某校帮签到小程序m 加密参数解析

小程序解密清参考我以前的文章
VX小程序逆向

js版本

function n(e, a) {
	var t = (65535 & e) + (65535 & a);
	return (e >> 16) + (a >> 16) + (t >> 16) << 16 | 65535 & t
};

function i(e, a, t, n, r, i, s) {
	return o(a & n | t & ~n, e, a, r, i, s)
};

function o(e, a, t, o, r, i) {
	return n(function(e, a) {
		return e << a | e >>> 32 - a
	}(n(n(a, e), n(o, i)), r), t)
};

function r(e, a, t, n, r, i, s) {
	return o(a & t | ~a & n, e, a, r, i, s)
};

function s(e, a, t, n, r, i, s) {
	return o(a ^ t ^ n, e, a, r, i, s)
};

function c(e, a, t, n, r, i, s) {
	return o(t ^ (a | ~n), e, a, r, i, s)
};

function hexMD5(e) {
	console.log(e)
	return function(e) {
		for (var a = "0123456789abcdef", t = "", n = 0; n < 4 * e.length; n++) t += a.charAt(e[n >> 2] >> n % 4 * 8 + 4 & 15) + a.charAt(e[n >> 2] >> n % 4 * 8 & 15);
		return t
	}(function(e) {
		for (var a = 1732584193, t = -271733879, o = -1732584194, g = 271733878, d = 0; d < e.length; d += 16) {
			var l = a,
				p = t,
				u = o,
				m = g;
			a = r(a, t, o, g, e[d + 0], 7, -680876936), g = r(g, a, t, o, e[d + 1], 12, -389564586), o = r(o, g, a, t, e[d + 2], 17, 606105819), t = r(t, o, g, a, e[d + 3], 22, -1044525330);
			a = r(a, t, o, g, e[d + 4], 7, -176418897), g = r(g, a, t, o, e[d + 5], 12, 1200080426), o = r(o, g, a, t, e[d + 6], 17, -1473231341), t = r(t, o, g, a, e[d + 7], 22, -45705983), a = r(a, t, o, g, e[d + 8], 7, 1770035416), g = r(g, a, t, o, e[d + 9], 12, -1958414417), o = r(o, g, a, t, e[d + 10], 17, -42063), t = r(t, o, g, a, e[d + 11], 22, -1990404162), a = r(a, t, o, g, e[d + 12], 7, 1804603682), g = r(g, a, t, o, e[d + 13], 12, -40341101), o = r(o, g, a, t, e[d + 14], 17, -1502002290), a = i(a, t = r(t, o, g, a, e[d + 15], 22, 1236535329), o, g, e[d + 1], 5, -165796510), g = i(g, a, t, o, e[d + 6], 9, -1069501632), o = i(o, g, a, t, e[d + 11], 14, 643717713), t = i(t, o, g, a, e[d + 0], 20, -373897302), a = i(a, t, o, g, e[d + 5], 5, -701558691), g = i(g, a, t, o, e[d + 10], 9, 38016083), o = i(o, g, a, t, e[d + 15], 14, -660478335), t = i(t, o, g, a, e[d + 4], 20, -405537848), a = i(a, t, o, g, e[d + 9], 5, 568446438), g = i(g, a, t, o, e[d + 14], 9, -1019803690), o = i(o, g, a, t, e[d + 3], 14, -187363961), t = i(t, o, g, a, e[d + 8], 20, 1163531501), a = i(a, t, o, g, e[d + 13], 5, -1444681467), g = i(g, a, t, o, e[d + 2], 9, -51403784), o = i(o, g, a, t, e[d + 7], 14, 1735328473), a = s(a, t = i(t, o, g, a, e[d + 12], 20, -1926607734), o, g, e[d + 5], 4, -378558), g = s(g, a, t, o, e[d + 8], 11, -2022574463), o = s(o, g, a, t, e[d + 11], 16, 1839030562), t = s(t, o, g, a, e[d + 14], 23, -35309556), a = s(a, t, o, g, e[d + 1], 4, -1530992060), g = s(g, a, t, o, e[d + 4], 11, 1272893353), o = s(o, g, a, t, e[d + 7], 16, -155497632), t = s(t, o, g, a, e[d + 10], 23, -1094730640), a = s(a, t, o, g, e[d + 13], 4, 681279174), g = s(g, a, t, o, e[d + 0], 11, -358537222), o = s(o, g, a, t, e[d + 3], 16, -722521979), t = s(t, o, g, a, e[d + 6], 23, 76029189), a = s(a, t, o, g, e[d + 9], 4, -640364487), g = s(g, a, t, o, e[d + 12], 11, -421815835), o = s(o, g, a, t, e[d + 15], 16, 530742520), a = c(a, t = s(t, o, g, a, e[d + 2], 23, -995338651), o, g, e[d + 0], 6, -198630844), g = c(g, a, t, o, e[d + 7], 10, 1126891415), o = c(o, g, a, t, e[d + 14], 15, -1416354905), t = c(t, o, g, a, e[d + 5], 21, -57434055), a = c(a, t, o, g, e[d + 12], 6, 1700485571), g = c(g, a, t, o, e[d + 3], 10, -1894986606), o = c(o, g, a, t, e[d + 10], 15, -1051523), t = c(t, o, g, a, e[d + 1], 21, -2054922799), a = c(a, t, o, g, e[d + 8], 6, 1873313359), g = c(g, a, t, o, e[d + 15], 10, -30611744), o = c(o, g, a, t, e[d + 6], 15, -1560198380), t = c(t, o, g, a, e[d + 13], 21, 1309151649), a = c(a, t, o, g, e[d + 4], 6, -145523070), g = c(g, a, t, o, e[d + 11], 10, -1120210379), o = c(o, g, a, t, e[d + 2], 15, 718787259), t = c(t, o, g, a, e[d + 9], 21, -343485551), a = n(a, l), t = n(t, p), o = n(o, u), g = n(g, m)
		}
		return [a, t, o, g]
	}(function(e) {
		for (var a = 1 + (e.length + 8 >> 6), t = new Array(16 * a), n = 0; n < 16 * a; n++) t[n] = 0;
		for (n = 0; n < e.length; n++) t[n >> 2] |= (255 & e.charCodeAt(n)) << n % 4 * 8;
		return t[n >> 2] |= 128 << n % 4 * 8, t[16 * a - 2] = 8 * e.length, t
	}(e)))
}

function getTokenData(e, a) {
	var o = ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street", "text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal", "imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system", "deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"];
	var r = new RegExp("[`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~！@#￥%……&*（）——+|{}【】‘；：”“’。，、？]");
	for (var t = ["5", "b", "f", "A", "J", "Q", "g", "a", "l", "p", "s", "q", "H", "4", "L", "Q", "g", "1", "6", "Q", "Z", "v", "w", "b", "c", "e", "2", "2", "m", "l", "E", "g", "G", "H", "I", "r", "o", "s", "d", "5", "7", "x", "t", "J", "S", "T", "F", "v", "w", "4", "8", "9", "0", "K", "E", "3", "4", "0", "m", "r", "i", "n"], n = [], i = 0; i < 62; i++) n.push(i + "");
	var s = Math.round((new Date)
			.getTime() / 1e3),
		c = function(e, a) {
			for (var t, n, o = e.slice(0), r = e.length, i = r - a; r-- > i;) t = o[n = Math.floor((r + 1) * Math.random())], o[n] = o[r], o[r] = t;
			return o.slice(i)
		}(n, 20),
		g = "";
	c.forEach((function(e, a) {
		g += t[e]
	}));
	var d, l = function(e) {
			for (var a = Object.keys(e)
				.sort(), t = {}, n = 0; n < a.length; n++) t[a[n]] = e[a[n]];
			return t
		}(e),
		p = "";
	for (d in l) - 1 != ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street", "text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal", "imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system", "deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"].indexOf(d) || r.test(l[d]) || (p += l[d]);
	return p += s, p = (p = (p = (p = (p = (p = (p = (p = (p += g)
									.replace(/\s+/g, ""))
								.replace(/\n+/g, ""))
							.replace(/\r+/g, ""))
						.replace(/</g, ""))
					.replace(/>/g, ""))
				.replace(/&/g, ""))
			.replace(/-/g, ""))
		.replace(/\uD83C[\uDF00-\uDFFF]|\uD83D[\uDC00-\uDE4F]/g, ""), p = encodeURIComponent(p), {
			md5: p = hexMD5(p),
			tstr: s,
			iArrStr: c && 0 < c.length ? c.join("_") : ""
		}
}

getTokenData({},"*****************.action")
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

python3版本

import random
import time
import hashlib
import urllib.parse
import re


def get_token_data(e, a):
    keywords = ["content", "deviceName", "keyWord", "blogBody", "blogTitle", "getType", "responsibilities", "street",
                "text", "reason", "searchvalue", "key", "answers", "leaveReason", "personRemark", "selfAppraisal",
                "imgUrl", "wxname", "deviceId", "avatarTempPath", "file", "file", "model", "brand", "system",
                "deviceId", "platform", "code", "openId", "unionid", "clockDeviceToken", "clockDevice"]

    special_chars_pattern = r"[`~!@#$%^&*()+=|{}':;',\[\].<>/?~！@#￥%……&*（）——+|{}​``【oaicite:0】``​‘；：”“’。，、？]"

    char_set = ["5", "b", "f", "A", "J", "Q", "g", "a", "l", "p", "s", "q", "H", "4", "L", "Q", "g", "1", "6", "Q", "Z",
                "v", "w", "b", "c", "e", "2", "2", "m", "l", "E", "g", "G", "H", "I", "r", "o", "s", "d", "5", "7", "x",
                "t", "J", "S", "T", "F", "v", "w", "4", "8", "9", "0", "K", "E", "3", "4", "0", "m", "r", "i", "n"]

    n = [str(i) for i in range(31)]

    current_time = int(time.time())

    def shuffle_array(arr, size):
        shuffled = arr.copy()
        i = 0
        while i < size:
            index = random.randint(i, len(shuffled) - 1)
            shuffled[i], shuffled[index] = shuffled[index], shuffled[i]
            i += 1
        return shuffled[size:]

    iArr = shuffle_array(n, 20)
    print(iArr)
    g = "".join([char_set[int(e)] for e in iArr])

    def sort_dict_by_key(data):
        return dict(sorted(data.items(), key=lambda x: x[0]))

    p = ""
    for key in sort_dict_by_key(e):
        if key not in keywords and not re.search(special_chars_pattern, e[key]):
            p += e[key]

    p += str(current_time)
    p = re.sub(r"\s+", "", p)
    p = re.sub(r"\n+", "", p)
    p = re.sub(r"\r+", "", p)
    p = re.sub(r"<", "", p)
    p = re.sub(r">", "", p)
    p = re.sub(r"&", "", p)
    p = re.sub(r"-", "", p)
    p = re.sub(r"\uD83C[\uDF00-\uDFFF]|\uD83D[\uDC00-\uDE4F]", "", p)

    p = urllib.parse.quote(p + g)

    md5_hash = hashlib.md5()
    md5_hash.update(p.encode())
    md5_digest = md5_hash.hexdigest()

    return {
        "md5": md5_digest,
        "tstr": current_time,
        "iArrStr": "_".join(iArr) if len(iArr) > 0 else ""
    }


# 示例用法
data = {}
result = get_token_data(data, "student/clock/GetPlan!getDefault.action")
print(result)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72