feat: 新增努比亚Cookie逆向分析代码

Buliqioqiolibusdo · Nov 26, 2019 · 16e2b2f · 16e2b2f
1 parent 36be7e5
commit 16e2b2f
Show file tree

Hide file tree

Showing 12 changed files with 103 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,4 @@
+__pycache__
+.pytest*
+*.pyc
+/__pycache__
diff --git a/README.md b/README.md
@@ -8,7 +8,9 @@
 
 - [案例分析](#案例分析)
   - [1 淘宝](#1-淘宝)
-    - [1.1 WEB 淘宝 sign 参数逆向破解](#1.1-WEB淘宝sign参数逆向破解)
+    - [1.1 WEB淘宝sign参数逆向破解](#1.1-WEB淘宝sign参数逆向破解)
+  - [2 努比亚](#2-努比亚)
+    - [2.1 努比亚](#2.1-努比亚Cookie生成逆向分析)
 
 # 案例分析
 
@@ -23,3 +25,17 @@
   - [个人博客文章：2019年末逆向复习系列之淘宝M站Sign参数逆向分析](https://cloudcrawler.club/tao-bao-m-zhan-sign-can-shu-ni-xiang-fen-xi.html)
 - **逆向代码**：[WEB 淘宝 sign 参数破解代码](https://github.com/lateautumn4lin/Review_Reverse/blob/master/tb/m_tb.py)
 - **实战代码**：[WEB 淘宝爬取代码](https://github.com/lateautumn4lin/Review_Reverse/blob/master/tb/m_tb_example.py)
+
+
+## 2 努比亚
+
+## 2.1 努比亚Cookie生成逆向分析
+
+- **参考文章**：
+
+  - [微信文章：2019年末逆向复习系列之淘宝M站Sign参数逆向分析](https://mp.weixin.qq.com/s?__biz=MzIzOTQzNDIyOA==&mid=100000296&idx=1&sn=bcb858c0b4f8f460d5cd6433965b9339&chksm=692b62b35e5ceba597b830ca4d7451b709c31c2aaa84351888ae7c5d82c68ef740cc53b4eb79&scene=0&xtrack=1&key=a089b840afa72487c5c947dd508eadd32a992303f4ecd2e171ce6677361f96b52daadccce30cb283e1639dffb4aa7b6c8aa6d499d0b1dd2af982b26ffd444c11bd5d07b6fd9c58e822fc2d7e77941498&ascene=1&uin=MjE5NTExNzYxMA%3D%3D&devicetype=Windows+10&version=62070158&lang=zh_CN&pass_ticket=vdb3234iVj%2FTN%2FTiZH4WfOoiCpc5yB%2FlSEc2AQtost8B7g3si%2B4YtP%2Bp6RRNb7Mc)
+
+  - [个人博客文章：2019年末逆向复习系列之淘宝M站Sign参数逆向分析](https://cloudcrawler.club/tao-bao-m-zhan-sign-can-shu-ni-xiang-fen-xi.html)
+
+- **逆向代码**：[努比亚Cookie参数破解代码](https://github.com/lateautumn4lin/Review_Reverse/blob/master/tb/m_tb.py)
+- **实战代码**：[努比亚论坛爬取代码](https://github.com/lateautumn4lin/Review_Reverse/blob/master/tb/m_tb_example.py)
diff --git a/nubia/__init__.py b/nubia/__init__.py
diff --git a/nubia/debugger.html b/nubia/debugger.html
diff --git a/nubia/m_nubia.py b/nubia/m_nubia.py
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+# -*- encoding: utf-8 -*-
+'''
+@File    :   m_nubia.py
+@Time    :   2019/11/27 00:30:11
+@Author  :   lateautumn4lin
+@PythonVersion  :   3.7
+'''
+import requests
+import re
+import base64
+from urllib import parse
+
+headers = {
+    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
+}
+
+
+def get_script_data() -> str:
+    response = requests.get('https://bbs.nubia.cn/', headers=headers)
+    arg1 = re.search("arg1='([^']+)'", response.text).group(1)
+    return arg1
+
+
+def unsbox(arg: str) -> str:
+    _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd,
+                 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c,
+                 0x22, 0x25, 0xc, 0x24]
+    _0x4da0dc = [''] * 40
+    _0x12605e = ''
+    for _0x20a7bf in range(0, len(arg)):
+        _0x385ee3 = arg[_0x20a7bf]
+        for _0x217721 in range(0, len(_0x4b082b)):
+            if _0x4b082b[_0x217721] == _0x20a7bf + 0x1:
+                _0x4da0dc[_0x217721] = _0x385ee3
+    _0x12605e = ''.join(_0x4da0dc)
+    return _0x12605e
+
+
+def hexXor(_0x4e08d8: str, _0x23a392: str) -> str:
+    _0x5a5d3b = ''
+    _0xe89588 = 0x0
+    while _0xe89588 < len(_0x23a392) and _0xe89588 < len(_0x4e08d8):
+        _0x401af1 = int(_0x23a392[_0xe89588: _0xe89588 + 0x2], 16)
+        _0x105f59 = int(_0x4e08d8[_0xe89588: _0xe89588 + 0x2], 16)
+        _0x189e2c = hex(_0x401af1 ^ _0x105f59)
+        if len(_0x189e2c) == 0x1:
+            _0x189e2c = '\x30' + _0x189e2c
+        _0x5a5d3b += _0x189e2c[2:]
+
+        _0xe89588 += 0x2
+    return _0x5a5d3b
+
+
+def get_arg2() -> str:
+    arg1 = get_script_data()
+    key = '3000176000856006061501533003690027800375'
+    _0x23a392 = unsbox(arg1)
+    arg2 = 'acw_sc__v2=' + hexXor(key, _0x23a392)
+    return arg2
diff --git a/tb/__pycache__/__init__.cpython-37.pyc b/tb/__pycache__/__init__.cpython-37.pyc
diff --git a/tb/__pycache__/m_tb.cpython-37.pyc b/tb/__pycache__/m_tb.cpython-37.pyc
diff --git a/tb/__pycache__/m_tb_example.cpython-37.pyc b/tb/__pycache__/m_tb_example.cpython-37.pyc
diff --git a/test/__pycache__/__init__.cpython-37.pyc b/test/__pycache__/__init__.cpython-37.pyc
diff --git a/test/__pycache__/test_m_tb.cpython-37-pytest-5.3.0.pyc b/test/__pycache__/test_m_tb.cpython-37-pytest-5.3.0.pyc
diff --git a/test/test_m_nubia.py b/test/test_m_nubia.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+# -*- encoding: utf-8 -*-
+'''
+@File    :   test_m_nubia.py
+@Time    :   2019/11/27 00:30:11
+@Author  :   lateautumn4lin
+@PythonVersion  :   3.7
+'''
+import requests
+from nubia.m_nubia import get_arg2
+
+
+def test_m_nubia():
+    headers = {
+        "Cookie": get_arg2(),
+        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
+    }
+    response = requests.get('https://bbs.nubia.cn/', headers=headers)
+    result = 1 if "努比亚官网" in response.text else 0
+    assert result == 1
diff --git a/test/test_m_tb.py b/test/test_m_tb.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- encoding: utf-8 -*-
 '''
-@File    :   test_tb.py
+@File    :   test_m_tb.py
 @Time    :   2019/11/22 17:30:11
 @Author  :   lateautumn4lin
 @PythonVersion  :   3.7