前言

如果再说IP请求次数检测、验证码这种最常见的反爬虫技术,可能大家听得耳朵都出茧子了。当然,也有的同学写了了几天的爬虫,觉得爬虫太简单、没有啥挑战性。所以特地找了三个有一定难度的网站,希望可以有兴趣的手动实践一下。

此篇文章只作知识扩展和思路引导,其中涉及的网站反爬技术,仅做技术学习探讨。

字体加密

字体加密总结成一句话:你看到的不是你看到的。

地址

猫眼电影:https://maoyan.com/films/343568

问题还原

最近的哥斯拉大战金刚看了没啊,好看不,评分高不高,票房多少了?让我们去猫眼看一看吧。

这一看问题就来了:为什么评分和票房在源码里都是"口口"?在页面中看到的评分和票房去哪儿了?

追根溯源

话不多说,先看源码:

看完更疑问了,这个&#x又是啥?这个其实是html中的转义序列,表示后面跟着的是十六进制,处理后在控制台打印一下,如图:

这些数字和票房目前是一分钱关系都没有。那就想办法让他们有所关联。

从网页中找到了以下代码:

其实这就是在css中使用@font-face通过woff文件自定义了字体,源码中的十六进制数字必须通过这个字体映射才能正确显示。就像UTF-8和GBK的关系,编码和解码一致才不会出现乱码。

这里我将woff字体文件下载到本地并用工具打开。

从网页上看到票房是5.74亿,这里就主要关注数字5。从上图可以看出5对应的是glyph11。

使用工具将woff文件转换成xml格式:

glyph11对应的是id=11的glyph,其对应的name为uniE8CD。接着在xml中找到uniE8CD对应的十六进制:

如图,uniE8CD对应的是0xe8cd,也就是说数字5对应的是0xe8cd,正是在控制台输出的第一个数字。

eval() & JS加密

js被加密后放在eval()中执行。如果想还原js,在开发者控制台使用console.log()输出解密后的js。因为不论是eval()还是log(),js解析执行最终都依赖于浏览器内核。

地址

TV猫:https://www.tvmao.com/program/CCTV

问题还原

在频道剧集页,分为早间、午间、晚间节目。如图:

在发起请求获取频道剧集数据的时候,发现返回内容只有早间节目数据,12点以后的剧集数据获取不到。

查看网页源码:

追根溯源

我们在控制台的请求中,搜索网页中的关键字"熊熊乐园",害,果不其然,还真搜着了。

这个响应结果是一个数组,下标0代表标志位:1代表获取到了数据,0代表没有获取到数据;下标1是数据位,对应接口的返回数据。

解析此响应结果的代码比较繁杂,需要对多余内容进行替换。

代码如下:

其实上面代码它并不重要!!接着我们顺着网线去看他的请求部分:

从请求头中可以看出,请求就一个参数p,1、2、3... 整整186位,你看这个参数它又长悠长,像那寂寥的雨巷。虽然等不来那撑着油纸伞的姑娘,但是至少可以先看看这个参数p是怎么生成的。

在搜索框搜索api和pg关键字,找到下面代码:

别管其他,带有ajax字样十有八九就是ajax请求了,参数p的值是变量a,在生成变量a的代码处设置断点,点击页面中的"查看更多"按钮触发断点,接着进入A.d()方法:

往上翻,查看js上部分:

其实到这里就已经可以结束了,你看在d()中又调用了w(),w()也调用了A中其他方法,将这个js中方法调用链搞清楚,将每个方法代码都内联起来,最后计算出参数p,就可以了。

那么,说好的eval呢,说好的加密的js呢?

少侠莫慌,这就带您继续看下去。如果你仔细看,你就会发现上面的js的文件名是匿名/临时的,所以说这不是网站原有的js文件,而是浏览器内核解析后的js。

那该怎么找到原来的js文件?

不知少侠可知搜索功能,你看上面的js中有keyStr这个关键字,咱不妨搜索一波。

这不,如图,eval()有了,加密js也有了,拷贝成文本如下:

eval(function(h, b, i, d, g, f) {

    g = function(a) {

        return (a < b ? "" : g(parseInt(a / b))) + ((a = a % b) > 35 ? String.fromCharCode(a + 29) : a.toString(36))

    }

    ;

    if (!"".replace(/^/, String)) {

        while (i--) {

            f[g(i)] = d[i] || g(i)

        }

        d = [function(a) {

            return f[a]

        }

        ];

        g = function() {

            return "\\w+"

        }

        ;

        i = 1

    }

    while (i--) {

        if (d[i]) {

            h = h.replace(new RegExp("\\b" + g(i) + "\\b","g"), d[i])

        }

    }

    return h

}('5 A={z:"1o+/=",1b:"1l=1k",J:j(a){5 b="";5 c,L,M,14,16,O,N;5 i=0;a=A.1g(a);1t(i<a.R){c=a.S(i++);L=a.S(i++);M=a.S(i++);14=c>>2;16=((c&3)<<4)|(L>>4);O=((L&15)<<2)|(M>>6);N=M&Q;9(1f(L)){O=N=18}K 9(1f(M)){N=18}b=b+y.z.C(14)+y.z.C(16)+y.z.C(O)+y.z.C(N)}8 b},H:j(a){a=a.1G();5 b=\'\';Z(5 i=0;i<a.R;i++){b+=y.1b[a.C(i)]}Z(5 i=0;i<a.R;i++){b+=y.z[a.C(i)]}8 b},1g:j(a){a=a.1B(/\\r\\n/g,"\\n");5 b="";Z(5 n=0;n<a.R;n++){5 c=a.S(n);9(c<P){b+=I.G(c)}K 9((c>1x)&&(c<1w)){b+=I.G((c>>6)|1q);b+=I.G((c&Q)|P)}K{b+=I.G((c>>12)|1p);b+=I.G(((c>>6)&Q)|P);b+=I.G((c&Q)|P)}}8 b},E:j(a){$(\':U[V="19"]\',a).10(A.J(\'l\'+$(".19",a).10()+\'o\'))},B:j(a){5 b=(1c 1d()).1i();9(a!=m)8 A.J(a+\'|\'+b);K 8 A.J(\'\'+b)},e:j(u){5 x=1;5 f=$(\'T\').13();5 a=f.W("U[11=\'1j\']");9(a!=m){x=2}K 9(u!=m){x=u}9(f==m)8 x;8 f.D(\'a\')},c:j(e){5 v;5 f=$(\'T\').13();9(f==m)8"";5 s=f.W("*[17=\'1m\']");9(s==m){v=f.W("U[11=\'1n\']");9(v==m)8"";v=e}v=s.D(\'Y\');8 v},d:j(p,h){5 v=A.w(h);5 a=$("1r.1s");5 x=a||p;9(a!=m){x=h||$("s.1h")}x=A.c();5 b=1c 1d();5 c=b.1u();5 d=b.1v();5 i=d==0?7:d;i=i*i;5 F=y.z.C(i);8 F+A.J(x+"|"+A.e(p))+v},w:j(v){5 t=$("1y");5 a="|";9(t==m){X="/"}K{X=v}5 r=A.J(a+k(X));8 r},s:j(a,b){5 c=y.z.C(1z);8 A.J(c+a)}};5 k=j(a){5 f=$(\'T\').13();9(f==m)8"";5 b=f.D(\'Y\');9(b==m)f.D(\'Y\',a);8 f.D(\'q\')};$(j(){5 b=$(\'<U 17="1A" V="1a"/>\');b.10(A.B());$(\'T[V="1C"]\').1D(b);$(\'a[11^="1E"]\').1F(j(){5 a=$(y).D("1e")+"&1a="+1H(A.B());$(y).D("1e",a)})});', 62, 106, "|||||var|||return|if||||||||||function|||undefined||||||||||||this|_keyStr|||charAt|attr|||fromCharCode||String||else|chr2|chr3|enc4|enc3|128|63|length|charCodeAt|form|input|name|find|tl|id|for|val|class||first|enc1||enc2|type|64|ed|ek|_keyStr2|new|Date|href|isNaN|_C|fix1|getTime|baidu|DVGO|KQMFS|submit|qq|ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789|224|192|div|fix|while|getUTCDate|getDay|2048|127|head|37|hidden|replace|frmlogin|append|by|each|toString|encodeURIComponent".split("|"), 0, {}))

在控制台中将eval()中的加密js使用console.log()打印出来,结果和之前的匿名js一样。

如图:

setCookie & 混淆加密

其实setCookie是一个js混淆加密,但是我之所以叫他setCookie,是因为它的代码起点和核心围绕着一个setCookie函数。

地址

智联招聘:https://jobs.zhaopin.com/beijing

问题还原



当对上面网址发起请求,发现返回的网页内容是一堆看不懂的"乱码"。

如图:

这里我把响应内容复制了出来,供大家阅读。

<html><script src="//aeu.alicdn.com/waf/antidomxss.js"></script><script>

var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';

var _0x4818=['\x63\x73\x4b\x48\x77\x71\x4d\x49','\x5a\x73\x4b\x4a\x77\x72\x38\x56\x65\x41\x73\x79','\x55\x63\x4b\x69\x4e\x38\x4f\x2f\x77\x70\x6c\x77\x4d\x41\x3d\x3d','\x4a\x52\x38\x43\x54\x67\x3d\x3d','\x59\x73\x4f\x6e\x62\x53\x45\x51\x77\x37\x6f\x7a\x77\x71\x5a\x4b\x65\x73\x4b\x55\x77\x37\x6b\x77\x58\x38\x4f\x52\x49\x51\x3d\x3d','\x77\x37\x6f\x56\x53\x38\x4f\x53\x77\x6f\x50\x43\x6c\x33\x6a\x43\x68\x4d\x4b\x68\x77\x36\x48\x44\x6c\x73\x4b\x58\x77\x34\x73\x2f\x59\x73\x4f\x47','\x66\x77\x56\x6d\x49\x31\x41\x74\x77\x70\x6c\x61\x59\x38\x4f\x74\x77\x35\x63\x4e\x66\x53\x67\x70\x77\x36\x4d\x3d','\x4f\x63\x4f\x4e\x77\x72\x6a\x43\x71\x73\x4b\x78\x54\x47\x54\x43\x68\x73\x4f\x6a\x45\x57\x45\x38\x50\x63\x4f\x63\x4a\x38\x4b\x36','\x55\x38\x4b\x35\x4c\x63\x4f\x74\x77\x70\x56\x30\x45\x4d\x4f\x6b\x77\x34\x37\x44\x72\x4d\x4f\x58','\x48\x4d\x4f\x32\x77\x6f\x48\x43\x69\x4d\x4b\x39\x53\x6c\x58\x43\x6c\x63\x4f\x6f\x43\x31\x6b\x3d','\x61\x73\x4b\x49\x77\x71\x4d\x44\x64\x67\x4d\x75\x50\x73\x4f\x4b\x42\x4d\x4b\x63\x77\x72\x72\x43\x74\x6b\x4c\x44\x72\x4d\x4b\x42\x77\x36\x34\x64','\x77\x71\x49\x6d\x4d\x54\x30\x74\x77\x36\x52\x4e\x77\x35\x6b\x3d','\x44\x4d\x4b\x63\x55\x30\x4a\x6d\x55\x77\x55\x76','\x56\x6a\x48\x44\x6c\x4d\x4f\x48\x56\x63\x4f\x4e\x58\x33\x66\x44\x69\x63\x4b\x4a\x48\x51\x3d\x3d','\x77\x71\x68\x42\x48\x38\x4b\x6e\x77\x34\x54\x44\x68\x53\x44\x44\x67\x4d\x4f\x64\x77\x72\x6a\x43\x6e\x63\x4f\x57\x77\x70\x68\x68\x4e\x38\x4b\x43\x47\x63\x4b\x71\x77\x36\x64\x48\x41\x55\x35\x2b\x77\x72\x67\x32\x4a\x63\x4b\x61\x77\x34\x49\x45\x4a\x63\x4f\x63\x77\x72\x52\x4a\x77\x6f\x5a\x30\x77\x71\x46\x39\x59\x67\x41\x56','\x64\x7a\x64\x32\x77\x35\x62\x44\x6d\x33\x6a\x44\x70\x73\x4b\x33\x77\x70\x59\x3d','\x77\x34\x50\x44\x67\x63\x4b\x58\x77\x6f\x33\x43\x6b\x63\x4b\x4c\x77\x72\x35\x71\x77\x72\x59\x3d','\x77\x72\x4a\x4f\x54\x63\x4f\x51\x57\x4d\x4f\x67','\x77\x71\x54\x44\x76\x63\x4f\x6a\x77\x34\x34\x37\x77\x72\x34\x3d','\x77\x35\x58\x44\x71\x73\x4b\x68\x4d\x46\x31\x2f','\x77\x72\x41\x79\x48\x73\x4f\x66\x77\x70\x70\x63','\x4a\x33\x64\x56\x50\x63\x4f\x78\x4c\x67\x3d\x3d','\x77\x72\x64\x48\x77\x37\x70\x39\x5a\x77\x3d\x3d','\x77\x34\x72\x44\x6f\x38\x4b\x6d\x4e\x45\x77\x3d','\x49\x4d\x4b\x41\x55\x6b\x42\x74','\x77\x36\x62\x44\x72\x63\x4b\x51\x77\x70\x56\x48\x77\x70\x4e\x51\x77\x71\x55\x3d','\x64\x38\x4f\x73\x57\x68\x41\x55\x77\x37\x59\x7a\x77\x72\x55\x3d','\x77\x71\x6e\x43\x6b\x73\x4f\x65\x65\x7a\x72\x44\x68\x77\x3d\x3d','\x55\x73\x4b\x6e\x49\x4d\x4b\x57\x56\x38\x4b\x2f','\x77\x34\x7a\x44\x6f\x63\x4b\x38\x4e\x55\x5a\x76','\x63\x38\x4f\x78\x5a\x68\x41\x4a\x77\x36\x73\x6b\x77\x71\x4a\x6a','\x50\x63\x4b\x49\x77\x34\x6e\x43\x6b\x6b\x56\x62','\x4b\x48\x67\x6f\x64\x4d\x4f\x32\x56\x51\x3d\x3d','\x77\x70\x73\x6d\x77\x71\x76\x44\x6e\x47\x46\x71','\x77\x71\x4c\x44\x74\x38\x4f\x6b\x77\x34\x63\x3d','\x77\x37\x77\x31\x77\x34\x50\x43\x70\x73\x4f\x34\x77\x71\x41\x3d','\x77\x71\x39\x46\x52\x73\x4f\x71\x57\x4d\x4f\x71','\x62\x79\x42\x68\x77\x37\x72\x44\x6d\x33\x34\x3d','\x4c\x48\x67\x2b\x53\x38\x4f\x74\x54\x77\x3d\x3d','\x77\x71\x68\x4f\x77\x37\x31\x35\x64\x73\x4f\x48','\x55\x38\x4f\x37\x56\x73\x4f\x30\x77\x71\x76\x44\x76\x63\x4b\x75\x4b\x73\x4f\x71\x58\x38\x4b\x72','\x59\x69\x74\x74\x77\x35\x44\x44\x6e\x57\x6e\x44\x72\x41\x3d\x3d','\x59\x4d\x4b\x49\x77\x71\x55\x55\x66\x67\x49\x6b','\x61\x42\x37\x44\x6c\x4d\x4f\x44\x54\x51\x3d\x3d','\x77\x70\x66\x44\x68\x38\x4f\x72\x77\x36\x6b\x6b','\x77\x37\x76\x43\x71\x4d\x4f\x72\x59\x38\x4b\x41\x56\x6b\x35\x4f\x77\x70\x6e\x43\x75\x38\x4f\x61\x58\x73\x4b\x5a\x50\x33\x44\x43\x6c\x63\x4b\x79\x77\x36\x48\x44\x72\x51\x3d\x3d','\x77\x6f\x77\x2b\x77\x36\x76\x44\x6d\x48\x70\x73\x77\x37\x52\x74\x77\x6f\x39\x38\x4c\x43\x37\x43\x69\x47\x37\x43\x6b\x73\x4f\x52\x54\x38\x4b\x6c\x57\x38\x4f\x35\x77\x72\x33\x44\x69\x38\x4f\x54\x48\x73\x4f\x44\x65\x48\x6a\x44\x6d\x63\x4b\x6c\x4a\x73\x4b\x71\x56\x41\x3d\x3d','\x4e\x77\x56\x2b','\x77\x37\x48\x44\x72\x63\x4b\x74\x77\x70\x4a\x61\x77\x70\x5a\x62','\x77\x70\x51\x73\x77\x71\x76\x44\x69\x48\x70\x75\x77\x36\x49\x3d','\x59\x4d\x4b\x55\x77\x71\x4d\x4a\x5a\x51\x3d\x3d','\x4b\x48\x31\x56\x4b\x63\x4f\x71\x4b\x73\x4b\x31','\x66\x51\x35\x73\x46\x55\x6b\x6b\x77\x70\x49\x3d','\x77\x72\x76\x43\x72\x63\x4f\x42\x52\x38\x4b\x6b','\x4d\x33\x77\x30\x66\x51\x3d\x3d','\x77\x36\x78\x58\x77\x71\x50\x44\x76\x4d\x4f\x46\x77\x6f\x35\x64'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['\x70\x75\x73\x68'](_0x4c97f0['\x73\x68\x69\x66\x74']());}};var _0x3cd6c6=function(){var _0xb8360b={'\x64\x61\x74\x61':{'\x6b\x65\x79':'\x63\x6f\x6f\x6b\x69\x65','\x76\x61\x6c\x75\x65':'\x74\x69\x6d\x65\x6f\x75\x74'},'\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+'\x3d'+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['\x6c\x65\x6e\x67\x74\x68'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+='\x3b\x20'+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['\x70\x75\x73\x68'](_0xd79219);_0x178627=_0x20bf34['\x6c\x65\x6e\x67\x74\x68'];if(_0xd79219!==!![]){_0xba82f0+='\x3d'+_0xd79219;}}_0x5e8b26['\x63\x6f\x6f\x6b\x69\x65']=_0xba82f0;},'\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65':function(){return'\x64\x65\x76';},'\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('\x28\x3f\x3a\x5e\x7c\x3b\x20\x29'+_0x189946['\x72\x65\x70\x6c\x61\x63\x65'](/([.$?*|{}()[]\/+^])/g,'\x24\x31')+'\x3d\x28\x5b\x5e\x3b\x5d\x2a\x29'));var _0x52d57c=function(_0x105f59,_0x3fd789){_0x105f59(++_0x3fd789);};_0x52d57c(_0x4db1c,_0x1742fd);return _0x25af93?decodeURIComponent(_0x25af93[0x1]):undefined;}};var _0x4a2aed=function(){var _0x124d17=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return _0x124d17['\x74\x65\x73\x74'](_0xb8360b['\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65']['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};_0xb8360b['\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65']=_0x4a2aed;var _0x2d67ec='';var _0x120551=_0xb8360b['\x75\x70\x64\x61\x74\x65\x43\x6f\x6f\x6b\x69\x65']();if(!_0x120551){_0xb8360b['\x73\x65\x74\x43\x6f\x6f\x6b\x69\x65'](['\x2a'],'\x63\x6f\x75\x6e\x74\x65\x72',0x1);}else if(_0x120551){_0x2d67ec=_0xb8360b['\x67\x65\x74\x43\x6f\x6f\x6b\x69\x65'](null,'\x63\x6f\x75\x6e\x74\x65\x72');}else{_0xb8360b['\x72\x65\x6d\x6f\x76\x65\x43\x6f\x6f\x6b\x69\x65']();}};_0x3cd6c6();}(_0x4818,0x15b));var _0x55f3=function(_0x4c97f0,_0x1742fd){var _0x4c97f0=parseInt(_0x4c97f0,0x10);var _0x48181e=_0x4818[_0x4c97f0];if(!_0x55f3['\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64']){(function(){var _0xdf49c6=Function('\x72\x65\x74\x75\x72\x6e\x20\x28\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x28\x29\x20'+'\x7b\x7d\x2e\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72\x28\x22\x72\x65\x74\x75\x72\x6e\x20\x74\x68\x69\x73\x22\x29\x28\x29'+'\x29\x3b');var _0xb8360b=_0xdf49c6();var _0x389f44='\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x2b\x2f\x3d';_0xb8360b['\x61\x74\x6f\x62']||(_0xb8360b['\x61\x74\x6f\x62']=function(_0xba82f0){var _0xec6bb4=String(_0xba82f0)['\x72\x65\x70\x6c\x61\x63\x65'](/=+$/,'');for(var _0x1a0f04=0x0,_0x18c94e,_0x41b2ff,_0xd79219=0x0,_0x5792f7='';_0x41b2ff=_0xec6bb4['\x63\x68\x61\x72\x41\x74'](_0xd79219++);~_0x41b2ff&&(_0x18c94e=_0x1a0f04%0x4?_0x18c94e*0x40+_0x41b2ff:_0x41b2ff,_0x1a0f04++%0x4)?_0x5792f7+=String['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](0xff&_0x18c94e>>(-0x2*_0x1a0f04&0x6)):0x0){_0x41b2ff=_0x389f44['\x69\x6e\x64\x65\x78\x4f\x66'](_0x41b2ff);}return _0x5792f7;});}());_0x55f3['\x61\x74\x6f\x62\x50\x6f\x6c\x79\x66\x69\x6c\x6c\x41\x70\x70\x65\x6e\x64\x65\x64']=!![];}if(!_0x55f3['\x72\x63\x34']){var _0x232678=function(_0x401af1,_0x532ac0){var _0x45079a=[],_0x52d57c=0x0,_0x105f59,_0x3fd789='',_0x4a2aed='';_0x401af1=atob(_0x401af1);for(var _0x124d17=0x0,_0x1b9115=_0x401af1['\x6c\x65\x6e\x67\x74\x68'];_0x124d17<_0x1b9115;_0x124d17++){_0x4a2aed+='\x25'+('\x30\x30'+_0x401af1['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x124d17)['\x74\x6f\x53\x74\x72\x69\x6e\x67'](0x10))['\x73\x6c\x69\x63\x65'](-0x2);}_0x401af1=decodeURIComponent(_0x4a2aed);for(var _0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x45079a[_0x2d67ec]=_0x2d67ec;}for(_0x2d67ec=0x0;_0x2d67ec<0x100;_0x2d67ec++){_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec]+_0x532ac0['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x2d67ec%_0x532ac0['\x6c\x65\x6e\x67\x74\x68']))%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;}_0x2d67ec=0x0;_0x52d57c=0x0;for(var _0x4e5ce2=0x0;_0x4e5ce2<_0x401af1['\x6c\x65\x6e\x67\x74\x68'];_0x4e5ce2++){_0x2d67ec=(_0x2d67ec+0x1)%0x100;_0x52d57c=(_0x52d57c+_0x45079a[_0x2d67ec])%0x100;_0x105f59=_0x45079a[_0x2d67ec];_0x45079a[_0x2d67ec]=_0x45079a[_0x52d57c];_0x45079a[_0x52d57c]=_0x105f59;_0x3fd789+=String['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](_0x401af1['\x63\x68\x61\x72\x43\x6f\x64\x65\x41\x74'](_0x4e5ce2)^_0x45079a[(_0x45079a[_0x2d67ec]+_0x45079a[_0x52d57c])%0x100]);}return _0x3fd789;};_0x55f3['\x72\x63\x34']=_0x232678;}if(!_0x55f3['\x64\x61\x74\x61']){_0x55f3['\x64\x61\x74\x61']={};}if(_0x55f3['\x64\x61\x74\x61'][_0x4c97f0]===undefined){if(!_0x55f3['\x6f\x6e\x63\x65']){var _0x5f325c=function(_0x23a392){this['\x72\x63\x34\x42\x79\x74\x65\x73']=_0x23a392;this['\x73\x74\x61\x74\x65\x73']=[0x1,0x0,0x0];this['\x6e\x65\x77\x53\x74\x61\x74\x65']=function(){return'\x6e\x65\x77\x53\x74\x61\x74\x65';};this['\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65']='\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a';this['\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65']='\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d';};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65']=function(){var _0x19f809=new RegExp(this['\x66\x69\x72\x73\x74\x53\x74\x61\x74\x65']+this['\x73\x65\x63\x6f\x6e\x64\x53\x74\x61\x74\x65']);return this['\x72\x75\x6e\x53\x74\x61\x74\x65'](_0x19f809['\x74\x65\x73\x74'](this['\x6e\x65\x77\x53\x74\x61\x74\x65']['\x74\x6f\x53\x74\x72\x69\x6e\x67']())?--this['\x73\x74\x61\x74\x65\x73'][0x1]:--this['\x73\x74\x61\x74\x65\x73'][0x0]);};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x72\x75\x6e\x53\x74\x61\x74\x65']=function(_0x4380bd){if(!Boolean(~_0x4380bd)){return _0x4380bd;}return this['\x67\x65\x74\x53\x74\x61\x74\x65'](this['\x72\x63\x34\x42\x79\x74\x65\x73']);};_0x5f325c['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65']['\x67\x65\x74\x53\x74\x61\x74\x65']=function(_0x58d85e){for(var _0x1c9f5b=0x0,_0x1ce9e0=this['\x73\x74\x61\x74\x65\x73']['\x6c\x65\x6e\x67\x74\x68'];_0x1c9f5b<_0x1ce9e0;_0x1c9f5b++){this['\x73\x74\x61\x74\x65\x73']['\x70\x75\x73\x68'](Math['\x72\x6f\x75\x6e\x64'](Math['\x72\x61\x6e\x64\x6f\x6d']()));_0x1ce9e0=this['\x73\x74\x61\x74\x65\x73']['\x6c\x65\x6e\x67\x74\x68'];}return _0x58d85e(this['\x73\x74\x61\x74\x65\x73'][0x0]);};new _0x5f325c(_0x55f3)['\x63\x68\x65\x63\x6b\x53\x74\x61\x74\x65']();_0x55f3['\x6f\x6e\x63\x65']=!![];}_0x48181e=_0x55f3['\x72\x63\x34'](_0x48181e,_0x1742fd);_0x55f3['\x64\x61\x74\x61'][_0x4c97f0]=_0x48181e;}else{_0x48181e=_0x55f3['\x64\x61\x74\x61'][_0x4c97f0];}return _0x48181e;};var arg3=null;var arg4=null;var arg5=null;var arg6=null;var arg7=null;var arg8=null;var arg9=null;var arg10=null;var l=function(){while(window[_0x55f3('0x1', '\x58\x4d\x57\x5e')]||window['\x5f\x5f\x70\x68\x61\x6e\x74\x6f\x6d\x61\x73']){};var _0x5e8b26=_0x55f3('0x3', '\x6a\x53\x31\x59');String[_0x55f3('0x5', '\x6e\x5d\x66\x52')][_0x55f3('0x6', '\x50\x67\x35\x34')]=function(_0x4e08d8){var _0x5a5d3b='';for(var _0xe89588=0x0;_0xe89588<this[_0x55f3('0x8', '\x29\x68\x52\x63')]&&_0xe89588<_0x4e08d8[_0x55f3('0xa', '\x6a\x45\x26\x5e')];_0xe89588+=0x2){var _0x401af1=parseInt(this[_0x55f3('0xb', '\x56\x32\x4b\x45')](_0xe89588,_0xe89588+0x2),0x10);var _0x105f59=parseInt(_0x4e08d8[_0x55f3('0xd', '\x58\x4d\x57\x5e')](_0xe89588,_0xe89588+0x2),0x10);var _0x189e2c=(_0x401af1^_0x105f59)[_0x55f3('0xf', '\x57\x31\x46\x45')](0x10);if(_0x189e2c[_0x55f3('0x11', '\x4d\x47\x72\x76')]==0x1){_0x189e2c='\x30'+_0x189e2c;}_0x5a5d3b+=_0x189e2c;}return _0x5a5d3b;};String['\x70\x72\x6f\x74\x6f\x74\x79\x70\x65'][_0x55f3('0x14', '\x5a\x2a\x44\x4d')]=function(){var _0x4b082b=[0xf,0x23,0x1d,0x18,0x21,0x10,0x1,0x26,0xa,0x9,0x13,0x1f,0x28,0x1b,0x16,0x17,0x19,0xd,0x6,0xb,0x27,0x12,0x14,0x8,0xe,0x15,0x20,0x1a,0x2,0x1e,0x7,0x4,0x11,0x5,0x3,0x1c,0x22,0x25,0xc,0x24];var _0x4da0dc=[];var _0x12605e='';for(var _0x20a7bf=0x0;_0x20a7bf<this['\x6c\x65\x6e\x67\x74\x68'];_0x20a7bf++){var _0x385ee3=this[_0x20a7bf];for(var _0x217721=0x0;_0x217721<_0x4b082b[_0x55f3('0x16', '\x61\x48\x2a\x4e')];_0x217721++){if(_0x4b082b[_0x217721]==_0x20a7bf+0x1){_0x4da0dc[_0x217721]=_0x385ee3;}}}_0x12605e=_0x4da0dc['\x6a\x6f\x69\x6e']('');return _0x12605e;};var _0x23a392=arg1[_0x55f3('0x19', '\x50\x67\x35\x34')]();arg2=_0x23a392[_0x55f3('0x1b', '\x7a\x35\x4f\x26')](_0x5e8b26);setTimeout('\x72\x65\x6c\x6f\x61\x64\x28\x61\x72\x67\x32\x29',0x2);};var _0x4db1c=function(){function _0x355d23(_0x450614){if((''+_0x450614/_0x450614)[_0x55f3('0x1c', '\x56\x32\x4b\x45')]!==0x1||_0x450614%0x14===0x0){(function(){}[_0x55f3('0x1d', '\x43\x4e\x55\x59')]((undefined+'')[0x2]+(!![]+'')[0x3]+([][_0x55f3('0x1e', '\x77\x38\x50\x52')]()+'')[0x2]+(undefined+'')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+'')[0x3]+(!![]+'')[0x1])());}else{(function(){}['\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72']((undefined+'')[0x2]+(!![]+'')[0x3]+([][_0x55f3('0x1f', '\x4c\x24\x28\x44')]()+'')[0x2]+(undefined+'')[0x0]+(![]+[0x0]+String)[0x14]+(![]+[0x0]+String)[0x14]+(!![]+'')[0x3]+(!![]+'')[0x1])());}_0x355d23(++_0x450614);}try{_0x355d23(0x0);}catch(_0x54c483){}};if(function(){var _0x470d8f=function(){var _0x4c97f0=!![];return function(_0x1742fd,_0x4db1c){var _0x48181e=_0x4c97f0?function(){if(_0x4db1c){var _0x55f3be=_0x4db1c['\x61\x70\x70\x6c\x79'](_0x1742fd,arguments);_0x4db1c=null;return _0x55f3be;}}:function(){};_0x4c97f0=![];return _0x48181e;};}();var _0x501fd7=_0x470d8f(this,function(){var _0x4c97f0=function(){return'\x64\x65\x76';},_0x1742fd=function(){return'\x77\x69\x6e\x64\x6f\x77';};var _0x55f3be=function(){var _0x3ad9a1=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return!_0x3ad9a1['\x74\x65\x73\x74'](_0x4c97f0['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var _0x1b93ad=function(){var _0x20bf34=new RegExp('\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b');return _0x20bf34['\x74\x65\x73\x74'](_0x1742fd['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var _0x5afe31=function(_0x178627){var _0x1a0f04=~-0x1>>0x1+0xff%0x0;if(_0x178627['\x69\x6e\x64\x65\x78\x4f\x66']('\x69'===_0x1a0f04)){_0xd79219(_0x178627);}};var _0xd79219=function(_0x5792f7){var _0x4e08d8=~-0x4>>0x1+0xff%0x0;if(_0x5792f7['\x69\x6e\x64\x65\x78\x4f\x66']((!![]+'')[0x3])!==_0x4e08d8){_0x5afe31(_0x5792f7);}};if(!_0x55f3be()){if(!_0x1b93ad()){_0x5afe31('\x69\x6e\x64е\x78\x4f\x66');}else{_0x5afe31('\x69\x6e\x64\x65\x78\x4f\x66');}}else{_0x5afe31('\x69\x6e\x64е\x78\x4f\x66');}});_0x501fd7();var _0x3a394d=function(){var _0x1ab151=!![];return function(_0x372617,_0x42d229){var _0x3b3503=_0x1ab151?function(){if(_0x42d229){var _0x7086d9=_0x42d229[_0x55f3('0x21', '\x4b\x4e\x29\x46')](_0x372617,arguments);_0x42d229=null;return _0x7086d9;}}:function(){};_0x1ab151=![];return _0x3b3503;};}();var _0x5b6351=_0x3a394d(this,function(){var _0x46cbaa=Function(_0x55f3('0x22', '\x26\x68\x5a\x59')+_0x55f3('0x23', '\x61\x48\x2a\x4e')+'\x29\x3b');var _0x1766ff=function(){};var _0x9b5e29=_0x46cbaa();_0x9b5e29[_0x55f3('0x26', '\x61\x48\x2a\x4e')]['\x6c\x6f\x67']=_0x1766ff;_0x9b5e29[_0x55f3('0x29', '\x56\x25\x59\x52')][_0x55f3('0x2a', '\x50\x5e\x45\x71')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2c', '\x6c\x67\x4d\x30')][_0x55f3('0x2d', '\x4c\x24\x28\x44')]=_0x1766ff;_0x9b5e29[_0x55f3('0x2f', '\x43\x5a\x63\x38')][_0x55f3('0x30', '\x57\x75\x36\x25')]=_0x1766ff;});_0x5b6351();try{return!!window['\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72'];}catch(_0x35538d){return![];}}()){document[_0x55f3('0x33', '\x56\x25\x59\x52')](_0x55f3('0x34', '\x79\x41\x70\x7a'),l,![]);}else{document[_0x55f3('0x36', '\x79\x41\x70\x7a')](_0x55f3('0x37', '\x4c\x24\x28\x44'),l);}_0x4db1c();setInterval(function(){_0x4db1c();},0xfa0);

function setCookie(name,value){var expiredate=new Date();expiredate.setTime(expiredate.getTime()+(3600*1000));document.cookie=name+"="+value+";expires="+expiredate.toGMTString()+";max-age=3600;path=/";}

function reload(x) {setCookie("acw_sc__v2", x);document.location.reload();}

</script></html>

追根溯源

这个是不是看起来比eval()还要头大一些,密密麻麻的都是16进制数。别慌,让我来给他美化一波!!

< html > < script src = "//aeu.alicdn.com/waf/antidomxss.js" > < /script><script>

var arg1='7CF8FE6084F244597FE93D42AFEB6C2ED7029D82';

var _0x4818=['csKHwqMI','ZsKJwr8VeAsy','UcKiN8O/wplwMA==','JR8CTg==','YsOnbSEQw7ozwqZKesKUw7kwX8ORIQ==','w7oVS8OSwoPCl3jChMKhw6HDlsKXw4s/YsOG','fwVmI1AtwplaY8Otw5cNfSgpw6M=','OcONwrjCqsKxTGTChsOjEWE8PcOcJ8K6','U8K5LcOtwpV0EMOkw47DrMOX','HMO2woHCiMK9SlXClcOoC1k=','asKIwqMDdgMuPsOKBMKcwrrCtkLDrMKBw64d','wqImMT0tw6RNw5k=','DMKcU0JmUwUv','VjHDlMOHVcONX3fDicKJHQ==','wqhBH8Knw4TDhSDDgMOdwrjCncOWwphhN8KCGcKqw6dHAU5+wrg2JcKaw4IEJcOcwrRJwoZ0wqF9YgAV','dzd2w5bDm3jDpsK3wpY=','w4PDgcKXwo3CkcKLwr5qwrY=','wrJOTcOQWMOg','wqTDvcOjw447wr4=','w5XDqsKhMF1/','wrAyHsOfwppc','J3dVPcOxLg==','wrdHw7p9Zw==','w4rDo8KmNEw=','IMKAUkBt','w6bDrcKQwpVHwpNQwqU=','d8OsWhAUw7YzwrU=','wqnCksOeezrDhw==','UsKnIMKWV8K/','w4zDocK8NUZv','c8OxZhAJw6skwqJj','PcKIw4nCkkVb','KHgodMO2VQ==','wpsmwqvDnGFq','wqLDt8Okw4c=','w7w1w4PCpsO4wqA=','wq9FRsOqWMOq','byBhw7rDm34=','LHg+S8OtTw==','wqhOw715dsOH','U8O7VsO0wqvDvcKuKsOqX8Kr','Yittw5DDnWnDrA==','YMKIwqUUfgIk','aB7DlMODTQ==','wpfDh8Orw6kk','w7vCqMOrY8KAVk5OwpnCu8OaXsKZP3DClcKyw6HDrQ==','wow+w6vDmHpsw7Rtwo98LC7CiG7CksORT8KlW8O5wr3Di8OTHsODeHjDmcKlJsKqVA==','NwV+','w7HDrcKtwpJawpZb','wpQswqvDiHpuw6I=','YMKUwqMJZQ==','KH1VKcOqKsK1','fQ5sFUkkwpI=','wrvCrcOBR8Kk','M3w0fQ==','w6xXwqPDvMOFwo5d'];(function(_0x4c97f0,_0x1742fd){var _0x4db1c=function(_0x48181e){while(--_0x48181e){_0x4c97f0['push'](_0x4c97f0['shift']());}};var _0x3cd6c6=function(){var _0xb8360b={'data':{'key':'cookie','value':'timeout'},'setCookie':function(_0x20bf34,_0x3e840e,_0x5693d3,_0x5e8b26){_0x5e8b26=_0x5e8b26||{};var _0xba82f0=_0x3e840e+'='+_0x5693d3;var _0x5afe31=0x0;for(var _0x5afe31=0x0,_0x178627=_0x20bf34['length'];_0x5afe31<_0x178627;_0x5afe31++){var _0x41b2ff=_0x20bf34[_0x5afe31];_0xba82f0+='; '+_0x41b2ff;var _0xd79219=_0x20bf34[_0x41b2ff];_0x20bf34['push'](_0xd79219);_0x178627=_0x20bf34['length'];if(_0xd79219!==!![]){_0xba82f0+='='+_0xd79219;}}_0x5e8b26['cookie']=_0xba82f0;},'removeCookie':function(){return'dev';},'getCookie':function(_0x4a11fe,_0x189946){_0x4a11fe=_0x4a11fe||function(_0x6259a2){return _0x6259a2;};var _0x25af93=_0x4a11fe(new RegExp('(?:^|; )'+_0x189946['replace'](/ ([.$ ? * | {}()[]\ / + ^ ]) / g, '$1') + '=([^;]*)'));

var _0x52d57c = function(_0x105f59, _0x3fd789) {

	_0x105f59(++_0x3fd789);

	};

_0x52d57c(_0x4db1c, _0x1742fd);

return _0x25af93 ? decodeURIComponent(_0x25af93[0x1]) : undefined;

}

};

var _0x4a2aed = function() {

	var _0x124d17 = new RegExp('\w+ *\(\) *{\w+ *['|"].+['|"];? *}');

	return _0x124d17['test'](_0xb8360b['removeCookie']['toString']());

	};

_0xb8360b['updateCookie'] = _0x4a2aed;

var _0x2d67ec = '';

var _0x120551 = _0xb8360b['updateCookie']();

if (!_0x120551) {

	_0xb8360b['setCookie'](['*'], 'counter', 0x1);

} else if (_0x120551) {

	_0x2d67ec = _0xb8360b['getCookie'](null, 'counter');

} else {

	_0xb8360b['removeCookie']();

}

};

_0x3cd6c6();

}(_0x4818, 0x15b));

var _0x55f3 = function(_0x4c97f0, _0x1742fd) {

	var _0x4c97f0 = parseInt(_0x4c97f0, 0x10);

	var _0x48181e = _0x4818[_0x4c97f0];

	if (!_0x55f3['atobPolyfillAppended']) {

		(function() {

			var _0xdf49c6 = Function('return (function () ' + '{}.constructor("return this")()' + ');');

			var _0xb8360b = _0xdf49c6();

			var _0x389f44 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';

			_0xb8360b['atob'] || (_0xb8360b['atob'] = function(_0xba82f0) {

				var _0xec6bb4 = String(_0xba82f0)['replace'](/=+$/, '');

				for (var _0x1a0f04 = 0x0, _0x18c94e, _0x41b2ff, _0xd79219 = 0x0, _0x5792f7 = ''; _0x41b2ff = _0xec6bb4['charAt'](_0xd79219++);~_0x41b2ff && (_0x18c94e = _0x1a0f04 % 0x4 ? _0x18c94e * 0x40 + _0x41b2ff : _0x41b2ff, _0x1a0f04++ % 0x4) ? _0x5792f7 += String['fromCharCode'](0xff & _0x18c94e >> (-0x2 * _0x1a0f04 & 0x6)) : 0x0) {

					_0x41b2ff = _0x389f44['indexOf'](_0x41b2ff);

				}

				return _0x5792f7;

			});

		}());

		_0x55f3['atobPolyfillAppended'] = !! [];

	}

	if (!_0x55f3['rc4']) {

		var _0x232678 = function(_0x401af1, _0x532ac0) {

				var _0x45079a = [],

					_0x52d57c = 0x0,

					_0x105f59, _0x3fd789 = '',

					_0x4a2aed = '';

				_0x401af1 = atob(_0x401af1);

				for (var _0x124d17 = 0x0, _0x1b9115 = _0x401af1['length']; _0x124d17 < _0x1b9115; _0x124d17++) {

					_0x4a2aed += '%' + ('00' + _0x401af1['charCodeAt'](_0x124d17)['toString'](0x10))['slice'](-0x2);

				}

				_0x401af1 = decodeURIComponent(_0x4a2aed);

				for (var _0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {

					_0x45079a[_0x2d67ec] = _0x2d67ec;

				}

				for (_0x2d67ec = 0x0; _0x2d67ec < 0x100; _0x2d67ec++) {

					_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec] + _0x532ac0['charCodeAt'](_0x2d67ec % _0x532ac0['length'])) % 0x100;

					_0x105f59 = _0x45079a[_0x2d67ec];

					_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];

					_0x45079a[_0x52d57c] = _0x105f59;

				}

				_0x2d67ec = 0x0;

				_0x52d57c = 0x0;

				for (var _0x4e5ce2 = 0x0; _0x4e5ce2 < _0x401af1['length']; _0x4e5ce2++) {

					_0x2d67ec = (_0x2d67ec + 0x1) % 0x100;

					_0x52d57c = (_0x52d57c + _0x45079a[_0x2d67ec]) % 0x100;

					_0x105f59 = _0x45079a[_0x2d67ec];

					_0x45079a[_0x2d67ec] = _0x45079a[_0x52d57c];

					_0x45079a[_0x52d57c] = _0x105f59;

					_0x3fd789 += String['fromCharCode'](_0x401af1['charCodeAt'](_0x4e5ce2) ^ _0x45079a[(_0x45079a[_0x2d67ec] + _0x45079a[_0x52d57c]) % 0x100]);

				}

				return _0x3fd789;

			};

		_0x55f3['rc4'] = _0x232678;

	}

	if (!_0x55f3['data']) {

		_0x55f3['data'] = {};

	}

	if (_0x55f3['data'][_0x4c97f0] === undefined) {

		if (!_0x55f3['once']) {

			var _0x5f325c = function(_0x23a392) {

					this['rc4Bytes'] = _0x23a392;

					this['states'] = [0x1, 0x0, 0x0];

					this['newState'] = function() {

						return 'newState';

					};

					this['firstState'] = '\w+ *\(\) *{\w+ *';

					this['secondState'] = '['|"].+['|"];? *}';

				};

			_0x5f325c['prototype']['checkState'] = function() {

				var _0x19f809 = new RegExp(this['firstState'] + this['secondState']);

				return this['runState'](_0x19f809['test'](this['newState']['toString']()) ? --this['states'][0x1] : --this['states'][0x0]);

			};

			_0x5f325c['prototype']['runState'] = function(_0x4380bd) {

				if (!Boolean(~_0x4380bd)) {

					return _0x4380bd;

				}

				return this['getState'](this['rc4Bytes']);

			};

			_0x5f325c['prototype']['getState'] = function(_0x58d85e) {

				for (var _0x1c9f5b = 0x0, _0x1ce9e0 = this['states']['length']; _0x1c9f5b < _0x1ce9e0; _0x1c9f5b++) {

					this['states']['push'](Math['round'](Math['random']()));

					_0x1ce9e0 = this['states']['length'];

				}

				return _0x58d85e(this['states'][0x0]);

			};

			new _0x5f325c(_0x55f3)['checkState']();

			_0x55f3['once'] = !! [];

		}

		_0x48181e = _0x55f3['rc4'](_0x48181e, _0x1742fd);

		_0x55f3['data'][_0x4c97f0] = _0x48181e;

	} else {

		_0x48181e = _0x55f3['data'][_0x4c97f0];

	}

	return _0x48181e;

	};

var arg3 = null;

var arg4 = null;

var arg5 = null;

var arg6 = null;

var arg7 = null;

var arg8 = null;

var arg9 = null;

var arg10 = null;

var l = function() {

	while (window[_0x55f3('0x1', 'XMW^')] || window['__phantomas']) {};

	var _0x5e8b26 = _0x55f3('0x3', 'jS1Y');

	String[_0x55f3('0x5', 'n]fR')][_0x55f3('0x6', 'Pg54')] = function(_0x4e08d8) {

		var _0x5a5d3b = '';

		for (var _0xe89588 = 0x0; _0xe89588 < this[_0x55f3('0x8', ')hRc')] && _0xe89588 < _0x4e08d8[_0x55f3('0xa', 'jE&^')]; _0xe89588 += 0x2) {

			var _0x401af1 = parseInt(this[_0x55f3('0xb', 'V2KE')](_0xe89588, _0xe89588 + 0x2), 0x10);

			var _0x105f59 = parseInt(_0x4e08d8[_0x55f3('0xd', 'XMW^')](_0xe89588, _0xe89588 + 0x2), 0x10);

			var _0x189e2c = (_0x401af1 ^ _0x105f59)[_0x55f3('0xf', 'W1FE')](0x10);

			if (_0x189e2c[_0x55f3('0x11', 'MGrv')] == 0x1) {

				_0x189e2c = '0' + _0x189e2c;

			}

			_0x5a5d3b += _0x189e2c;

		}

		return _0x5a5d3b;

	};

	String['prototype'][_0x55f3('0x14', 'Z*DM')] = function() {

		var _0x4b082b = [0xf, 0x23, 0x1d, 0x18, 0x21, 0x10, 0x1, 0x26, 0xa, 0x9, 0x13, 0x1f, 0x28, 0x1b, 0x16, 0x17, 0x19, 0xd, 0x6, 0xb, 0x27, 0x12, 0x14, 0x8, 0xe, 0x15, 0x20, 0x1a, 0x2, 0x1e, 0x7, 0x4, 0x11, 0x5, 0x3, 0x1c, 0x22, 0x25, 0xc, 0x24];

		var _0x4da0dc = [];

		var _0x12605e = '';

		for (var _0x20a7bf = 0x0; _0x20a7bf < this['length']; _0x20a7bf++) {

			var _0x385ee3 = this[_0x20a7bf];

			for (var _0x217721 = 0x0; _0x217721 < _0x4b082b[_0x55f3('0x16', 'aH*N')]; _0x217721++) {

				if (_0x4b082b[_0x217721] == _0x20a7bf + 0x1) {

					_0x4da0dc[_0x217721] = _0x385ee3;

				}

			}

		}

		_0x12605e = _0x4da0dc['join']('');

		return _0x12605e;

	};

	var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();

	arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);

	setTimeout('reload(arg2)', 0x2);

	};

var _0x4db1c = function() {

	function _0x355d23(_0x450614) {

		if (('' + _0x450614 / _0x450614)[_0x55f3('0x1c', 'V2KE')] !== 0x1 || _0x450614 % 0x14 === 0x0) {

			(function() {}[_0x55f3('0x1d', 'CNUY')]((undefined + '')[0x2] + ( !! [] + '')[0x3] + ([][_0x55f3('0x1e', 'w8PR')]() + '')[0x2] + (undefined + '')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + '')[0x3] + ( !! [] + '')[0x1])());

		} else {

			(function() {}['constructor']((undefined + '')[0x2] + ( !! [] + '')[0x3] + ([][_0x55f3('0x1f', 'L$(D')]() + '')[0x2] + (undefined + '')[0x0] + (![] + [0x0] + String)[0x14] + (![] + [0x0] + String)[0x14] + ( !! [] + '')[0x3] + ( !! [] + '')[0x1])());

		}

		_0x355d23(++_0x450614);

	}

	try {

		_0x355d23(0x0);

	} catch (_0x54c483) {}

	};

if (function() {

	var _0x470d8f = function() {

			var _0x4c97f0 = !! [];

			return function(_0x1742fd, _0x4db1c) {

				var _0x48181e = _0x4c97f0 ?

				function() {

					if (_0x4db1c) {

						var _0x55f3be = _0x4db1c['apply'](_0x1742fd, arguments);

						_0x4db1c = null;

						return _0x55f3be;

					}

				} : function() {};

				_0x4c97f0 = ![];

				return _0x48181e;

			};

		}();

	var _0x501fd7 = _0x470d8f(this, function() {

		var _0x4c97f0 = function() {

				return 'dev';

			},

			_0x1742fd = function() {

				return 'window';

			};

		var _0x55f3be = function() {

				var _0x3ad9a1 = new RegExp('\w+ *\(\) *{\w+ *['|"].+['|"];? *}');

				return !_0x3ad9a1['test'](_0x4c97f0['toString']());

			};

		var _0x1b93ad = function() {

				var _0x20bf34 = new RegExp('(\\[x|u](\w){2,4})+');

				return _0x20bf34['test'](_0x1742fd['toString']());

			};

		var _0x5afe31 = function(_0x178627) {

				var _0x1a0f04 = ~ - 0x1 >> 0x1 + 0xff % 0x0;

				if (_0x178627['indexOf']('i' === _0x1a0f04)) {

					_0xd79219(_0x178627);

				}

			};

		var _0xd79219 = function(_0x5792f7) {

				var _0x4e08d8 = ~ - 0x4 >> 0x1 + 0xff % 0x0;

				if (_0x5792f7['indexOf'](( !! [] + '')[0x3]) !== _0x4e08d8) {

					_0x5afe31(_0x5792f7);

				}

			};

		if (!_0x55f3be()) {

			if (!_0x1b93ad()) {

				_0x5afe31('indеxOf');

			} else {

				_0x5afe31('indexOf');

			}

		} else {

			_0x5afe31('indеxOf');

		}

	});

	_0x501fd7();

	var _0x3a394d = function() {

			var _0x1ab151 = !! [];

			return function(_0x372617, _0x42d229) {

				var _0x3b3503 = _0x1ab151 ?

				function() {

					if (_0x42d229) {

						var _0x7086d9 = _0x42d229[_0x55f3('0x21', 'KN)F')](_0x372617, arguments);

						_0x42d229 = null;

						return _0x7086d9;

					}

				} : function() {};

				_0x1ab151 = ![];

				return _0x3b3503;

			};

		}();

	var _0x5b6351 = _0x3a394d(this, function() {

		var _0x46cbaa = Function(_0x55f3('0x22', '&hZY') + _0x55f3('0x23', 'aH*N') + ');');

		var _0x1766ff = function() {};

		var _0x9b5e29 = _0x46cbaa();

		_0x9b5e29[_0x55f3('0x26', 'aH*N')]['log'] = _0x1766ff;

		_0x9b5e29[_0x55f3('0x29', 'V%YR')][_0x55f3('0x2a', 'P^Eq')] = _0x1766ff;

		_0x9b5e29[_0x55f3('0x2c', 'lgM0')][_0x55f3('0x2d', 'L$(D')] = _0x1766ff;

		_0x9b5e29[_0x55f3('0x2f', 'CZc8')][_0x55f3('0x30', 'Wu6%')] = _0x1766ff;

	});

	_0x5b6351();

	try {

		return !!window['addEventListener'];

	} catch (_0x35538d) {

		return ![];

	}

}()) {

	document[_0x55f3('0x33', 'V%YR')](_0x55f3('0x34', 'yApz'), l, ![]);

} else {

	document[_0x55f3('0x36', 'yApz')](_0x55f3('0x37', 'L$(D'), l);

}

_0x4db1c();

setInterval(function() {

	_0x4db1c();

}, 0xfa0);

function setCookie(name, value) {

	var expiredate = new Date();

	expiredate.setTime(expiredate.getTime() + (3600 * 1000));

	document.cookie = name + "=" + value + ";expires=" + expiredate.toGMTString() + ";max-age=3600;path=/";

}

function reload(x) {

	setCookie("acw_sc__v2", x);

	document.location.reload();

} < /script></html >

上面是格式后的js。为什么叫混淆函数,一是使用了十六进制数混淆,二是有用的代码的确不多。我们从最后两个函数看起,一个是reload(x),一个是setCookie()

reload()调用setCookie(),生成key=acw_sc__v2,value=x的cookie,然后通过document.location.reload()来刷新网页。那么关键来了,到底是谁生成x并调用的reload()?

我们搜索上面的代码,发现了以下三行核心代码:

var _0x23a392 = arg1[_0x55f3('0x19', 'Pg54')]();

arg2 = _0x23a392[_0x55f3('0x1b', 'z5O&')](_0x5e8b26);

setTimeout('reload(arg2)', 0x2);

这三行代码中arg1是个字符串,_0x55f3是个方法名,arg2就是cookie中的value,理清之间的调用关系计算出arg2。

这个混淆js是非常有意思的,涉及的js基础知识比较多,想要搞定主要还是依赖于debug控制台

结语

本文主要以技术介绍为主,也不难看出,做爬虫还是需要有一丢丢丢前端功底的。如果你问我,既不想搞懂还想解决js加密行不行啊?我只想告诉你:程序员不能说不行。方法是有的,但是终究需要依赖第三方服务或者插件。

当然,很多网站都会有自己独特的js加密方式,反爬技术的花样也是层出不穷。有兴趣的也可以一起探讨学习。

爬虫基础篇完结于此。开始着手准备爬虫框架scrapy系列的写作了,期待下一次相遇。

95后小程序员,写的都是日常工作中的亲身实践,置身于初学者的角度从0写到1,保证能够真正让大家看懂。

文章会在公众号 [入门到放弃之路] 首发,期待你的关注。

爬虫入门到放弃系列07:js混淆、eval加密、字体加密三大反爬技术的更多相关文章

  1. 爬虫入门到放弃系列02:html网页如何解析

    前言 上一篇文章讲了爬虫的概念,本篇文章主要来讲述一下如何来解析爬虫请求的网页内容. 一个简单的爬虫程序主要分为两个部分,请求部分和解析部分.请求部分基本一行代码就可以搞定,所以主要来讲述一下解析部分 ...

  2. 爬虫入门到放弃系列05:从程序模块设计到代理IP池

    前言 上篇文章吧啦吧啦讲了一些有的没的,现在还是回到主题写点技术相关的.本篇文章作为基础爬虫知识的最后一篇,将以爬虫程序的模块设计来完结. 在我漫(liang)长(nian)的爬虫开发生涯中,我通常将 ...

  3. [大数据从入门到放弃系列教程]第一个spark分析程序

    [大数据从入门到放弃系列教程]第一个spark分析程序 原文链接:http://www.cnblogs.com/blog5277/p/8580007.html 原文作者:博客园--曲高终和寡 **** ...

  4. [大数据从入门到放弃系列教程]在IDEA的Java项目里,配置并加入Scala,写出并运行scala的hello world

    [大数据从入门到放弃系列教程]在IDEA的Java项目里,配置并加入Scala,写出并运行scala的hello world 原文链接:http://www.cnblogs.com/blog5277/ ...

  5. php从入门到放弃系列-01.php环境的搭建

    php从入门到放弃系列-01.php环境的搭建 一.为什么要学习php 1.php语言适用于中小型网站的快速开发: 2.并且有非常成熟的开源框架,例如yii,thinkphp等: 3.几乎全部的CMS ...

  6. php从入门到放弃系列-04.php页面间值传递和保持

    php从入门到放弃系列-04.php页面间值传递和保持 一.目录结构 二.两次页面间传递值 在两次页面之间传递少量数据,可以使用get提交,也可以使用post提交,二者的区别恕不赘述. 1.get提交 ...

  7. php从入门到放弃系列-03.php函数和面向对象

    php从入门到放弃系列-03.php函数和面向对象 一.函数 php真正的威力源自它的函数,内置了1000个函数,可以参考PHP 参考手册. 自定义函数: function functionName( ...

  8. php从入门到放弃系列-02.php基础语法

    php从入门到放弃系列-02.php基础语法 一.学习语法,从hello world开始 PHP(全称:PHP:Hypertext Preprocessor,即"PHP:超文本预处理器&qu ...

  9. K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署

    Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...

随机推荐

  1. Node.js Backend Developer

    Node.js Backend Developer refs xgqfrms 2012-2020 www.cnblogs.com 发布文章使用:只允许注册用户才可以访问!

  2. Raspberry Pi & GPIO

    Raspberry Pi & GPIO pinout === pin out / p in out pi@raspberrypi:~ $ pinout ,------------------- ...

  3. 树莓派 4B 入门教程

    树莓派 4B 入门教程 Raspberry Pi, Raspberry Pi 3B, Raspberry Pi 4B 树莓派 4B 入门手册 PDF Raspberry Pi Beginners Gu ...

  4. React 16.x Roadmap

    React 16.x Roadmap https://reactjs.org/blog/2018/11/27/react-16-roadmap.html https://reactjs.org/blo ...

  5. Chrome V8 系统架构

    Chrome V8 系统架构 Chromium 多进程多线程架构 design-documents https://www.chromium.org/developers/design-documen ...

  6. Enums & JavasScript & TypeScript

    Enums & JavasScript & TypeScript ES6 & TS https://www.typescriptlang.org/docs/handbook/e ...

  7. mdn & remove & removeChild

    mdn & remove & removeChild Element https://developer.mozilla.org/en-US/docs/Web/API/Element ...

  8. nodejs 在windows10中设置动态(视频)壁纸

    github 项目地址 node版本 λ node -v v12.16.2 main.js const ffi = require("@saleae/ffi"); const ch ...

  9. 瞧一瞧React Fiber

    啥是React Fiber? React Fiber,简单来说就是一个从React v16开始引入的新协调引擎,用来实现Virtual DOM的增量渲染. 说人话:就是一种能让React视图更新过程变 ...

  10. CentOS7安装Mysql并配置远程访问

    (su root登录到root账户) 下载repo源 wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm 安装rpm ...