小程序解密清参考我以前的文章
VX小程序逆向
js版本
function n(e, a) {
var t = (65535 & e) + (65535 & a);
return (e >> 16) + (a >> 16) + (t >> 16) << 16 | 65535 & t
};
function i(e, a, t, n, r, i, s) {
return o(a & n | t & ~n, e, a, r, i, s)
};
function o(e, a, t, o, r, i) {
return n(function(e, a) {
return e << a | e >>> 32 - a
}(n(n(a, e), n(o, i)), r), t)
};
function r(e, a, t, n, r, i, s) {
return o(a & t | ~a & n, e, a, r, i, s)
};
function s(e, a, t, n, r, i, s) {
return o(a ^ t ^ n, e, a, r, i, s)
};
function c(e, a, t, n, r, i, s) {
return o(t ^ (a | ~n), e, a, r, i, s)
};
function hexMD5(e) {
console.log(e)
return function(e) {
for (var a = "0123456789abcdef", t = "", n = 0; n < 4 * e.length; n++) t += a.charAt(e[n >> 2] >> n % 4 * 8 + 4 & 15) + a.charAt(e[n >> 2] >> n % 4 * 8 & 15);
return t
}(function(e) {
for (var a = 1732584193, t = -271733879, o = -1732584194, g = 271733878, d = 0; d < e.length; d += 16) {
var l = a,
p = t,
u = o,
m = g;
a = r(a, t, o, g, e[d + 0], 7, -680876936), g = r(g, a, t, o, e[d + 1], 12, -389564586), o = r(o, g, a, t, e[d + 2], 17, 606105819), t = r(t, o, g, a, e[d + 3], 22, -1044525330);
a = r(a, t, o, g, e[d + 4], 7, -176418897), g = r(g, a, t, o, e[d + 5], 12, 1200080426), o = r(o, g, a, t, e[d + 6], 17, -1473231341), t = r(t, o, g, a, e[d + 7], 22, -45705983), a = r(a, t, o, g, e[d + 8], 7, 1770035416), g = r(g, a, t, o, e[d + 9], 12, -1958414417), o = r(o, g, a, t, e[d + 10], 17, -42063), t = r(t, o, g, a, e[d + 11], 22, -1990404162), a = r(a, t, o, g, e[d + 12], 7, 1804603682), g = r(g, a, t, o, e[d + 13], 12, -40341101), o = r(o, g, a, t, e[d + 14], 17, -1502002290), a = i(a, t = r(t, o, g, a, e[d + 15], 22, 1236535329), o, g, e[d + 1], 5, -165796510), g = i(g, a, t, o, e[d + 6], 9, -1069501632), o = i(o, g, a, t, e[d + 11], 14, 643717713), t = i(t, o, g, a, e[d + 0], 20, -373897302), a = i(a, t, o, g, e[d + 5], 5, -701558691), g = i(g, a, t, o, e[d + 10], 9, 38016083), o = i(o, g, a, t, e[d + 15], 14, -660478335), t = i(t, o, g, a, e[d + 4], 20, -405537848), a = i(a, t, o, g, e[d + 9], 5, 568446438), g = i(g, a, t, o, e[d + 14], 9, -1019803690), o = i(o, g, a, t, e[d + 3], 14, -187363961), t = i(t, o, g, a, e[d + 8], 20, 1163531501), a = i(a, t, o, g, e[d + 13], 5, -1444681467), g = i(g, a, t, o, e[d + 2], 9, -51403784), o = i(o, g, a, t, e[d + 7], 14, 1735328473), a = s(a, t = i(t, o, g, a, e[d + 12], 20, -1926607734), o, g, e[d + 5], 4, -378558), g = s(g, a, t, o, e[d + 8], 11, -2022574463), o = s(o, g, a, t, e[d + 11], 16, 1839030562), t = s(t, o, g, a, e[d + 14], 23, -35309556), a = s(a, t, o, g, e[d + 1], 4, -1530992060), g = s(g, a, t, o, e[d + 4], 11, 1272893353), o = s(o, g, a, t, e[d + 7], 16, -155497632), t = s(t, o, g, a, e[d + 10], 23, -1094730640), a = s(a, t, o, g, e[d + 13], 4, 681279174), g = s(g, a, t, o, e[d + 0], 11, -358537222), o = s(o, g, a, t, e[d + 3], 16, -722521979), t = s(t, o, g, a, e[d + 6], 23, 76029189), a = s(a, t, o, g, e[d + 9], 4, -640364487), g = s(g, a, t, o, e[d + 12], 11, -421815835), o = s(o, g, a, t, e[d + 15], 16, 530742520), a = c(a, t = s(t, o, g, a, e[d + 2], 23, -995338651), o, g, e[d + 0], 6, -198630844), g = c(g, a, t, o, e[d + 7], 10, 1126891415), o = c(o, g, a, t, e[d + 14], 15, -1416354905), t = c(t, o, g, a, e[d + 5], 21, -57434055), a = c(a, t, o, g, e[d + 12], 6, 1700485571), g = c(g, a, t, o, e[d + 3], 10, -1894986606), o = c(o, g, a, t, e[d + 10], 15, -1051523), t = c(t, o, g, a, e[d + 1], 21, -2054922799), a = c(a, t, o, g, e[d + 8], 6, 1873313359), g = c(g, a, t, o, e[d + 15], 10, -30611744), o = c(o, g, a, t, e[d + 6], 15, -1560198380), t = c(t, o, g, a, e[d + 13], 21, 1309151649), a = c(a, t, o, g, e[d + 4], 6, -145523070), g = c(g, a, t, o, e[d + 11], 10, -1120210379), o = c(o, g, a, t, e[d + 2], 15, 718787259), t = c(t, o, g, a, e[d + 9], 21, -343485551), a = n(a, l), t = n(t, p), o = n(o, u), g = n(g, m)
}
return [a, t, o, g]
}(function(e) {
for (var a = 1 + (e.length + 8 >> 6), t = new Array(16 * a), n = 0; n < 16 * a; n++) t[n] = 0;
for (n = 0; n < e.length; n++) t[n >> 2] |= (255 & e.charCodeAt(n)) << n % 4 * 8;
return t[n >> 2] |= 128 << n % 4 * 8, t[16 * a - 2] = 8 * e.length, t
}(e)))
}
function getTokenData(e, a) {
var o = ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street", "text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal", "imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system", "deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"];
var r = new RegExp("[`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~!@#¥%……&*()——+|{}【】‘;:”“’。,、?]");
for (var t = ["5", "b", "f", "A", "J", "Q", "g", "a", "l", "p", "s", "q", "H", "4", "L", "Q", "g", "1", "6", "Q", "Z", "v", "w", "b", "c", "e", "2", "2", "m", "l", "E", "g", "G", "H", "I", "r", "o", "s", "d", "5", "7", "x", "t", "J", "S", "T", "F", "v", "w", "4", "8", "9", "0", "K", "E", "3", "4", "0", "m", "r", "i", "n"], n = [], i = 0; i < 62; i++) n.push(i + "");
var s = Math.round((new Date)
.getTime() / 1e3),
c = function(e, a) {
for (var t, n, o = e.slice(0), r = e.length, i = r - a; r-- > i;) t = o[n = Math.floor((r + 1) * Math.random())], o[n] = o[r], o[r] = t;
return o.slice(i)
}(n, 20),
g = "";
c.forEach((function(e, a) {
g += t[e]
}));
var d, l = function(e) {
for (var a = Object.keys(e)
.sort(), t = {}, n = 0; n < a.length; n++) t[a[n]] = e[a[n]];
return t
}(e),
p = "";
for (d in l) - 1 != ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street", "text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal", "imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system", "deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"].indexOf(d) || r.test(l[d]) || (p += l[d]);
return p += s, p = (p = (p = (p = (p = (p = (p = (p = (p += g)
.replace(/\s+/g, ""))
.replace(/\n+/g, ""))
.replace(/\r+/g, ""))
.replace(/</g, ""))
.replace(/>/g, ""))
.replace(/&/g, ""))
.replace(/-/g, ""))
.replace(/\uD83C[\uDF00-\uDFFF]|\uD83D[\uDC00-\uDE4F]/g, ""), p = encodeURIComponent(p), {
md5: p = hexMD5(p),
tstr: s,
iArrStr: c && 0 < c.length ? c.join("_") : ""
}
}
getTokenData({},"*****************.action")
python3版本
import random
import time
import hashlib
import urllib.parse
import re
def get_token_data(e, a):
keywords = ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street",
"text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal",
"imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system",
"deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"]
special_chars_pattern = r"[`~!@#$%^&*()+=|{}':;',\[\].<>/?~!@#¥%……&*()——+|{}``【oaicite:0】``‘;:”“’。,、?]"
char_set = ["5", "b", "f", "A", "J", "Q", "g", "a", "l", "p", "s", "q", "H", "4", "L", "Q", "g", "1", "6", "Q", "Z",
"v", "w", "b", "c", "e", "2", "2", "m", "l", "E", "g", "G", "H", "I", "r", "o", "s", "d", "5", "7", "x",
"t", "J", "S", "T", "F", "v", "w", "4", "8", "9", "0", "K", "E", "3", "4", "0", "m", "r", "i", "n"]
n = [str(i) for i in range(31)]
current_time = int(time.time())
def shuffle_array(arr, size):
shuffled = arr.copy()
i = 0
while i < size:
index = random.randint(i, len(shuffled) - 1)
shuffled[i], shuffled[index] = shuffled[index], shuffled[i]
i += 1
return shuffled[size:]
iArr = shuffle_array(n, 20)
print(iArr)
g = "".join([char_set[int(e)] for e in iArr])
def sort_dict_by_key(data):
return dict(sorted(data.items(), key=lambda x: x[0]))
p = ""
for key in sort_dict_by_key(e):
if key not in keywords and not re.search(special_chars_pattern, e[key]):
p += e[key]
p += str(current_time)
p = re.sub(r"\s+", "", p)
p = re.sub(r"\n+", "", p)
p = re.sub(r"\r+", "", p)
p = re.sub(r"<", "", p)
p = re.sub(r">", "", p)
p = re.sub(r"&", "", p)
p = re.sub(r"-", "", p)
p = re.sub(r"\uD83C[\uDF00-\uDFFF]|\uD83D[\uDC00-\uDE4F]", "", p)
p = urllib.parse.quote(p + g)
md5_hash = hashlib.md5()
md5_hash.update(p.encode())
md5_digest = md5_hash.hexdigest()
return {
"md5": md5_digest,
"tstr": current_time,
"iArrStr": "_".join(iArr) if len(iArr) > 0 else ""
}
# 示例用法
data = {}
result = get_token_data(data, "student/clock/GetPlan!getDefault.action")
print(result)