跟着课程做js逆向,模拟完美世界登录获得rsa加密后的密码,但是貌似是网页代码改了,跟着课程做完了js调试,是可以正常返回密码的,做到最后一步在py运行程序时出现了execjs._exceptions.ProgramError: ReferenceError: JSEncrypt is not defined,自己在js文件最上面加了JSEncrypt = this; ,但是又出现了execjs._exceptions.ProgramError: TypeError: JSEncrypt is not a constructor,在百度上找了很久都没找到解决方法
下面是代码:
python代码
# -*- coding:utf-8 -*-
import requests
from lxml import etree
import execjs
#发起请求获取公钥
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36"
}
url = 'https://passport.wanmei.com/sso/login?service=passport&isiframe=1&location=2f736166652f'
resp = requests.get(url,headers=headers)
#print(resp.text)
page_text = resp.text
tree = etree.HTML(page_text)
key = tree.xpath('//input[@id="e"]/@value')[0]
#加密逆向
node = execjs.get()
ctx = node.compile(open('wanmei.js',mode='r',encoding='utf-8').read())
pwd = "123456"
funcName = f"getPwd('{pwd},{key}')"
password = ctx.eval(funcName)
print(password)
resp.close()
js文件(太长了只发了一小部分觉得重要的)
navigator = this;
window = this;
JSEncrypt = this;
//省略具体内容
ze.prototype.setPublicKey = function(t) {
this.setKey(t)
},
ze.prototype.decrypt = function(t) {
try {
return this.getKey().decrypt(Te(t))
} catch(e) {
return ! 1
}
},
ze.prototype.encrypt = function(t) {
try {
return be(this.getKey().encrypt(t))
} catch(e) {
return ! 1
}
},
ze.prototype.getKey = function(t) {
if (!this.key) {
if (this.key = new _e, t && "[object Function]" === {}.toString.call(t)) return void this.key.generateAsync(this.default_key_size, this.default_public_exponent, t);
this.key.generate(this.default_key_size, this.default_public_exponent)
}
return this.key
},
ze.prototype.getPrivateKey = function() {
return this.getKey().getPrivateKey()
},
ze.prototype.getPrivateKeyB64 = function() {
return this.getKey().getPrivateBaseKeyB64()
},
ze.prototype.getPublicKey = function() {
return this.getKey().getPublicKey()
},
ze.prototype.getPublicKeyB64 = function() {
return this.getKey().getPublicBaseKeyB64()
},
ze.version = "2.3.1",
t.JSEncrypt = ze
});
function getPwd(pwd,key) {
var e = new JSEncrypt();
//var key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjfeE0MIYsZes/HwV06/kvRw34Hmhn9WPt0feLPp1PVqdqZz1/xFvPPEAJ/lAvfqt5kyn+A06bvYXIhizTjlOzPgLE4897ihuSYXgfwcUshPZvydRLbftU6Exj5SLbv5tw4GInbgQv7RWLWOKyQA81q6lWae2Kcgd1XpDRsQNXVwIDAQAB"
e.setPublicKey(key);
var p = e.encrypt(pwd);
return p;
}