板砖亲你头 发表于 2021-8-25 11:06

某雅音频网站vip加密路径破解思路

本帖最后由 板砖亲你头 于 2021-8-26 09:33 编辑

### 某音频网站破解vip路径加密思路
                        比较喜欢听莫言的小说《丰乳肥臀》就是他的代表作,为此开通了vip,因为vip快要到期,于是就下载到本地打算留个纪念,没想到只能在会员期间才能听,什么鬼,这么恶心,有必要搞一下。
                        1.进行抓包用的pc端,直接使用chrome,f12。因为做了接口拦截,所以只有开通vip 才能看到接口,接口如下:pay/ 后面的是这个章节id 通过id 锁定为哪一个章节。章节id很重要,
后面的参数为服务器时间,这些都不重要
![](https://attach.52pojie.cn//forum/202108/25/095344fyqntp4uyylkpuup.png?l)

                        2.获取了url路径,后面开始获取他的返回参数了,返回参数如下:albumid为章节id ,后面的就是这个文件的加密路径了,
后台进行加密,前端进行解密,这么多参数什么鬼,只能从最显眼的来去判断,寻找他的加密js
![](https://attach.52pojie.cn//forum/202108/25/103904ajxu2pguxrjfsubb.png?l)

                        3.功夫不负有心人,终于给找到了,通过fileid进行查找其实也挺明显的,
下一步就是慢慢分析加密的js,慢慢进行debug.
![](https://attach.52pojie.cn//forum/202108/25/103906w7rluorncum4ph4m.png?l)

                        4.根据加密js,反写成解密代码是在是太麻烦了,浪费大量的时间,我突然想起了java 里面有直接能运行js 的引擎ScriptObjectMirror ,剩下的就很好办了,
就是调用接口,进行下载,读写操作了
                        5.成品的源码,我放在了 百度网盘上面 在这就不做过多赘述了
链接:https://pan.baidu.com/s/15_gGRQ1Cuukrjw2jOEfXjQ
提取码:425u

yonggedebaqi 发表于 2021-8-29 01:45

板砖亲你头 发表于 2021-8-26 11:02
统一回复下,扫码获取cookie时,会出现cookie为空的情况,重新加载点击二维码图片,重新扫码即可,js设置的 ...

大佬,麻烦教我怎样运行。谢谢!!!

yonggedebaqi 发表于 2021-9-7 20:58

板砖亲你头 发表于 2021-8-30 09:06
java 程序 放在编译器中例如 idea 使用maven 启动访问localhost:2233/index 即可

"C:\Program Files\Java\jdk1.8.0_201\bin\java.exe" -XX:TieredStopAtLevel=1 -noverify -Dspring.output.ansi.enabled=always "-javaagent:E:\Program Files\JetBrains\IntelliJ IDEA 2021.2\lib\idea_rt.jar=53515:E:\Program Files\JetBrains\IntelliJ IDEA 2021.2\bin" -Dcom.sun.management.jmxremote -Dspring.jmx.enabled=true -Dspring.liveBeansView.mbeanDomain -Dspring.application.admin.enabled=true -Dfile.encoding=UTF-8 -classpath "C:\Program Files\Java\jdk1.8.0_201\jre\lib\charsets.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\deploy.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\access-bridge-64.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\cldrdata.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\dnsns.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\jaccess.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\jfxrt.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\localedata.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\nashorn.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\sunec.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\sunjce_provider.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\sunmscapi.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\sunpkcs11.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\ext\zipfs.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\javaws.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\jce.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\jfr.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\jfxswt.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\jsse.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\management-agent.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\plugin.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\resources.jar;C:\Program Files\Java\jdk1.8.0_201\jre\lib\rt.jar;E:\reptile\target\classes;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-web\2.3.7.RELEASE\spring-boot-starter-web-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter\2.3.7.RELEASE\spring-boot-starter-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-logging\2.3.7.RELEASE\spring-boot-starter-logging-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\ch\qos\logback\logback-classic\1.2.3\logback-classic-1.2.3.jar;C:\Users\PC\.m2\repository\ch\qos\logback\logback-core\1.2.3\logback-core-1.2.3.jar;C:\Users\PC\.m2\repository\org\apache\logging\log4j\log4j-to-slf4j\2.13.3\log4j-to-slf4j-2.13.3.jar;C:\Users\PC\.m2\repository\org\apache\logging\log4j\log4j-api\2.13.3\log4j-api-2.13.3.jar;C:\Users\PC\.m2\repository\org\slf4j\jul-to-slf4j\1.7.30\jul-to-slf4j-1.7.30.jar;C:\Users\PC\.m2\repository\jakarta\annotation\jakarta.annotation-api\1.3.5\jakarta.annotation-api-1.3.5.jar;C:\Users\PC\.m2\repository\org\yaml\snakeyaml\1.26\snakeyaml-1.26.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-json\2.3.7.RELEASE\spring-boot-starter-json-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\core\jackson-databind\2.11.3\jackson-databind-2.11.3.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\core\jackson-annotations\2.11.3\jackson-annotations-2.11.3.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\core\jackson-core\2.11.3\jackson-core-2.11.3.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jdk8\2.11.3\jackson-datatype-jdk8-2.11.3.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jsr310\2.11.3\jackson-datatype-jsr310-2.11.3.jar;C:\Users\PC\.m2\repository\com\fasterxml\jackson\module\jackson-module-parameter-names\2.11.3\jackson-module-parameter-names-2.11.3.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-tomcat\2.3.7.RELEASE\spring-boot-starter-tomcat-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\apache\tomcat\embed\tomcat-embed-core\9.0.41\tomcat-embed-core-9.0.41.jar;C:\Users\PC\.m2\repository\org\glassfish\jakarta.el\3.0.3\jakarta.el-3.0.3.jar;C:\Users\PC\.m2\repository\org\apache\tomcat\embed\tomcat-embed-websocket\9.0.41\tomcat-embed-websocket-9.0.41.jar;C:\Users\PC\.m2\repository\org\springframework\spring-web\5.2.12.RELEASE\spring-web-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-beans\5.2.12.RELEASE\spring-beans-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-webmvc\5.2.12.RELEASE\spring-webmvc-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-aop\5.2.12.RELEASE\spring-aop-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-context\5.2.12.RELEASE\spring-context-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-expression\5.2.12.RELEASE\spring-expression-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\apache\httpcomponents\httpclient\4.5.2\httpclient-4.5.2.jar;C:\Users\PC\.m2\repository\commons-codec\commons-codec\1.14\commons-codec-1.14.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-thymeleaf\2.3.7.RELEASE\spring-boot-starter-thymeleaf-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\thymeleaf\thymeleaf-spring5\3.0.11.RELEASE\thymeleaf-spring5-3.0.11.RELEASE.jar;C:\Users\PC\.m2\repository\org\thymeleaf\thymeleaf\3.0.11.RELEASE\thymeleaf-3.0.11.RELEASE.jar;C:\Users\PC\.m2\repository\org\attoparser\attoparser\2.0.5.RELEASE\attoparser-2.0.5.RELEASE.jar;C:\Users\PC\.m2\repository\org\unbescape\unbescape\1.1.6.RELEASE\unbescape-1.1.6.RELEASE.jar;C:\Users\PC\.m2\repository\org\slf4j\slf4j-api\1.7.30\slf4j-api-1.7.30.jar;C:\Users\PC\.m2\repository\org\thymeleaf\extras\thymeleaf-extras-java8time\3.0.4.RELEASE\thymeleaf-extras-java8time-3.0.4.RELEASE.jar;C:\Users\PC\.m2\repository\commons-httpclient\commons-httpclient\3.1\commons-httpclient-3.1.jar;C:\Users\PC\.m2\repository\commons-logging\commons-logging\1.0.4\commons-logging-1.0.4.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-devtools\2.3.7.RELEASE\spring-boot-devtools-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot\2.3.7.RELEASE\spring-boot-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-autoconfigure\2.3.7.RELEASE\spring-boot-autoconfigure-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\apache\httpcomponents\httpcore\4.4.10\httpcore-4.4.10.jar;C:\Users\PC\.m2\repository\org\jsoup\jsoup\1.11.3\jsoup-1.11.3.jar;C:\Users\PC\.m2\repository\com\alibaba\fastjson\1.2.68\fastjson-1.2.68.jar;C:\Users\PC\.m2\repository\cn\hutool\hutool-all\5.4.1\hutool-all-5.4.1.jar;C:\Users\PC\.m2\repository\org\apache\commons\commons-lang3\3.9\commons-lang3-3.9.jar;C:\Users\PC\.m2\repository\org\springframework\boot\spring-boot-starter-data-redis\2.3.7.RELEASE\spring-boot-starter-data-redis-2.3.7.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\data\spring-data-redis\2.3.6.RELEASE\spring-data-redis-2.3.6.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\data\spring-data-keyvalue\2.3.6.RELEASE\spring-data-keyvalue-2.3.6.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\data\spring-data-commons\2.3.6.RELEASE\spring-data-commons-2.3.6.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-tx\5.2.12.RELEASE\spring-tx-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-oxm\5.2.12.RELEASE\spring-oxm-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-context-support\5.2.12.RELEASE\spring-context-support-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\io\lettuce\lettuce-core\5.3.5.RELEASE\lettuce-core-5.3.5.RELEASE.jar;C:\Users\PC\.m2\repository\io\netty\netty-common\4.1.55.Final\netty-common-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\netty\netty-handler\4.1.55.Final\netty-handler-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\netty\netty-resolver\4.1.55.Final\netty-resolver-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\netty\netty-buffer\4.1.55.Final\netty-buffer-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\netty\netty-codec\4.1.55.Final\netty-codec-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\netty\netty-transport\4.1.55.Final\netty-transport-4.1.55.Final.jar;C:\Users\PC\.m2\repository\io\projectreactor\reactor-core\3.3.12.RELEASE\reactor-core-3.3.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\reactivestreams\reactive-streams\1.0.3\reactive-streams-1.0.3.jar;C:\Users\PC\.m2\repository\org\springframework\spring-core\5.2.12.RELEASE\spring-core-5.2.12.RELEASE.jar;C:\Users\PC\.m2\repository\org\springframework\spring-jcl\5.2.12.RELEASE\spring-jcl-5.2.12.RELEASE.jar" com.antcom.himalayadate.reptile.ReptileApplication

.   ____          _            __ _ _
/\\ / ___'_ __ _ _(_)_ ____ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/___)| |_)| | | | | || (_| |) ) ) )
'|____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot ::      (v2.3.7.RELEASE)

2021-09-07 20:56:15.235INFO 12584 --- c.a.h.reptile.ReptileApplication         : Starting ReptileApplication on PC-PC with PID 12584 (E:\reptile\target\classes started by PC in E:\reptile)
2021-09-07 20:56:15.241INFO 12584 --- c.a.h.reptile.ReptileApplication         : No active profile set, falling back to default profiles: default
2021-09-07 20:56:15.321INFO 12584 --- .e.DevToolsPropertyDefaultsPostProcessor : Devtools property defaults active! Set 'spring.devtools.add-properties' to 'false' to disable
2021-09-07 20:56:15.331INFO 12584 --- .e.DevToolsPropertyDefaultsPostProcessor : For additional web related logging consider setting the 'logging.level.web' property to 'DEBUG'
2021-09-07 20:56:16.132INFO 12584 --- .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode!
2021-09-07 20:56:16.135INFO 12584 --- .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data Redis repositories in DEFAULT mode.
2021-09-07 20:56:16.172INFO 12584 --- .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 20ms. Found 0 Redis repository interfaces.
2021-09-07 20:56:16.741INFO 12584 --- o.s.b.w.embedded.tomcat.TomcatWebServer: Tomcat initialized with port(s): 2233 (http)
2021-09-07 20:56:16.751INFO 12584 --- o.apache.catalina.core.StandardService   : Starting service
2021-09-07 20:56:16.751INFO 12584 --- org.apache.catalina.core.StandardEngine: Starting Servlet engine:
2021-09-07 20:56:16.928INFO 12584 --- o.a.c.c.C...[/]       : Initializing Spring embedded WebApplicationContext
2021-09-07 20:56:16.928INFO 12584 --- w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1594 ms
2021-09-07 20:56:17.474INFO 12584 --- o.s.s.concurrent.ThreadPoolTaskExecutor: Initializing ExecutorService 'applicationTaskExecutor'
2021-09-07 20:56:17.552INFO 12584 --- o.s.b.a.w.s.WelcomePageHandlerMapping    : Adding welcome page template: index
2021-09-07 20:56:17.956INFO 12584 --- o.s.b.d.a.OptionalLiveReloadServer       : LiveReload server is running on port 35729
2021-09-07 20:56:18.003INFO 12584 --- o.s.b.w.embedded.tomcat.TomcatWebServer: Tomcat started on port(s): 2233 (http) with context path ''
2021-09-07 20:56:18.016INFO 12584 --- c.a.h.reptile.ReptileApplication         : Started ReptileApplication in 3.313 seconds (JVM running for 6.184)
2021-09-07 20:56:18.547INFO 12584 --- o.a.c.c.C...[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2021-09-07 20:56:18.551INFO 12584 --- o.s.web.servlet.DispatcherServlet      : Initializing Servlet 'dispatcherServlet'
2021-09-07 20:56:18.560INFO 12584 --- o.s.web.servlet.DispatcherServlet      : Completed initialization in 7 ms

yoyoma211 发表于 2021-8-25 22:29

这个感觉有点厉害的,楼主技术高手哈{:1_921:}

subney 发表于 2021-8-26 07:45

晚来一步{:1_907:}

我为52pojie狂 发表于 2021-8-26 07:49

晚来一步的不知道该庆幸还是惋惜。

xunxunmimi0936 发表于 2021-8-26 08:36

高人哈斯是有的。

dbh4057 发表于 2021-8-26 08:51

这为啥会被屏蔽,可惜啊

ynboyinkm 发表于 2021-8-26 10:38

用chrom+某抓插件,应该可以抓到呀

ynboyinkm 发表于 2021-8-26 10:43

刚试了某抓插件可以成功抓到,不过楼主从到底解决了问题,大赞!

w15202209877 发表于 2021-8-26 10:56

这个厉害了

板砖亲你头 发表于 2021-8-26 11:02

统一回复下,扫码获取cookie时,会出现cookie为空的情况,重新加载点击二维码图片,重新扫码即可,js设置的为点击事件
页: [1] 2 3
查看完整版本: 某雅音频网站vip加密路径破解思路