JS加密算法简单分析
此次分析百度音乐的评论请求的加密,首先先看包html
看到有两个地方1. param,2. sign,基本能够判定sign是用的MD5加密的python
那么咱们从html页面分析入手,恰巧看到html代码中有写到这么一段web
右键点击open in Source panelapi
熟悉的配方,熟悉的味道,看起来就是MD5,在函数末尾下个断点(点击前面的行号就能够下断点),换页便可运行,F10一直单步运行,发现最后会跳转到另外一个jsbash
看来这里就是加密的地方,param应该是AES加密函数
因此param和sign的计算应该是这样oop
# -*- coding:utf-8 -*-
#!/usr/bin/env python
# http://music.baidu.com/data/tingapi/v1/restserver/ting?method=baidu.ting.ugcmsg.getCommentListByType×tamp=1528636009¶m=NT6J1C5axIckxMHUH2k3Ph1pDNp7wWl6s0IoSsSQMcRi1YJKw0RdAfhQ0ULfOwjRNvoopUj6Ki6jMzXwBLatcQ%3D%3D&sign=c16dd43318fc66aa6b2865b7ce25541b&from=web
import time
import base64
from Crypto.Cipher import AES
import hashlib
def md5Encrypt(text):
m1 = hashlib.md5()
m1.update(text)
return m1.hexdigest()
def aesEncrypt(text, secKey):
pad = 16 - len(text) % 16
text = text + pad * chr(pad)
encryptor = AES.new(secKey, 2,secKey)
ciphertext = encryptor.encrypt(text)
ciphertext = base64.b64encode(ciphertext)
return ciphertext
# timestamp = str(int(time.time()))
# offset = "20"
timestamp = "1528636009"
offset = "80"
size = "20"
musicid = "242078437"
text = "from=web&offset="+offset+"&size="+size+"&type=2&type_id="+musicid
key = md5Encrypt("baidu_taihe_music_secret_key"+timestamp)[8:24]
param = aesEncrypt(text,key)
sign = md5Encrypt("baidu_taihe_music"+param+timestamp)
复制代码
刚巧与上面计算出来的结果同样,结束ui