n;if (16 == e)n = 4;else if (8 == e)n = 3;else if (256 == e)n = 8;else if (2 == e)n = 1;else if (32 == e)n = 5;else {if (4 != e)return void this.fromRadix(t, e);n = 2}this.t = 0,this.s = 0;for (var o = t.length, r = !1, a = 0; --o >= 0;) {var s = 8 == n ? 255 & t[o] : f(t, o);s < 0 ? "-" == t.charAt(o) && (r = !0) : (r = !1,0 == a ? this[this.t++] = s : a + n > this.DB ? (this[this.t - 1] |= (s & (1 << this.DB - a) - 1) << a,this[this.t++] = s >> this.DB - a) : this[this.t - 1] |= s << a,(a += n) >= this.DB && (a -= this.DB))}8 == n && 0 != (128 & t[0]) && (this.s = -1,a > 0 && (this[this.t - 1] |= (1 << this.DB - a) - 1 << a)),this.clamp(),r && i.ZERO.subTo(this, this)},i.prototype.clamp = function () {for (var t = this.s & this.DM; this.t > 0 && this[this.t - 1] == t;)--this.t},i.prototype.dlShiftTo = function (t, e) {var n;for (n = this.t - 1; n >= 0; --n)e[n + t] = this[n];for (n = t - 1; n >= 0; --n)e[n] = 0;e.t = this.t + t,e.s = this.s},i.prototype.drShiftTo = function (t, e) {for (var n = t; n < this.t; ++n)e[n - t] = this[n];e.t = Math.max(this.t - t, 0),e.s = this.s},i.prototype.lShiftTo = function (t, e) {var n, o = t % this.DB, i = this.DB - o, r = (1 << i) - 1, a = Math.floor(t / this.DB),s = this.s << o & this.DM;for (n = this.t - 1; n >= 0; --n)e[n + a + 1] = this[n] >> i | s,s = (this[n] & r) << o;for (n = a - 1; n >= 0; --n)e[n] = 0;e[a] = s,e.t = this.t + a + 1,e.s = this.s,e.clamp()},i.prototype.rShiftTo = function (t, e) {e.s = this.s;var n = Math.floor(t / this.DB);if (n >= this.t)e.t = 0;else {var o = t % this.DB, i = this.DB - o, r = (1 << o) - 1;e[0] = this[n] >> o;for (var a = n + 1; a < this.t; ++a)e[a - n - 1] |= (this[a] & r) << i,e[a - n] = this[a] >> o;o > 0 && (e[this.t - n - 1] |= (this.s & r) << i),e.t = this.t - n,e.clamp()}},i.prototype.subTo = function (t, e) {for (var n = 0, o = 0, i = Math.min(t.t, this.t); n < i;)o += this[n] - t[n],e[n++] = o & this.DM,o >>= this.DB;if (t.t < this.t) {for (o -= t.s; n < this.t;)o += this[n],e[n++] = o & this.DM,o >>= this.DB;o += this.s} else {for (o += this.s; n < t.t;)o -= t[n],e[n++] = o & this.DM,o >>= this.DB;o -= t.s}e.s = o < 0 ? -1 : 0,o < -1 ? e[n++] = this.DV + o : o > 0 && (e[n++] = o),e.t = n,e.clamp()},i.prototype.multiplyTo = function (t, e) {var n = this.abs(), o = t.abs(), r = n.t;for (e.t = r + o.t; --r >= 0;)e[r] = 0;for (r = 0; r < o.t; ++r)e[r + n.t] = n.am(0, o[r], e, r, 0, n.t);e.s = 0,e.clamp(),this.s != t.s && i.ZERO.subTo(e, e)},i.prototype.squareTo = function (t) {for (var e = this.abs(), n = t.t = 2 * e.t; --n >= 0;)t[n] = 0;for (n = 0; n < e.t - 1; ++n) {var o = e.am(n, e[n], t, 2 * n, 0, 1);(t[n + e.t] += e.am(n + 1, 2 * e[n], t, 2 * n + 1, o, e.t - n - 1)) >= e.DV && (t[n + e.t] -= e.DV,t[n + e.t + 1] = 1)}t.t > 0 && (t[t.t - 1] += e.am(n, e[n], t, 2 * n, 0, 1)),t.s = 0,t.clamp()},i.prototype.divRemTo = function (t, e, n) {var o = t.abs();if (!(o.t <= 0)) {var a = this.abs();if (a.t < o.t)return null != e && e.fromInt(0),void (null != n && this.copyTo(n));null == n && (n = r());var s = r(), c = this.s, u = t.s, l = this.DB - d(o[o.t - 1]);l > 0 ? (o.lShiftTo(l, s),a.lShiftTo(l, n)) : (o.copyTo(s),a.copyTo(n));var f = s.t, p = s[f - 1];if (0 != p) {var h = p * (1 << this.F1) + (f > 1 ? s[f - 2] >> this.F2 : 0), g = this.FV / h, y = (1 << this.F1) / h, m = 1 << this.F2, v = n.t, M = v - f, w = null == e ? r() : e;for (s.dlShiftTo(M, w),n.compareTo(w) >= 0 && (n[n.t++] = 1,n.subTo(w, n)),i.ONE.dlShiftTo(f, w),w.subTo(s, s); s.t < f;)s[s.t++] = 0;for (; --M >= 0;) {var b = n[--v] == p ? this.DM : Math.floor(n[v] * g + (n[v - 1] + m) * y);if ((n[v] += s.am(0, b, n, M, 0, f)) < b)for (s.dlShiftTo(M, w),n.subTo(w, n); n[v] < --b;)n.subTo(w, n)}null != e && (n.drShiftTo(f, e),c != u && i.ZERO.subTo(e, e)),n.t = f,n.clamp(),l > 0 && n.rShiftTo(l, n),c < 0 && i.ZERO.subTo(n, n)}}},i.prototype.invDigit = function () {if (this.t < 1)return 0;var t = this[0];if (0 == (1 & t))return 0;var e = 3 & t;return (e = (e = (e = (e = e * (2 - (15 & t) * e) & 15) * (2 - (255 & t) * e) & 255) * (2 - ((65535 & t) * e & 65535)) & 65535) * (2 - t * e % this.DV) % this.DV) > 0 ? this.DV - e : -e},i.prototype.isEven = function () {return 0 == (this.t > 0 ? 1 & this[0] : this.s)},i.prototype.exp = function (t, e) {if (t > 4294967295 || t < 1)return i.ONE;var n = r(), o = r(), a = e.convert(this), s = d(t) - 1;for (a.copyTo(n); --s >= 0;)if (e.sqrTo(n, o),(t & 1 << s) > 0)e.mulTo(o, a, n);else {var c = n;n = o,o = c}return e.revert(n)},i.prototype.toString = function (t) {if (this.s < 0)return "-" + this.negate().toString(t);var e;if (16 == t)e = 4;else if (8 == t)e = 3;else if (2 == t)e = 1;else if (32 == t)e = 5;else {if (4 != t)return this.toRadix(t);e = 2}var n, o = (1 << e) - 1, i = !1, r = "", a = this.t, s = this.DB - a * this.DB % e;if (a-- > 0)for (s < this.DB && (n = this[a] >> s) > 0 && (i = !0,r = l(n)); a >= 0;)s < e ? (n = (this[a] & (1 << s) - 1) << e - s,n |= this[--a] >> (s += this.DB - e)) : (n = this[a] >> (s -= e) & o,s <= 0 && (s += this.DB,--a)),n > 0 && (i = !0),i && (r += l(n));return i ? r : "0"},i.prototype.negate = function () {var t = r();return i.ZERO.subTo(this, t),t},i.prototype.abs = function () {return this.s < 0 ? this.negate() : this},i.prototype.compareTo = function (t) {var e = this.s - t.s;if (0 != e)return e;var n = this.t;if (0 != (e = n - t.t))return this.s < 0 ? -e : e;for (; --n >= 0;)if (0 != (e = this[n] - t[n]))return e;return 0},i.prototype.bitLength = function () {return this.t <= 0 ? 0 : this.DB * (this.t - 1) + d(this[this.t - 1] ^ this.s & this.DM)},i.prototype.mod = function (t) {var e = r();return this.abs().divRemTo(t, null, e),this.s < 0 && e.compareTo(i.ZERO) > 0 && t.subTo(e, e),e},i.prototype.modPowInt = function (t, e) {var n;return n = t < 256 || e.isEven() ? new h(e) : new g(e),this.exp(t, n)},i.ZERO = p(0),i.ONE = p(1),y.prototype.init = function (t) {var e, n, o;for (e = 0; e < 256; ++e)this.S[e] = e;for (n = 0,e = 0; e < 256; ++e)n = n + this.S[e] + t[e % t.length] & 255,o = this.S[e],this.S[e] = this.S[n],this.S[n] = o;this.i = 0,this.j = 0},y.prototype.next = function () {var t;return this.i = this.i + 1 & 255,this.j = this.j + this.S[this.i] & 255,t = this.S[this.i],this.S[this.i] = this.S[this.j],this.S[this.j] = t,this.S[t + this.S[this.i] & 255]} ; var m, v, M, w = 256;function b() {!function (t) {v[M++] ^= 255 & t,v[M++] ^= t >> 8 & 255,v[M++] ^= t >> 16 & 255,v[M++] ^= t >> 24 & 255,M >= w && (M -= w)}((new Date).getTime()) }if (null == v) {var N;if (v = new Array,M = 0,window.crypto && window.crypto.getRandomValues) {var C = new Uint8Array(32);for (window.crypto.getRandomValues(C),N = 0; N < 32; ++N)v[M++] = C[N]}if ("Netscape" == navigator.appName && navigator.appVersion < "5" && window.crypto && window.crypto.random) {var T = window.crypto.random(32);for (N = 0; N < T.length; ++N)v[M++] = 255 & T.charCodeAt(N)}for (; M < w;)N = Math.floor(65536 * Math.random()),v[M++] = N >>> 8,v[M++] = 255 & N;M = 0,b() }function I() {if (null == m) {for (b(),(m = new y).init(v),M = 0; M < v.length; ++M)v[M] = 0;M = 0}return m.next() }function j() { }function D() {this.n = null,this.e = 0,this.d = null,this.p = null,this.q = null,this.dmp1 = null,this.dmq1 = null,this.coeff = null }j.prototype.nextBytes = function (t) {var e;for (e = 0; e < t.length; ++e)t[e] = I() },D.prototype.doPublic = function (t) {return t.modPowInt(this.e, this.n)},D.prototype.setPublic = function (t, e) {null != t && null != e && t.length > 0 && e.length > 0 ? (this.n = function (t, e) {return new i(t, e)}(t, 16),this.e = parseInt(e, 16)) : alert("Invalid RSA public key")},D.prototype.encrypt = function (t) {var e = function (t, e) {// if (e < t.length + 11)// return alert("Message too long for RSA"),// null;for (var n = new Array, o = t.length - 1; o >= 0 && e > 0;) {var r = t.charCodeAt(o--);r < 128 ? n[--e] = r : r > 127 && r < 2048 ? (n[--e] = 63 & r | 128,n[--e] = r >> 6 | 192) : (n[--e] = 63 & r | 128,n[--e] = r >> 6 & 63 | 128,n[--e] = r >> 12 | 224)}n[--e] = 0;for (var a = new j, s = new Array; e > 2;) {for (s[0] = 0; 0 == s[0];)a.nextBytes(s);n[--e] = s[0]}return n[--e] = 2,n[--e] = 0,new i(n)}(t, this.n.bitLength() + 7 >> 3);if (null == e)return null;var n = this.doPublic(e);if (null == n)return null;var o = n.toString(16);return 0 == (1 & o.length) ? o : "0" + o} ;var rsa = new D(); rsa.setPublic("d3bcef1f00424f3261c89323fa8cdfa12bbac400d9fe8bb627e8d27a44bd5d59dce559135d678a8143beb5b8d7056c4e1f89c4e1f152470625b7b41944a97f02da6f605a49a93ec6eb9cbaf2e7ac2b26a354ce69eb265953d2c29e395d6d8c1cdb688978551aa0f7521f290035fad381178da0bea8f9e6adce39020f513133fb", "10001");var password = '你的淘寶密碼'; var password2 = rsa.encrypt(password); console.log(password2);

五、運行調試

將生成的password2加入請求中，可以看出請求是成功的

{'content': {'data': {'redirect': True, 'redirectUrl': 'https://i.taobao.com/my_taobao.htm?nekot=ztK90NChxcWwoQ==1604478854770','asyncUrls': ['https://passport.alibaba.com/mini_apply_st.js?callback=callback&site=0&token=1dTZ4Upbuq4RXpbG9xAP9nA'],'resultCode': 100}, 'status': 0, 'success': True}, 'hasError': False }

六、請求源碼

import requestsheaders = {'authority': 'login.taobao.com','sec-ch-ua': '"Chromium";v="86", "\\"Not\\\\A;Brand";v="99", "Google Chrome";v="86"','accept': 'application/json, text/plain, */*','sec-ch-ua-mobile': '?0','user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36','content-type': 'application/x-www-form-urlencoded','origin': 'https://login.taobao.com','sec-fetch-site': 'same-origin','sec-fetch-mode': 'cors','sec-fetch-dest': 'empty','referer': 'https://login.taobao.com/','accept-language': 'zh-CN,zh;q=0.9', }params = (('appName', 'taobao'),('fromSite', '0'), ) data = {'loginId': '','password2': '','keepLogin': 'false','ua': '137#2uE9hE9o9u4Cg2EEs9HOVJoGInqNnP1QzrmU4UDuamux/Z+8T30RZ5TGqgGqLi9rbAqTkn5UQVlBccGQgyTQds+RdNh/L41RQl4XevrzjwcAVYgRus2VSSrY3YmHl/B9iwkV7m/JxOpv5kp0/tsimY/e714UiccWYGgf1w8T5ulXikKgarPvheMvFyaFWf2XiOXUYEfFOAyKzg4hTaO37XROCFbpwNVwScLk8IFYqh3U0e7cOB/ygWSDVJ+hWlvt6qPwXJ+tGjq/JnycZd4r7/qOL8Z7PeKa5SZ+35FGKFeO6sh23bX7vL+B8GrU/lWMWU34kcoJECOhCYB9BQ0bQnMKSh36CRkFTvjjkhUTZ/B08JAAVPV0aGfuftxITXJX7gpj18nIhu7J6pz1M6bSz8wsd8eEoyQ/Eylwb3gbQM+lx5ESWCwysiuc7MsfqHCc4XAnGyGjMskZFFZPExLWJyHhmkYnZS3LvBo99syVtwUIU7ghP0Jc1IeivXyD8yJxTlEIPGWhQDf3+qEh90JmEAEi+z8wqWjQ1qgipXicQonJ+Z6VpRSFTDtEWpipMTJS1lQypXpcQvnH+ZDVpXJ8pAiU8o8vJyTJ1gxoppimQofo+qFVpkUm1AlN5tipYSUS1qQipXpcQeno+ww/xe6WiBqXEnezPEyPKgEGz8lwVYOTwfdHcN2IXa/Rhwanv/jLjnhXWGC8KF5oVZbhd2t7K6tEviSjQ3ZKJrBW8smq+2N3pGX5snP3ErVpkuwif/EKs6fWpnvxoB2Bv+MbgPiVGk723DLyShOtdlBSz19h2pXgslUYxR6UuIgBZON66lTNpvezB0zWNsY59oceUrYjize+tEu0aMAlkL5gC84t2BtHk+bu/DR1OWvr4qisFT/vf4uq+AAUSZZ+sh0VNh3R2tJJAbaKU4A/EB3z3aAdgJ98riRO38P+hL+D7sOuh07Xp3t0Bqi/uDUWDnmrbBA91xstmWVxm2bWlHTvvCTr74fc/2n+U6B=','umidGetStatusVal': '255','screenPixel': '1920x1080','navlanguage': 'zh-CN','navUserAgent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36','navPlatform': 'Win32','appName': 'taobao','appEntrance': 'taobao_pc','_csrf_token': 'P2fjbLRJAnx7Vk8APtHIC4','umidToken': '4466865c1979c4886767c5dc45530c7fd367ed93','hsiz': '1192b46a4501bb2efb6da1fe1a985485','bizParams': '','style': 'default','appkey': '00000000','from': 'tb','isMobile': 'false','lang': 'zh_CN','returnUrl': '','fromSite': '0' }session = requests.session()data['loginId'] = '你的手機號' data['password2'] = '加密密碼' response = session.post('https://login.taobao.com/newlogin/login.do', headers=headers, params=params, data=data) data = response.json() print(data)# 請求重定向鏈接 session.get(url=data['content']['data']['redirectUrl'], headers=headers)# 請求搜索頁 res = session.get(url='https://s.taobao.com/search?q=%E6%89%8B%E6%9C%BA&imgfile=&commend=all&ssid=s5-e&search_type=item&sourceId=tb.index&spm=a21bo.2017.201856-taobao-item.1&ie=utf8&initiative_id=tbindexz_20170306',headers=headers) print(res.text)

總結

以上是生活随笔為你收集整理的【2020-11-04】JS逆向之某宝模拟登入的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。