js逆向解析之百度翻譯案例
阿新 • • 發佈:2020-11-13
百度翻譯使用了js函式對sign值進行加密,所以需要用到js逆向解析
js逆向解析即通過呼叫對方的js加密函式來獲取正確的加密資料
js逆向解析需要安裝js開發環境node.js和execjs模組
有兩個檔案,一個py檔案存放主程式,和一個js檔案存放從瀏覽器中找到的生成js加密資料的js程式碼
兩個檔案需在同一個資料夾中。
*.py py檔案
import requests # 需安裝 import execjs # pip install pyexecjs 用於執行js程式碼 import jsonpath # 需安裝 import time class BaiduFanyi: def __init__(self): self.url = 'https://fanyi.baidu.com/v2transapi?from=zh&to=en' self.head = { "user-agent": "", # 請到瀏覽器開發者工具中複製 "referer": "https: // fanyi.baidu.com /", "cookie": "", # 請到瀏覽器開發者工具中複製 } self.zh = None self.sign = None self.formdata = {"from": "zh", "to": "en", "query": self.zh, "transtype": "enter", "simple_means_flag": "3", "sign": self.sign, "token": "", # 請到瀏覽器開發者工具中複製 "domain": "common"} def get_sign(self): # 1、開啟js檔案,使用js程式碼生成js加密資料 with open('sign.js', 'r') as f: js_sign = f.read() # 2、編譯 exe_sign = execjs.compile(js_sign) # 3、呼叫js函式生成加密資料 self.sign = exe_sign.call('e', self.zh) def fanyi(self, zh): # 翻譯 self.zh = zh self.get_sign() self.formdata['query'] = self.zh self.formdata['sign'] = self.sign res = requests.post(self.url, data=self.formdata, headers=self.head) pydict = res.json() try: dst = jsonpath.jsonpath(pydict, '$..text')[0] # 單詞 except: dst = jsonpath.jsonpath(pydict, '$..dst')[0] # 句子 return dst if __name__ == '__main__': zhtoen = BaiduFanyi() n = 10 for i in range(n): zh = input("百度翻譯為您服務!請輸入中文:\n") en = zhtoen.fanyi(zh) print(f"英文翻譯為:\n{en}") if i < n - 1: y = input(f"你還有{n - i}次機會,繼續嗎?(Y/N)\n") if y in ['n', 'N']: break else: print("機會已經用完,請重新啟動...") input("請按任意鍵...") print("\n感謝您的使用!") time.sleep(1.5) print("\n本次服務到此結束!")
*.js檔案
function n(r, o) { for (var t = 0; t < o.length - 2; t += 3) { var a = o.charAt(t + 2); a = a >= "a" ? a.charCodeAt(0) - 87 : Number(a), a = "+" === o.charAt(t + 1) ? r >>> a : r << a, r = "+" === o.charAt(t) ? r + a & 4294967295 : r ^ a } return r } function e(r) { var o = r.match(/[\uD800-\uDBFF][\uDC00-\uDFFF]/g); if (null === o) { var t = r.length; t > 30 && (r = "" + r.substr(0, 10) + r.substr(Math.floor(t / 2) - 5, 10) + r.substr(-10, 10)) } else { for (var e = r.split(/[\uD800-\uDBFF][\uDC00-\uDFFF]/), C = 0, h = e.length, f = []; h > C; C++) "" !== e[C] && f.push.apply(f, a(e[C].split(""))), C !== h - 1 && f.push(o[C]); var g = f.length; g > 30 && (r = f.slice(0, 10).join("") + f.slice(Math.floor(g / 2) - 5, Math.floor(g / 2) + 5).join("") + f.slice(-10).join("")) } u = "320305.131321201"; for (var d = u.split("."), m = Number(d[0]) || 0, s = Number(d[1]) || 0, S = [], c = 0, v = 0; v < r.length; v++) { var A = r.charCodeAt(v); 128 > A ? S[c++] = A : (2048 > A ? S[c++] = A >> 6 | 192 : (55296 === (64512 & A) && v + 1 < r.length && 56320 === (64512 & r.charCodeAt(v + 1)) ? (A = 65536 + ((1023 & A) << 10) + (1023 & r.charCodeAt(++v)), S[c++] = A >> 18 | 240, S[c++] = A >> 12 & 63 | 128) : S[c++] = A >> 12 | 224, S[c++] = A >> 6 & 63 | 128), S[c++] = 63 & A | 128) } for (var p = m, F = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(97) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(54)), D = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(51) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(98)) + ("" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(102)), b = 0; b < S.length; b++) p += S[b], p = n(p, F); return p = n(p, D), p ^= s, 0 > p && (p = (2147483647 & p) + 2147483648), p %= 1e6, p.toString() + "." + (p ^ m) }