数位站点 AES 加密方式

地址链接

站点分析

发现响应的内容为加密的

• 全局搜索 decrypt， 再通过检索 Interceptors 关键字可以看出响应的加密部分， DEBUG 调试

分析：从getList进入 调用p(t)函数 调用r(a)函数 进入4144行函数（”1d2b”），发现有t，e两个参数 分析t,e两个参数 t是构造请求体的函数 e对象有interceptors属性 （ Interceptors 用来统一处理 HTTP 请求和响应），推测此处为解密逻辑 逐个查看 Interceptors，发现fulfilled函数 跳转到 32246行 发现有AES加密逻辑（ECB模式，Pkcs7）,推测使用原生的AES加密，没有魔改，打断点，获取加密的key，复现解密逻辑，测试发现可以解密数据，确定目标站点使用原生AES加密数据

加密方法

• 数据加密方法：AES加密
• 加密模式：ECB
• 填充: pkcs7

加密解密复现

# -*- coding:utf-8 -*-
import base64
import json
from Crypto.Cipher import AES
class Encryptor:
    def __init__(self, key):
        self.key = key  # 初始化密钥
        self.length = AES.block_size  # 初始化数据块大小
        self.aes = AES.new(self.key, AES.MODE_ECB)  # 初始化AES,ECB模式的实例
        # 截断函数，去除填充的字符
        self.unpad = lambda date: date[0:-ord(date[-1])]
    def pad(self, text):
        """
        #填充函数，使被加密数据的字节码长度是block_size的整数倍
        """
        count = len(text.encode('utf-8'))
        add = self.length - (count % self.length)
        entext = text + (chr(add) * add)
        return entext
    def encrypt(self, encrData):  # 加密函数
        res = self.aes.encrypt(self.pad(encrData).encode("utf8"))
        msg = str(base64.b64encode(res), encoding="utf8")
        return msg
    def decrypt(self, decrData):  # 解密函数
        res = base64.decodebytes(decrData.encode("utf8"))
        msg = self.aes.decrypt(res).decode("utf8")
        return self.unpad(msg)
eg = Encryptor(key=b"QV1f3nHn2qm7i3xrj3Y9K9imDdGTjTu9")
# text 为列表页接口返回数据
text = "UiY3CaV4ZQrQR9/LFH5qq8fm4S9X0opMLScyeoRNl9mH7sP/yMZrTJgei/MPvHFP6Ktgrc3wc7fSqdr+35 qv+UT5ns1gY2KcbhB7ja6i3xNzt+pzFFCYTQizfNkLIR+rxtW717cy5/NLvsIXv6to5HskXcscj2vcX+uUPJocolakm72fEFlFi+oVuyU3umnZsjVyEZawRNyNrWPj7IjDd3sv6kTDGh4MEI9Ty+OniSwg3u5ncckMjom1MtKrT0TmMGgoS+gBIbP0dj6asCMVhtp4dgnAemdQ4z/td7WiVouijAGcP5BDuoa/hmE8Zck3bJ6tWgnf5m9azFzipGfe9020u/yJJOFHPaa1IdlpohYZKDzTVGhsJNTWCxZO8mSXZjgsRD2BuEgAoK/B1gEksxxR/yAkGrfMAwUZFe9SLxx1DXKW8iTUaCawCthlEdvGm4OOQQQExVv9uD5iWsjSiTWw/FtymJnkL720/S1BLbsf1YzG7MoX3I3R5pJqePgukUTJi53Hcw3hKWhStrWdWMdAFSRTPTnZIR3D/+JsF9pfCo9eWADs1KySFuZg8JgxAM8icfnSywb1dS7mw1OKimX+LI9xBO/6 x/o7qFkOtaR/707 VlA2ym/xTWkYZSa9cram3MV3R03QNIDznWk3GMVDtCTjYENCBKJ2kV4CjluHX1VKs+guCAeM+pYssV9bi/jCbRiwjDnokOX8J8vAKNEfxusZx9Ikez7dlemjksw5qCIF7yme2yeW4xQTnY4FHGBaIIFoXLA/rF4eqiw6CUYkIQeFfau5+bAOkM5DozHsZnOeSK99g4NGA60F/H0kkekcZvyUQRXHhFg9vX0oCbEWn5S/9 IprnIk/pORpXd0RfAURWW2h0JRLuwu0zvr5t58R7wg3ut5DMgXH+ZkfD30SavwvA48b24CbmZvAvo6EUVJuVsIFgWcCwx8aoxRGl8SC6AhvGWHaPvzbKD+4 eGZ/TP3JggcCgXXSy23RwJuVDZgu+gOxuP+/136CISVFrFo09rA84nuT2nWumMCsfvvPrrCnx1CIHUZVmpNKDWJziwPo6n2BlYi+ZEf+2ouiJlbjyHm6nHzEBBR8/7 g/yI2lStAYAt4RRWdHPhR5ZFV8GPQpSBGdn9PIgwuqAPdnwXr7x19tMCqlMAZbM9KsTqV3hug/VW78d4DjqkicD1iunTRopYeBksj5LAyqXs/rbXpEN4ggWmCPqR3V8LUczUIfRH8Gsyog24304NLG7plmCC1guNnlg90/TtdUiIVnbuleRbkXpSKBbuGWssDSBLiuNLndvekQ8F81n1OOtnlAEbExPhqn+urU0HCopif7svIxlsMle5rtxOd7W+06 yKEOv4+00 CwQ8USzessk5pHQ69dZEDIxJveAWrOrQYzCyweEZmwAf0646QDlKvvqPBcgWRstZN/ukRzg6h9SkQKoHJm7kZhehXjqhOCn5hLVq+nKntYll8w8+oYZIrlSx5rPhQr2WV21MsUwEYsrLpVlBx25h3TvtweH/DlUDT9HdZy2ev94LSlZWX/UOU5Z3C5qflr3suNEAeatvLkJ0iKtZhDelKxtrTsQHc9fT+0 ps/24 f2hThubPcFpxCyfUJSH4EMmwVJczzxtz5Fe93vqLKgaZPxSnb8WrRrV66/B5XkbG/EqUWMQEOztHGN2wNpKWzwlfhpphNbhv2TsrMpfY1Ds7rIUw3A8idwpFClQXGi0LzPfjXADaBBqfOFc71z9d23aKBocLVAwviP4FZufnzdPC+1+S5P67VpSRrTE0xsDG5jRzs/L64TnG5ZCyW4Dq0ovz96awK8GESKk10m6w+/QoofcabKSXpQIp2OpZzSHvZFWjfp2JVxCbtaQ2OZUNlD1yJaMFn09Fm4/eLjA2bwNJ1+Wg+DUckF4FsYAyp4VH7wH2MuSz01VMUJSPoIy1bQ6IcsOy2V1ToaNpJPwRDVe9AmjGXG9COa102p9L9nnvRIZlvuhmhPNlpbnFEbPEYZd2A1LJGZSmK3MKlOUYJI22jqkHDpNPkVsKlBWKMLTD39lxIoFc+vpnlA+APcne1UGipNmm33R/Fe2WDdpMkcMzEa9DPs4tciIAjuqTrQT5j31SOqxTX8AS+D0KimZ2P+LfngRwVJ3Dn6263rIdJGgpUa6KjrJalbXOjBfbbjXnn+xMYpVdO0NzWqGC+zF+WTkIbvi8gO3ioIl9ihR3O+6 iobHUaYKuaeipE4Z5vSuqtbofhLMAE8zHSDtNhrGT8OWqzAt4TCnBQY1Tqp2WsUDEGvbYFZqTMIPZo9huYmblCW/J7+LxmIRRjEBYhSulxZ32hOJ7pr3PFkzmjI5Nn89dH37A3zrorxE4NXkoSUpx35oWIZLi9AeCeDhRH/msisaYKUUq9odv61TwVsQh8qr5n+TyTC+UjdMEKJdjwDeTPs6bP+pLJxb51qhdpKPhzPsYBqzvjrhBY7NcGurUV/OGG+deA1EaayTe6+iw4hPBfnzuTcX6UHZLtQSe1VVVJ1nZq4IMqMVRMzzMPBWtUcLae3PJM3L+2 xzfTSIfIVL2VaOW6iFogAE/MRnteJjvr/quTbcmf8uk39+PuWGNuQwMWybOhdONf9SG7UxhrsC2LSsIF9GrGrGqdJhfqerIujf2PQ1e6c9rYHsvv+V6z2xdmy1P6vxIlmjMcOK1IgoeCR5+vUdYEUenZsB7EIeAVv24eDCqVuD8CoxPMO11/SpmaG3I/7 KMpzq/XGrDECgrnImrXBts/kHvBmIIS5/BMUj+le5/Ha1ClHoWeUU+EYjynFJdaJ5dKyQWnqtVA6WlY8RKBMunhk7pO7zgpKbu0XFK2c/ZM0yYN4QedIDj38v2cT7P+F0j9gF2GvdqabYUCFNmeuBvyRk42zLJqvPfRNK2/h5mGHI4dZxXQjYBhdF5jqPBkRn518WOpFY0Y41pUI+jpBdNC74TkUCjyXiRJ/M4PscEUStmGKc9Lp+Yympq8Oq9dV2iN7AIh2nNDiF7Fw+st67HDif4EViEN3Obnuv5HIAIkf7QqHMflE7B8G4AMCHfOjBl49+H2mw+BEx97P0oJCKj5BzNrm/IykCRxF2241XitfDnyfRMFlKX/7 Jw7wRt6LDbIutlQzNnDKpp/dUyHxbUHewby1yIiia1bicR6rcpqoj7AQstF2eI5nuhnotqkRpECIsWFgetBif7Og2eWIUkZRFNXQ73Gi6pqeJx/VC5S9c/7 BiP41EZH4a53GyLLksqPTu0KH6rCnkggE15vjmp8w13YUxaCxRSPzVx3CDQzxfQoJKaSs9E5Ik1SMHutOJl9NtKl7RYnetLKnyClzXf4AXt2wELwmhGX44+kXamoQZxTgWhghRVclcint0M0sP2MzFHGXIePAs6QX4cFVY0lZWoln/7 zqtqDPfL1Hugty141rzDJfimLVt/MjQAzCohuZVFYcg8MiWFw0/je2mDRMX0tkmiueUQdwZl3JzK7Ks3js6Or89LHR3ihZHa8SNVo+CBoe6P1YOBDEU6Q7fSWlBBiCpPGfgRLSxyn+ieE8DwLSr7uVPBDt0BenhRhRdC1N16JcTgXoqSDS6GPiM/hgQiBkMyuaYEsO4rfEh8cUOwihDxVa+9 Fq3q3Ej/iQO4kMDHal+RYrhHzl92VUFtd7H0skwsYRaw+u8+oGBDGV1B67BPjwex6F2C5IN9sBUMhVSgaf1i+Ibgcui0ockxC1pcSWSQbUYP/d/aavgjYexkDGTRSTY0DGPdn7rS7EXz29qxKGzwuoWvwyMugCjLXVBS5hSk1uJzaohjIuuCSukMw0QmDsX9AfJDF2tZ5LwOLgzMgMk12uYOPYOP55AYMlkwQp79bkcY9cbWcIDVD3W1itKIwBia2htxp6gj3sHXXOGreTAppEtsBZiwYBzNEDgGjQYGjg1JmmdGnpt49KcbpT7PDcCOr/YHHFP8uWww6WO1+CALw3qc/wlJy/xAb9AyRbh8p3jecxrEzxeZpDjO+PROhSgEmysJYPxt0SB2jnCphLF1ua8uz4oNrMXIQdMIOm3GIJUqchCEFB/RCsa2rasctKyy8CfKpNYoAxs8GUmL44GkZ2R8YmukaN/ELAGEqahy6Jrd3fMbTKQWYwRHr6k0c3yAqWfCxw67zckS4wuauzXDELAPJGFGMJbRwTXm2DHo0qQd4pB6/RI6bsi3ebQuJPHSwW70xA8hf3L7hY9ID2Sqc/Yp/NM6e4KAKsFN/GFZ6aYSxTpRWc4Hz3JB7bt3CdezIs3SoEpapWGIIk2+I6Ttkm6c1Zw0DlvmN2H5b1/0 LugmEKNzl5p5uiE+gh2Zd56xqQ0DiH2HFIEOmBHXVmCqbN6LUeVqPrBYc2w3Ic9leAHPU14aFrtaC7+YiMuSOyinTCdSmbiXkhAbqZNBalh0v4A3b2vdq74MmJo0ecRSa9dnm3k4I2JawShmRo+28 Iux8Pyjg2i7R4EzOm6kibWCDlBvIm7x+oxIXQLPtsnDo+Omsm4YjQJSfrFWJmpH8A8cu+yZvKfs2sLRU166EGg3M9EBqUjdtUYDmqXF6Jf/SxCW7ZOvXuMzbWhralf+0 SQLa5AMPaWV7P7cThlzJX+IclJJYZSFSRwvMT+zuKgulSZjVdnNeVygbNE3QFsn8cKFpF+VdnCRJp56TZmNNMH2zmJqyWxWSswzNKdL8+EWqoJ2FlOAudmZWdGdjU7EJ2GXcuvpNiHe2iNQw8WafuX1d8Mfw3bTnVzW6nEbkGlPApHX0gTX2DzcO9H4Nbxq1x6s6E1BHXd29fDE6jMlAjWM3VH+1 LE6S7kaOz1m2aqtKI0jp4dM6zhgvRklHnDAWqDLJF0bguMolVsG7WHO7L8n1hk0cbCAB419CdJWjCA8Jw0SXGvSqSYzE/C49PNkQuXZyKrdDdoVa0SnU5NC4ajrjKTOJ+9 oesTjxdU9Glx3PfTikpGAc3GqGmVWe621KZ05Uh1VvJl+ezeXg4Cswym4Q+p7MrgosDlv/W5Umkzphc5h89hVL8Kfihw71vKYJ4C7CnlFYhdU3P8OkgetXp8RirpevG2eFOjDT7k0Biz3EsJ7oS176tManU/MPJFc0MR1gV0xhzdkLI21XcDG+hedwKYScZBo8r5sZJiGyFwNtJVtsD+LDfcCdo6zu0k6Wcw1gETF8gV53XElb3TIJbnqXsHzE18qxjuGu32pqGLLgGZrVlOB76BydeKDCYCvAsVAUvEshRuQBHh7BC6ytQgG+Ee6IRO9A2ZfUrc2PUy2tAm/dKfaqCKbkY4e3TjrSGDR5cBRhYXaJ/DO1mq5QKc9elyN0IpFtUqEQraERCE4Pyq6UTkzpSRPOvi6xin1fXsZpBLfhr55wg3bN9uX4SBj9dTfdMI52gtdJg85XgvM/3 l1HJjtw688X+tAS+dAmda19Sn+b+AwTPUIzNJUXJNaW/mcF++zYvrpaerIxcREXV1/Cjg0Xdcd6j8EsJHSGlZZc/gMPxD3C+ubb/KmC0TNnj2GgSlEHb1g/FG2APy2KZ/CFiHkrx3tYcY/S5l52BEyz1h+G46bMRhN8gNchBak5kL4CnaryGIwIIh9/XbiBS9A3FBrjBF2RPMRxlOPpzOUZPpM1LkdeR3N0O3Y4VzXyYv4mYRvUxNEgeKviHnVWXHYsfbLCEHVzwou6j+zlFhhaGoKhixyadrms2tKU28opOhZ8sjNAgzpQ1pcsg/Dj1qjILbBmug2rHK6OfB5PvzlEksjZ1OakJYetc6d5FEk8Tfa9bTgX73TNejNLYNhk0SWUUrmwqlFtEiqwqwAD/MoiFjM3DFbFl7/DD2PzXPb6hl22kBfiPqAGRehJdZ0orD75uqjBBv7NlvkSrC4Od+XsC5JHwyeW31jhWMltHqISqVE7zhmlUVXoXgkYB/QGtMVkutEaGBQyixom3XPBlh5QwU2WlBPBv4d1SqhYFLd15ojidrNqpVPrI2EhPYxesCfvTI6pHjCfZVgRz2DA59w5DIN9GeYNprCOcZLbMjiuUQnrq1Zj0mBP6kXsqnfWGzkRe55sMSgK1KkEnzox7/9 hzFbhHaSNrBF1qcfuAVxvVDiqOFLP15SdlROKEfRqrxcA4cChMGAmO5kTMLWAH99sUz8qtltvhcsr2d930fJft2tyx2dkC9YeEh+lpyaHlQF+cFuUDgiIMU4bNXR7Eei6dKZ1LhcIem8kOUd6QQjEJcGWLnIM3ZeOaxknqhgIYL+fgVF2OvtOLNDwQ0/ubtMLEUwFAupPezlvVB3Bdtpx4FmpDzUsOjguFNZfjGDJr2EE+grD+zeA8wEVjpAHWJHp8fFpsgnujnKpoBlPDaZX0uTkG9f1kX6tnqMvTKxs/AxR8LOiZy4+7 wmy2s/FwMBhrsIHXzxR/pbkAfEa/gLm8BO6or4b8jG9IBUUwDG4Xq4qyXp0B3Sv32ZWZxkYApIJrj0i8BJaM0g3E8hyp+Xxkb0ZcYLB6CRwt7FKPnkPHusYaSxxye2vXnGbkIE7WT0 //QxEQvaKEHVPl3E79L9j0yrSCZgFCr0XtIl+qZeeXp4ofKU9F2jRnSSKK1jms+crYT7GW7qsRKJMC4zuGFVi0KLcPFVKnuKWABdnZIxeOCp6Dz4lafnCNZ8CwSRlnw3gawig0UyAv5ByUoaPiwvj4bFMSj5D386j7sYkaP2+2idVYr9ddwqXKclKnHDUvvE9HFcAUZk6l1RNm/ry6hIvn61viq7rluXwQrd3zPe+XJy1KVmYSpLkw3AsymRSfVL5zLOYASHSBj6SjDCRqxqoV+TSi/8WxM42UGj+2KDlZc3tlOR5rEOvs+Fg+2EgzuH+4e2HlgFCWBVBsyLNYdwwLIPyfxy626w7+jIkZ0LKlqtVNh0Tko+vQuuxuBgVc2pRxaeibsffbiYMjLjX6mUp9y4gft3upRewbKFs2hgi+jCc7+h1yOTOTRUFqYqrdWeRf/yMruv/nMwG6O8Av9rzf21k2sb3EGLmDSPp0KlHPs5AdpWoVHtzXJxYChfKcxLNtSceyB2j6rU16hr6cJdoJVJmsu3RdDsFIJgbfQa8Dswa8xlDJhgxeN1GebRnk1YPBvw89GBFR1dDQyzJhyx0aH7duD97aOWFChTIZCizYwMDi3eKW1oeNuq/+poglncTOndbOUS9w14VJabWVO00vZ+0zSMQtpG89h3hgFb2xwJlIkXb7xQEMON3MueTgxBQoyRVmroYQruNXfPCjVSwNJ/W63FzByvUiY/AzwMwf01nMHD6uMnwFNBIB2ghZEYRNHMuBgRn7FTW4SSxBNlHvKmEy1/V3b+X4HiPg84VhuIz/V7Z8uZux05KKZU0X9GYZH4r4HDqh6dOePl415TgMJXbT54ENx6xRTq1wvOXhuTbAOftE0z+RcXJzMui38ZA5XCyF66K/QHR/rA0tl104ywHDwiXu3umKihhnBrjZaaK9sFbLs7r8fBGfqE/me4Q3d7eZHF5X7euFToDuORCN3bI3UjgvllM4ey1vkUw2JV1OtKvqN9+5i6zSkSitcYEy1YbHJsPsDJAgzNSFf6FvhlvowVrWXCPOODzXyCF+TeJ5c9w8k0Y4VDjemj1AkdpZ9WNV5bKscN2c7W/ywbD7AI4/GoBJsKTEj3ZSGSNoNlgZG2QufoC547AKcPAd/YAvffOOVCwiIac7c/pKCuXTPm3GUdQ+bVDzh8C0ggyfNq0yhvrVJXQcRksHlo3Wi7rsh8yobigcYez7xNq1Z25TLVExXD/dqx/KhulHEP8LeuF41SpntfhhkYcmNYhsT10WCucWUuNAX8/6imn1CAbF/aW32iHL01pTTURMlXnag2rSua3SFu0GakyyBDxzTUt6MqyeqykOqZ1O3XAmilutCilzL1g/Yt9yLgzhFdCPu0LfF5pUP57zIBXAB6Q8xeB6LK7KaL/ptL7Is+sJELNf7YR+MwhIm6S/i518v/4E4jdx0nsGz25EcrWB2pbQ/7cHTBGMMaJok98pzeW4TeXRWaA5ySQYZ7i9H74nsmiwLC46GH5UzQtWSltpl6toJa7yRshuHaZptKHpWhILTwQNi0qRMkzPj3x6hJSOI3v+k8JjrJXTGS/FlJHUgUHdXXjiiUwqxnsLAqQLUx6aNaG/+aB1oDhnG+0iuPTryFJgUyDPsmVTlQu7+02R+xVCilaXLTTCJ4kh+lEAFjxPL/Vw0yMSMJ3wroO/SMxQMPywPVJjUKtmpr1G+5lgUN0IX3w/JKoeBZcdllDDvU4no4BKhls1pFse93XEyzETvJh109VbxGAAO+eAxPi5FgtQBJ6yvdHVCC2qXWEJ3BvHrn1e5BYSMFOcylSBnbcPisM1GHjXic0ZIcOdSHlhsnP6a8PVXIdItPU5EH5rcsaTif18+WKtqJ0LmMImncsSpEkByLk0KZr+NUpspuI1iOTcct3G9GeBJ74MSQIkkO8kJG6f7oyOq3VqDVJG7CYcxAOsVB57WdB1PkyEd1C2RzoYa1GgV8JV2Q3eF9moXPD/qvt9BYrcsjxnJI5YvQf1DXdDs/GHQ6nrfKmoXIDalTMboT8e7xNkIckCBnbe+gqWgUY5pcpyN0UIn6EwXq3vrsVINqY7/Y+kemYhJ1oHVbLUOTUNpNWeEoevkifeaaStTZS2kOT6fgmR0pGT6c28yB6M2plus2a+l5NBjgv8AElJGUvwKbaQlekS/LTGuZXqQHjFz7DMGzu3MPtq+3HZLxfJuON9HEiw8ipCMsh/7PEhmZ6/quWozQCRhZZbZR6Mg0fRB63Rw/SQk4sfrBHuEE1In99aBgvSXzeUh9n0LMl3ETketL2UBcHP/br7ClHDjoXQCTM2ilzMl8g4V3EagkR+QZOWTrO1DH4LCBav+gcz2eqA1eTyZgrPK0n9Z6WHkjp9cM6r06/9U3RlwUjt94kXbZ2bfxTcL4s5S+PlqdPvNs9K9mO1h5Xye5wxFfTh+LUVorRvCejEkspeZCIexKqd05Kn5bPlXXX6IxYp0VdM90UHAJ59kDdqE9UQ2e/E2T9AWVvcKD+ru6xqk9gb2fnq0Yj2Kz5+VbLPHwczsdSI08zuU4CMhG8+6yxsKt3ePt952zkpHbARQtYfQzKL1Dwoeg+R8NRnhcnDfOTzeMGQHRh1+V1YhKwS+0p4GF3+wyYW3NPnaoXa7MVbInYCLnZlIQS0tgoqZfZSAFOV/zhVizFL4YymnGWEWnURk2VjvIpm25BIkEsqVaUfLgj1d7FVtba0FkcgcSQlRGC9Zg++30rbXvDwmnjTbCeBCTsMGEP2LgoCH8F0yC7qtQFfflaQUypbGoEtX78Ml4aYrkCnpDx2Jk5Zx5AgoGLutSgMnJ2Z/E9RXhCuKfhQcCJsFqjmmw35NqwNwPqCRFsLhaxwKzNdDV43IVXdqzHn93fVmK3dPSXT8k7tgdn/z4IC4dNoRnpdGfNb0fTIAfS6r5P9fdhXWYJB3RLe8TbzkuJsf/zYjtnJJRMgV0zI0zuD+vrFjr7shy8mQPq0p4EuH7SWDgq0CzLtT4aFAqku6dz1bHh3ut+qJTnMxWLAdnF0BwdimIq1fJN586veTYNq36dYTYwOfqJlpZiD6v9PN7G68lQzY2TWBPyNfMwpeptEDxcNJT6vZ+r67dIJihNBvNY2ck6DY+A6Wezg04/XkO4YlwwkeuI+NS5US2XpToEf4k9vmkITOKe6ORS18hBzaj1yAltfur6ogTAAztpiDhdlzyQ"
data_json = eg.decrypt(text)
print(json.loads(data_json))