过美团滑动验证
本文只做研究使用.(知乎首发)
之前有写过大众的滑动验证,可以看这里
按照道理不应该再写美团系的滑动,因为属于一个验证机制,但是研究下来发现,代码混淆后变了太多,分析入手相对于之前难度增加了不少.美团的混淆代码是这样:
和早期的混淆相比,代码更不好理解了. 顺便接上次没有讲到的window.f函数说一下思路.
首先是解混淆.将不好阅读的代码解析后变成容易理解的代码
部分解混淆后的代码:
相对于之前的代码,更易于分析.
分析思路沿用之前的大众滑动分析思路
遇到的第一个问题是,console打印出现undefined,这个问题在于,console对象被改写了,在反混淆后的代码中,找到相应位置直接注释掉就可以了:
第二个问题是window.f函数:
也是破解滑动的核心,之前的抓包中:
behavior:MTg0NTM2MTU2OQ==#621KAYYa/eNBAaR64Lx9Y7sVo2GvnpYBBM8tg/3pAI1fs62cl5JVkWe3yQRRwdF5jhEMDTFTX86IYW4YxvGog7E8T4vvdU1C8Gu/QXcjJth5EOLqqRM4pAkwml3eOSoBb1ak7jV6Ro1XlL7CK79KX2cazPmmK3+esENTqLytoM2c5C8s4sCBYMizXJ4Yw1qI+rR+RDXwWfMRnYE/cEo2x3P9oX4EcyOmLNxcFxbCF2iIa9N+RUp7VsyExk6Sre8Wxp1DQ2RcvQ690JFnf0zo4SXZx3Ey2I19ruO8h2mzqrrrxoeAOExPAGKjgROKxIv6qoAgXjwtEzgTXVYoGyNYXqnnnXfjjLkPY3CpsDh47Djv31A7dKiBiljxc8HJgZH0Atkw82hiBND7Ny3z6HU2BaLOXET3YzitRU3lYjFmAeWaheR/bNio81D2UVjxJ5qC8p1udc9zK/S2kJyBPXyUIVfTSNIlHYG3PTT4uWWzW673xdz2iJtu/VJmWncKuwlx6Uy59ENEzQBiyOj/Bd3glcJpskqGSbbk85FRSSJxVzHKiEinBTr+qb3EqXlWUqFhY/isO4BKKaFpkCc1v9zYbMdLvkunS8C1/CHeMWvnu2jCABm0jiJPJ0rYyCvq7Tnz3z31/LVFYk4MOTu7FDDIVGoxEnZOfl8KWyFaJBCRRlNzFqgeD9Bqc9nPpCvXlUE57t1kqB8GUe8amZ4rIxjgxFg9JzsD9vsCe+rYk9cXQkvLtZfTsnSeBCIPXIAFJ5Gdg6VmueEjq2OHgyarKUvKlBnpe7RvqviumWHtqUFIYWCFb4RU7VWwDpwsMHclck5XBUV9ACQbItgY1pwfx/FjXJ4OcPdNpF1a+ZoGJsD57u1vQqUtBx14W7Wjk+1wG6/RXzoIlwZ+13AoPv5sG8UBda8BhH8G93v+jxzWFyL4cfv9XyuAT7eEn2af+O7S7ROeJekSVRiHILwtN3j0q8IuY9PzC/gIYhU+Zc0nDRAdtdn57xtAfAjIhnumZGJjuhSJHlPtb8iYYKMaAgSSDcCR1qy1rkieXmYd5E8qm+uaojZdGN+i78la+1iGf0ekqGLpwWjl2xF2pYM6aRFcLtFR8S4lMQJD/CSPfhSKdvoAchTBfeAE9qlqronsnNIibc71yMu3r4ZxpB4qgODVWsItGExd2COHqlAcvvkc0ZT03FAX48nnZZRbgTEczBerq4KfY8BzRi+afgm8DeapHG4zEJQlxUwimURcfQ+ED+zeb2VZ/uXclt1cqATxD5zU2z27+Qr1n0uPFQbx7RKEsFenLjyWV0MJ0VJOa4gt7wxd1iOR5GHVfpMLWbQa6ARc/1tWndeHVqNGiHOPIZInw4TYJy3dbHfH/+3bSfHnmvujF+fBHD4zlef3QmVtzcjU7IP+5+BM2RpwarGK0sVlJhYGZwkOIc1xmH/rd+r8DZn1j5IXEHga056fI7CHLjtqQq/1s+2WE+NuYfWC41uk6MGbSK4rhV8pirEHKWi9m3UednvDN0tPmQushgj2yf6kz1qm3VwV4VjwuAqj8adBktvddmuoVE3bGLW7AG0KZTxD/KQHL2ln/2T064ArPVsI883QLvLHyzxoIeBs2jEoLMrH/fxroh1u6enQhIpqpV664VMPkYM7SPZDYF43OLh4Wk5bjz1qiyW8yRXWXXdNiv1lghMIdb5RyvV9+ucfOBA/AAvwyF+q7QXkLDenpmdXBQCdNYOOgRL6wSV7sT2f3aSfVS/lKYuqWxjdx8cAzA8uhnucqYUvvSC00hJJPJBUecOQGt3YaWC4skfts6aT2atq5P7BCWWw97wx3+dAxvPthFqrzdgNfRbmzGgxmSZjn/n2GjTMYncnR8PPqUp67PB7z7PcThErdZnjHUNy6+9OK2bWwuvSAUAmYTNE9F4KNqrP5qmypwa/cWY1G2XSGaXkKUqHkArHp+mLGrICr/ASH1qg3Cg3Ivke8/dQAAta2oOrGXp1vfD8t64iNywuOyIzQSpGBKL2P8yUxSx0uClKknzRQDTH2hn/fGEHCw+7WNim+Yjay5qoQ2yqYBEmCjmJSNcKTiI1QXcYGmMZLjDv0Kr+GEdTVlXQSgtKT7z8jXsUcnmYkuXMQpRXjLMDpYDkvmqWmct4LCeOqFVd+f6leitvaoHpDCHzxwdFGzJ1JVYdmII61vmhbeQ6TziF0bp5kJO/qqEJcgWGJpfZJfolYkj9dsDWmr5bu8wBC5Dg+HiqFCEp3VCDNwoZCD5XhTM3e0XboS+oxJ5Pc32C3hC8CkbjIz06bb18I0MKm4V4+29Qj/a0XzImtV6fqqV8W4M5aa/Ap/YW4XsDe/Ajcv863bJOobw1DyFccQn5dCQRLbi8JTjM2N9xqOZmvqkf+QvUk8XUjM0zH49lFrovbgFTmVgiTe9557zfOi+bN8ZBvJRispl6uHFWoiBoSxKUSuAWHrLxRh1MObSu1yJ1MhYH6fYNATw4Os32Xv7ymxlVovLjVBh0Ib5N+nlIa41TB28H4KqF/eHp2D5EWHMeJckm+6vOMeEZwNXp8YkAXvh86Lmi0pGoML0SIHwF9CnJ4OmIpL4imUZG8pZ6fGZ1CHUS3i8bqFcwhHsw3VuLYp/VoRdvRPS3gdNXxNpTQigZmdQSyCsUKek75kM+Y9eBld5MliSJ5EpRhr6WdHQUh9FXW/zEqZv5PaOrvT7B40GtmshuqdxdsUxAgAjPjEUyIdpMZObOQpCKD0K8EXivNEXqD2e6hgesF0p0rNRgKcq2wteY2wLCzu9BOCa+zQIUDL1/Hzf02lyQQaoB18Z11F8w/pAQvZgdMrylDR55jBjscYOfx09TtNDIEujmD4MaYkNg1lPhpo6zl47HGzI+817wSLyN0UZQFK3/npeAtF0ccfYCLRfvBiAfk+9Lmb8DRCM1YBoU7ljKl/trMX9m2fEcKmYurTpWiO2ZVM5HZuRrcgJNfJH7NyIMWkHGznYxQmbXEnCnbgkgF9K4xqaDjn8M+GPkSCajbZ/uxHymNsXzSl9knNl3pXpKtvbNWTLiZ5c32cWWtgeznRDG1x6YyGJjnbJ5G0Pxlel3jbSYeHIIMJGo5wtY/ECkfKma+wz1s787aKpmmbexBHrpairNFtpuiaF7bvNlQlSquX9tk/icqMg/9GmqmwzwotjVmjj96B4lq5QLQQnOqVp3YEM0wgCnUFPDH73lDVEt1NxfMmKCUNPEdKIfmiaLVjkGdFqb4pXMHmlQlcJblBSTVduFETBjuBC/2PZBAxL/3o5u8v5jvKJPhl+UdRDDKUTgetjBNjimEb6E9xvRD/c8rxcmKjBMeJYn1ewGI1JOL9Z0N0Yl3OksroSNsjtX1nbEQ1k5gKZmWszF7ChgX5LJkZ2VU8nu0sGQmvvnEb3PB7XzDrulrORIPOqFwSGuLlcoaHG+2v9ScpfDC88db5S95gch4H4p5HLgxDmlm+pg1gu/PZdGWmYdUJYve239ADD3cSNiFz35VRh1EQ4lBDQUzY1vnxLNG46Rai1XbIr7h5YJtaIxzr6fdm153YXC4YSk6/8Y5CuvBWk85avyKhJam0/adb8BeeE0537LI7vTqhg+cjTGxSDkGccHDQdnxg/9ve773nirX3yyOsnJBCrmyVLVbdN8jSam85VWdD/74urOHeyfqC3sh2ANryHmd2UCnQqLLU66lQhvvQHx5pgPb4RKtf/+S2o9/wLQizyGB+LRhIt8sfB816HwCYz56lPwHP+ILFDAv1e3mVQyQBxnud2rBme5kVLaM5T4m9DeIQyYaqMlqOC36DcY/ZF4MClu/y+LDa1xMWaKrmZ1Nmdt+PVZDWfsSj32TuXAQxbJCvh9DLdqQdyOXoEObphSNMg4n9i4u3LvMbkW0K0MxhgRzTWriVXQ54xFHKrxCEHlNS2WC6kXbA93Y8ULm2Cr8iSMu2dmt8F9C78CmnNP6SnpgAR2eBuFKcKx6ZwHy9bp7CcnETL6gzwvxsDyGWSjzL6W0kqg/vBlO1PkcbWhJ8FQb2vMgS2jFI7Y/qZi2EvcbYN42kqZFRXCldpgM4HKzZTBvQ77rfWVM+9uSOIVVXTr8unmbDEhINhFDNRHFl1N5HlAMdWbH+pJlHBhY4GUhLU8CcD2jCiBfFgWZygGUe/YzUrnP2vPO1yqv4oegl7MNHtEetDfu7GdurXQU0CYNhTd62SDZot5JVjI85j4GqEgs93b/DNaBhfC
_token: MTg0NTM2MTU2OQ==#YCi23JHn6dzJ0QW4JcBqHIuXVSbsBjsL7nZoGb1X6S3p0dZpxLcOgIBlm2j7%2F45cUCqm2aXiiObIInT%2BU6jMFeoIoin4uifr9uksxAQRfwg%2BwTjjY%2BYJqMIfgMc34L%2Bg9eswzPRKkLt4i6nWP45hdfkvd9xHbutvKkz5b09Rv0f8bIcI5PUxUQXt9b9yZLpGTpXkMsklBwRi0aSM1yhhuti5dCanhBG9pw5fLzSkEFfopC42coZt6o9OgUonYxvo4wnb24WDXlzBSGzXcd7w8AyH%2Fik4eW8KnC40GTQdAgZk14VnmT8Kp1iWXlsCky8hT8kqgz5b23iuxKMMNYPWGP%2FQVQ64AWbMWwWDE9VnjLfFMKDzUFn2uZynEdXMfsCmwdJKpZOfz%2FU1GlqsiXc4gr6rmIra%2B7uBiXdjtXniF5QLKo1f%2F5StD%2FOXOcfpDQW%2FxiB5NBA2r6PJXxa9%2FEY5s6RQM%2Bhi8faK%2F7Nzo38iaFywDy74Efirru45hO%2Fu2TterhGm6GnqxduKuPRZUThttMViphVrrtlgRdxla558E%2BCQM7RhKTeGN1x4jhmYV%2B%2BqyfhJiLPtBNulvrpcLTwlCTEPXni03amoo6QqI785ioJc7MKd11a8J6vSc1y3Y9T%2BuP6fZhrADANbatAmOrHBsfLRVaDeWrlnTPple%2FgNYXq6V7cLTOljaA07PP%2BVwdsTj5Rn7P1Fr3y8OmmFcPsKIPkmks9GBcpPQE0QsdaKHCdQG8gre0B%2BWJ%2BwlPuOXFROPuP%2BGfdonlXi8X1sMTrkEhl5wWwYUi%2BnpK6k7nJ8ESMqyMDXAJE2UY1JyyWgNcDvMOBNUceyQ2JHInVKfRs1lC71iNZGGyxbAQx%2Fgu6xau8QPpL0nj31v8QmJo2m9IJS%2BtNb3xFs6E44%2BQFkYkr3Y541Z4mehNZ0aJ22NtQ5o92KQoz7PzfR4d0hi8zDWzLHquWcsost8KkDHBJgDGE9XVKwvaDK7HirtoPPkOSrptYnAdq4%2Btg5QIXPQXbvHJyQSoWRnoeHsOmBydF9YIDzBTYvyIeAQDrkC3DAhTikgeJ9eEONlULXpvKmh42Qn3Z%2Bw%2F%2FJ%2F13U7hurCTar6g03XR9O8kkze3J%2FQH983Vy%2F3xKGcicZZhYkZBuq0%2BP%2Bt5kQDT0rd2CBdG7nD1WECx1ETd5Vnxc2QqgMxx1kw4dXjK5aFs13zjHS0eQIfU0Y%2B2wp6HqW5yNQCbt1awvcibHltBVr2BzoMIO%2F%2F7XzyM554Pcfs5ElLFW7J%2FAwqk8cpvcUsW34TWHzaWDe%2BRCZpedwxo8MdMNc7uOWm3x00qF6AQImC9q6h3JOGFDQE69bQ4GjM5GlOdY8qHJwgL2eXs3cPgm7qOovAP2H60eF9dwG5wQypu2Gw8WUKfkcaef2FcOjbNQdPc%2BMUD%2FPNQg8l7wx6%2FqThIXUBwyy6UnoODhGAJEacP4IMyfYir61CBRqTidjLuFuowaRX3J6FHhIKhhH7jGWjH5u7%2Fsn6UcXojVNovsUDiOK71jXJIkPZFeERCqLyTf1c9HCT21Kn0rorzWefC6hMwM8Fk4rFFUi7DZJS67b41zzZhiCN53TUlzQKA%2BVFBHQhufZhJ%2B3zz8e7VqsMvU7jnLog5BtAy74%2BKJCFRvsyzKzP%2BgA4QV7UV5CBHRKZnm03dwwAORGZv0aiwaaVZHvZJ9WsSmSSaVcEf%2FAU%2BFEZTfNevlayHdOmsOIPXen27pD8nMjG0wSlsh65GS%2BrYUvR3vP9StXNHTIIMeKxWq%2BaiffCd7VmWfgBayIwfs86itxTPFdvvTq5MAxxArCVoBpO6dsyjYfhaEp7u87jhPc2Aj5iSoROcBj9APOU0xpmpJ13H3tAJ9t07VYc5TPSDOMGAq%2BrZSoFXKb4V%2F0hzqoI6UQTJMatF5pPJtjNArtb1qeXsjZZ9YeUfId63TxncanMLwEWhV805UkOvnyFKHCtNkiPgomC3Oyg3k7WJvLIcQ9Kjp%2BUpmomkhDXaasLOKY3e4D7wD4EIOpc3sLFb3EeO1f1GPOvT3yK7NMcX0sEYDZNLx5oRdARMlUCURg6TX2DupB7nY%2FG1AxYxvZbVf3ELrSwZ6nFyEgGXGm3b1FF1DtIc%2Fn5iOWO%2BnNKKP5M%2BPMQuYS%2Fom8lKIMn%2Bm4wHJcwxcgQY0TeI86B3DtcR8CYVosD1YhGTs948R6KGiYPLwvUCnFGhvpUxD7CPRGE17tmb9%2Botd91aC3XKoeMspTZ%2FPlCNpNrSvvyoB6n5NlnNj1KjSEZJTv3Q3g6pJM4IS8lP18w%2B4Yr8Uom8ZX7KBy7YSZtrvTW8s0vfI%2BlceI96tpu35vSZh%2FOBK2VVmSBz1uGM6hntIvwgaG1exkquwfLnAyrfRcNGawmyU9Tf2QQA3vP1zWemt5JwexOs8rEd77enCobERzCxo7lXe2eoRPJmSiE%2B1s0COpWBoO6vVBHif9%2Fil%2F6h8Vzw6qYnXIkiWvhhTP%2BY8%2FYSh1uASvD6FyOfZ%2FUetCcIPHqZr9w0PyZQtjn4ny%2FRipIfjfl14K2yS4vxkt8V4h9zvefGGKPdsKOVL9OA66jH7t6iTSom59MvHEPu%2F%2BDrH4LxuYscrtclqJ2oUZiskYi1jpHy0xFLIwJ5X5UgX82XIsIw9NTWr8wqGAEABinxXlAPN27FnRqp8WuYfCsySeWATimRCy7xZCmwBcaSE6m%2B1CnpDMaKO0cHwvvZ94%2FTUqwqmCn3bfDriXNNA3NBKVrgus9Nw4GC2CFd8kUWIrRayGBQhqn66SO3I2wrxP2P2psJGULR3qlGVj%2ByOg7oxeDLpYhA5XizbD8YZmezCEw%2FeIVzww3DWTM9zax9A%2F6dhU5b9GFcgC73khASi4o%2BcbbXKKjEO6Tz9WzqN8HQqHI5cuDh3N9KZrc7GtJLdmvZGR9Orics%2F8%2BfdkVf4YnlNHlA7Gfs01nrCxj%2Ba2gtnVp69wyAhEV73JjJO54pAzqh2yd5p92sGd9tNiAijMk2x%2F58BIhuSA8svOnA%2Fr49dSni5UCuzZVWjxdIkW37ojQRY9fmaaneXNxV%2BEnOLr93IWbYo2zQTuI8QcbsRfEvFMl4naNRXWERPQCeOxW%2BdY4WrI5DxTz1ua%2FQ%2Fcmn9VVnn0nldP1yteStv%2BUlOCniiDFZwnPcWy1EATgeAywq4hVgFJMMCN5CKX%2Fys7wRNuSYw2V8nK8jLrrRW2cK64FDN%2FQ8uSQkxINVke9IbykfgQTZiul3nEWoGNLiBG4dTxWkhh90Ujhz2qzlkNlXVhapt5L5Fuq6zfQazazXwVgXfX4%2BM1jABdE%2FSi8A6n4Ss84SANDUTa30iv4hEWVt8Nk6pAsGZ6gqWottqaDpdEXDfqnomGe%2F7EIgfSqtSVsMfYeI5JiqfKOJAxHTXRp6wGdENei3UxumnbJN0PIJiNsrQ7GFqjcQT2xNHU3jzcqy%2Bri5SpksqNB2XrRO1nzY1JlQPT8t2QXpFgh31w4MMD8jnNSFY20TTIThX7bGJIA6YQUGz3pUZpdlOScmmKraV6r2RlCCb7n6S%2BePpQweefOlX5XtGr0PPxFG5nCFzqNgBmKAdlbTrQ4XmdzG6bqTSLHJHBrPYnQ%2F%2FMUH44Rq6yM0EaZtT9u9V3NPv8%2BL2zSyDm9wzeKkhKsbGaWR9DdfqRpIMojv%2FZ1Q5JGp32I34Voe8%2BfBtxtHWdNeiiJkIkDvhWEPFIDMi%2Bdj2DK4d%2BKdWWtRnIVVQyQzgX4lyayDsuRZ3ecOvFYFZ36KYKWVPV0s8BceMiGcwbavQc3wDdSqESKy7XfUNMLulP2y6BKk2D0ssToz6%2BmnWjPsi26JBrYdeHVoTSLgp1srXLvi6A3Oq0vyZuOJrsv29XAzDM4hylFgf74Q%2FVveBiQZm6MaRm6XYjpVIvS0p481ftojC%2FIxi28AjrQPVOzQLUz9pPY6gldsRiEnJk9JVnUe%2B57SReCD9E%2B7BSWJV9YXd9kh2GGHgoNoKIzUdCIL%2FfkPKl5Ii7jHUkez76l4FQfSLwTq5c5exGXOBQvRjsw3bthCjeRv4VYrN6FrF7cwXDjiy%2FlK10GNctvBXJKhbA3iLSaROQxKVfjbOYM8Zy9gvG2ry%2FrEVeQvZH%2F8Hx7xecTsqCln98sOzrpYFZdgcLZal4r5%2FQEXJAkzvL9E9ssp%2BGkHWh5B0%2FurdD1MqAvIlJiiag8cOaW1e%2FSWvlp4rbZLB%2BedAfWQ7cyrA5OTPSvXQiv6jCNIYkmdVEllPCH0xaiHpISZtv0S3Jwp4igJyroCJ9VepDcY2bwqY8%2FrpbjGxyeH1RzrRwMKQ7nuuHDj93tehNr7z7CoSjXovt52jbUZQhyOGJcqmvZA06ksAAhJonuRl6HyL26RjaxGWsgnPwtgclG8I%2BFb1c5laWlQ6L0VCXenEZLhHXprfbMbjayQrUNSJgWyz7J9ubRA8a7ojTyBbgN66KUUI2uziEu7ewPF2G6Gc85SU%2FEQVMhOtkM4Q7%2BIgM8eXMp8qU657VL7mj8GTm%2FHVfCxtvZzCowEQZXxtVdWnseHyBch2BvEu3QTA1%2F8ZuxSs5uSNQA5mwGlKPd2q8hE8mg%2Bc0EpBGTe4fuE6UGNqX0yydY9NCRYcxFvWi9O7JQ4Es4SXdbRAtkhGzEJVienjEVlQtK60VhgKYfMwffDJR%2FXDLZnfiuV5adGVX7Hk76sX40Kq%2FCNZyVEjn%2BHKP8ZQs1u3VEOBbb35O4lZr%2B6moyo1UExlkp8btk7bapcYdDQ%2BqbaaIO5PeNX3sr3o9cFoTZKYBjgzWAH8KKheK%2FoQBM70QcgDKL877bUQ1tVOVJXSaNMu94oCKiI%2FA0kwHYXh%2FR9DleuO7B7ndecY8ayOvki5WPM34YV%2FIBjk3WKjHRwVE8h86ZwicZSRai5L96a1E4TIZ51L4S8WjVfCUWmOUeIdCwFFG530VbC1XEIKyVFCdf1ntSQmjjWzTWi8K%2BRNaP6tTQm5OEo0x7SEfF0hsMpyCSrr4yh00TUOKTVqB7TcBQd7qNq4l4cAlL9zuK0nMV%2F2ZhWTI6bD0XOdc%2FFLkNsfnb6kSORaSaD4yAVwjDb2dTPZ7hx%2BYj8Bs%2F6%2F%2FCSXxe4U3vRQgW5pKuaWTdHjZTMa%2B0LaxVj2u7q2kF6Z6Ds1YHF0PcZJoiZMviJH66TV4B8gFv17CLnTGlTpg08D5w6%2Fkf3wsKdeQtsJQctqo%2BNj6Rg2%2FJ4D6DspnwaHuxCIsMcad5Jg7E0%2B5WCUaJ8sRQBmr7KvMVDpnvicnHRkzCsh8b8rYuPebjGdpa1tI8Os88VKDwbqsbjrJlCbGMAVqvH%2BntcmPRgVagJ9D2fn62CnFzlgfm8G%2BRTr3NkYc8bnpuNnnTgOdnvKwlJLBSq2pfPuXkZjQvzsuGuZxMKjBk%2BS83do5kbjuuXzBmty2Nv8QBFtCkUVZ%2FLd4k9sf1U2tBt0cqNXGSuK5v9JbHysSC8j7T%2FfLbUhZ6nc1U8ZVM8EIMK5k7C%2F%2FwVOuROWManNUzbltO%2F5%2B67547u9MdGxl5N%2BtY9rd07P5nCnBO20cCheiXOCsPO9xObgMpKpV5IBw1cN03R22HuA57or4pAHXotW%2Fwal9srgotz9eKykH5Wv%2F6hS5MqqCQO9iX4FW9i5qxzdGPEba%2BhltWhxBkDZcri9lQV9DD7kVshOdgnMM0n2rICDViP2GuxPVqIgSk4jBlPOsrHdqdNIK%2F%2BSIOK0zFvsXrqE%2F8rjgPWRerbgteYEXy43UpFwzE%2Fu1NHJMedgwlO5TPGAI7gMxnEs9MIYs6fFtBt9HGCNusB4ZgLVEoi%2Bt6aGVpGqi4zD9Te5yrvqDikY2t1uvxrKppaHyOFqUQmtVoJwHuKJUJBbpf8PeGIFtQBdTpn%2BRQEpbh68bRjULqn84jHChlqixD5HTFhe0%2FXshOiT3RiNNRTNtyeyR6QMrGdP3DctUxcDsvjSXpF2owFEq3yhhIon5JNahB2Er1rnvNyc%2BRMfH2Uduik%2F%2FPhGYI244l5RKwDRAo7vmgLNsce00zUxDcPAopt3ClRUASf3ug6RNlnvcu%2BrJIkDAW647Mpod5f%2FVw6KHPFy1tMkTR19gJ7gja3VmOQVaW3v9Z4d%2BQljePAnzF6XlMj3luPis9WmXYnx%2FDhWXWT5%2FvyveZqn3r2%2BSDdA9aNvSqbntoYPfNlrhJLj7JXuZzHbZCplLLpWScMFopZvEGzo6KAU60R%2F6yYvqQGt3vizqT6zb3C%2Fvy0T2EAM14ciKAl0lvh%2BehCs3TlA7E%2Fra8cw14uhL3Nk%2FQO%2BLd3mLwOtLp5IVDen5z86D27ZahYm%2BmS0kMvDoer1gkKxPgVxV4bZcFLR1VWCZkWlba8C1Zmx7%2BzXMDBqPuwoN%2BW%2Bc2vyqLeaCNcFROTeWUlL8%2B9A7q%2BZrGegJ0bNhuoE5zXzG4cl9w6mwCanDR7jcNarRzd1Pc02HkrPXFvq6Xvmq71JpoZ99YInLmE2gIQU6SEv3gnlqR9ekqhVtIAd0oXccQGh5Iq%2F5ISjmJgOpPnznYUvz9anpyBHzb%2BV%2FMv3w2aXy%2Bw0oRh0X1X44sZh2nxSvlHfFrhDxMWLVsbWWY%2FXOrWPwBTX8QCwEgCfqB%2BdTK4WSdl4dTljYGln5QxM1I2pZcbhAu9ETzD9dHth%2BDxO6WgL8E7g7o%2BGRcVXjHmai99FBFyEafrsAi1sm2p5QddAc3hl3qlNCZ3ArOsLzCLDc7Nyqlg8ztkcoM6YnbzBK8atMCOQPX4krfP3Ez1e6CpOIqBq1QvZdzjw1uVzkJh5tx2YeGOOhREcqHn2X4ygcinpgLxJhPJaOQ7x7AgdAAdd3enKRVFiGB79E49ztDtoj%2FJdKsiK7SyYeLV2uX56UkXWndytH87NDsUY6n%2FdQ%2F8irVkJ12iU12A3Iw1K1y0HcZ0IMNMwwrV1JfgHn8P1Y36beJxE9cTZokZdYau2NlZvZozdJjb32OYhiUc8kAgP7B%2FsTLCiaohMxr5Fnfv8DitgUZaZOUQjcLMgR5MIcdXCIpM%2B5ieGKHNx376%2BWlgyQjx1Zo%2BVRIJ12sVOL6efRoYVrgC6w9P8HPpQ93cOY6TBgPCXM4l%2B1QKVKyMdRQy0tUAxvny0dfEJvgsh0JpqPkc69%2F5jrJHR3IjJZhUF%2Bcskx7Qc16ZwhpPE0fy3aOswosS0BD3YSHA6lnCrZ1msCu6Y4MnWPENPN5DKD6yEwMdaBnrDkHQrqElLiP6pj3viAVJ1W7cpYxmt49FqtoQYUSoF8Ad%2FC6wbcNEJ9C9RQUeZ%2FRFnrTcEa2BtpKRk2ydB77Y2Pc92m4jvBIzqz%2FZHzJQmXbo6wwfSWiJGg7Lmv6jiZ%2BNcm1o4yAko66QxRTb28nytwTEwUy%2FjozK680mpZAiIEHbv9%2Bc2SAHsQTEFh7TgyQCl8QT9wUXrie09suMSJ%2BvpCX4adGdsW0bYL4mVnt8b3cudKK65lOiGHr9OH%2BH8vLTeI78lIYiypEXLk9BNzHB%2F4%2FpMKVVBvjYy7N5Q3FhO7BSv3NFNnPKhlcTB70CTcM6scS4MQR0C4%2Feq9YeogFqcYt8ub5FI6S%2FN4c2J7A3HC%2Fo%2FKjDteKU0NL4AxFUU5FJJWkfBm%2Br57JAO9VfbfoGcN%2Bb70AUDs2ibRMyJQDWaCS3PO139CKgTXHdGyWl2t0exeMqkn%2F320CScFXd98dz1U6yqc%2BJ2LggO9lYnnQgibpAJZL9LQ97Iw3PoIR42%2FfWzcWomu4eTYDWvcJRbZ6OIvkASSVU4LcZDO91i14FYGwEN8sXfcHX%2BZt4nLx7m8uC7W1vbFAHA1XpHjAmz3bpK0ptOzwKfrz4ROUCWV8yphlYjmOyl2JXr9qPHXOtnKxYa5ElsucICVcamLI0PmTF43BM6s0g9t4yXEPLZlnKBhlhtxrU%2FNLlelX0HciZxpyS05r3u0%2FfRNLyUGR5a5sDMrqMjE5UZI1dpfavfrUsh8uSMgM1EccAcXPZGUm3ZoOAXloHlLnIGcnNQQWSg0pR26XxMqZod632Sqzbu1Cr6Bjz5PoncFpf1HfXow9iWO8P5FjYqa6rUboLAjm%2FupZBKidqz2saSsGtfsdkh7%2BoS5q30cV9KnJN%2B349M%2FMS0dS1PkGHvlidxMj065gyDbNDtqgm3vpqrlTOYArGee2u%2BqLek%2BN7ly%2FqwNwjjgf4tOVupd73j2RH07uzaGdJIIF%2BNpnVTXxoVkC0N5zvfXzh1YdcfZXISk0kwNAJKR8VkUJdOshc07cE1mXXyofQSCViX8YYKqsRInjZBQbVeYUSIorOReyinhfrQOlbTdAN5TylNqgQw4y3bkMB7xWoLckzAN8ipywn40TtRbThVux9YaGHwrxw5tg%2B4UBrO91GmhaVwFddPxZLw4%2BYfxpOCdU%2FZxmvAnESEA%2BVo0PM4FQR7QZYDh4FnE7%2Bq%2BTbRlfFX5u6yAu6c960Cz4%2B0GJkU3OBclMS780dAl4lrEoS3k0MB%2BYJ9lbvy3DS8gYW2SDLPbwJW9Gw%2B0mOE6%2BLFYVqzS1m01FOqmw0gtu0ODvalxffh57htvhwxnXXhg8wwMasv2g9xmJSMgAXUJQPzXAKo4lxlVQ85ibCxS%2FMfBN4uWXPwWz5%2F%2F6SQ1llPqf82gxypdXaXFTuWN9Q8k314LikVIyNaFTW5IoPfaqjeyeQj3FveaM5YX1%2Fh7n5FLH4azmbAivpgCHNnYh5RtCjJDVcxjSysLnnnbh5ySgjBuOvW9X2FdYb%2BgGbxId5%2FizdBiB7TGpowysAzy3lflNhL3EUJ%2B%2Fg44cyK0iJj4Woz1opR75YShGbDGJYt815nK8p5GnVbZ25KcGzQaa%2B%2FAy9bsfcznpwFoGHbaevlLztADabAX9orpDk5%2FfrjIhH5A0t4%2BqasCE%2BYyuyY7BMB54sXVix4OgTej9iMb3peeL4LvShOC22H8myV0T%2FjWMotbElaOiNLQkSWAGiMIUeuvsb396y%2Bjdmo3ono9dMIKuF1baEDN7Y8WfOxd2gj5h3EC0giL%2Fole13gGNbTNUY6Vm%2BGb9nQTDxxUot12qa9Rd1Td5qMrYwS3FZ0jt8xYIe67OAfhsyHKFk6f8JXYvg5WmBcqckE0MuIjVjc2%2BzymVylC0fh%2BD8MKN6CSAU5ddxldy2HV6GFOdyLeWNW7ArHZc%2BLn1%2F4MQIfB1wjt5mpQPJes5%2BgTy2kSqUln2WO44rLjWvJCYSh7W96oau2ERWrPpRnlkTYAiL1bb%2FcWCPYa4xFIbjPwvzAu7sLNAkWsKOu9WbPwfmOwAMQUrvLs3kYs1d%2FbMW%2BhDgUYNeehVcQuAWl%2FL7421S0Nu6lgGrCzfcQncmYR5c7BFPqMrK7L5RKHbDIdvsS4i29rue6yVHMq520PnWZ54gwgbizzgzpXBIbX7%2F0%2BxsCpCxgyw%2FeLPMcu4vs%2F%2FICR5MU9NM4iFlznVJkVePCEqBAl4BcAwP1zBGwsc4Aqi4uhF4mM4XyPtkgzUHtdTuo7QXIq8W2%2FPifNyeAVAU5xrf5vZ1roDIGVh7vL%2BcZOlB6iiE2T8vtkN63t4AXl5Wm47lis2wH%2FvBZJuciLYnZPISk4Q1quw2si7%2F110IxGxwKlogW6assWsf%2FNWcAEeu9wvlhEAVsTjzwnAKNUtHRCImBIYdotBv5p1Lt4LLfrKC%2Fo7DlAzaXS%2Fh2zzCn%2BHFiwvDsmLLJHhBk8SOlKZuceIz3zXxs49MuKE3bFGj1HqBdU%2BTn6Nzt8ZScTDuX%2FPfENJBTkTOgWPp3qMVnfTUiZS1P1Wr%2Bx2qptHZ04py2ayG3QeoIeZ%2FX95H7phFZ7fiZ5vi9scxGCBmqF9fSyPKDAEegRlMqsq9Lclm%2FWvcweI4IyEP73Wcqz1UNc%2Fq43%2F0xv8pPO6ebKc9EpsevDeOxfdLnttFVtZ867NzAycuQzshSS5dFD7LQiVQXWkmTTWQX89g64To5Oh%2FVU3WsqztBZCdluMyjkYFsT1bIv%2BxH1LiqnbOmHiupyWK3i%2BoLsJdyucqMIU2ehsItHOTNwGjOmapsg5tEmRYMKSZGrcbL49icN%2FuB%2FKHAFF06cVruF4r3hy4IOQ%3D%3D&
window.f函数返回一个数字,然后btoa一下就是MTg0NTM2MTU2OQ==这个串了.
在最新的代码中,美团的工程师对代码依然做了混淆,增加了随机检测浏览器对象,检测浏览器BOM对象也是以后反爬虫的趋势吧!
部分代码:
(function anonymous() {
!function a() {
try {
var _dw = 28522;
var _Ow = 'WJpU'
, _Iv = window
, _qZ = (function() {
var temp = {};
if (!(navigator == undefined || navigator.webdriver == true)) {
temp.letsee = 'a'
}
return temp;
}
)()
, _cr = window
, _Xf = window
, _xD = window
, _XX = window;
var _wX = 'jC'
, _Cw = 'DYAs'
, _Hm = 'xoqbmY'
, _wQ = 'TZAxuK'
, _YH = 'MHPeQ'
, _Qf = 'EcPK'
, _gC = 'osD'
, _ms = 'Nw'
, _Yg = 'TwQA'
, _hW = 'c'
, _pP = 'dBCHQz'
, _XS = 'UGcv'
, _vr = 'zeqmMK'
, _gy = 'RpcH'
, _Un = 'Ia'
, _ZR = 'rBEITH'
, _Pk = 'm'
, _pI = 'hHp'
, _dk = 'hwPTwD'
, _jN = 'd'
, _dT = 'SKKw'
, _Gp = 'lJ'
, _Nr = 'BxqVN'
, _LP = 'a'
, _YJ = 'GR'
, _D = 'qgl'
, _QH = 'k'
, _mt = 'v'
, _Qh = 'jBsXx'
, _IV = 'GKMlR'
, _Kf = 'u'
, _jA = 'vpWWY'
, _Ch = 'YxNNK'
, _qI = 'ukW'
, _yG = 'ZE'
, _nq = 'f'
, _Es = 'xk'
, _cG = 'jbJ'
, _bP = 'ekSJq'
, _dM = 'g'
, _Ph = 'yi'
, _DL = 'ehl'
, _xh = 'P'
, _Hs = 'Q'
, _lI = 'fg'
, _hM = 'I'
, _zI = 'RaB'
, _bv = 'FSVvfz'
, _FZ = 'fHgCyq'
, _lC = 'PoTZ'
, _XV = 'twoAK'
, _St = 'QYyarR'
, _cB = 'uhdqh'
, _TK = 'M'
, _bL = 'lL'
, _HS = 'BuZsok'
, _tO = 'WS'
, _hT = 'L'
, _kU = 'wWvLu'
, _Jn = 'n'
, _DZ = 'AsWkf'
, _nF = 'pSdL'
, _cs = 'potano'
, _sd = 'sAXti'
, _nE = 'eT'
, _qg = 'nsAB'
, _DI = 'O'
, _sn = 'c'
, _hq = 'viYEOh'
, _Yl = 'bfSz'
, _FP = 'UZ'
, _FS = 'wzCO'
, _JN = 'bTSpbF'
, _jQ = 'dELgjP'
, _EV = 'NdZ'
, _wm = 'f'
, _kX = 'l'
, _jr = 'h'
, _Hx = 'A'
, _IB = 'qmlMl'
, _zP = 'sDPoZ'
, _Eg = 'WHTQy'
, _sW = 'xr'
, _mY = 'sPyR'
, _qG = 'Sn'
, _LJ = 'r'
, _bQ = 'Sm'
, _yK = 'ecB'
, _Et = 'b'
, _qE = 'qWqbo'
, _YM = 'pIC'
, _vw = 'Mss'
, _wU = 'vGOKL'
, _yB = 'W'
, _hk = 'uazLg'
, _fl = 'uTG'
, _YP = 'eEtRvX'
, _JZ = 'hX'
, _Bw = 'Da'
, _X = 'WnflAJ'
, _sI = 'oLej';
var _Jt = 'PX', _rK, _CX, _mK, _fy, _SN, _gZ, _Yn, _rM, _nU, _KM, _xJ, _Rt, _yJ, _Ms, _SW, _vK, _zx, _cN, _RU, _qs, _cT, _TZ, _QZ, _mg, _rk, _HL, _nx, _Mg, _dC, _Wk, _bB, _vW, _ZW, _xM, _hY, _YL, _Gk, _rz, _xW, _CS, _WK, _sY, _WU, _WH, _zS, _sA, _bm, _Ef, _BV, _zO, _lj, _EM, _hD, _LH, _E, _ZS, _jj, _fJ, _Rv, _pK, _Pf, _QO, _Nf, _lF, _cR, _jY, _v, _sl, _xt, _BQ, _IW, _cd, _YA, _qt, _Lj, _GP, _WT, _FJ, _KI, _fG, _NA, _Xc, _KG, _yE, _md, _Fn, _fr, _KX, _hU, _DS, _yz, _xn, _yj, _tM, _vB, _lM, _FF, _vF, _IF, _UI;
var _VK = 'KWkSPo'
, _Tk = -64883928 ^ -1373448428
, _EC = 498930580 ^ -1086516324
, _CT = -483853314 ^ -479686658
, _mh = 1175269386 ^ -1806818302
, _Jh = 1202552011 ^ -458340121
, _wV = 185344506 ^ 2072828374
, _Pz = -682397931 ^ -720136399
, _Xk = 1634115880 ^ 317121848
, _Sw = 2097654238 ^ -1081702958
, _FU = 684100247 ^ -347617653
, _wK = 1017669351 ^ 1017779967
, _QR = 414587211 ^ -927659705
, _sv = 963963171 ^ -130634457
, _rd = 1412555813 ^ 108189709
, _Tg = -1191019774 ^ -918319326
, _AH = -6867501 ^ -1881850373
, _bR = 1856444346 ^ 2082995114
, _PI = -1072530099 ^ 1406380353
, _sE = 1712703501 ^ 76906505
, _tq = -1673904388 ^ -323386636
, _mI = -71864824 ^ 712279572
, _yw = -567887866 ^ -274206686
, _st = 778494299 ^ -1356378793
, _Wf = -1265948659 ^ -699789275
, _cg = 308654013 ^ -1570323567
, _Lx = -1201822708 ^ 694045756
, _Wv = 955195494 ^ 422572130
, _BI = 818772095 ^ -1043559337
, _ZJ = -584206210 ^ -1653610430
, _Uz = 409721125 ^ -114662095
, _HB = -1517964663 ^ -1786283339
, _fv = 612951976 ^ 655070116
, _OS = 2082368428 ^ 513740732
, _HW = 2110705952 ^ 260987192
, _Pm = -1751878522 ^ -1487509362
, _YE = -457513480 ^ 108563964
, _Ml = 723617720 ^ 954414984
, _wF = -93256771 ^ -1439466599
, _ZZ = 78524265 ^ 913097569
, _UO = -79521345 ^ -1203645021
, _DH = 752938369 ^ 1285687713
, _Xp = 1248662306 ^ -1431542990
, _rp = -1733753785 ^ -378858413
, _WO = 1544629 ^ 1888955825
, _OR = -1750091071 ^ 1684895481
, _pY = 934995193 ^ -1527101195
, _RH = -211401037 ^ -1071176001
, _FO = -782782327 ^ 1922467985
, _mU = -169808388 ^ -941481484
, _RM = 246216267 ^ -1125140889
, _wG = -1191941471 ^ 737581749
, _vY = -2141612406 ^ -526705022
, _JY = 586814658 ^ -218588950
, _hy = -1861591017 ^ 852132899
, _qw = -1140273302 ^ 784942966
, _YB = 937978917 ^ 1978192921
, _Ir = -1362029414 ^ -548183894
, _SG = -1017360299 ^ 1889478741
, _kh = 486447605 ^ 2101177849;
while (void 0 != _dw) {
switch (_dw) {
case -624860907 ^ -624860490:
_QH = _DZ + 'HCRkL',
_Iv = _DZ,
_DZ = 'J',
_Jh = _Yg[_yB] != undefined ? -84218431 ^ -1703265855 : 60148219 ^ 9883099,
_Yg = 'l',
_yB = 'DDBar',
_dw = _bB ? -226213100 ^ -226203904 : 932338341 ^ 932319768;
break;
case 1948303745 ^ 1948313692:
_gC = _cs,
_cs = 'bYCfZq',
_yw = _nE[_bv] != undefined ? 1582201892 ^ 1305285632 : 1309054308 ^ -1677377164,
_nE = 'rV',
_bv = 'Wg',
_Un = _yG + 'sY',
_dw = _jr ? 1570472358 ^ 1570488257 : -1513237852 ^ -1513253950;
break;
case 1808627028 ^ 1808610991:
_YJ = 'fdF',
_HS = _cs,
_cs = 'aMxS',
_mU = _hq[_zI] != undefined ? -1178202306 ^ 1242029834 : -1070621553 ^ 1122829447,
_hq = 'F',
_zI = 'EIK',
_qE = _Ch,
_dw = _DI ? -2001232911 ^ -2001210716 : 863658992 ^ 863650044;
break;
case -794371636 ^ -794387741:
_mY = 'lctu',
_kh = _FS[_cr] != undefined ? 1643806916 ^ -222667580 : -1253695104 ^ -1241133652,
_FS = 'EBaPKn',
_cr = 'kW',
_dw = _Pk ? 802534101 ^ 802536380 : 317985782 ^ 318002822;
break;
case 1520984529 ^ 1520971314:
_DL = _DZ,
_DZ = 'YZim',
_Ml = _yB[_yB] != undefined ? 569152816 ^ -495979224 : -163883313 ^ 918150879,
_yB = 'wNGi',
_yB = 'Z',
_DZ = _Gp + 'Z',
_dw = _dT ? -1212446476 ^ -1212419575 : -1307332494 ^ -1307341018;
break;
case -1745160782 ^ -1745185085:
_lI = 'IH',
_Qh = _FP,
_FP = 'LmNeaw',
_fv = _wU[_cB] != undefined ? -645550402 ^ 432434850 : -1574841234 ^ 6324302,
_wU = 'qfhgT',
_cB = 'CcGU',
_vw = _tO,
_dw = _xW ? 1177787895 ^ 1177790813 : 2024756326 ^ 2024744381;
break;
case -460126873 ^ -460100558:
_wQ = _Yl,
_Yl = 'btbNd',
_RM = _YH[_qg] != undefined ? 1193556065 ^ -681057211 : 1143842275 ^ 1970175471,
_YH = 'xQNQjj',
_qg = 'qFpCtL',
_Qh = _bP + 'JRdjzX',
_dw = _cR ? -1398667632 ^ -1398651794 : -128301626 ^ -128308007;
break;
case -606109052 ^ -606093205:
_YM = 'QveU',
_YJ = _nq,
_nq = 'inmkN',
_FS = _sd + 'tSt',
_Wv = _qZ[_jA] != undefined ? -1272247562 ^ -970404098 : -907762116 ^ 690437672,
_qZ = 'FY',
_jA = 'jfZxn',
_dw = _fl ? -536349606 ^ -536365197 : -151427810 ^ -151444690;
break;
case 679323137 ^ 679345906:
_St = _hM,
_hM = 'y',
_dT = _FS + 'gh',
_OR = _FS[_bQ] != undefined ? -594519317 ^ -1080997165 : 1381542447 ^ -1873102305,
_FS = 'BNOvp',
_bQ = 'sajr',
_sI = 'Ed',
_dw = _Es ? 1058938057 ^ 1058959684 : 11250806 ^ 11241554;
break;
case -1637727599 ^ -1637720942:
_xh = 'cGVWg',
_ZR = _qZ,
_qZ = 'uBYALf',
_JY = _Ow[_LP] != undefined ? 1767037816 ^ 408001344 : -411650934 ^ 104330390,
_Ow = 'LE',
_LP = 'LGqO',
_FS = 'TRvAJ',
_dw = _bm ? -604081649 ^ -604100869 : 1021117326 ^ 1021132691;
break;
case -1634886637 ^ -1634865712:
_hM = _jA,
_jA = 'A',
_Hm = _Hx + 'men',
_mI = _yB[_Iv] != undefined ? 1810570757 ^ -617944531 : 2058870130 ^ 2062998858,
_yB = 'mSNPza',
_Iv = 'xwX',
_qI = 'Y',
_dw = _dw ? 1525169704 ^ 1525159925 : 1088713987 ^ 1088695479;
break;
case 1702152147 ^ 1702150008:
_cs = 'WFf',
_Un = _XX,
_XX = 'sDNg',
_bQ = _Iv + 'dth',
_Sw = _LJ[_QH] != undefined ? 823238436 ^ 1670472472 : 1015864837 ^ -1102193135,
_LJ = 'qWIoTL',
_QH = 'vwd',
_dw = _cd ? -1105015420 ^ -1105016456 : -562429305 ^ -562414590;
break;
case 1915205736 ^ 1915212537:
_YP = 'dER',
_cs = _yG,
_yG = 'VCuolm',
_qZ = _Un + 'e',
_FO = _mt[_nF] != undefined ? -1456088950 ^ 1249320070 : 1447268039 ^ -1002199333,
_mt = 'NloGb',
_nF = 'UZys',
_dw = _vB ? 1286520814 ^ 1286512804 : 73515543 ^ 73499116;
break;
case 76844767 ^ 76858770:
_Eg = _pI + 'zT',
_bv = _XS,
_XS = 'C',
_rd = _Iv[_YH] != undefined ? 1972374850 ^ -1538180786 : -1371044074 ^ 1317316394,
_Iv = 'rljhb',
_YH = 'iWLPw',
_jr = 'KoYxhI',
_dw = _LJ ? 913538802 ^ 913509541 : -1981990429 ^ -1981979403;
break;
case -576080855 ^ -576069914:
_bL = _Pk + 'nsHbb',
_nq = _Qf,
_Qf = 'rTa',
_wK = _hM[_Nr] != undefined ? 746418783 ^ 524093031 : -759788254 ^ -1821091534,
_hM = 'fV',
_Nr = 'exXlYo',
_cG = _dk,
_dw = _nF ? 1784795804 ^ 1784797845 : -1534328972 ^ -1534348828;
break;
case 519298399 ^ 519300858:
_hk = _FP,
_sd = _gC,
_gC = 'mO',
_Lx = _bP[_DZ] != undefined ? 805350066 ^ 1929429670 : 606702068 ^ 1680492996,
_bP = 'Hv',
_DZ = 'rnHY',
_gC = _vr + 'eUuLd',
_dw = _Ms ? -548462276 ^ -548442830 : 711992784 ^ 712009535;
break;
case -1274332032 ^ -1274334405:
_JZ = _hT,
_hT = 'lJ',
_bR = _jr[_hM] != undefined ? 1740224762 ^ -134528770 : -1447674960 ^ 2046269344,
_jr = 'DMul',
_hM = 'Kzfd',
_jN = _fl + 'GpgIA',
_dw = _cG ? 986150955 ^ 986150718 : -970429468 ^ -970435544;
break;
case 1058016879 ^ 1058035278:
_qI = 'NiI',
_YB = _YH[_Hs] != undefined ? 786452196 ^ -1889300764 : -849923390 ^ -329932090,
_YH = 'zsN',
_Hs = 'XunD',
_hk = _lC + 'qQvz',
_dw = _kU ? 2127356785 ^ 2127357050 : -741435519 ^ -741424869;
break;
case 1986251555 ^ 1986252116:
_yB = _wm + 'tLVtWI',
_Hs = _lI,
_lI = 'f',
_HB = _nE[_St] != undefined ? 1729000829 ^ 336584065 : -7898905 ^ -842629929,
_nE = 'fl',
_St = 'APeAW',
_Pk = _QH + 'RMl',
_dw = _yK ? 1165327917 ^ 1165303132 : 1616167537 ^ 1616181737;
break;
case -956996885 ^ -957007308:
_IB = _bL,
_bL = 'FQGUBl',
_sE = _xh[_kU] != undefined ? 149914812 ^ -1741694836 : -1919670331 ^ -1349103667,
_xh = 'EzFKh',
_kU = 'NA',
_dw = _fJ ? -1920536646 ^ -1920537638 : 1617336302 ^ 1617346679;
break;
case 377245950 ^ 377253499:
_kX = 'Yml',
_FZ = _bQ,
_bQ = 'sl',
_FU = _LP[_FZ] != undefined ? -2140334792 ^ -492910288 : 973702987 ^ 2026539887,
_LP = 'W',
_FZ = 'XHIEb',
_dw = _WT ? 746504400 ^ 746488766 : 561960200 ^ 561954759;
break;
case -441508670 ^ -441488103:
_qZ = 'As',
_lC = _Qh,
_Qh = 'juGLMK',
_pI = _lC + 'a',
_OS = _fl[_JZ] != undefined ? -1241569344 ^ 1694396376 : -290793848 ^ 745206452,
_fl = 'hY',
_JZ = 'bWvVL',
_dw = _zx ? 1143560965 ^ 1143554665 : 1987684121 ^ 1987699500;
break;
case 893902173 ^ 893882636:
_ms = _YM + 'VKgfRQ',
_jA = _vr,
_vr = 'pBMI',
_AH = _DZ[_wm] != undefined ? -976592631 ^ 1951076665 : 2008991711 ^ 1971154915,
_DZ = 'YXl',
_wm = 'Y',
_JZ = _YM,
_dw = _gZ ? 400719299 ^ 400689097 : -916033208 ^ -916029709;
break;
case -537166677 ^ -537193758:
_sd = _wU,
_wU = 'r',
_WO = _dM[_Gp] != undefined ? 847469771 ^ 285298899 : -1834126890 ^ 275669494,
_dM = 'FgGPu',
_Gp = 'nCa',
_dw = _bL ? -985878354 ^ -985864099 : 415634985 ^ 415646219;
break;
case -1141337634 ^ -1141335223:
_JN = _IV,
_Un = _sd,
_sd = 'sqGc',
_RH = _wU[_Jt] != undefined ? 549560083 ^ 578994963 : -599394457 ^ -62422145,
_wU = 'PmbggE',
_Jt = 'oIFWsc',
_dw = _qt ? 412076239 ^ 412084215 : -759772283 ^ -759783148;
break;
case 1419240790 ^ 1419217115:
_yB = _hq,
_yG = _St,
_St = 'ltZoeW',
_pY = _IV[_Nr] != undefined ? -864681566 ^ 1870035386 : -17005418 ^ -1119942518,
_IV = 'AeAe',
_Nr = 'c',
_dw = _Ms ? -1707938647 ^ -1707959553 : 1634561653 ^ 1634559202;
break;
case 232959407 ^ 232965998:
_vr = _qE,
_qE = 'rogBxU',
_Xk = _St[_XV] != undefined ? -735222844 ^ 376262632 : -1199007551 ^ -926281503,
_St = 'QlYW',
_XV = 'E',
_dw = _hM ? -312320515 ^ -312335018 : -20486494 ^ -20482024;
break;
case 1723486353 ^ 1723472424:
_Yl = _pI,
_pI = 'GlkeHA',
_wU = 'scre',
_YE = _wm[_Hx] != undefined ? 20717823 ^ 1371438291 : -2144620899 ^ 1122750121,
_wm = 'OQqMD',
_Hx = 'Pphd',
_sd = 'Js',
_dw = _hk ? -1682073744 ^ -1682057069 : -8523296 ^ -8532174;
break;
case -1240787588 ^ -1240766677:
_hT = _bv,
_bv = 'WT',
_bL = 'inner',
_Tg = _Qf[_X] != undefined ? -1723382693 ^ 1220923515 : -1256695169 ^ 903473787,
_Qf = 'XJDWNT',
_X = 'Qffe',
_dw = _vr ? -428325519 ^ -428340960 : 1665837794 ^ 1665850650;
break;
case -1900518225 ^ -1900525194:
_hM = _HS,
_HS = 'TdGyE',
_vY = _wQ[_nE] != undefined ? -1665749122 ^ -1883722930 : 1190430987 ^ 1714692355,
_wQ = 'TKeLw',
_nE = 'WYvU',
_D = _jN,
_dw = _IF ? 860881132 ^ 860886430 : -867403520 ^ -867408125;
break;
case 1498167981 ^ 1498182160:
_lC = 'P',
_Qf = _nq,
_nq = 'YOXDH',
_nq = 'letsee',
_wV = _Eg[_YH] != undefined ? 1522511692 ^ 201210716 : -756093048 ^ -512897132,
_Eg = 'vcJMAT',
_YH = 'ChA',
_dw = _pP ? -639042982 ^ -639051747 : -1678025893 ^ -1678032995;
break;
case -925568873 ^ -925582986:
_sI = _Hm,
_Hm = 'rMVRi',
_Jt = _gy + 'He',
_Wf = _lI[_hT] != undefined ? 696974083 ^ -1954018517 : 1580146480 ^ -1355930828,
_lI = 'f',
_hT = 'LFCeez',
_dw = _DS ? 1401821402 ^ 1401821568 : 71691632 ^ 71667643;
break;
case 1462133602 ^ 1462127527:
_Jt = 'h',
_bP = _IV,
_IV = 'Ch',
_FS = _bP + 'i',
_Xp = _Jn[_YM] != undefined ? 1401421321 ^ 1388635653 : 477233102 ^ -1355785254,
_Jn = 'YR',
_YM = 'TbdzL',
_YM = 'e',
_dw = _Wk ? -1668561628 ^ -1668562550 : -603043654 ^ -603044939;
break;
case 1368164621 ^ 1368189894:
_sd = _wQ,
_IV = _Jt,
_Jt = 'JcdxuA',
_cg = _Eg[_kX] != undefined ? -2010091372 ^ 200362144 : 1357493983 ^ 2783943,
_Eg = 'MJnQrx',
_kX = 'OtXCLX',
_dw = _nU ? 2043538902 ^ 2043521866 : 1229637076 ^ 1229651569;
break;
default:
var _final = 0 ^ _Tk ^ _EC ^ _CT ^ _mh ^ _Jh ^ _wV ^ _Pz ^ _Xk ^ _Sw ^ _FU ^ _wK ^ _QR ^ _sv ^ _rd ^ _Tg ^ _AH ^ _bR ^ _PI ^ _sE ^ _tq ^ _mI ^ _yw ^ _st ^ _Wf ^ _cg ^ _Lx ^ _Wv ^ _BI ^ _ZJ ^ _Uz ^ _HB ^ _fv ^ _OS ^ _HW ^ _Pm ^ _YE ^ _Ml ^ _wF ^ _ZZ ^ _UO ^ _DH ^ _Xp ^ _rp ^ _WO ^ _OR ^ _pY ^ _RH ^ _FO ^ _mU ^ _RM ^ _wG ^ _vY ^ _JY ^ _hy ^ _qw ^ _YB ^ _Ir ^ _SG ^ _kh;
window.f = function() {
return _final;
}
,
window.honey = window.f() ^ 1;
return 0;
}
}
} catch (e) {
window.f = function() {
return e.message;
}
,
window.honey = window.f() ^ 1;
return 0;
}
}()
}
)
在随机的返回数据中穿插了被检测的window的内置对象属性,客户端未被检测到则输出为undefined,就会被认为是发包请求,算出来的f()值的就是错误的.所以,如果需要完全模拟的话.需要遍历得到他检测了哪些东西的,重复多次的请求加密脚本.这个是一个非常耗时间的过程.
那么在node中运行需要全部模拟这一部分.破解的主要时间也是花在了就在这里.
然后就是behavior参数:
轨迹的结构和之前的大众几乎没有差别.
Z_[Kaito]函数加密最终的轨迹
最终拼接f()和轨迹加密串
_token:
加密的明文和之前有了变化,但是还是可以得到的.
然后拼接f()
分析了这些后,就是模拟轨迹了,js随机写一个移动的脚本数据,这一部分不难.
最后使用python调用node执行js:
依然是测试通过截图:
