天翼云登录过程

image-20220707130427004

image-20220707131416225

1
2
3
4
                                Object(l["r"])({
    userName: Object(u["g"])(r.value),
    password: encodeURI(Object(u["c"])(s.value, Object(u["f"])(Object(u["g"])(r.value))))
});
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
// u["c"]
T = function (e) {
    var n = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : ""
        , t = arguments.length > 2 && void 0 !== arguments[2] ? arguments[2] : {}
        , a = t.enc
        , r = void 0 === a ? "Utf8" : a
        , c = t.mode
        , i = void 0 === c ? "ECB" : c
        , o = t.padding
        , u = void 0 === o ? "Pkcs7" : o
        , d = p.a.enc[r].parse(n)
        , l = {
        mode: p.a.mode[i],
        padding: p.a.pad[u]
    }
        , s = p.a.TripleDES.encrypt(e, d, l);
    return s.toString()
};
//u["f"]
F = function (e) {
    var n = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : {};
    if (e && "string" === typeof e) {
        var t = n.text || "0"
            , a = n.length || 24;
        if (e.length < a)
            for (var r = e.length; r < a; r++)
                e += t;
        else
            e = e.substring(0, a);
        return e
    }
};
// u["g"] 去除空格 检查长度
K = function () {
    var e = arguments.length > 0 && void 0 !== arguments[0] ? arguments[0] : "";
    return e.replace(/\s+/g, "")
};

image-20220707213605293

image-20220707222423206

1
2
3
4
5
encodeURI(Object(u["c"])(s.value, Object(u["f"])(Object(u["g"])(r.value))))
= encodeURI(Object(u["c"])(s.value, Object(u["f"])(r.value)))
= Object(u["c"])(s.value, Object(u["f"])(r.value))
=  T(s.value, F)(r.value))

#js逆向
天翼云登录过程
https://kingjem.github.io/2022/07/13/逆向/天翼云登录过程/
作者
Ruhai
发布于
2022年7月13日
许可协议