JS逆向实战4——cookie 参数 acw_sc__v2

声明

本文章中所有内容仅供学习交流，抓包内容、敏感网址、数据接口均已做脱敏处理，严禁用于商业用途和非法用途，否则由此产生的一切后果均与作者无关，若有侵权，请联系我立即删除！

目标网站

aHR0cHM6Ly8zNmtyLmNvbS9zZWFyY2gvYXJ0aWNsZXMvTHg=

抓包分析

网站发送了两次请求，两次状态都是200，
第一次请求 返回了一个cookie 如下图

第二次请求 需要携带第一次的请求 还有个acw_sc__v2

而第一次请求 在最后有个setcookie 我们可以猜测这是 设置cookie的地方

但是还是不是很确定 所以我们hook一下

hook代码

然后发现果然设置的cookie 和我们上述分析的地方一样

然后我们把代码抠出来并且执行

js代码如下

var _0x5e8b26 = '3000176000856006061501533003690027800375'var getAcwScV2 = function (arg1) {String['prototype']['hexXor'] = function (_0x4e08d8) {var _0x5a5d3b = '';for (var _0xe89588 = 0x0; _0xe89588 < this['length'] && _0xe89588 < _0x4e08d8['length']; _0xe89588 += 0x2) {var _0x401af1 = parseInt(this['slice'](_0xe89588, _0xe89588 + 0x2), 0x10);var _0x105f59 = parseInt(_0x4e08d8['slice'](_0xe89588, _0xe89588 + 0x2), 0x10);var _0x189e2c = (_0x401af1 ^ _0x105f59)['toString'](0x10);if (_0x189e2c['length'] == 0x1) {_0x189e2c = '0' + _0x189e2c;}_0x5a5d3b += _0x189e2c;}return _0x5a5d3b;};String['prototype']['unsbox'] = function () {var _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd, 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c, 0x22, 0x25, 0xc, 0x24];var _0x4da0dc = [];var _0x12605e = '';for (var _0x20a7bf = 0x0; _0x20a7bf < this['length']; _0x20a7bf++) {var _0x385ee3 = this[_0x20a7bf];for (var _0x217721 = 0x0; _0x217721 < _0x4b082b['length']; _0x217721++) {if (_0x4b082b[_0x217721] == _0x20a7bf + 0x1) {_0x4da0dc[_0x217721] = _0x385ee3;}}}_0x12605e = _0x4da0dc['join']('');return _0x12605e;};var _0x23a392 = arg1['unsbox']();arg2 = _0x23a392['hexXor'](_0x5e8b26);return arg2
};