m0_58990004
2021-08-14 18:07
采纳率: 100%
浏览 253
已结题

js逆向遇到JSEncrypt is not defined 和 JSEncrypt is not a constructor问题

跟着课程做js逆向,模拟完美世界登录获得rsa加密后的密码,但是貌似是网页代码改了,跟着课程做完了js调试,是可以正常返回密码的,做到最后一步在py运行程序时出现了execjs._exceptions.ProgramError: ReferenceError: JSEncrypt is not defined,自己在js文件最上面加了JSEncrypt = this; ,但是又出现了execjs._exceptions.ProgramError: TypeError: JSEncrypt is not a constructor,在百度上找了很久都没找到解决方法
下面是代码:
python代码

# -*- coding:utf-8 -*-
import requests
from lxml import etree
import execjs



#发起请求获取公钥
headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36"
}

url = 'https://passport.wanmei.com/sso/login?service=passport&isiframe=1&location=2f736166652f'
resp = requests.get(url,headers=headers)
#print(resp.text)
page_text = resp.text
tree = etree.HTML(page_text)
key = tree.xpath('//input[@id="e"]/@value')[0]


#加密逆向
node = execjs.get()


ctx = node.compile(open('wanmei.js',mode='r',encoding='utf-8').read())

pwd = "123456"

funcName = f"getPwd('{pwd},{key}')"
password = ctx.eval(funcName)
print(password)

resp.close()

js文件(太长了只发了一小部分觉得重要的)

navigator = this;
window = this;
JSEncrypt = this;

//省略具体内容

ze.prototype.setPublicKey = function(t) {
    this.setKey(t)
},
ze.prototype.decrypt = function(t) {
    try {
        return this.getKey().decrypt(Te(t))
    } catch(e) {
        return ! 1
    }
},
ze.prototype.encrypt = function(t) {
    try {
        return be(this.getKey().encrypt(t))
    } catch(e) {
        return ! 1
    }
},
ze.prototype.getKey = function(t) {
    if (!this.key) {
        if (this.key = new _e, t && "[object Function]" === {}.toString.call(t)) return void this.key.generateAsync(this.default_key_size, this.default_public_exponent, t);
        this.key.generate(this.default_key_size, this.default_public_exponent)
    }
    return this.key
},
ze.prototype.getPrivateKey = function() {
    return this.getKey().getPrivateKey()
},
ze.prototype.getPrivateKeyB64 = function() {
    return this.getKey().getPrivateBaseKeyB64()
},
ze.prototype.getPublicKey = function() {
    return this.getKey().getPublicKey()
},
ze.prototype.getPublicKeyB64 = function() {
    return this.getKey().getPublicBaseKeyB64()
},
ze.version = "2.3.1",
t.JSEncrypt = ze
});
function getPwd(pwd,key) {
var e = new JSEncrypt();
//var key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjfeE0MIYsZes/HwV06/kvRw34Hmhn9WPt0feLPp1PVqdqZz1/xFvPPEAJ/lAvfqt5kyn+A06bvYXIhizTjlOzPgLE4897ihuSYXgfwcUshPZvydRLbftU6Exj5SLbv5tw4GInbgQv7RWLWOKyQA81q6lWae2Kcgd1XpDRsQNXVwIDAQAB"
e.setPublicKey(key);
var p = e.encrypt(pwd);
return p;
}
  • 收藏

1条回答 默认 最新

  • C_Code_P 2021-08-15 20:00
    已采纳
                    ......
                 ze.version = "2.3.1",
                JSEncrypt = ze
    }
    
    function getpwd(pwd, key) {
        var e = new JSEncrypt();
        e.setPublicKey(key);
        return e.encrypt(pwd);
    }
    
    ```bash
    
    import requests
    import parsel
    import execjs
    headers = {
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36'}
    url = "https://passport.wanmei.com/sso/login?service=passport&isiframe=1&location=2f736166652f"
    response = requests.get(url=url, headers=headers)
    value = parsel.Selector(response.text).xpath('//input[@id="e"]/@value').get()
    print(value)
    ctx = execjs.compile(open('./wmsj.js', 'r', encoding='utf-8').read())
    pwd = ctx.call('getpwd', '123456', value)
    print(pwd)
    
    

    ```记得采纳哦

    已采纳该答案
    2 打赏 评论

相关推荐 更多相似问题