解密payload

e2d4b169 · wang · 6c8b96a6 · e2d4b169 · e2d4b169 · e2d4b169
Commit e2d4b169 authored Nov 03, 2023 by wang
Show whitespace changes
Inline Side-by-side

Showing with 6053 additions and 49 deletions

index.html index.html +6034 -32

main.py main.py +12 -12

step2.js step2.js +3 -3

test_url.py test_url.py +4 -2

No files found.
--- a/index.html
+++ b/index.html
--- a/main.py
+++ b/main.py
@@ -53,12 +53,12 @@ class PxBypass():
    # }
    prox = 'http://b6b6b6b6-zone-custom-region-us-session-130oj36t4-sessTime-5:bpoMDFG5oD@na.ipidea.io:2333'

-    # prox = 'http://user-uni001-region-us-sessid-1111-sesstime-5-keep-true:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600'
-    # prox = 'http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:9000'
-    # session.proxies = {
-    #     'http': prox,
-    #     'https': prox,
-    # }
+    prox = 'http://user-uni001-region-us-sessid-1111-sesstime-5-keep-true:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600'
+    prox = 'http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:9000'
+    session.proxies = {
+        'http': prox,
+        'https': prox,
+    }
    tag = "v8.7.2"
    ft = "317"
    def __init__(self, target_url):
@@ -290,7 +290,7 @@ class PxBypass():
                    })
        self.log.info(f'cookies1 {self.session.cookies.keys()}')
        self.m = m
-        self.log.info(self.m)
+        

    def encrypt(self, data, param):
        n = bytearray()
@@ -337,7 +337,7 @@ class PxBypass():
            f.write(response.text)

    def _step_2(self, nn):
-        self.log.info(self.m)
+        
        self.log.info(self.uuid)
        # sid, vid,ts, num1 ,num2,str1,  uuid
        data_str = ctxStep2.call('genPayload2', self.sid, self.vid, self.ts, self.num1, self.num2, self.str1, self.uuid, nn)
@@ -418,7 +418,7 @@ class PxBypass():
                    })
        self.log.info(f'cookies2 {self.session.cookies.get_dict()}')
        # self.m = m
-        self.log.info(self.m)
+        

    def _decode_resp(self):
        a = int(self.tag.replace('v','').replace('.',''))
@@ -529,7 +529,7 @@ class PxBypass():
                    })
        self.log.info(f'cookies1 {self.session.cookies.keys()}')
        self.m = m
-        self.log.info(self.m)
+        

    def update_sid_vid(self, data: dict):
        if self.vid != "":
@@ -547,7 +547,7 @@ class PxBypass():
        return data

    def _step_3(self):
-        self.log.info(self.m)
+        
        self.log.info(self.uuid)
        # sid, vid,ts, num1 ,num2,str1,  uuid
        data_str = ctxStep2.call('genPayload3', self.sid, self.vid, self.ts, self.num1, self.num2, self.str1, self.uuid)
@@ -630,7 +630,7 @@ class PxBypass():
                    })
        self.log.info(f'cookies2 {self.session.cookies.get_dict()}')
        # self.m = m
-        self.log.info(self.m)
+        


 if __name__ == '__main__':

--- a/step2.js
+++ b/step2.js
@@ -510,11 +510,11 @@ function genPayload3(sid, vid, ts, num1, num2, str1, uuid) {
    let data = [{
        "t": "PX12123",
        "d": {
-            "PX12108": 539,
-            "PX12414": 22,
+            "PX12108": randomInt(539, 789),
+            "PX12414": randomInt(100,300),
            "PX11984": "TypeError: Cannot read properties of null (reading '0')\n    at de (https://client.px-cloud.net/PXVb73hTEg/main.min.js:796:13)\n    at HTMLBodyElement.Gc (https://client.px-cloud.net/PXVb73hTEg/main.min.js:3104:83)\n    at Ds (https://client.px-cloud.net/PXVb73hTEg/main.min.js:4055:20)\n    at Object.2m6o (https://client.px-cloud.net/PXVb73hTEg/main.min.js:3877:22)\n    at Sp (https://client.px-cloud.net/PXVb73hTEg/main.min.js:5739:51)",
            "PX12303": "mouseover",
-            "PX11699": 1112964,
+            "PX11699": randomInt(1112964, 2221945),
            "PX11987": "true",
            "PX12461": true,
            "PX11652": "#header>DIV:nth-child(1)>DIV:nth-child(3)>DIV:nth-child(1)>DIV:nth-child(1)>DIV:nth-child(1)",

--- a/test_url.py
+++ b/test_url.py
@@ -34,7 +34,7 @@ headers = {
    "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
 }

-headers['cookie'] =  '_ga_P2WLKWBNNW=GS1.1.1698977913.2.0.1698977936.37.0.0; _ga_XXXX=GS1.1.1698977913.2.0.1698977936.0.0.0; _gcl_au=1.1.351693116.1698977973; _pxvid=6dd9f7bc-79ef-11ee-8857-2304304e081e; pxcts=6dda052e-79ef-11ee-8857-1bebea5b07ba; wisepops_visits=%5B%222023-11-03T02%3A19%3A32.551Z%22%5D; _uetsid=7f652d2079ef11eeb01d4549606e029f; _uetvid=7f6552b079ef11ee9d52b37b3199cbff; _up=1.2.1919688123.1698978004; _fbp=fb.1.1698978007029.1335052028; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%22429858%22%3A%7B%22dc%22%3A1%2C%22d%22%3A1698978012485%7D%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A5%2C%22cid%22%3A%2278471%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_session=%7B%22arrivalOnSite%22%3A%222023-11-03T02%3A19%3A32.551Z%22%2C%22mtime%22%3A1698978012485%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%22429858%22%3A0%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D; _px2=eyJ1IjoiYjhhMzk2NzAtNzg2Ni0xMWVlLTk2NTUtNjNhNGYwNWNkNWQxIiwidiI6IjZkZDlmN2JjLTc5ZWYtMTFlZS04ODU3LTIzMDQzMDRlMDgxZSIsInQiOjE2OTg5Nzg0ODEzMTIsImgiOiI0MzMxMWMzYjgzM2E5ZjAxYzM5ZjE3MzY4ZjM5OWMwMDk4OTEwYmYyY2JhYmE5NGUyNmM2NTgxNWNhZGY0MDE1In0='
+# headers['cookie'] =  '_ga_P2WLKWBNNW=GS1.1.1698977913.2.0.1698977936.37.0.0; _ga_XXXX=GS1.1.1698977913.2.0.1698977936.0.0.0; _gcl_au=1.1.351693116.1698977973; _pxvid=6dd9f7bc-79ef-11ee-8857-2304304e081e; pxcts=6dda052e-79ef-11ee-8857-1bebea5b07ba; wisepops_visits=%5B%222023-11-03T02%3A19%3A32.551Z%22%5D; _uetsid=7f652d2079ef11eeb01d4549606e029f; _uetvid=7f6552b079ef11ee9d52b37b3199cbff; _up=1.2.1919688123.1698978004; _fbp=fb.1.1698978007029.1335052028; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%22429858%22%3A%7B%22dc%22%3A1%2C%22d%22%3A1698978012485%7D%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A5%2C%22cid%22%3A%2278471%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_session=%7B%22arrivalOnSite%22%3A%222023-11-03T02%3A19%3A32.551Z%22%2C%22mtime%22%3A1698978012485%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%22429858%22%3A0%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D; _px2=eyJ1IjoiYjhhMzk2NzAtNzg2Ni0xMWVlLTk2NTUtNjNhNGYwNWNkNWQxIiwidiI6IjZkZDlmN2JjLTc5ZWYtMTFlZS04ODU3LTIzMDQzMDRlMDgxZSIsInQiOjE2OTg5Nzg0ODEzMTIsImgiOiI0MzMxMWMzYjgzM2E5ZjAxYzM5ZjE3MzY4ZjM5OWMwMDk4OTEwYmYyY2JhYmE5NGUyNmM2NTgxNWNhZGY0MDE1In0='

 # cks = {'_px2': 'eyJ1IjoiOTY0ODdjMzAtNzk4OC0xMWVlLTgxYTktMjUyZjY0MDdjMTYxIiwidiI6Ijk3NmYxYzBlLTc5ODgtMTFlZS1iODYwLTAyNTVmY2JmZTU2MCIsInQiOjYyMDIzMzg4MDAwNCwiaCI6ImViY2U4ZmQ2ZjA3ZGIxNTkxY2YzMmI0MTg3OTcwZWI5NGY5ZDZkN2I2YjY4NGUxZjJiMjE2MGZlZjQxYWI0MzQifQ==', '_pxvid': '976f1c0e-7988-11ee-b860-0255fcbfe560', 'pxcts': '976f338c-7988-11ee-b860-865043e6e7b4'}

@@ -56,7 +56,9 @@ params = {
    "adt": "1"
 }
 # , cookies=cks
-response = session.get(url, headers=headers, params=params, allow_redirects=True)
+response = session.get(url, headers=headers, params=params,
+                       cookies={'__RequestVerificationToken': 'PhsXGkyJi4Uege5uErQ7F8QZeWzsSmELTM6jOaOPAEpIwG_w651K9ZVOvlNiX2Dc3Qxyildo_iCg4URqif0bbJo65r0ImPT8LfUA92tzrAHzswxGHdkDZNFdc_70icHqkEG8Qg2', '_pxhd': 'cbe3a0bf1eaf50dea84c4bf4003144fb6df6c5da4551f945b15610882feefdad:b47bf169-7a2f-11ee-868b-c890d1f5562c', '_pxvid': 'b47bf169-7a2f-11ee-868b-c890d1f5562c', 'pxcts': 'b708c54b-7a2f-11ee-802f-e979c5f30e68', '_px2': 'eyJ1IjoiYjY1Nzk5ZjAtN2EyZi0xMWVlLWE4MWItY2ZmMGUzODk2MzE5IiwidiI6ImI0N2JmMTY5LTdhMmYtMTFlZS04NjhiLWM4OTBkMWY1NTYyYyIsInQiOjYyMDIzMzg4MDAwNCwiaCI6IjIxMmM0ZjA5ODdiMzQ0YzJhMzcxMWJlMDNmNDBiNTcwNmMxNzMwOTUxOGEyMzg2MGI0NjczYjQ0YTAzNmE5ZGIifQ=='}
+, allow_redirects=False)

 print(response.text)
 print(response.url)