当前位置：首页 > news >正文

爬虫逆向实战（十七）--某某丁简历登录

news 2025/9/6 16:32:38

一、数据接口分析

主页地址：某某丁简历

1、抓包

通过抓包可以发现数据接口是submit
在这里插入图片描述

2、判断是否有加密参数

请求参数是否加密？
通过查看“载荷”模块可以发现有一个enPassword加密参数
请求头是否加密？
通过查看请求头可以发现有一个Token的加密参数
响应是否加密？
无
cookie是否加密？
无

二、加密位置定位

1、enPassword

（1）看启动器

查看启动器发现调用堆栈中有一个success，点进去查看
在这里插入图片描述
点进去后发现，此处就是加密位置，同时还可以看到加密是在对public_key接口请求的回调函数中进行的，加密时需要用到该接口响应的数据。

2、Token

（1）搜索关键字

通过搜索关键字token:可以找到给请求头中放token的位置，同时可以发现网站是从cookie中取的token
在这里插入图片描述
讲cookie清除，重新刷新页面，可以发现在请求html页面时，服务器返回的响应头中会设置cookie中token的值

三、扣js代码

先请求public_key接口获取到数据，然后将定位到的加密位置的代码扣出，缺啥补啥。

四、思路

先请求html页面，获取到token值，将token设置到请求头中，再请求public_key接口获取到数据，使用数据将密码进行加密，发送登录请求。
JavaScript源码：

var navigator = {}
navigator.appName = 'Netscape'var dbits;// JavaScript engine analysis
var canary = 0xdeadbeefcafe;
var j_lm = ((canary&0xffffff)==0xefcafe);// (public) Constructor
function BigInteger(a,b,c) {if(a != null)if("number" == typeof a) this.fromNumber(a,b,c);else if(b == null && "string" != typeof a) this.fromString(a,256);else this.fromString(a,b);
}// return new, unset BigInteger
function nbi() { return new BigInteger(null); }// am: Compute w_j += (x*this_i), propagate carries,
// c is initial carry, returns final carry.
// c < 3*dvalue, x < 2*dvalue, this_i < dvalue
// We need to select the fastest one that works in this environment.// am1: use a single mult and divide to get the high bits,
// max digit bits should be 26 because
// max internal value = 2*dvalue^2-2*dvalue (< 2^53)
function am1(i,x,w,j,c,n) {while(--n >= 0) {var v = x*this[i++]+w[j]+c;c = Math.floor(v/0x4000000);w[j++] = v&0x3ffffff;}return c;
}
// am2 avoids a big mult-and-extract completely.
// Max digit bits should be <= 30 because we do bitwise ops
// on values up to 2*hdvalue^2-hdvalue-1 (< 2^31)
function am2(i,x,w,j,c,n) {var xl = x&0x7fff, xh = x>>15;while(--n >= 0) {var l = this[i]&0x7fff;var h = this[i++]>>15;var m = xh*l+h*xl;l = xl*l+((m&0x7fff)<<15)+w[j]+(c&0x3fffffff);c = (l>>>30)+(m>>>15)+xh*h+(c>>>30);w[j++] = l&0x3fffffff;}return c;
}
// Alternately, set max digit bits to 28 since some
// browsers slow down when dealing with 32-bit numbers.
function am3(i,x,w,j,c,n) {var xl = x&0x3fff, xh = x>>14;while(--n >= 0) {var l = this[i]&0x3fff;var h = this[i++]>>14;var m = xh*l+h*xl;l = xl*l+((m&0x3fff)<<14)+w[j]+c;c = (l>>28)+(m>>14)+xh*h;w[j++] = l&0xfffffff;}return c;
}
if(j_lm && (navigator.appName == "Microsoft Internet Explorer")) {BigInteger.prototype.am = am2;dbits = 30;
}
else if(j_lm && (navigator.appName != "Netscape")) {BigInteger.prototype.am = am1;dbits = 26;
}
else { // Mozilla/Netscape seems to prefer am3BigInteger.prototype.am = am3;dbits = 28;
}BigInteger.prototype.DB = dbits;
BigInteger.prototype.DM = ((1<<dbits)-1);
BigInteger.prototype.DV = (1<<dbits);var BI_FP = 52;
BigInteger.prototype.FV = Math.pow(2,BI_FP);
BigInteger.prototype.F1 = BI_FP-dbits;
BigInteger.prototype.F2 = 2*dbits-BI_FP;// Digit conversions
var BI_RM = "0123456789abcdefghijklmnopqrstuvwxyz";
var BI_RC = new Array();
var rr,vv;
rr = "0".charCodeAt(0);
for(vv = 0; vv <= 9; ++vv) BI_RC[rr++] = vv;
rr = "a".charCodeAt(0);
for(vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv;
rr = "A".charCodeAt(0);
for(vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv;function int2char(n) { return BI_RM.charAt(n); }
function intAt(s,i) {var c = BI_RC[s.charCodeAt(i)];return (c==null)?-1:c;
}// (protected) copy this to r
function bnpCopyTo(r) {for(var i = this.t-1; i >= 0; --i) r[i] = this[i];r.t = this.t;r.s = this.s;
}// (protected) set from integer value x, -DV <= x < DV
function bnpFromInt(x) {this.t = 1;this.s = (x<0)?-1:0;if(x > 0) this[0] = x;else if(x < -1) this[0] = x+DV;else this.t = 0;
}// return bigint initialized to value
function nbv(i) { var r = nbi(); r.fromInt(i); return r; }// (protected) set from string and radix
function bnpFromString(s,b) {var k;if(b == 16) k = 4;else if(b == 8) k = 3;else if(b == 256) k = 8; // byte arrayelse if(b == 2) k = 1;else if(b == 32) k = 5;else if(b == 4) k = 2;else { this.fromRadix(s,b); return; }this.t = 0;this.s = 0;var i = s.length, mi = false, sh = 0;while(--i >= 0) {var x = (k==8)?s[i]&0xff:intAt(s,i);if(x < 0) {if(s.charAt(i) == "-") mi = true;continue;}mi = false;if(sh == 0)this[this.t++] = x;else if(sh+k > this.DB) {this[this.t-1] |= (x&((1<<(this.DB-sh))-1))<<sh;this[this.t++] = (x>>(this.DB-sh));}elsethis[this.t-1] |= x<<sh;sh += k;if(sh >= this.DB) sh -= this.DB;}if(k == 8 && (s[0]&0x80) != 0) {this.s = -1;if(sh > 0) this[this.t-1] |= ((1<<(this.DB-sh))-1)<<sh;}this.clamp();if(mi) BigInteger.ZERO.subTo(this,this);
}// (protected) clamp off excess high words
function bnpClamp() {var c = this.s&this.DM;while(this.t > 0 && this[this.t-1] == c) --this.t;
}// (public) return string representation in given radix
function bnToString(b) {if(this.s < 0) return "-"+this.negate().toString(b);var k;if(b == 16) k = 4;else if(b == 8) k = 3;else if(b == 2) k = 1;else if(b == 32) k = 5;else if(b == 4) k = 2;else return this.toRadix(b);var km = (1<<k)-1, d, m = false, r = "", i = this.t;var p = this.DB-(i*this.DB)%k;if(i-- > 0) {if(p < this.DB && (d = this[i]>>p) > 0) { m = true; r = int2char(d); }while(i >= 0) {if(p < k) {d = (this[i]&((1<<p)-1))<<(k-p);d |= this[--i]>>(p+=this.DB-k);}else {d = (this[i]>>(p-=k))&km;if(p <= 0) { p += this.DB; --i; }}if(d > 0) m = true;if(m) r += int2char(d);}}return m?r:"0";
}// (public) -this
function bnNegate() { var r = nbi(); BigInteger.ZERO.subTo(this,r); return r; }// (public) |this|
function bnAbs() { return (this.s<0)?this.negate():this; }// (public) return + if this > a, - if this < a, 0 if equal
function bnCompareTo(a) {var r = this.s-a.s;if(r != 0) return r;var i = this.t;r = i-a.t;if(r != 0) return (this.s<0)?-r:r;while(--i >= 0) if((r=this[i]-a[i]) != 0) return r;return 0;
}// returns bit length of the integer x
function nbits(x) {var r = 1, t;if((t=x>>>16) != 0) { x = t; r += 16; }if((t=x>>8) != 0) { x = t; r += 8; }if((t=x>>4) != 0) { x = t; r += 4; }if((t=x>>2) != 0) { x = t; r += 2; }if((t=x>>1) != 0) { x = t; r += 1; }return r;
}// (public) return the number of bits in "this"
function bnBitLength() {if(this.t <= 0) return 0;return this.DB*(this.t-1)+nbits(this[this.t-1]^(this.s&this.DM));
}// (protected) r = this << n*DB
function bnpDLShiftTo(n,r) {var i;for(i = this.t-1; i >= 0; --i) r[i+n] = this[i];for(i = n-1; i >= 0; --i) r[i] = 0;r.t = this.t+n;r.s = this.s;
}// (protected) r = this >> n*DB
function bnpDRShiftTo(n,r) {for(var i = n; i < this.t; ++i) r[i-n] = this[i];r.t = Math.max(this.t-n,0);r.s = this.s;
}// (protected) r = this << n
function bnpLShiftTo(n,r) {var bs = n%this.DB;var cbs = this.DB-bs;var bm = (1<<cbs)-1;var ds = Math.floor(n/this.DB), c = (this.s<<bs)&this.DM, i;for(i = this.t-1; i >= 0; --i) {r[i+ds+1] = (this[i]>>cbs)|c;c = (this[i]&bm)<<bs;}for(i = ds-1; i >= 0; --i) r[i] = 0;r[ds] = c;r.t = this.t+ds+1;r.s = this.s;r.clamp();
}// (protected) r = this >> n
function bnpRShiftTo(n,r) {r.s = this.s;var ds = Math.floor(n/this.DB);if(ds >= this.t) { r.t = 0; return; }var bs = n%this.DB;var cbs = this.DB-bs;var bm = (1<<bs)-1;r[0] = this[ds]>>bs;for(var i = ds+1; i < this.t; ++i) {r[i-ds-1] |= (this[i]&bm)<<cbs;r[i-ds] = this[i]>>bs;}if(bs > 0) r[this.t-ds-1] |= (this.s&bm)<<cbs;r.t = this.t-ds;r.clamp();
}// (protected) r = this - a
function bnpSubTo(a,r) {var i = 0, c = 0, m = Math.min(a.t,this.t);while(i < m) {c += this[i]-a[i];r[i++] = c&this.DM;c >>= this.DB;}if(a.t < this.t) {c -= a.s;while(i < this.t) {c += this[i];r[i++] = c&this.DM;c >>= this.DB;}c += this.s;}else {c += this.s;while(i < a.t) {c -= a[i];r[i++] = c&this.DM;c >>= this.DB;}c -= a.s;}r.s = (c<0)?-1:0;if(c < -1) r[i++] = this.DV+c;else if(c > 0) r[i++] = c;r.t = i;r.clamp();
}// (protected) r = this * a, r != this,a (HAC 14.12)
// "this" should be the larger one if appropriate.
function bnpMultiplyTo(a,r) {var x = this.abs(), y = a.abs();var i = x.t;r.t = i+y.t;while(--i >= 0) r[i] = 0;for(i = 0; i < y.t; ++i) r[i+x.t] = x.am(0,y[i],r,i,0,x.t);r.s = 0;r.clamp();if(this.s != a.s) BigInteger.ZERO.subTo(r,r);
}// (protected) r = this^2, r != this (HAC 14.16)
function bnpSquareTo(r) {var x = this.abs();var i = r.t = 2*x.t;while(--i >= 0) r[i] = 0;for(i = 0; i < x.t-1; ++i) {var c = x.am(i,x[i],r,2*i,0,1);if((r[i+x.t]+=x.am(i+1,2*x[i],r,2*i+1,c,x.t-i-1)) >= x.DV) {r[i+x.t] -= x.DV;r[i+x.t+1] = 1;}}if(r.t > 0) r[r.t-1] += x.am(i,x[i],r,2*i,0,1);r.s = 0;r.clamp();
}// (protected) divide this by m, quotient and remainder to q, r (HAC 14.20)
// r != q, this != m.  q or r may be null.
function bnpDivRemTo(m,q,r) {var pm = m.abs();if(pm.t <= 0) return;var pt = this.abs();if(pt.t < pm.t) {if(q != null) q.fromInt(0);if(r != null) this.copyTo(r);return;}if(r == null) r = nbi();var y = nbi(), ts = this.s, ms = m.s;var nsh = this.DB-nbits(pm[pm.t-1]);	// normalize modulusif(nsh > 0) { pm.lShiftTo(nsh,y); pt.lShiftTo(nsh,r); }else { pm.copyTo(y); pt.copyTo(r); }var ys = y.t;var y0 = y[ys-1];if(y0 == 0) return;var yt = y0*(1<<this.F1)+((ys>1)?y[ys-2]>>this.F2:0);var d1 = this.FV/yt, d2 = (1<<this.F1)/yt, e = 1<<this.F2;var i = r.t, j = i-ys, t = (q==null)?nbi():q;y.dlShiftTo(j,t);if(r.compareTo(t) >= 0) {r[r.t++] = 1;r.subTo(t,r);}BigInteger.ONE.dlShiftTo(ys,t);t.subTo(y,y);	// "negative" y so we can replace sub with am laterwhile(y.t < ys) y[y.t++] = 0;while(--j >= 0) {// Estimate quotient digitvar qd = (r[--i]==y0)?this.DM:Math.floor(r[i]*d1+(r[i-1]+e)*d2);if((r[i]+=y.am(0,qd,r,j,0,ys)) < qd) {	// Try it outy.dlShiftTo(j,t);r.subTo(t,r);while(r[i] < --qd) r.subTo(t,r);}}if(q != null) {r.drShiftTo(ys,q);if(ts != ms) BigInteger.ZERO.subTo(q,q);}r.t = ys;r.clamp();if(nsh > 0) r.rShiftTo(nsh,r);	// Denormalize remainderif(ts < 0) BigInteger.ZERO.subTo(r,r);
}// (public) this mod a
function bnMod(a) {var r = nbi();this.abs().divRemTo(a,null,r);if(this.s < 0 && r.compareTo(BigInteger.ZERO) > 0) a.subTo(r,r);return r;
}// Modular reduction using "classic" algorithm
function Classic(m) { this.m = m; }
function cConvert(x) {if(x.s < 0 || x.compareTo(this.m) >= 0) return x.mod(this.m);else return x;
}
function cRevert(x) { return x; }
function cReduce(x) { x.divRemTo(this.m,null,x); }
function cMulTo(x,y,r) { x.multiplyTo(y,r); this.reduce(r); }
function cSqrTo(x,r) { x.squareTo(r); this.reduce(r); }Classic.prototype.convert = cConvert;
Classic.prototype.revert = cRevert;
Classic.prototype.reduce = cReduce;
Classic.prototype.mulTo = cMulTo;
Classic.prototype.sqrTo = cSqrTo;// (protected) return "-1/this % 2^DB"; useful for Mont. reduction
// justification:
//         xy == 1 (mod m)
//         xy =  1+km
//   xy(2-xy) = (1+km)(1-km)
// x[y(2-xy)] = 1-k^2m^2
// x[y(2-xy)] == 1 (mod m^2)
// if y is 1/x mod m, then y(2-xy) is 1/x mod m^2
// should reduce x and y(2-xy) by m^2 at each step to keep size bounded.
// JS multiply "overflows" differently from C/C++, so care is needed here.
function bnpInvDigit() {if(this.t < 1) return 0;var x = this[0];if((x&1) == 0) return 0;var y = x&3;		// y == 1/x mod 2^2y = (y*(2-(x&0xf)*y))&0xf;	// y == 1/x mod 2^4y = (y*(2-(x&0xff)*y))&0xff;	// y == 1/x mod 2^8y = (y*(2-(((x&0xffff)*y)&0xffff)))&0xffff;	// y == 1/x mod 2^16// last step - calculate inverse mod DV directly;// assumes 16 < DB <= 32 and assumes ability to handle 48-bit intsy = (y*(2-x*y%this.DV))%this.DV;		// y == 1/x mod 2^dbits// we really want the negative inverse, and -DV < y < DVreturn (y>0)?this.DV-y:-y;
}// Montgomery reduction
function Montgomery(m) {this.m = m;this.mp = m.invDigit();this.mpl = this.mp&0x7fff;this.mph = this.mp>>15;this.um = (1<<(m.DB-15))-1;this.mt2 = 2*m.t;
}// xR mod m
function montConvert(x) {var r = nbi();x.abs().dlShiftTo(this.m.t,r);r.divRemTo(this.m,null,r);if(x.s < 0 && r.compareTo(BigInteger.ZERO) > 0) this.m.subTo(r,r);return r;
}// x/R mod m
function montRevert(x) {var r = nbi();x.copyTo(r);this.reduce(r);return r;
}// x = x/R mod m (HAC 14.32)
function montReduce(x) {while(x.t <= this.mt2)	// pad x so am has enough room laterx[x.t++] = 0;for(var i = 0; i < this.m.t; ++i) {// faster way of calculating u0 = x[i]*mp mod DVvar j = x[i]&0x7fff;var u0 = (j*this.mpl+(((j*this.mph+(x[i]>>15)*this.mpl)&this.um)<<15))&x.DM;// use am to combine the multiply-shift-add into one callj = i+this.m.t;x[j] += this.m.am(0,u0,x,i,0,this.m.t);// propagate carrywhile(x[j] >= x.DV) { x[j] -= x.DV; x[++j]++; }}x.clamp();x.drShiftTo(this.m.t,x);if(x.compareTo(this.m) >= 0) x.subTo(this.m,x);
}// r = "x^2/R mod m"; x != r
function montSqrTo(x,r) { x.squareTo(r); this.reduce(r); }// r = "xy/R mod m"; x,y != r
function montMulTo(x,y,r) { x.multiplyTo(y,r); this.reduce(r); }Montgomery.prototype.convert = montConvert;
Montgomery.prototype.revert = montRevert;
Montgomery.prototype.reduce = montReduce;
Montgomery.prototype.mulTo = montMulTo;
Montgomery.prototype.sqrTo = montSqrTo;// (protected) true iff this is even
function bnpIsEven() { return ((this.t>0)?(this[0]&1):this.s) == 0; }// (protected) this^e, e < 2^32, doing sqr and mul with "r" (HAC 14.79)
function bnpExp(e,z) {if(e > 0xffffffff || e < 1) return BigInteger.ONE;var r = nbi(), r2 = nbi(), g = z.convert(this), i = nbits(e)-1;g.copyTo(r);while(--i >= 0) {z.sqrTo(r,r2);if((e&(1<<i)) > 0) z.mulTo(r2,g,r);else { var t = r; r = r2; r2 = t; }}return z.revert(r);
}// (public) this^e % m, 0 <= e < 2^32
function bnModPowInt(e,m) {var z;if(e < 256 || m.isEven()) z = new Classic(m); else z = new Montgomery(m);return this.exp(e,z);
}// protected
BigInteger.prototype.copyTo = bnpCopyTo;
BigInteger.prototype.fromInt = bnpFromInt;
BigInteger.prototype.fromString = bnpFromString;
BigInteger.prototype.clamp = bnpClamp;
BigInteger.prototype.dlShiftTo = bnpDLShiftTo;
BigInteger.prototype.drShiftTo = bnpDRShiftTo;
BigInteger.prototype.lShiftTo = bnpLShiftTo;
BigInteger.prototype.rShiftTo = bnpRShiftTo;
BigInteger.prototype.subTo = bnpSubTo;
BigInteger.prototype.multiplyTo = bnpMultiplyTo;
BigInteger.prototype.squareTo = bnpSquareTo;
BigInteger.prototype.divRemTo = bnpDivRemTo;
BigInteger.prototype.invDigit = bnpInvDigit;
BigInteger.prototype.isEven = bnpIsEven;
BigInteger.prototype.exp = bnpExp;// public
BigInteger.prototype.toString = bnToString;
BigInteger.prototype.negate = bnNegate;
BigInteger.prototype.abs = bnAbs;
BigInteger.prototype.compareTo = bnCompareTo;
BigInteger.prototype.bitLength = bnBitLength;
BigInteger.prototype.mod = bnMod;
BigInteger.prototype.modPowInt = bnModPowInt;BigInteger.ZERO = nbv(0);
BigInteger.ONE = nbv(1);
var b64map="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
var b64pad="=";function hex2b64(h) {var i;var c;var ret = "";for(i = 0; i+3 <= h.length; i+=3) {c = parseInt(h.substring(i,i+3),16);ret += b64map.charAt(c >> 6) + b64map.charAt(c & 63);}if(i+1 == h.length) {c = parseInt(h.substring(i,i+1),16);ret += b64map.charAt(c << 2);}else if(i+2 == h.length) {c = parseInt(h.substring(i,i+2),16);ret += b64map.charAt(c >> 2) + b64map.charAt((c & 3) << 4);}while((ret.length & 3) > 0) ret += b64pad;return ret;
}
function b64tohex(s) {var ret = ""var i;var k = 0; // b64 state, 0-3var slop;for(i = 0; i < s.length; ++i) {if(s.charAt(i) == b64pad) break;v = b64map.indexOf(s.charAt(i));if(v < 0) continue;if(k == 0) {ret += int2char(v >> 2);slop = v & 3;k = 1;}else if(k == 1) {ret += int2char((slop << 2) | (v >> 4));slop = v & 0xf;k = 2;}else if(k == 2) {ret += int2char(slop);ret += int2char(v >> 2);slop = v & 3;k = 3;}else {ret += int2char((slop << 2) | (v >> 4));ret += int2char(v & 0xf);k = 0;}}if(k == 1)ret += int2char(slop << 2);return ret;
}
function b64toBA(s) {//piggyback on b64tohex for now, optimize latervar h = b64tohex(s);var i;var a = new Array();for(i = 0; 2*i < h.length; ++i) {a[i] = parseInt(h.substring(2*i,2*i+2),16);}return a;
}
function Arcfour() {this.i = 0;this.j = 0;this.S = new Array();
}
function ARC4init(key) {var i, j, t;for(i = 0; i < 256; ++i)this.S[i] = i;j = 0;for(i = 0; i < 256; ++i) {j = (j + this.S[i] + key[i % key.length]) & 255;t = this.S[i];this.S[i] = this.S[j];this.S[j] = t;}this.i = 0;this.j = 0;
}
function ARC4next() {var t;this.i = (this.i + 1) & 255;this.j = (this.j + this.S[this.i]) & 255;t = this.S[this.i];this.S[this.i] = this.S[this.j];this.S[this.j] = t;return this.S[(t + this.S[this.i]) & 255];
}
Arcfour.prototype.init = ARC4init;
Arcfour.prototype.next = ARC4next;
function prng_newstate() {return new Arcfour();
}
var rng_psize = 256;
var rng_state;
var rng_pool;
var rng_pptr;
function rng_seed_int(x) {rng_pool[rng_pptr++] ^= x & 255;rng_pool[rng_pptr++] ^= (x >> 8) & 255;rng_pool[rng_pptr++] ^= (x >> 16) & 255;rng_pool[rng_pptr++] ^= (x >> 24) & 255;if(rng_pptr >= rng_psize) rng_pptr -= rng_psize;
}
function rng_seed_time() {rng_seed_int(new Date().getTime());
}
if(rng_pool == null) {rng_pool = new Array();rng_pptr = 0;var t;if(navigator.appName == "Netscape" && navigator.appVersion < "5" && window.crypto) {// Extract entropy (256 bits) from NS4 RNG if availablevar z = window.crypto.random(32);for(t = 0; t < z.length; ++t)rng_pool[rng_pptr++] = z.charCodeAt(t) & 255;}while(rng_pptr < rng_psize) {  // extract some randomness from Math.random()t = Math.floor(65536 * Math.random());rng_pool[rng_pptr++] = t >>> 8;rng_pool[rng_pptr++] = t & 255;}rng_pptr = 0;rng_seed_time();
}
function rng_get_byte() {if(rng_state == null) {rng_seed_time();rng_state = prng_newstate();rng_state.init(rng_pool);for(rng_pptr = 0; rng_pptr < rng_pool.length; ++rng_pptr)rng_pool[rng_pptr] = 0;rng_pptr = 0;}return rng_state.next();
}
function rng_get_bytes(ba) {var i;for(i = 0; i < ba.length; ++i) ba[i] = rng_get_byte();
}
function SecureRandom() {}
SecureRandom.prototype.nextBytes = rng_get_bytes;
function parseBigInt(str,r) {return new BigInteger(str,r);
}
function linebrk(s,n) {var ret = "";var i = 0;while(i + n < s.length) {ret += s.substring(i,i+n) + "\n";i += n;}return ret + s.substring(i,s.length);
}
function byte2Hex(b) {if(b < 0x10)return "0" + b.toString(16);elsereturn b.toString(16);
}
function pkcs1pad2(s,n) {if(n < s.length + 11) { // TODO: fix for utf-8alert("Message too long for RSA");return null;}var ba = new Array();var i = s.length - 1;while(i >= 0 && n > 0) {var c = s.charCodeAt(i--);if(c < 128) { // encode using utf-8ba[--n] = c;}else if((c > 127) && (c < 2048)) {ba[--n] = (c & 63) | 128;ba[--n] = (c >> 6) | 192;}else {ba[--n] = (c & 63) | 128;ba[--n] = ((c >> 6) & 63) | 128;ba[--n] = (c >> 12) | 224;}}ba[--n] = 0;var rng = new SecureRandom();var x = new Array();while(n > 2) { // random non-zero padx[0] = 0;while(x[0] == 0) rng.nextBytes(x);ba[--n] = x[0];}ba[--n] = 2;ba[--n] = 0;return new BigInteger(ba);
}
function RSAKey() {this.n = null;this.e = 0;this.d = null;this.p = null;this.q = null;this.dmp1 = null;this.dmq1 = null;this.coeff = null;
}
function RSASetPublic(N,E) {if(N != null && E != null && N.length > 0 && E.length > 0) {this.n = parseBigInt(N,16);this.e = parseInt(E,16);}elsealert("Invalid RSA public key");
}
function RSADoPublic(x) {return x.modPowInt(this.e, this.n);
}
function RSAEncrypt(text) {var m = pkcs1pad2(text,(this.n.bitLength()+7)>>3);if(m == null) return null;var c = this.doPublic(m);if(c == null) return null;var h = c.toString(16);if((h.length & 1) == 0) return h; else return "0" + h;
}
RSAKey.prototype.doPublic = RSADoPublic;
RSAKey.prototype.setPublic = RSASetPublic;
RSAKey.prototype.encrypt = RSAEncrypt;function get_pwd(pwd, modulus, exponent) {var rsaKey = new RSAKey();rsaKey.setPublic(b64tohex(modulus), b64tohex(exponent));return hex2b64(rsaKey.encrypt(pwd));
}

Python源码：

"""
Email：912917367@qq.com
Date: 2023/8/16 15:27
"""
import timeimport execjs
import requestsclass Spider:def __init__(self, username, password):self.session = requests.session()self.session.headers = {"Accept": "application/json, text/javascript, */*; q=0.01","Accept-Language": "zh-CN,zh;q=0.9","Cache-Control": "no-cache","Connection": "keep-alive","Content-Type": "application/x-www-form-urlencoded; charset=UTF-8","Origin": "https://www.500d.me","Pragma": "no-cache","Referer": "https://www.500d.me/login/","Sec-Fetch-Dest": "empty","Sec-Fetch-Mode": "cors","Sec-Fetch-Site": "same-origin","User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36","X-Requested-With": "XMLHttpRequest","sec-ch-ua": "^\\^Not/A)Brand^^;v=^\\^99^^, ^\\^Google","sec-ch-ua-mobile": "?0","sec-ch-ua-platform": "^\\^Windows^^"}self.modulus = ''self.exponent = ''self.username = usernameself.password = passwordself.token = ''def get_token(self):url = "https://www.500d.me/login/"response = self.session.get(url)cookies = self.session.cookiesfor cookie in cookies:if cookie.name == 'token':self.session.headers['token'] = cookie.valuedef get_pubkey(self):url = "https://www.500d.me/common/public_key/"params = {"_": int(time.time() * 1000)}response = self.session.get(url, params=params)key_data = response.json()self.modulus = key_data['modulus']self.exponent = key_data['exponent']def login(self):with open('get_param.js', 'r', encoding='utf-8') as f:js_obj = execjs.compile(f.read())pwd = js_obj.call('get_pwd', self.password, self.modulus, self.exponent)url = "https://www.500d.me/login/submit/"data = {"username": self.username,"enPassword": pwd,"service": "","remember": "true"}response = self.session.post(url, data=data)print(response.text)print(response)def run(self):self.get_token()self.get_pubkey()self.login()if __name__ == '__main__':s = Spider('账号', '密码')s.run()