|
|
*求助技巧:规则求助时,请提供“规则报告.txt”、“帐号密码“、”.hwl数据包“、”.wzdr规则“等,否则可能无法给您满意答案!
*大家也有自己的事情要做,所以尽量详细,有助于更快得到大家的答复。拒绝伸手党!
*如果此求助信息不详细,或者有答案不采纳的,将会被移动灌水版块。
*规则报告内容太多,请保存为.txt文件上传,否则违规文本,会被系统禁止,无法发帖成功。
本人遇到一个网页更新后增加了新的加密系统
程序中如下:
<input type="hidden" id="encryptKey" name="encryptKey" value="" />
<input type="hidden" id="str_encryptKey" name="str_encryptKey" value="fu2pWMSK/HEpmcQW9Z3yHEAmZj0YuDd6JLWBRhmI3hm70PKvcn8gfgOiWhJkeLwbPMIVDWFekyx8ueEx3qtoD7Y0tKVm2sVWcfy9yyk7pfs3dCP50FaZyUAXncUXP9uveB9wwnNXAGS7kupaZRlCvuQQts6Be06unSk+0N8xs5w=" />
加密算法如下:
var encryptKey = "";
if ($("#str_encryptKey").val() != "" && $("#str_encryptKey").val() != undefined) {
encryptKey = encryptCombination($("#timestamp").val(), $("#longNumber").val(), $("#str_encryptKey").val(), $("#combineType").val(), $("#publicKey").val());
$("#encryptKey").val(encryptKey);
}
return true;
抓包POST数据为:
username=(已隐藏)&
password=(已隐藏)&
isRememberMe=0&
returnurl=&
encryptKey=R8CRCd2czgq2D90HW%2BDFCWNThLOeUKXEW1HGOZdXJ4NRwmA4QXHeYnkV17oZLDqG%2BUBOaxg7tr4pIxOM27GU8qoMFMXiNgNYv4a7DYn1RUpv61amkM%2FwgBzy14N%2FBwjSO5h0QWDVZ2HEPk3AFhlpI3fr70xlSrPnurGnOkCD5yw%3D%7Cfu2pWMSK%2FHEpmcQW9Z3yHEAmZj0YuDd6JLWBRhmI3hm70PKvcn8gfgOiWhJkeLwbPMIVDWFekyx8ueEx3qtoD7Y0tKVm2sVWcfy9yyk7pfs3dCP50FaZyUAXncUXP9uveB9wwnNXAGS7kupaZRlCvuQQts6Be06unSk%2B0N8xs5w%3D%7CkLMeAg4UFyVtZBqD4s4xmREjaRK%2BVjIWSqQGa8rTDtufnybJj5aE9rVG1qmBuAiLND74X30QK%2BRvAMefcqiY2FJoisttR3TQEk4N3naLaY8uMiFsNxBF1ZzyiRYZAkDWs1vglvsE9vWRceTT0yJgQ3ky%2Ban%2BoFxShmxw%2FZ8HH7A%3D%7Cblo4GFurZpZh7YmfC9eBqtkV3hUO11X9rab%2FVzmdombpVke4muVr1pUU0T0R82U6qrfEc4d6%2FMFvtS6iUkg0mHbjmj0z6734lwLPRrvtJi3Z%2Fa5%2BAFp6vZt3sP1hvLEIIldmHlJyAqP9darLVbvX5N5vgjpQswvWuC1vIlWcLSA%3D&
longNumber=9924730710&
publicKey=-----BEGIN+PUBLIC+KEY-----%0D%0AMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCSjUbexYfZ0jItT4AEOIEfa3%2Fk%0D%0A4q%2BxFkZULB%2BWzNSgMshlVon6KKTRv3XLSnCYGQHHxHHEY8W3z2RMqYClHp9CZ2i%2B%0D%0A%2FF5ukarDvX43iuq1V5MlKNCHyluWFRzkeMTJ%2BxAXCBRnoyl3WHZ1t95462ALIkT%2F%0D%0AC1sUKwJs2l2nKFDigQIDAQAB%0D%0A-----END+PUBLIC+KEY-----%0D%0A&
str_encryptKey=fu2pWMSK%2FHEpmcQW9Z3yHEAmZj0YuDd6JLWBRhmI3hm70PKvcn8gfgOiWhJkeLwbPMIVDWFekyx8ueEx3qtoD7Y0tKVm2sVWcfy9yyk7pfs3dCP50FaZyUAXncUXP9uveB9wwnNXAGS7kupaZRlCvuQQts6Be06unSk%2B0N8xs5w%3D&
combineType=16&
timestamp=1614605040932
以上绿色标记参数均可以从GET中得到,橙色标记部分为str_encryptKey的值,多次抓包发现该值的位置不固定
是否有大佬遇到过类似的加密算法?怎么解密获取encryptKey =的值,请大神指点
|
|
发表于 2021-3-1 22:09:59
置顶卡
变色卡
楼主
发表于 2021-3-2 08:50:42
