易盾2代破解-提交JS

  • 2018-10-01
  • 2,605
  • 2
  • 10

本项目仅用于学习交流 严禁用于非法用途

Github 求 Star


分析日期 2018/10/1

第一步

找到

https://c.dun.163yun.com/api/v2/check?id=eda6d7f57cf54b5d8f9b0ed24e5b6e66&token=c195e70d994a4149a2f1dd6c93fe87f8&data=%7B%22d%22%3A%22ICMUEX7PBKfH%5C%5CUuBXvAcLR9jHWLxFdW82NGGYSARm%2F92%2F6FbVl%5C%5Ceim86rIj3%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22Jq2%5C%5CcpMfirCTSxcOIMEJ1x4byDqKiZR7cYjdWJ08GdjmBUDYQCwq5c33%22%2C%22ext%22%3A%22caUlQzUlUti5HLfOy7H7EZYNldi3%22%7D&width=310&type=2&version=2.8.4&cb=BFpZUXMP6a6h%2FpAdVtE6ZwdlYRFD49GalMwJuna1svUOf%2BqkvRLOA1iqf0vJOqcK&referer=https%3A%2F%2Fdun.163.com%2Ftrial%2Fjigsaw&callback=__JSONP_qt4bln3_10

的请求者

第二步

根据堆栈找出加密的位置

也就是

this.onVerifyCaptcha({
    data: JSON.stringify({
        d: p(n.join(":")),
        m: "",
        p: r,
        ext: p(y(i, this.mouseDownCounts + "," + this.traceData.length))
    })
})

经调试得知 p, y 都是加密算法 n是一个轨迹的数组

第三步 找出JS轨迹来源

y(f, [Math.round(i.dragX < 0 ? 0 : i.dragX), Math.round(i.clientY - i.startY), u.now() - i.beginTime] + "")

这一块就是滑动轨迹加密

 

至此 滑动JS解析完成

 

评论

  • Cleo Kettlewell回复

    Excellent post however I was wanting to know if you could write a litte more on this topic? I’d be very thankful if you could elaborate a little bit further. Appreciate it!