Python-已知解密功能的JavaScript加密功能
[英]Python - Javascript encrypt function for a known decrypt function
问题描述
I found a streaming website that encrypts the iframe code with an interesting Javascript function. 
我找到了一个流媒体网站,该网站使用有趣的Javascript函数对iframe代码进行加密。 On the webpage is visible the decrypt function (obviously) but not the encryption one. 在网页上可以看到解密功能(显然),但是看不到加密功能。 This is the function: 这是功能:
function base64_decode(data) {
var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
var o1, o2, o3, h1, h2, h3, h4, bits, i = 0,
ac = 0,
dec = '',
tmp_arr = [];
if (!data) {
return data;
}
data += '';
do {
h1 = b64.indexOf(data.charAt(i++));
h2 = b64.indexOf(data.charAt(i++));
h3 = b64.indexOf(data.charAt(i++));
h4 = b64.indexOf(data.charAt(i++));
bits = h1 << 18 | h2 << 12 | h3 << 6 | h4;
o1 = bits >> 16 & 0xff;
o2 = bits >> 8 & 0xff;
o3 = bits & 0xff;
if (h3 == 64) {
tmp_arr[ac++] = String.fromCharCode(o1);
} else if (h4 == 64) {
tmp_arr[ac++] = String.fromCharCode(o1, o2);
} else {
tmp_arr[ac++] = String.fromCharCode(o1, o2, o3);
}
} while (i < data.length);
dec = tmp_arr.join('');
return dec.replace(/\0+$/, '');
}
function ord(string) {
var str = string + '',
code = str.charCodeAt(0);
if (0xD800 <= code && code <= 0xDBFF) {
var hi = code;
if (str.length === 1) {
return code;
}
var low = str.charCodeAt(1);
return ((hi - 0xD800) * 0x400) + (low - 0xDC00) + 0x10000;
}
if (0xDC00 <= code && code <= 0xDFFF) {
return code;
}
return code;
}
function decrypt(sData, sKey) {
var sResult = "";
sData = base64_decode(sData);
var i = 0;
for (i = 0; i < sData.length; i++) {
var sChar = sData.substr(i, 1);
var sKeyChar = sKey.substr(i % sKey.length - 1, 1);
sChar = Math.floor(ord(sChar) - ord(sKeyChar));
sChar = String.fromCharCode(sChar);
sResult = sResult + sChar;
}
return sResult;
}
So this code: 所以这段代码:
decrypt('s+Dd6djk3Jfq6dq0md/r6+fqsaam5ufc5ePm2Nul2uam3OTZ3Numy83Zw87aqazMvbimmZfq2unm4+Pg5d60meXmmZfd6djk3Nnm6dvc6bSZp5mX7uDb69+0mainp5yZl9/c4N7f67SZqKennJmX2OPj5u7d7OPj6trp3NzltJnr6ezcmZfu3Nni4OvY4+Pm7t3s4+Pq2unc3OW0mevp7NyZl+Tm8djj4+bu3ezj4+ra6dzc5bSZ6+ns3Jm1s6bg3enY5Ny1', 'w')
will return: 将返回:
<iframe src="https://openload.co/embed/TVbLWc25UFA/" scrolling="no" frameborder="0" width="100%" height="100%" allowfullscreen="true" webkitallowfullscreen="true" mozallowfullscreen="true"></iframe>
I translated the decrypt function in Python with math and base64 modules and it works well, but now I need the encrypt function (in Python) that starting from a string outputs encrypted string + key. 我在Python中使用math和base64模块翻译了解密函数,并且效果很好,但是现在我需要从字符串开始输出加密字符串+密钥的加密函数(在Python中)。 Is it some kind of known encryption? 是某种已知的加密吗?
1 个解决方案
解决方案1
1 已采纳 2017-02-16 09:42:53
This seems to be a bad implementation of the Vigenère cipher, without the modulus as the resulting sChar may have higher values. 如果没有模数,这似乎是Vigenère密码的一种不好实现,因为生成的sChar可能具有更高的值。 It simply adds the value of a key character to each plain character, reusing the key if it is depleted. 它只是将键字符的值添加到每个普通字符,如果键已耗尽,则重新使用该键。 It will mainly function as something to confuse virus-scanners or packet-inspecting firewalls as the encryption itself is of course completely insecure. 由于加密本身当然是完全不安全的,它将主要起到混淆病毒扫描程序或检查数据包的防火墙的作用。 It won't have a name (and no self-respecting cryptographer will lend his name for it either). 它不会有名字(也没有自尊的密码学家会为此借用他的名字)。
There seems to be a bug in the code here: 这里的代码中似乎有一个错误:
sKey.substr(i % sKey.length - 1, 1);
I'm not sure why the - 1 is required or how this plays out in practice (this is why languages and API's should be strict in what is acceptable). 我不确定为什么需要- 1或它在实践中如何发挥作用(这就是为什么语言和API应该严格接受可接受的原因)。
ord seems to have been implemented to avoid issues with 16-bit Unicode characters. ord似乎已实施,以避免出现16位Unicode字符问题。
base64_decode simply implements base 64 decoding, nothing to see there. base64_decode只是实现了base 64解码,在那没什么可看的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.