热门标签
热门文章
- 1使用华为手机对android studio进行真机调试(我的是荣耀V10,其他类型手机可以参考)_荣耀手机真机调试如何使用
- 2pytesseract.pytesseract.TesseractNotFoundError: tesseract is not installed or it‘s not in your path
- 3spring boot application.properties 配置参数详情_allow-pool-suspension
- 4【微信小程序】小程序使用详细教程(建议收藏)_微信小程序教程
- 5安卓常见的内存泄漏实例以及解决办法
- 6数据挖掘笔记-情感倾向点互信息算法_文本互信息计算
- 7全面剖析机器学习算法的发展历史、基本概念、核心算法、应用案例和未来的发展方向
- 8用Python制作十款经典的童年游戏(不会吧不会吧,不会真有人没玩过吧)_小孩子python交互类游戏
- 9直通BAT--数据结构与算法十一(概率)_八个队三个强队中概率
- 10MySQL_mysql 读已提交
当前位置: article > 正文
Python JS逆向篇(三)_python 端口逆向解析
作者:盐析白兔 | 2024-03-17 18:09:11
赞
踩
python 端口逆向解析
逆向主题:解析出网址里视频下的m3u8链接。
(注:文章所涉及内容只做学习参考交流,不做除此之外的任何其它用途!!!)
新手入门级
参考B站视频系列教程: https://www.bilibili.com/video/BV1yW4y1E7Ug
主打的就是一个白嫖。
使用Base64加密!!!
接口1(逆向m3u8接口):aHR0cHM6Ly9pbTE5MDcudG9wLz9qeD1odHRwczovL3d3dy5iaWxpYmlsaS5jb20vYmFuZ3VtaS9wbGF5L2VwMzI5MTQz
接口2(推荐,我经常使用,m3u8接口无加密):aHR0cHM6Ly9qeC5wbGF5ZXJqeS5jb20vP3VybD1odHRwczovL3d3dy5iaWxpYmlsaS5jb20vYmFuZ3VtaS9wbGF5L2VwMzI5MTQz
**xxx.脱敏.xxx,自己去构建url,headers。**
逆向z参数
首先,进去之后直接F12打开抓包工具,Never pause here过掉debugger。
Ctrl+R刷新一下,找到如上图的包,然后如下图所示,直接跟进去。
Ctrl+F搜索关键字s1ig(注意:不要搜索z参数),定位到关键字发现框中这一块都是和进行请求携带的参数相关,所以在这里开始进一步调试。
一步一步调试发现(或者直接从结果看(经验)去百度上搜索 在线md5加密 进行对比),就是用md5进行加密的,里面的It()方法就是调用md5方式加密,所以这个加密参数z就ok了,o 就是解析视频的url。后面的g就是字符串拼接操作。
js实现
js md5加密算法直接网上去找。
function md5(md5str) { var createMD5String = function(string) { var x = Array() var k, AA, BB, CC, DD, a, b, c, d var S11 = 7, S12 = 12, S13 = 17, S14 = 22 var S21 = 5, S22 = 9, S23 = 14, S24 = 20 var S31 = 4, S32 = 11, S33 = 16, S34 = 23 var S41 = 6, S42 = 10, S43 = 15, S44 = 21 string = uTF8Encode(string) x = convertToWordArray(string) a = 0x67452301 b = 0xEFCDAB89 c = 0x98BADCFE d = 0x10325476 for (k = 0; k < x.length; k += 16) { AA = a BB = b CC = c DD = d a = FF(a, b, c, d, x[k + 0], S11, 0xD76AA478) d = FF(d, a, b, c, x[k + 1], S12, 0xE8C7B756) c = FF(c, d, a, b, x[k + 2], S13, 0x242070DB) b = FF(b, c, d, a, x[k + 3], S14, 0xC1BDCEEE) a = FF(a, b, c, d, x[k + 4], S11, 0xF57C0FAF) d = FF(d, a, b, c, x[k + 5], S12, 0x4787C62A) c = FF(c, d, a, b, x[k + 6], S13, 0xA8304613) b = FF(b, c, d, a, x[k + 7], S14, 0xFD469501) a = FF(a, b, c, d, x[k + 8], S11, 0x698098D8) d = FF(d, a, b, c, x[k + 9], S12, 0x8B44F7AF) c = FF(c, d, a, b, x[k + 10], S13, 0xFFFF5BB1) b = FF(b, c, d, a, x[k + 11], S14, 0x895CD7BE) a = FF(a, b, c, d, x[k + 12], S11, 0x6B901122) d = FF(d, a, b, c, x[k + 13], S12, 0xFD987193) c = FF(c, d, a, b, x[k + 14], S13, 0xA679438E) b = FF(b, c, d, a, x[k + 15], S14, 0x49B40821) a = GG(a, b, c, d, x[k + 1], S21, 0xF61E2562) d = GG(d, a, b, c, x[k + 6], S22, 0xC040B340) c = GG(c, d, a, b, x[k + 11], S23, 0x265E5A51) b = GG(b, c, d, a, x[k + 0], S24, 0xE9B6C7AA) a = GG(a, b, c, d, x[k + 5], S21, 0xD62F105D) d = GG(d, a, b, c, x[k + 10], S22, 0x2441453) c = GG(c, d, a, b, x[k + 15], S23, 0xD8A1E681) b = GG(b, c, d, a, x[k + 4], S24, 0xE7D3FBC8) a = GG(a, b, c, d, x[k + 9], S21, 0x21E1CDE6) d = GG(d, a, b, c, x[k + 14], S22, 0xC33707D6) c = GG(c, d, a, b, x[k + 3], S23, 0xF4D50D87) b = GG(b, c, d, a, x[k + 8], S24, 0x455A14ED) a = GG(a, b, c, d, x[k + 13], S21, 0xA9E3E905) d = GG(d, a, b, c, x[k + 2], S22, 0xFCEFA3F8) c = GG(c, d, a, b, x[k + 7], S23, 0x676F02D9) b = GG(b, c, d, a, x[k + 12], S24, 0x8D2A4C8A) a = HH(a, b, c, d, x[k + 5], S31, 0xFFFA3942) d = HH(d, a, b, c, x[k + 8], S32, 0x8771F681) c = HH(c, d, a, b, x[k + 11], S33, 0x6D9D6122) b = HH(b, c, d, a, x[k + 14], S34, 0xFDE5380C) a = HH(a, b, c, d, x[k + 1], S31, 0xA4BEEA44) d = HH(d, a, b, c, x[k + 4], S32, 0x4BDECFA9) c = HH(c, d, a, b, x[k + 7], S33, 0xF6BB4B60) b = HH(b, c, d, a, x[k + 10], S34, 0xBEBFBC70) a = HH(a, b, c, d, x[k + 13], S31, 0x289B7EC6) d = HH(d, a, b, c, x[k + 0], S32, 0xEAA127FA) c = HH(c, d, a, b, x[k + 3], S33, 0xD4EF3085) b = HH(b, c, d, a, x[k + 6], S34, 0x4881D05) a = HH(a, b, c, d, x[k + 9], S31, 0xD9D4D039) d = HH(d, a, b, c, x[k + 12], S32, 0xE6DB99E5) c = HH(c, d, a, b, x[k + 15], S33, 0x1FA27CF8) b = HH(b, c, d, a, x[k + 2], S34, 0xC4AC5665) a = II(a, b, c, d, x[k + 0], S41, 0xF4292244) d = II(d, a, b, c, x[k + 7], S42, 0x432AFF97) c = II(c, d, a, b, x[k + 14], S43, 0xAB9423A7) b = II(b, c, d, a, x[k + 5], S44, 0xFC93A039) a = II(a, b, c, d, x[k + 12], S41, 0x655B59C3) d = II(d, a, b, c, x[k + 3], S42, 0x8F0CCC92) c = II(c, d, a, b, x[k + 10], S43, 0xFFEFF47D) b = II(b, c, d, a, x[k + 1], S44, 0x85845DD1) a = II(a, b, c, d, x[k + 8], S41, 0x6FA87E4F) d = II(d, a, b, c, x[k + 15], S42, 0xFE2CE6E0) c = II(c, d, a, b, x[k + 6], S43, 0xA3014314) b = II(b, c, d, a, x[k + 13], S44, 0x4E0811A1) a = II(a, b, c, d, x[k + 4], S41, 0xF7537E82) d = II(d, a, b, c, x[k + 11], S42, 0xBD3AF235) c = II(c, d, a, b, x[k + 2], S43, 0x2AD7D2BB) b = II(b, c, d, a, x[k + 9], S44, 0xEB86D391) a = addUnsigned(a, AA) b = addUnsigned(b, BB) c = addUnsigned(c, CC) d = addUnsigned(d, DD) } var tempValue = wordToHex(a) + wordToHex(b) + wordToHex(c) + wordToHex(d) return tempValue.toLowerCase() } var rotateLeft = function(lValue, iShiftBits) { return (lValue << iShiftBits) | (lValue >>> (32 - iShiftBits)) } var addUnsigned = function(lX, lY) { var lX4, lY4, lX8, lY8, lResult lX8 = (lX & 0x80000000) lY8 = (lY & 0x80000000) lX4 = (lX & 0x40000000) lY4 = (lY & 0x40000000) lResult = (lX & 0x3FFFFFFF) + (lY & 0x3FFFFFFF) if (lX4 & lY4) return (lResult ^ 0x80000000 ^ lX8 ^ lY8) if (lX4 | lY4) { if (lResult & 0x40000000) return (lResult ^ 0xC0000000 ^ lX8 ^ lY8) else return (lResult ^ 0x40000000 ^ lX8 ^ lY8) } else { return (lResult ^ lX8 ^ lY8) } } var F = function(x, y, z) { return (x & y) | ((~x) & z) } var G = function(x, y, z) { return (x & z) | (y & (~z)) } var H = function(x, y, z) { return (x ^ y ^ z) } var I = function(x, y, z) { return (y ^ (x | (~z))) } var FF = function(a, b, c, d, x, s, ac) { a = addUnsigned(a, addUnsigned(addUnsigned(F(b, c, d), x), ac)) return addUnsigned(rotateLeft(a, s), b) } var GG = function(a, b, c, d, x, s, ac) { a = addUnsigned(a, addUnsigned(addUnsigned(G(b, c, d), x), ac)) return addUnsigned(rotateLeft(a, s), b) } var HH = function(a, b, c, d, x, s, ac) { a = addUnsigned(a, addUnsigned(addUnsigned(H(b, c, d), x), ac)) return addUnsigned(rotateLeft(a, s), b) } var II = function(a, b, c, d, x, s, ac) { a = addUnsigned(a, addUnsigned(addUnsigned(I(b, c, d), x), ac)) return addUnsigned(rotateLeft(a, s), b) } var convertToWordArray = function(string) { var lWordCount var lMessageLength = string.length var lNumberOfWordsTempOne = lMessageLength + 8 var lNumberOfWordsTempTwo = (lNumberOfWordsTempOne - (lNumberOfWordsTempOne % 64)) / 64 var lNumberOfWords = (lNumberOfWordsTempTwo + 1) * 16 var lWordArray = Array(lNumberOfWords - 1) var lBytePosition = 0 var lByteCount = 0 while (lByteCount < lMessageLength) { lWordCount = (lByteCount - (lByteCount % 4)) / 4 lBytePosition = (lByteCount % 4) * 8 lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount) << lBytePosition)) lByteCount++ } lWordCount = (lByteCount - (lByteCount % 4)) / 4 lBytePosition = (lByteCount % 4) * 8 lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80 << lBytePosition) lWordArray[lNumberOfWords - 2] = lMessageLength << 3 lWordArray[lNumberOfWords - 1] = lMessageLength >>> 29 return lWordArray } var wordToHex = function(lValue) { var WordToHexValue = '', WordToHexValueTemp = '', lByte, lCount for (lCount = 0; lCount <= 3; lCount++) { lByte = (lValue >>> (lCount * 8)) & 255 WordToHexValueTemp = '0' + lByte.toString(16) WordToHexValue = WordToHexValue + WordToHexValueTemp.substr(WordToHexValueTemp.length - 2, 2) } return WordToHexValue } var uTF8Encode = function(string) { string = string.toString().replace(/\x0d\x0a/g, '\x0a') var output = '' for (var n = 0; n < string.length; n++) { var c = string.charCodeAt(n) if (c < 128) { output += String.fromCharCode(c) } else if ((c > 127) && (c < 2048)) { output += String.fromCharCode((c >> 6) | 192) output += String.fromCharCode((c & 63) | 128) } else { output += String.fromCharCode((c >> 12) | 224) output += String.fromCharCode(((c >> 6) & 63) | 128) output += String.fromCharCode((c & 63) | 128) } } return output } return createMD5String(md5str) } function get_url(o){ c = new Date, l = c.getTime(), u = 6e4 * c.getTimezoneOffset(), m = l + u + 36e5 * 8, d = new Date(m), p = (p = d).getDate() + 9 + 9 ^ 10, p = (p = md5(String(p))).substring(0, 10), p = md5(p), h = d.getDay() + 11397, g = "https:"+"xxx.脱敏.xxx?z=".concat(p, "&jx=").concat(o), g += "&s1ig=".concat(h) return g+"&g=" }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
py实现
import time,datetime, pytz from hashlib import md5 def get_url(video_url): l = int(time.time()*1000) # 获取当前时间 now = datetime.datetime.now() # 获取当前时区的时区对象 tz = pytz.timezone('Asia/Shanghai') # 计算当前时区与UTC的时间差 utc_offset = tz.utcoffset(now).total_seconds() / 60 u = 6e4 * int(-utc_offset) m = int(l + u + 36e5 * 8) today = datetime.date.today().day p = today + 9 + 9 ^ 10 p = md5(str(p).encode('utf-8')).hexdigest()[:10] p = md5(p.encode('utf-8')).hexdigest() h = datetime.date.today().weekday()+1 + 11397 g = "https:" + "xxx.脱敏.xxx?z="+p+"&jx="+video_url g += "&s1ig="+str(h) return g + "&g="
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
如果不知道如何用python实现js的部分算法,直接用ChatGPT叫它帮你写,哈哈哈。
确实很6,比在百度上搜快多了!!!
实战
接口1
# -*- coding:utf-8 -*- """ @Author : 小尹 @Time : 2023/3/16 16:18 """ import requests, execjs import time,datetime, pytz from hashlib import md5 def get_url(video_url): l = int(time.time()*1000) # 获取当前时间 now = datetime.datetime.now() # 获取当前时区的时区对象 tz = pytz.timezone('Asia/Shanghai') # 计算当前时区与UTC的时间差 utc_offset = tz.utcoffset(now).total_seconds() / 60 u = 6e4 * int(-utc_offset) m = int(l + u + 36e5 * 8) today = datetime.date.today().day p = today + 9 + 9 ^ 10 p = md5(str(p).encode('utf-8')).hexdigest()[:10] p = md5(p.encode('utf-8')).hexdigest() h = datetime.date.today().weekday()+1 + 11397 g = "https:" + "xxx.脱敏.xxx?z="+p+"&jx="+video_url g += "&s1ig="+str(h) return g + "&g=" def im1907_top(video_url): # url = execjs.compile(open('./im1907_top.js', mode='r', encoding='utf-8').read()).call('get_url', video_url) # 使用execjs 执行js代码 url = get_url(video_url) headers = { "authority": "xxx.脱敏.xxx", "accept": "*/*", "origin": "xxx.脱敏.xxx", "referer": "xxx.脱敏.xxx", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" } data = requests.get(url, headers=headers).json()['data'] all_video_url_list = [] for i in data: name = i['name'] year = i['year'] for j in i['source']['eps']: name2 = j['name'] print(f"视频名:{name}\t年份:{year}\t{name2}") all_video_url_list.append(j['url']) parse_video_url = all_video_url_list[0] if len(all_video_url_list) == 1: return parse_video_url print("###请选择要解析第几集视频的m3u8_url###") while True: try: video_num = int(input("请输入(0退出)>>>").strip()) if video_num>len(all_video_url_list) or video_num<0: raise Exception("没有此集视频!") exit_flag = video_num parse_video_url = all_video_url_list[video_num - 1] break except: print("输入集数错误!!!") if exit_flag==0: return '已退出!!!' def get_m3u8_url(url): headers = { "authority": "xxx.脱敏.xxx", "accept": "*/*", "origin": "xxx.脱敏.xxx", "referer": "xxx.脱敏.xxx", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" } response = requests.get(url, headers=headers) m3u8_url = response.text.split('\n') m3u8_url = url.replace('index.m3u8', m3u8_url[-1]) return m3u8_url # 二选一即可 # m3u8_url = parse_video_url.replace('index.m3u8', '2000kb/hls/index.m3u8') # 从规律中解析的m3u8_url m3u8_url = get_m3u8_url(parse_video_url) # 按照网站的抓包流程进行解析完整的m3u8_url return m3u8_url if __name__ == '__main__': video_url = "" print(im1907_top(video_url))
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
接口2
# -*- coding:utf-8 -*- """ @Author : 小尹 @Time : 2023/3/16 15:47 """ import requests, re def jx_playerjy_com(video_url): headers = { "authority": "xxx.脱敏.xxx", "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7", "referer": "xxx.脱敏.xxx", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" } url = "xxx.脱敏.xxx?url="+video_url text = requests.get(url, headers=headers).text timestamp = re.findall('"time": "(.*?)",', text)[0] key = re.findall('"key": "(.*?)",', text)[0] headers = { "authority": "xxx.脱敏.xxx", "accept": "application/json, text/javascript, */*; q=0.01", "origin": "xxx.脱敏.xxx", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36", "x-requested-with": "XMLHttpRequest" } url = "xxx.脱敏.xxx" data = { "url": video_url, "time": timestamp, "key": key } response = requests.post(url, headers=headers, data=data) m3u8_url = response.json()['url'] print(f"video_url={video_url}的m3u8_url为>>>\n", m3u8_url) return m3u8_url if __name__ == '__main__': video_url = "" jx_playerjy_com(video_url)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/盐析白兔/article/detail/257395
推荐阅读
相关标签
