前言
如果再说IP请求次数检测、验证码这种最常见的反爬虫技术,可能大家听得耳朵都出茧子了。当然,也有的同学写了了几天的爬虫,觉得爬虫太简单、没有啥挑战性。所以特地找了三个有一定难度的网站,希望可以有兴趣的手动实践一下。
此篇文章只作知识扩展和思路引导,其中涉及的网站反爬技术,仅做技术学习探讨。
字体加密
字体加密总结成一句话:你看到的不是你看到的。
地址
猫眼电影:https://maoyan.com/films/343568
问题还原
最近的哥斯拉大战金刚看了没啊,好看不,评分高不高,票房多少了?让我们去猫眼看一看吧。
哥斯拉大战金刚
这一看问题就来了:为什么评分和票房在源码里都是"口口"?在页面中看到的评分和票房去哪儿了?
追根溯源
话不多说,先看源码:
看完更疑问了,这个&#x又是啥?这个其实是html中的转义序列,表示后面跟着的是十六进制,处理后在控制台打印一下,如图:
这些数字和票房目前是一分钱关系都没有。那就想办法让他们有所关联。
从网页中找到了以下代码:
font-face
其实这就是在css中使用@font-face通过woff文件自定义了字体,源码中的十六进制数字必须通过这个字体映射才能正确显示。就像UTF-8和GBK的关系,编码和解码一致才不会出现乱码。
这里我将woff字体文件下载到本地并用工具打开。
字体内容
从网页上看到票房是5.74亿,这里就主要关注数字5。从上图可以看出5对应的是glyph11。
使用工具将woff文件转换成xml格式:
glyph11对应的是id=11的glyph,其对应的name为uniE8CD。接着在xml中找到uniE8CD对应的十六进制:
十六进制对应
如图,uniE8CD对应的是0xe8cd,也就是说「数字5对应的是0xe8cd」,正是在控制台输出的第一个数字。
eval() & JS加密
js被加密后放在eval()中执行。如果想还原js,在开发者控制台使用console.log()输出解密后的js。因为不论是eval()还是log(),js解析执行最终都依赖于浏览器内核。
地址
TV猫:https://www.tvmao.com/program/CCTV
问题还原
在频道剧集页,分为早间、午间、晚间节目。如图:
网页内容
在发起请求获取频道剧集数据的时候,发现返回内容只有早间节目数据,12点以后的剧集数据获取不到。
查看网页源码:
剧集网页源码
追根溯源
我们在控制台的请求中,搜索网页中的关键字"熊熊乐园",害,果不其然,还真搜着了。
这个响应结果是一个数组,下标0代表标志位:1代表获取到了数据,0代表没有获取到数据;下标1是数据位,对应接口的返回数据。
解析此响应结果的代码比较繁杂,需要对多余内容进行替换。
代码如下:
解析代码
其实上面代码它并不重要!!接着我们顺着网线去看他的请求部分:
请求
从请求头中可以看出,请求就一个参数p,1、2、3... 整整186位,你看这个参数它又长悠长,像那寂寥的雨巷。虽然等不来那撑着油纸伞的姑娘,但是至少可以先看看这个参数p是怎么生成的。
在搜索框搜索api和pg关键字,找到下面代码:
别管其他,带有ajax字样十有八九就是ajax请求了,参数p的值是变量a,在生成变量a的代码处设置断点,点击页面中的"查看更多"按钮触发断点,接着进入A.d()方法:
往上翻,查看js上部分:
其实到这里就已经可以结束了,你看在d()中又调用了w(),w()也调用了A中其他方法,将这个js中方法调用链搞清楚,将每个方法代码都内联起来,最后计算出参数p,就可以了。
那么,说好的eval呢,说好的加密的js呢?
少侠莫慌,这就带您继续看下去。如果你仔细看,你就会发现上面的js的文件名是匿名/临时的,所以说这不是网站原有的js文件,而是浏览器内核解析后的js。
那该怎么找到原来的js文件?
不知少侠可知搜索功能,你看上面的js中有「keyStr」这个关键字,咱不妨搜索一波。
这不,如图,eval()有了,加密js也有了,拷贝成文本如下:
代码语言:javascript复制eval(function(h, b, i, d, g, f) {
g = function(a) {
return (a < b ? "" : g(parseInt(a / b))) ((a = a % b) > 35 ? String.fromCharCode(a 29) : a.toString(36))
}
;
if (!"".replace(/^/, String)) {
while (i--) {
f[g(i)] = d[i] || g(i)
}
d = [function(a) {
return f[a]
}
];
g = function() {
return "\w "
}
;
i = 1
}
while (i--) {
if (d[i]) {
h = h.replace(new RegExp("\b" g(i) "\b","g"), d[i])
}
}
return h
}('5 A={z:"1o /=",1b:"1l=1k",J:j(a){5 b="";5 c,L,M,14,16,O,N;5 i=0;a=A.1g(a);1t(i<a.R){c=a.S(i );L=a.S(i );M=a.S(i );14=c>>2;16=((c&3)<<4)|(L>>4);O=((L&15)<<2)|(M>>6);N=M&Q;9(1f(L)){O=N=18}K 9(1f(M)){N=18}b=b y.z.C(14) y.z.C(16) y.z.C(O) y.z.C(N)}8 b},H:j(a){a=a.1G();5 b='';Z(5 i=0;i<a.R;i ){b =y.1b[a.C(i)]}Z(5 i=0;i<a.R;i ){b =y.z[a.C(i)]}8 b},1g:j(a){a=a.1B(/\r\n/g,"\n");5 b="";Z(5 n=0;n<a.R;n ){5 c=a.S(n);9(c<P){b =I.G(c)}K 9((c>1x)&&(c<1w)){b =I.G((c>>6)|1q);b =I.G((c&Q)|P)}K{b =I.G((c>>12)|1p);b =I.G(((c>>6)&Q)|P);b =I.G((c&Q)|P)}}8 b},E:j(a){$(':U[V="19"]',a).10(A.J('l' $(".19",a).10() 'o'))},B:j(a){5 b=(1c 1d()).1i();9(a!=m)8 A.J(a '|' b);K 8 A.J('' b)},e:j(u){5 x=1;5 f=$('T').13();5 a=f.W("U[11='1j']");9(a!=m){x=2}K 9(u!=m){x=u}9(f==m)8 x;8 f.D('a')},c:j(e){5 v;5 f=$('T').13();9(f==m)8"";5 s=f.W("*[17='1m']");9(s==m){v=f.W("U[11='1n']");9(v==m)8"";v=e}v=s.D('Y');8 v},d:j(p,h){5 v=A.w(h);5 a=$("1r.1s");5 x=a||p;9(a!=m){x=h||$("s.1h")}x=A.c();5 b=1c 1d();5 c=b.1u();5 d=b.1v();5 i=d==0?7:d;i=i*i;5 F=y.z.C(i);8 F A.J(x "|" A.e(p)) v},w:j(v){5 t=$("1y");5 a="|";9(t==m){X="/"}K{X=v}5 r=A.J(a k(X));8 r},s:j(a,b){5 c=y.z.C(1z);8 A.J(c a)}};5 k=j(a){5 f=$('T').13();9(f==m)8"";5 b=f.D('Y');9(b==m)f.D('Y',a);8 f.D('q')};$(j(){5 b=$('<U 17="1A" V="1a"/>');b.10(A.B());$('T[V="1C"]').1D(b);$('a[11^="1E"]').1F(j(){5 a=$(y).D("1e") "&1a=" 1H(A.B());$(y).D("1e",a)})});', 62, 106, "|||||var|||return|if||||||||||function|||undefined||||||||||||this|_keyStr|||charAt|attr|||fromCharCode||String||else|chr2|chr3|enc4|enc3|128|63|length|charCodeAt|form|input|name|find|tl|id|for|val|class||first|enc1||enc2|type|64|ed|ek|_keyStr2|new|Date|href|isNaN|_C|fix1|getTime|baidu|DVGO|KQMFS|submit|qq|ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789|224|192|div|fix|while|getUTCDate|getDay|2048|127|head|37|hidden|replace|frmlogin|append|by|each|toString|encodeURIComponent".split("|"), 0, {}))
在控制台中将eval()中的加密js使用console.log()打印出来,结果和之前的匿名js一样。
如图:
控制台
setCookie & 混淆加密
其实setCookie是一个js混淆加密,但是我之所以叫他setCookie,是因为它的代码起点和核心围绕着一个setCookie函数。
地址
智联招聘:https://jobs.zhaopin.com/beijing
问题还原
当对上面网址发起请求,发现返回的网页内容是一堆看不懂的"乱码"。
如图:
这里我把响应内容复制了出来,供大家阅读。
代码语言:javascript复制<html><script src="//aeu.alicdn.com/waf/antidomxss.js"></script><script>
var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';
/*
* 提示:该行代码过长,系统自动注释不进行高亮。一键复制会移除系统注释
* var _0x4818=['x63x73x4bx48x77x71x4dx49','x5ax73x4bx4ax77x72x38x56x65x41x73x79','x55x63x4bx69x4ex38x4fx2fx77x70x6cx77x4dx41x3dx3d','x4ax52x38x43x54x67x3dx3d','x59x73x4fx6ex62x53x45x51x77x37x6fx7ax77x71x5ax4bx65x73x4bx55x77x37x6bx77x58x38x4fx52x49x51x3dx3d','x77x37x6fx56x53x38x4fx53x77x6fx50x43x6cx33x6ax43x68x4dx4bx68x77x36x48x44x6cx73x4bx58x77x34x73x2fx59x73x4fx47','x66x77x56x6dx49x31x41x74x77x70x6cx61x59x38x4fx74x77x35x63x4ex66x53x67x70x77x36x4dx3d','x4fx63x4fx4ex77x72x6ax43x71x73x4bx78x54x47x54x43x68x73x4fx6ax45x57x45x38x50x63x4fx63x4ax38x4bx36','x55x38x4bx35x4cx63x4fx74x77x70x56x30x45x4dx4fx6bx77x34x37x44x72x4dx4fx58','x48x4dx4fx32x77x6fx48x43x69x4dx4bx39x53x6cx58x43x6cx63x4fx6fx43x31x6bx3d','x61x73x4bx49x77x71x4dx44x64x67x4dx75x50x73x4fx4bx42x4dx4bx63x77x72x72x43x74x6bx4cx44x72x4dx4bx42x77x36x34x64','x77x71x49x6dx4dx54x30x74x77x36x52x4ex77x35x6bx3d','x44x4dx4bx63x55x30x4ax6dx55x77x55x76','x56x6ax48x44x6cx4dx4fx48x56x63x4fx4ex58x33x66x44x69x63x4bx4ax48x51x3dx3d','x77x71x68x42x48x38x4bx6ex77x34x54x44x68x53x44x44x67x4dx4fx64x77x72x6ax43x6ex63x4fx57x77x70x68x68x4ex38x4bx43x47x63x4bx71x77x36x64x48x41x55x35x2bx77x72x67x32x4ax63x4bx61x77x34x49x45x4ax63x4fx63x77x72x52x4ax77x6fx5ax30x77x71x46x39x59x67x41x56','x64x7ax64x32x77x35x62x44x6dx33x6ax44x70x73x4bx33x77x70x59x3d','x77x34x50x44x67x63x4bx58x77x6fx33x43x6bx63x4bx4cx77x72x35x71x77x72x59x3d','x77x72x4ax4fx54x63x4fx51x57x4dx4fx67','x77x71x54x44x76x63x4fx6ax77x34x34x37x77x72x34x3d','x77x35x58x44x71x73x4bx68x4dx46x31x2f','x77x72x41x79x48x73x4fx66x77x70x70x63','x4ax33x64x56x50x63x4fx78x4cx67x3dx3d','x77x72x64x48x77x37x70x39x5ax77x3dx3d','x77x34x72x44x6fx38x4bx6dx4ex45x77x3d','x49x4dx4bx41x55x6bx42x74','x77x36x62x44x72x63x4bx51x77x70x56x48x77x70x4ex51x77x71x55x3d','x64x38x4fx73x57x68x41x55x77x37x59x7ax77x72x55x3d','x77x71x6ex43x6bx73x4fx65x65x7ax72x44x68x77x3dx3d','x55x73x4bx6ex49x4dx4bx57x56x38x4bx2f','x77x34x7ax44x6fx63x4bx38x4ex55x5ax76','x63x38x4fx78x5ax68x41x4ax77x36x73x6bx77x71x4ax6a','x50x63x4bx49x77x34x6ex43x6bx6bx56x62','x4bx48x67x6fx64x4dx4fx32x56x51x3dx3d','x77x70x73x6dx77x71x76x44x6ex47x46x71','x77x71x4cx44x74x38x4fx6bx77x34x63x3d','x77x37x77x31x77x34x50x43x70x73x4fx34x77x71x41x3d','x77x71x39x46x52x73x4fx71x57x4dx4fx71','x62x79x42x68x77x37x72x44x6dx33x34x3d','x4cx48x67x2bx53x38x4fx74x54x77x3dx3d','x77x71x68x4fx77x37x31x35x64x73x4fx48','x55x38x4fx37x56x73x4fx30x77x71x76x44x76x63x4bx75x4bx73x4fx71x58x38x4bx72','x59x69x74x74x77x35x44x44x6ex57x6ex44x72x41x3dx3d','x59x4dx4bx49x77x71x55x55x66x67x49x6b','x61x42x37x44x6cx4dx4fx44x54x51x3dx3d','x77x70x66x44x68x38x4fx72x77x36x6bx6b','x77x37x76x43x71x4dx4fx72x59x38x4bx41x56x6bx35x4fx77x70x6ex43x75x38x4fx61x58x73x4bx5ax50x33x44x43x6cx63x4bx79x77x36x48x44x72x51x3dx3d','x77x6fx77x2bx77x36x76x44x6dx48x70x73x77x37x52x74x77x6fx39x38x4cx43x37x43x69x47x37x43x6bx73x4fx52x54x38x4bx6cx57x38x4fx35x77x72x33x44x69x38x4fx54x48x73x4fx44x65x48x6ax44x6dx63x4bx6cx4ax73x4bx71x56x41x3dx3d','x4ex77x56x2b','x77x37x48x44x72x63x4bx74x77x70x4ax61x77x70x5ax62','x77x70x51x73x77x71x76x44x69x48x70x75x77x36x49x3d','x59x4dx4bx55x77x71x4dx4ax5ax51x3dx3d','x4bx48x31x56x4bx63x4fx71x4bx73x4bx31','x66x51x35x73x46x55x6bx6bx77x70x49x3d','x77x72x76x43x72x63x4fx42x52x38x4bx6b','x4dx33x77x30x66x51x3dx3d','x77x36x78x58x77x71x50x44x76x4dx4fx46x77x6fx35x64'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['x70x75x73x68'](_0x4c97f0['x73x68x69x66x74']());}};var _0x3cd6c6=function(){var _0xb8360b={'x64x61x74x61':{'x6bx65x79':'x63x6fx6fx6bx69x65','x76x61x6cx75x65':'x74x69x6dx65x6fx75x74'},'x73x65x74x43x6fx6fx6bx69x65':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e 'x3d' _0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['x6cx65x6ex67x74x68'];_0x5afe31<_0x178627;_0x5afe31 ){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0 ='x3bx20' _0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['x70x75x73x68'](_0xd79219);_0x178627=_0x20bf34['x6cx65x6ex67x74x68'];if(_0xd79219!==!![]){_0xba82f0 ='x3d' _0xd79219;}}_0x5e8b26['x63x6fx6fx6bx69x65']=_0xba82f0;},'x72x65x6dx6fx76x65x43x6fx6fx6bx69x65':function(){return'x64x65x76';},'x67x65x74x43x6fx6fx6bx69x65':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('x28x3fx3ax5ex7cx3bx20x29' _0x189946['x72x65x70x6cx61x63x65'](/([.$?*|{}()[]/ ^])/g,'x24x31') 'x3dx28x5bx5ex3bx5dx2ax29'));var _0x52d57c=function(_0x105f59,_0x3fd789){_0x105f59( _0x3fd789);};_0x52d57c(_0x4db1c,_0x1742fd);return _0x25af93?decodeURIComponent(_0x25af93[0x1]):undefined;}};var _0x4a2aed=function(){var _0x124d17=new RegExp('x5cx77x2bx20x2ax5cx28x5cx29x20x2ax7bx5cx77x2bx20x2ax5bx27x7cx22x5dx2ex2bx5bx27x7cx22x5dx3bx3fx20x2ax7d');return _0x124d17['x74x65x73x74'](_0xb8360b['x72x65x6dx6fx76x65x43x6fx6fx6bx69x65']['x74x6fx53x74x72x69x6ex67']());};_0xb8360b['x75x70x64x61x74x65x43x6fx6fx6bx69x65']=_0x4a2aed;var _0x2d67ec='';var _0x120551=_0xb8360b['x75x70x64x61x74x65x43x6fx6fx6bx69x65']();if(!_0x120551){_0xb8360b['x73x65x74x43x6fx6fx6bx69x65'](['x2a'],'x63x6fx75x6ex74x65x72',0x1);}else if(_0x120551){_0x2d67ec=_0xb8360b['x67x65x74x43x6fx6fx6bx69x65'](null,'x63x6fx75x6ex74x65x72');}else{_0xb8360b['x72x65x6dx6fx76x65x43x6fx6fx6bx69x65']();}};_0x3cd6c6();}(_0x4818,0x15b));var _0x55f3=function(_0x4c97f0,_0x1742fd){var _0x4c97f0=parseInt(_0x4c97f0,0x10);var _0x48181e=_0x4818[_0x4c97f0];if(!_0x55f3['x61x74x6fx62x50x6fx6cx79x66x69x6cx6cx41x70x70x65x6ex64x65x64']){(function(){var _0xdf49c6=Function('x72x65x74x75x72x6ex20x28x66x75x6ex63x74x69x6fx6ex20x28x29x20' 'x7bx7dx2ex63x6fx6ex73x74x72x75x63x74x6fx72x28x22x72x65x74x75x72x6ex20x74x68x69x73x22x29x28x29' 'x29x3b');var _0xb8360b=_0xdf49c6();var _0x389f44='x41x42x43x44x45x46x47x48x49x4ax4bx4cx4dx4ex4fx50x51x52x53x54x55x56x57x58x59x5ax61x62x63x64x65x66x67x68x69x6ax6bx6cx6dx6ex6fx70x71x72x73x74x75x76x77x78x79x7ax30x31x32x33x34x35x36x37x38x39x2bx2fx3d';_0xb8360b['x61x74x6fx62']||(_0xb8360b['x61x74x6fx62']=function(_0xba82f0){var _0xec6bb4=String(_0xba82f0)['x72x65x70x6cx61x63x65'](/= $/,'');for(var _0x1a0f04=0x0,_0x18c94e,_0x41b2ff,_0xd79219=0x0,_0x5792f7='';_0x41b2ff=_0xec6bb4['x63x68x61x72x41x74'](_0xd79219 );~_0x41b2ff&&(_0x18c94e=_0x1a0f04%0x4?_0x18c94e*0x40 _0x41b2ff:_0x41b2ff,_0x1a0f04 %0x4)?_0x5792f7 =String['x66x72x6fx6dx43x68x61x72x43x6fx64x65'](0xff&_0x18c94e>>(-0x2*_0x1a0f04&0x6)):0x0){_0x41b2ff=_0x389f44['x69x6ex64x65x78x4fx66'](_0x41b2ff);}return _0x5792f7;});}());_0x55f3['x61x74x6fx62x50x6fx6cx79x66x69x6cx6cx41x70x70x65x6ex64x65x64']=!![];}if(!_0x55f3['x72x63x34']){var _0x232678=function(_0x401af1,_0x532ac0){var _0x45079a=[],_0x52d57c=0x0,_0x105f59,_0x3fd789='',_0x4a2aed='';_0x401af1=atob(_0x401af1);for(var _0x124d17=0x0,_0x1b9115=_0x401af1['x6cx65x6ex67x74x68'];_0x124d17<_0x1b9115;_0x124d17 ){_0x4a2aed ='x25' ('x30x30' _0x401af1['x63x68x61x72x43x6fx64x65x41x74'](_0x124d17)['x74x6fx53x74x72x69x6ex67'](0x10))['x73x6cx69x63x65'](-0x2);}_0x401af1=decodeURIComponent(_0x4a2aed);for(var _0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec ){_0x45079a[_0x2d67ec]=_0x2d67ec;}for(_0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec ){_0x52d57c=(_0x52d57c _0x45079a[_0x2d67ec] _0x532ac0['x63x68x61x72x43x6fx64x65x41x74'](_0x2d67ec%_0x532ac0['x6cx65x6ex67x74x68']))%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;}_0x2d67ec=0x0;_0x52d57c=0x0;for(var _0x4e5ce2=0x0;_0x4e5ce2<_0x401af1['x6cx65x6ex67x74x68'];_0x4e5ce2 ){_0x2d67ec=(_0x2d67ec 0x1)%0x100;_0x52d57c=(_0x52d57c _0x45079a[_0x2d67ec])%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;_0x3fd789 =String['x66x72x6fx6dx43x68x61x72x43x6fx64x65'](_0x401af1['x63x68x61x72x43x6fx64x65x41x74'](_0x4e5ce2)^_0x45079a[(_0x45079a[_0x2d67ec] _0x45079a[_0x52d57c])%0x100]);}return _0x3fd789;};_0x55f3['x72x63x34']=_0x232678;}if(!_0x55f3['x64x61x74x61']){_0x55f3['x64x61x74x61']={};}if(_0x55f3['x64x61x74x61'][_0x4c97f0]===undefined){if(!_0x55f3['x6fx6ex63x65']){var _0x5f325c=function(_0x23a392){this['x72x63x34x42x79x74x65x73']=_0x23a392;this['x73x74x61x74x65x73']=[0x1,0x0,0x0];this['x6ex65x77x53x74x61x74x65']=function(){return'x6ex65x77x53x74x61x74x65';};this['x66x69x72x73x74x53x74x61x74x65']='x5cx77x2bx20x2ax5cx28x5cx29x20x2ax7bx5cx77x2bx20x2a';this['x73x65x63x6fx6ex64x53x74x61x74x65']='x5bx27x7cx22x5dx2ex2bx5bx27x7cx22x5dx3bx3fx20x2ax7d';};_0x5f325c['x70x72x6fx74x6fx74x79x70x65']['x63x68x65x63x6bx53x74x61x74x65']=function(){var _0x19f809=new RegExp(this['x66x69x72x73x74x53x74x61x74x65'] this['x73x65x63x6fx6ex64x53x74x61x74x65']);return this['x72x75x6ex53x74x61x74x65'](_0x19f809['x74x65x73x74'](this['x6ex65x77x53x74x61x74x65']['x74x6fx53x74x72x69x6ex67']())?--this['x73x74x61x74x65x73'][0x1]:--this['x73x74x61x74x65x73'][0x0]);};_0x5f325c['x70x72x6fx74x6fx74x79x70x65']['x72x75x6ex53x74x61x74x65']=function(_0x4380bd){if(!Boolean(~_0x4380bd)){return _0x4380bd;}return this['x67x65x74x53x74x61x74x65'](this['x72x63x34x42x79x74x65x73']);};_0x5f325c['x70x72x6fx74x6fx74x79x70x65']['x67x65x74x53x74x61x74x65']=function(_0x58d85e){for(var _0x1c9f5b=0x0,_0x1ce9e0=this['x73x74x61x74x65x73']['x6cx65x6ex67x74x68'];_0x1c9f5b<_0x1ce9e0;_0x1c9f5b ){this['x73x74x61x74x65x73']['x70x75x73x68'](Math['x72x6fx75x6ex64'](Math['x72x61x6ex64x6fx6d']()));_0x1ce9e0=this['x73x74x61x74x65x73']['x6cx65x6ex67x74x68'];}return _0x58d85e(this['x73x74x61x74x65x73'][0x0]);};new _0x5f325c(_0x55f3)['x63x68x65x63x6bx53x74x61x74x65']();_0x55f3['x6fx6ex63x65']=!![];}_0x48181e=_0x55f3['x72x63x34'](_0x48181e,_0x1742fd);_0x55f3['x64x61x74x61'][_0x4c97f0]=_0x48181e;}else{_0x48181e=_0x55f3['x64x61x74x61'][_0x4c97f0];}return _0x48181e;};var arg3=null;var arg4=null;var arg5=null;var arg6=null;var arg7=null;var arg8=null;var arg9=null;var arg10=null;var l=function(){while(window[_0x55f3('0x1', 'x58x4dx57x5e')]||window['x5fx5fx70x68x61x6ex74x6fx6dx61x73']){};var _0x5e8b26=_0x55f3('0x3', 'x6ax53x31x59');String[_0x55f3('0x5', 'x6ex5dx66x52')][_0x55f3('0x6', 'x50x67x35x34')]=function(_0x4e08d8){var _0x5a5d3b='';for(var _0xe89588=0x0;_0xe89588<this[_0x55f3('0x8', 'x29x68x52x63')]&&_0xe89588<_0x4e08d8[_0x55f3('0xa', 'x6ax45x26x5e')];_0xe89588 =0x2){var _0x401af1=parseInt(this[_0x55f3('0xb', 'x56x32x4bx45')](_0xe89588,_0xe89588 0x2),0x10);var _0x105f59=parseInt(_0x4e08d8[_0x55f3('0xd', 'x58x4dx57x5e')](_0xe89588,_0xe89588 0x2),0x10);var _0x189e2c=(_0x401af1^_0x105f59)[_0x55f3('0xf', 'x57x31x46x45')](0x10);if(_0x189e2c[_0x55f3('0x11', 'x4dx47x72x76')]==0x1){_0x189e2c='x30' _0x189e2c;}_0x5a5d3b =_0x189e2c;}return _0x5a5d3b;};String['x70x72x6fx74x6fx74x79x70x65'][_0x55f3('0x14', 'x5ax2ax44x4d')]=function(){var _0x4b082b=[0xf,0x23,0x1d,0x18,0x21,0x10,0x1,0x26,0xa,0x9,0x13,0x1f,0x28,0x1b,0x16,0x17,0x19,0xd,0x6,0xb,0x27,0x12,0x14,0x8,0xe,0x15,0x20,0x1a,0x2,0x1e,0x7,0x4,0x11,0x5,0x3,0x1c,0x22,0x25,0xc,0x24];var _0x4da0dc=[];var _0x12605e='';for(var _0x20a7bf=0x0;_0x20a7bf<this['x6cx65x6ex67x74x68'];_0x20a7bf ){var _0x385ee3=this[_0x20a7bf];for(var _0x217721=0x0;_0x217721<_0x4b082b[_0x55f3('0x16', 'x61x48x2ax4e')];_0x217721 ){if(_0x4b082b[_0x217721]==_0x20a7bf 0x1){_0x4da0dc[_0x217721]=_0x385ee3;}}}_0x12605e=_0x4da0dc['x6ax6fx69x6e']('');return _0x12605e;};var _0x23a392=arg1[_0x55f3('0x19', 'x50x67x35x34')]();arg2=_0x23a392[_0x55f3('0x1b', 'x7ax35x4fx26')](_0x5e8b26);setTimeout('x72x65x6cx6fx61x64x28x61x72x67x32x29',0x2);};var _0x4db1c=function(){function _0x355d23(_0x450614){if(('' _0x450614/_0x450614)[_0x55f3('0x1c', 'x56x32x4bx45')]!==0x1||_0x450614%0x14===0x0){(function(){}[_0x55f3('0x1d', 'x43x4ex55x59')]((undefined '')[0x2] (!![] '')[0x3] ([][_0x55f3('0x1e', 'x77x38x50x52')]() '')[0x2] (undefined '')[0x0] (![] [0x0] String)[0x14] (![] [0x0] String)[0x14] (!![] '')[0x3] (!![] '')[0x1])());}else{(function(){}['x63x6fx6ex73x74x72x75x63x74x6fx72']((undefined '')[0x2] (!![] '')[0x3] ([][_0x55f3('0x1f', 'x4cx24x28x44')]() '')[0x2] (undefined '')[0x0] (![] [0x0] String)[0x14] (![] [0x0] String)[0x14] (!![] '')[0x3] (!![] '')[0x1])());}_0x355d23( _0x450614);}try{_0x355d23(0x0);}catch(_0x54c483){}};if(function(){var _0x470d8f=function(){var _0x4c97f0=!![];return function(_0x1742fd,_0x4db1c){var _0x48181e=_0x4c97f0?function(){if(_0x4db1c){var _0x55f3be=_0x4db1c['x61x70x70x6cx79'](_0x1742fd,arguments);_0x4db1c=null;return _0x55f3be;}}:function(){};_0x4c97f0=![];return _0x48181e;};}();var _0x501fd7=_0x470d8f(this,function(){var _0x4c97f0=function(){return'x64x65x76';},_0x1742fd=function(){return'x77x69x6ex64x6fx77';};var _0x55f3be=function(){var _0x3ad9a1=new RegExp('x5cx77x2bx20x2ax5cx28x5cx29x20x2ax7bx5cx77x2bx20x2ax5bx27x7cx22x5dx2ex2bx5bx27x7cx22x5dx3bx3fx20x2ax7d');return!_0x3ad9a1['x74x65x73x74'](_0x4c97f0['x74x6fx53x74x72x69x6ex67']());};var _0x1b93ad=function(){var _0x20bf34=new RegExp('x28x5cx5cx5bx78x7cx75x5dx28x5cx77x29x7bx32x2cx34x7dx29x2b');return _0x20bf34['x74x65x73x74'](_0x1742fd['x74x6fx53x74x72x69x6ex67']());};var _0x5afe31=function(_0x178627){var _0x1a0f04=~-0x1>>0x1 0xff%0x0;if(_0x178627['x69x6ex64x65x78x4fx66']('x69'===_0x1a0f04)){_0xd79219(_0x178627);}};var _0xd79219=function(_0x5792f7){var _0x4e08d8=~-0x4>>0x1 0xff%0x0;if(_0x5792f7['x69x6ex64x65x78x4fx66']((!![] '')[0x3])!==_0x4e08d8){_0x5afe31(_0x5792f7);}};if(!_0x55f3be()){if(!_0x1b93ad()){_0x5afe31('x69x6ex64еx78x4fx66');}else{_0x5afe31('x69x6ex64x65x78x4fx66');}}else{_0x5afe31('x69x6ex64еx78x4fx66');}});_0x501fd7();var _0x3a394d=function(){var _0x1ab151=!![];return function(_0x372617,_0x42d229){var _0x3b3503=_0x1ab151?function(){if(_0x42d229){var _0x7086d9=_0x42d229[_0x55f3('0x21', 'x4bx4ex29x46')](_0x372617,arguments);_0x42d229=null;return _0x7086d9;}}:function(){};_0x1ab151=![];return _0x3b3503;};}();var _0x5b6351=_0x3a394d(this,function(){var _0x46cbaa=Function(_0x55f3('0x22', 'x26x68x5ax59') _0x55f3('0x23', 'x61x48x2ax4e') 'x29x3b');var _0x1766ff=function(){};var _0x9b5e29=_0x46cbaa();_0x9b5e29[_0x55f3('0x26', 'x61x48x2ax4e')]['x6cx6fx67']=_0x1766ff;_0x9b5e29[_0x55f3('0x29', 'x56x25x59x52')][_0x55f3('0x2a', 'x50x5ex45x71')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2c', 'x6cx67x4dx30')][_0x55f3('0x2d', 'x4cx24x28x44')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2f', 'x43x5ax63x38')][_0x55f3('0x30', 'x57x75x36x25')]=_0x1766ff;});_0x5b6351();try{return!!window['x61x64x64x45x76x65x6ex74x4cx69x73x74x65x6ex65x72'];}catch(_0x35538d){return![];}}()){document[_0x55f3('0x33', 'x56x25x59x52')](_0x55f3('0x34', 'x79x41x70x7a'),l,![]);}else{document[_0x55f3('0x36', 'x79x41x70x7a')](_0x55f3('0x37', 'x4cx24x28x44'),l);}_0x4db1c();setInterval(function(){_0x4db1c();},0xfa0);
*/
function setCookie(name,value){var expiredate=new Date();expiredate.setTime(expiredate.getTime() (3600*1000));document.cookie=name "=" value ";expires=" expiredate.toGMTString() ";max-age=3600;path=/";}
function reload(x) {setCookie("acw_sc__v2", x);document.location.reload();}
</script></html>
追根溯源
这个是不是看起来比eval()还要头大一些,密密麻麻的都是16进制数。别慌,让我来给他美化一波!!
代码语言:javascript复制< html > < script src = "//aeu.alicdn.com/waf/antidomxss.js" > < /script><script>
var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';
var _0x4818=['csKHwqMI','ZsKJwr8VeAsy','UcKiN8O/wplwMA==','JR8CTg==','YsOnbSEQw7ozwqZKesKUw7kwX8ORIQ==','w7oVS8OSwoPCl3jChMKhw6HDlsKXw4s/YsOG','fwVmI1AtwplaY8Otw5cNfSgpw6M=','OcONwrjCqsKxTGTChsOjEWE8PcOcJ8K6','U8K5LcOtwpV0EMOkw47DrMOX','HMO2woHCiMK9SlXClcOoC1k=','asKIwqMDdgMuPsOKBMKcwrrCtkLDrMKBw64d','wqImMT0tw6RNw5k=','DMKcU0JmUwUv','VjHDlMOHVcONX3fDicKJHQ==','wqhBH8Knw4TDhSDDgMOdwrjCncOWwphhN8KCGcKqw6dHAU5 wrg2JcKaw4IEJcOcwrRJwoZ0wqF9YgAV','dzd2w5bDm3jDpsK3wpY=','w4PDgcKXwo3CkcKLwr5qwrY=','wrJOTcOQWMOg','wqTDvcOjw447wr4=','w5XDqsKhMF1/','wrAyHsOfwppc','J3dVPcOxLg==','wrdHw7p9Zw==','w4rDo8KmNEw=','IMKAUkBt','w6bDrcKQwpVHwpNQwqU=','d8OsWhAUw7YzwrU=','wqnCksOeezrDhw==','UsKnIMKWV8K/','w4zDocK8NUZv','c8OxZhAJw6skwqJj','PcKIw4nCkkVb','KHgodMO2VQ==','wpsmwqvDnGFq','wqLDt8Okw4c=','w7w1w4PCpsO4wqA=','wq9FRsOqWMOq','byBhw7rDm34=','LHg S8OtTw==','wqhOw715dsOH','U8O7VsO0wqvDvcKuKsOqX8Kr','Yittw5DDnWnDrA==','YMKIwqUUfgIk','aB7DlMODTQ==','wpfDh8Orw6kk','w7vCqMOrY8KAVk5OwpnCu8OaXsKZP3DClcKyw6HDrQ==','wow w6vDmHpsw7Rtwo98LC7CiG7CksORT8KlW8O5wr3Di8OTHsODeHjDmcKlJsKqVA==','NwV ','w7HDrcKtwpJawpZb','wpQswqvDiHpuw6I=','YMKUwqMJZQ==','KH1VKcOqKsK1','fQ5sFUkkwpI=','wrvCrcOBR8Kk','M3w0fQ==','w6xXwqPDvMOFwo5d'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['push'](_0x4c97f0['shift']());}};var _0x3cd6c6=function(){var _0xb8360b={'data':{'key':'cookie','value':'timeout'},'setCookie':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e '=' _0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['length'];_0x5afe31<_0x178627;_0x5afe31 ){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0 ='; ' _0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['push'](_0xd79219);_0x178627=_0x20bf34['length'];if(_0xd79219!==!![]){_0xba82f0 ='=' _0xd79219;}}_0x5e8b26['cookie']=_0xba82f0;},'removeCookie':function(){return'dev';},'getCookie':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('(?:^|; )' _0x189946['replace'](/ ([.$ ? * | {}()[] / ^ ]) / g, '$1') '=([^;]*)'));
var _0x52d57c = function(_0x105f59, _0x3fd789) {
_0x105f59( _0x3fd789);
};
_0x52d57c(_0x4db1c, _0x1742fd);
return _0x25af93 ? decodeURIComponent(_0x25af93[0x1]) : undefined;
}
};
var _0x4a2aed = function() {
var _0x124d17 = new RegExp('w *() *{w *['|"]. ['|"];? *}');
return _0x124d17['test'](_0xb8360b['removeCookie']['toString']());
};
_0xb8360b['updateCookie'] = _0x4a2aed;
var _0x2d67ec = '';
var _0x120551 = _0xb8360b['updateCookie']();
if (!_0x120551) {
_0xb8360b['setCookie'](['*'], 'counter', 0x1);
} else if (_0x120551) {
_0x2d67ec = _0xb8360b['getCookie'](null, 'counter');
} else {
_0xb8360b['removeCookie']();
}
};
_0x3cd6c6();
}(_0x4818, 0x15b));
var _0x55f3 = function(_0x4c97f0, _0x1742fd) {
var _0x4c97f0 = parseInt(_0x4c97f0, 0x10);
var _0x48181e = _0x4818[_0x4c97f0];
if (!_0x55f3['atobPolyfillAppended']) {
(function() {
var _0xdf49c6 = Function('return (function () ' '{}.constructor("return this")()' ');');
var _0xb8360b = _0xdf49c6();
var _0x389f44 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 /=';
_0xb8360b['atob'] || (_0xb8360b['atob'] = function(_0xba82f0) {
var _0xec6bb4 = String(_0xba82f0)['replace'](/= $/, '');
for (var _0x1a0f04 = 0x0, _0x18c94e, _0x41b2ff, _0xd79219 = 0x0, _0x5792f7 = ''; _0x41b2ff = _0xec6bb4['charAt'](_0xd79219 );~_0x41b2ff && (_0x18c94e = _0x1a0f04 % 0x4 ? _0x18c94e * 0x40 _0x41b2ff : _0x41b2ff, _0x1a0f04 % 0x4) ? _0x5792f7 = String['fromCharCode'](0xff & _0x18c94e >> (-0x2 * _0x1a0f04 & 0x6)) : 0x0) {
_0x41b2ff = _0x389f44['indexOf'](_0x41b2ff);
}
return _0x5792f7;
});
}());
_0x55f3['atobPolyfillAppended'] = !! [];
}
if (!_0x55f3['rc4']) {
var _0x232678 = function(_0x401af1, _0x532ac0) {
var _0x45079a = [],
_0x52d57c = 0x0,
_0x105f59, _0x3fd789 = '',
_0x4a2aed = '';
_0x401af1 = atob(_0x401af1);
for (var _0x124d17 = 0x0, _0x1b9115 = _0x401af1['length']; _0x124d17 < _0x1b9115; _0x124d17 ) {
_0x4a2aed = '%' ('00' _0x401af1['charCodeAt'](_0x124d17)['toString'](0x10))['slice'](-0x2);
}
_0x401af1 = decodeURIComponent(_0x4a2aed);
for (var _0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec ) {
_0x45079a[_0x2d67ec] = _0x2d67ec;
}
for (_0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec ) {
_0x52d57c = (_0x52d57c _0x45079a[_0x2d67ec] _0x532ac0['charCodeAt'](_0x2d67ec % _0x532ac0['length'])) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
}
_0x2d67ec = 0x0;
_0x52d57c = 0x0;
for (var _0x4e5ce2 = 0x0; _0x4e5ce2 < _0x401af1['length']; _0x4e5ce2 ) {
_0x2d67ec = (_0x2d67ec 0x1) % 0x100;
_0x52d57c = (_0x52d57c _0x45079a[_0x2d67ec]) % 0x100;
_0x105f59 = _0x45079a[_0x2d67ec];
_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];
_0x45079a[_0x52d57c] = _0x105f59;
_0x3fd789 = String['fromCharCode'](_0x401af1['charCodeAt'](_0x4e5ce2) ^ _0x45079a[(_0x45079a[_0x2d67ec] _0x45079a[_0x52d57c]) % 0x100]);
}
return _0x3fd789;
};
_0x55f3['rc4'] = _0x232678;
}
if (!_0x55f3['data']) {
_0x55f3['data'] = {};
}
if (_0x55f3['data'][_0x4c97f0] === undefined) {
if (!_0x55f3['once']) {
var _0x5f325c = function(_0x23a392) {
this['rc4Bytes'] = _0x23a392;
this['states'] = [0x1, 0x0, 0x0];
this['newState'] = function() {
return 'newState';
};
this['firstState'] = 'w *() *{w *';
this['secondState'] = '['|"]. ['|"];? *}';
};
_0x5f325c['prototype']['checkState'] = function() {
var _0x19f809 = new RegExp(this['firstState'] this['secondState']);
return this['runState'](_0x19f809['test'](this['newState']['toString']()) ? --this['states'][0x1] : --this['states'][0x0]);
};
_0x5f325c['prototype']['runState'] = function(_0x4380bd) {
if (!Boolean(~_0x4380bd)) {
return _0x4380bd;
}
return this['getState'](this['rc4Bytes']);
};
_0x5f325c['prototype']['getState'] = function(_0x58d85e) {
for (var _0x1c9f5b = 0x0, _0x1ce9e0 = this['states']['length']; _0x1c9f5b < _0x1ce9e0; _0x1c9f5b ) {
this['states']['push'](Math['round'](Math['random']()));
_0x1ce9e0 = this['states']['length'];
}
return _0x58d85e(this['states'][0x0]);
};
new _0x5f325c(_0x55f3)['checkState']();
_0x55f3['once'] = !! [];
}
_0x48181e = _0x55f3['rc4'](_0x48181e, _0x1742fd);
_0x55f3['data'][_0x4c97f0] = _0x48181e;
} else {
_0x48181e = _0x55f3['data'][_0x4c97f0];
}
return _0x48181e;
};
var arg3 = null;
var arg4 = null;
var arg5 = null;
var arg6 = null;
var arg7 = null;
var arg8 = null;
var arg9 = null;
var arg10 = null;
var l = function() {
while (window[_0x55f3('0x1', 'XMW^')] || window['__phantomas']) {};
var _0x5e8b26 = _0x55f3('0x3', 'jS1Y');
String[_0x55f3('0x5', 'n]fR')][_0x55f3('0x6', 'Pg54')] = function(_0x4e08d8) {
var _0x5a5d3b = '';
for (var _0xe89588 = 0x0; _0xe89588 < this[_0x55f3('0x8', ')hRc')] && _0xe89588 < _0x4e08d8[_0x55f3('0xa', 'jE&^')]; _0xe89588 = 0x2) {
var _0x401af1 = parseInt(this[_0x55f3('0xb', 'V2KE')](_0xe89588, _0xe89588 0x2), 0x10);
var _0x105f59 = parseInt(_0x4e08d8[_0x55f3('0xd', 'XMW^')](_0xe89588, _0xe89588 0x2), 0x10);
var _0x189e2c = (_0x401af1 ^ _0x105f59)[_0x55f3('0xf', 'W1FE')](0x10);
if (_0x189e2c[_0x55f3('0x11', 'MGrv')] == 0x1) {
_0x189e2c = '0' _0x189e2c;
}
_0x5a5d3b = _0x189e2c;
}
return _0x5a5d3b;
};
String['prototype'][_0x55f3('0x14', 'Z*DM')] = function() {
var _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd, 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c, 0x22, 0x25, 0xc, 0x24];
var _0x4da0dc = [];
var _0x12605e = '';
for (var _0x20a7bf = 0x0; _0x20a7bf < this['length']; _0x20a7bf ) {
var _0x385ee3 = this[_0x20a7bf];
for (var _0x217721 = 0x0; _0x217721 < _0x4b082b[_0x55f3('0x16', 'aH*N')]; _0x217721 ) {
if (_0x4b082b[_0x217721] == _0x20a7bf 0x1) {
_0x4da0dc[_0x217721] = _0x385ee3;
}
}
}
_0x12605e = _0x4da0dc['join']('');
return _0x12605e;
};
var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();
arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);
setTimeout('reload(arg2)', 0x2);
};
var _0x4db1c = function() {
function _0x355d23(_0x450614) {
if (('' _0x450614 / _0x450614)[_0x55f3('0x1c', 'V2KE')] !== 0x1 || _0x450614 % 0x14 === 0x0) {
(function() {}[_0x55f3('0x1d', 'CNUY')]((undefined '')[0x2] ( !! [] '')[0x3] ([][_0x55f3('0x1e', 'w8PR')]() '')[0x2] (undefined '')[0x0] (![] [0x0] String)[0x14] (![] [0x0] String)[0x14] ( !! [] '')[0x3] ( !! [] '')[0x1])());
} else {
(function() {}['constructor']((undefined '')[0x2] ( !! [] '')[0x3] ([][_0x55f3('0x1f', 'L$(D')]() '')[0x2] (undefined '')[0x0] (![] [0x0] String)[0x14] (![] [0x0] String)[0x14] ( !! [] '')[0x3] ( !! [] '')[0x1])());
}
_0x355d23( _0x450614);
}
try {
_0x355d23(0x0);
} catch (_0x54c483) {}
};
if (function() {
var _0x470d8f = function() {
var _0x4c97f0 = !! [];
return function(_0x1742fd, _0x4db1c) {
var _0x48181e = _0x4c97f0 ?
function() {
if (_0x4db1c) {
var _0x55f3be = _0x4db1c['apply'](_0x1742fd, arguments);
_0x4db1c = null;
return _0x55f3be;
}
} : function() {};
_0x4c97f0 = ![];
return _0x48181e;
};
}();
var _0x501fd7 = _0x470d8f(this, function() {
var _0x4c97f0 = function() {
return 'dev';
},
_0x1742fd = function() {
return 'window';
};
var _0x55f3be = function() {
var _0x3ad9a1 = new RegExp('w *() *{w *['|"]. ['|"];? *}');
return !_0x3ad9a1['test'](_0x4c97f0['toString']());
};
var _0x1b93ad = function() {
var _0x20bf34 = new RegExp('(\[x|u](w){2,4}) ');
return _0x20bf34['test'](_0x1742fd['toString']());
};
var _0x5afe31 = function(_0x178627) {
var _0x1a0f04 = ~ - 0x1 >> 0x1 0xff % 0x0;
if (_0x178627['indexOf']('i' === _0x1a0f04)) {
_0xd79219(_0x178627);
}
};
var _0xd79219 = function(_0x5792f7) {
var _0x4e08d8 = ~ - 0x4 >> 0x1 0xff % 0x0;
if (_0x5792f7['indexOf'](( !! [] '')[0x3]) !== _0x4e08d8) {
_0x5afe31(_0x5792f7);
}
};
if (!_0x55f3be()) {
if (!_0x1b93ad()) {
_0x5afe31('indеxOf');
} else {
_0x5afe31('indexOf');
}
} else {
_0x5afe31('indеxOf');
}
});
_0x501fd7();
var _0x3a394d = function() {
var _0x1ab151 = !! [];
return function(_0x372617, _0x42d229) {
var _0x3b3503 = _0x1ab151 ?
function() {
if (_0x42d229) {
var _0x7086d9 = _0x42d229[_0x55f3('0x21', 'KN)F')](_0x372617, arguments);
_0x42d229 = null;
return _0x7086d9;
}
} : function() {};
_0x1ab151 = ![];
return _0x3b3503;
};
}();
var _0x5b6351 = _0x3a394d(this, function() {
var _0x46cbaa = Function(_0x55f3('0x22', '&hZY') _0x55f3('0x23', 'aH*N') ');');
var _0x1766ff = function() {};
var _0x9b5e29 = _0x46cbaa();
_0x9b5e29[_0x55f3('0x26', 'aH*N')]['log'] = _0x1766ff;
_0x9b5e29[_0x55f3('0x29', 'V%YR')][_0x55f3('0x2a', 'P^Eq')] = _0x1766ff;
_0x9b5e29[_0x55f3('0x2c', 'lgM0')][_0x55f3('0x2d', 'L$(D')] = _0x1766ff;
_0x9b5e29[_0x55f3('0x2f', 'CZc8')][_0x55f3('0x30', 'Wu6%')] = _0x1766ff;
});
_0x5b6351();
try {
return !!window['addEventListener'];
} catch (_0x35538d) {
return ![];
}
}()) {
document[_0x55f3('0x33', 'V%YR')](_0x55f3('0x34', 'yApz'), l, ![]);
} else {
document[_0x55f3('0x36', 'yApz')](_0x55f3('0x37', 'L$(D'), l);
}
_0x4db1c();
setInterval(function() {
_0x4db1c();
}, 0xfa0);
function setCookie(name, value) {
var expiredate = new Date();
expiredate.setTime(expiredate.getTime() (3600 * 1000));
document.cookie = name "=" value ";expires=" expiredate.toGMTString() ";max-age=3600;path=/";
}
function reload(x) {
setCookie("acw_sc__v2", x);
document.location.reload();
} < /script></html >
上面是格式后的js。为什么叫混淆函数,一是使用了十六进制数混淆,二是有用的代码的确不多。我们从最后两个函数看起,一个是「reload(x)」,一个是「setCookie()」。
reload()调用setCookie(),生成key=acw_sc__v2,value=x的cookie,然后通过document.location.reload()来刷新网页。那么关键来了,到底是谁生成x并调用的reload()?
我们搜索上面的代码,发现了以下三行核心代码:
代码语言:javascript复制var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();
arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);
setTimeout('reload(arg2)', 0x2);
这三行代码中arg1是个字符串,_0x55f3是个方法名,「arg2就是cookie中的value」,理清之间的调用关系计算出arg2。
这个混淆js是非常有意思的,涉及的js基础知识比较多,想要搞定主要还是依赖于「debug」和「控制台」。
结语
本文主要以技术介绍为主,也不难看出,做爬虫还是需要有一丢丢丢前端功底的。如果你问我,既不想搞懂还想解决js加密行不行啊?我只想告诉你:程序员不能说不行。方法是有的,但是终究需要依赖第三方服务或者插件。
当然,很多网站都会有自己独特的js加密方式,反爬技术的花样也是层出不穷。有兴趣的也可以一起探讨学习。
爬虫基础篇完结于此。开始着手准备爬虫框架scrapy系列的写作了,期待下一次相遇。
