admin 管理员组文章数量: 1184232
前言
5s盾逆向解析,参考链接
着重感谢wlb和小林哥的帮助
本文主要对以上链接的分析补充
一、流程分析
目标网站:
aHR0cHM6Ly9hZG1pbmRhc2hib2FyZC5tZXRhbGlua2VyZC5jb20vYXBpL3YxL21lbWJlcnM=
画个图,更清晰
第一个请求
流程上面都分析过了,这里记录一下自己实际逆向的流程,
首先不带cookie进去就是一个503的请求,该请求返回俩自执行函数,第一个是_cf_chl_opt,这个很重要
第二个自执行函数是一些dom元素的操作
然后拿着_cf_chl_opt中的cRay,拼接url请求下一个接口
第二个请求
这个接口返回之后唯一一段加密js,长这样
window._cf_chl_opt.uaSR =false;~function(x, w, t, h, g, f, e, d, c, b){
if(b ='replace,RVEge,prog,number,xdmKp,ODazn,FMBYS,wouLN,XSbWZ,cRrwX,dxLpd,OJpFq,hasOwnProperty,ODUko,cursor,sCURp, - ,_cf_chl_enter,AMyIl,dEgTT,zCjOc,hxiTC,szjNT,SkzCz,xfJCK,getTime,jzaDV,inncP,sGRQJ,Izubc,IvxwG,DYiSO,SmVhY,lastIndex,cf_chl_,Content-type,QRFPm,POST,cVrSh,chCAS,Please click here to continue: ,NKhUt,YBYLu,ckNxt,RdClu,JjSGs,SQQmZ,wlcVX,nGobG,XKszC,tBibs,clUuL,getUTCFullYear,hcXel,JODgR,hsGyF,no-cookie-warning,dZiTr,fHukQ,XDMsi,cFPWv,foecj,CwcMO,aGmHC,cAALT,wlxWa,ontimeout,SYPbO,cBcmF,removeEventListener,VQlue,Iohki,VjGtr,JtQkC,oaxKm,mousemove,HPNlx,TbEHX,wFqLI,IDCLk,XrpAj,LzDQH,SEfpg,slice,cPLYw,Column: ,RKxed,YRsvx,AYFKY,HtPMT,push,black,Function,WjOaF,valueOf,JSON.stringify,5|0|2|3|1|4,0|2|3|4|1,wLcJO,eOVcv,DroXX,cmXTZ,MrWAJ,gmylq,NWEDf,jhomh,ZyfbL,open,UxQhn,cf-content,treqP,3|16|8|10|15|12|14|5|4|1|13|6|0|7|9|11|2,FesCd,YwHnA,UBgUt,alert,chC,type,cRay,QhvJc,call,FLkcD,MnTGv,cpVPs,JnqJn,onclick,hCKOM,LKZvr,HBBzy,DzCvs,VfOnS,mSYUU,FdspD,cf-please-wait,EmAnM,BMgul,object,lnTAv,%2b,HcnFp,bXYiy,3|0|2|4|1,split,This browser is not supported.,parse,timeout,boolean,_cf_chl_done_ran,AMdLM,kfWMn,zyNgz,flow/ov,Clvpm,xxjLN,application/x-www-form-urlencoded,zcWFT,submit,min,jfgkd,GVhEG,wEQWu,KTnkX,bSYhh,function,navigator,zSjAE,ntvrH,ZOXnP,dOCUQ,nhono,<div class="cf-content"><p style="background-color: #de5052; border-color: #521010; color: #fff;" class="cf-alert cf-alert-error">This web property is not accessible via this address.</p></div>,pVkJW,click,apBoL,lHSRF,vZawK,OHaWl,gyrXO,cTTimeMs,WBPBi,data-translate,msg,kqtWF,expires=,voLrG,SHA256,TMaui,beacon/ov,floor,setTimeout,GYRbH,pCKLw,jHYiX,XMLHttpRequest,SGhjH,qLJiu,mLQEw,iJsSw,UGdih,_cf_chl_ctx,complete,jc-spinner-allow-5-secs,iiVWM,setTime,lOsWf,cf_chl_prog,PxgtF,iGKQX,_cf_atob,cached-challenge-warning,jlFOY,oofBv,location,nHmgR,UlOTh,hZjBT,I am human!,getUTCSeconds,CTTlh,prototype,CxUhr,WYNYh,cHash,iViXT,location-mismatch-warning,oMOrQ,null,protocol,vSnAo,ybTVb,EtwWu,DOMContentLoaded,pCstw,TCZIG,HsNTY,cozTE,1|4|3|2|0,rebzA,WHbxJ,NaYvV,interactive,Ayryc,tPnLe,0|2|4|1|3,apply,document,eqdxb,onerror,zuJgi,YckJl,VoiNr,zeALr,prQpu,charAt,Qxjpy,getUTCMonth,display,CLoiJ,pjhll,mdyIS,ZigwX,cNounce,NsXAM,RSpPQ,dJlvG,suEHk,reload,pointerover,ZMdPq,ISxfx,PXYmO,JJQZV,attachEvent,AdtWT,span,TNdve,JqQaJ,cf_chl_rc_ni,=; Max-Age=-99999999;,responseText,ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=,gZKqW,cRq,getElementById,ZssvZ,OjdLJ,elmvc,kVDGN,UpmHK,tUUWC,JZOmt,gdmwH,passive,toJSON,Line: ,vAZoJ,ZeKST,MaXrp,yuNaf,qyXqV,hostname,_cf_chl_done,JULnK,CneYc,<div class="jc-content"><p style="background-color: #de5052; border-color: #521010; color: #fff;" class="jc-alert jc-alert-error">该质询页面被意外缓存,不再可用。</p></div>,hgWOV,[object Array],QuLPh,LWlpb,send,IZiRD,ocAYq,gmCAq,innerText,FqJsf,indexOf,innerHTML,PtuQb,rKipU,PEvUU,mkCHf,wygPQ,RmIYm,jsgSm,<div class="cf-content"><p style="background-color: #de5052; border-color: #521010; color: #fff;" class="cf-alert cf-alert-error">This challenge page was accidentally cached and is no longer available.</p></div>,/0.7832973745134263:1645147211:927be1b6cbf90c0ab7c8b1c1929ab5998691f3f79f9f0a3f7374a129ab774318/,_cf_chl_opt,appendChild,substring,LbhLB,toLowerCase,mScZc,script error,URL: ,color,join,OgxoB,AVibj,xOwqR,TpnJZ,mXIvU,wyDAY,input,PJRPj,NxrWj,TaPba,htzOl,QJDcz,[[[ERROR]]]:,ipAnh,BldNm,zgbBq,THMFK,Message: ,jc-content,cookie,%E8%AF%B7%E7%82%B9%E5%87%BB%E8%BF%99%E9%87%8C%E7%BB%A7%E7%BB%AD,imKvr,GVqmi,tfGTC,console,qjNHP,TSRkO,toUTCString,RRhXk,ActiveXObject,0|1|6|4|2|5|3,readyState,zyLqB,test,atob,error code: 1020,vfwTU,VmTdS,pow,loaded,DgGrK,NZAyS,faKWc,xIkFB,zssAO,onreadystatechange,gqTaD,CF-Challenge,chmWb,RHciH,readystatechange,RlkdV,dZbMF,qOzgI,vsVqY,ruebp,stringify,TPAoN,DHOhZ,value,nXUWe,challenge-form,bUXtG,addEventListener,GkQTV,LQckD,cType,cookieEnabled,length,keydown,QHYRd,Math,createElement,getUTCDate,kCdUu,EVFBa,/cdn-cgi/challenge-platform/,fromCharCode,uPqsz,QaYyx,parseInt,JSON.parse,cvId,vsGrz,kZLJP,PbFyE,rHHfu,UvQbr,eiuVN,GRMwY,srTfC,Error object: ,setAttribute,style,wssSF,aEWuc,wMMoP,CygPg,jc-please-wait,cVzlx,MlMEk,YWtPq,toString,href,touchstart,RpkrP,PwCHh,MzDfG,JwsPo,UOHCE,sendRequest,getUTCMinutes,charCodeAt,;path=/,nCvyh,VQgmD,dWlzJ,status,JdxvN,GbSbV,JSON,getUTCHours,HsyTW,iCqlf,PknVD,zITJd,wHWhJ,VJilg,Date,xPXle,VURlA,none,cagdY,ekytz,block,XpehQ,cf-spinner-allow-5-secs,kJATM,aPeZJ,uedyM,string,xQyLl,now,dEcDw,0000,wNmqr,oGeOL,WiHPI,cLt,BvKNv,chReq,pointermove,setRequestHeader,isrcr,UDhPD,qhIRN,qBohS,<div class="jc-content"><p style="background-color: #de5052; border-color: #521010; color: #fff;" class="jc-alert jc-alert-error">该网站资源无法通过此地址访问。</p></div>,qlAps,jojto,CpKpt,$jvQ3hNwXo4aP5M6KtTZiOxyqgp9E7I0frBbkUCRneWGL1c8uHVFAmJ-z2DSs+lYd,0123456789abcdef,kwGev,Microsoft.XMLHTTP,IhCFr,alEmG'.split(','),function(a, c, d)版权声明:本文标题:cloudflare-5s盾分析_5s盾逆向流程 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.roclinux.cn/p/1774208649a3569086.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论