|
个人需求爬取一些招聘数据 发现某B直聘 网站获取某职位列表页的数据时,cookie中,必须生成 __zp_stoken__ 参数的 name value 才能正确访问到列表页
function ABC() { this['i0'] = 0x0; this['d'] = [this];}
通过调用ABC对象内的_0x2ab7('0x60')方法的 z 方法(每天都不一样) z方法的参数_0xc894dc: 访问某个链接可以获取到(服务端生成) z方法的参数_0x32478b: 时间戳
javascript ABC[_0x2ab7('0x60')]['z'] = function(_0xc894dc, _0x32478b) { var _0x1346ff = { 'UzfvS': function(_0x1de77d, _0x19cf65) { return _0x1de77d == _0x19cf65; }, 'sOKer': _0x2ab7('0x61'), 'EFaah': _0x2ab7('0x62'), 'HXECB': function(_0x10a393, _0xb190d9, _0x2f7553) { return _0x10a393(_0xb190d9, _0x2f7553); }, 'XyGFz': function(_0x2e2d1b, _0x2802ea) { return _0x2e2d1b + _0x2802ea; } }; try { if (document && _0x1346ff[_0x2ab7('0x63')](_0x1346ff[_0x2ab7('0x64')], typeof document[_0x2ab7('0x65')])) { z = _0xc894dc; t = _0x32478b; } else { z = _0x1346ff[_0x2ab7('0x66')]; } } catch (_0x53e803) { z = _0x1346ff[_0x2ab7('0x66')]; } return _0x1346ff[_0x2ab7('0x67')](zg_, this, _0x1346ff[_0x2ab7('0x68')](_0xc894dc[_0x2ab7('0x69')], 0xb)); }
最后的return 就是返回的__zp_token__生成值
javascript return _0x1346ff[_0x2ab7('0x67')](zg_, this, _0x1346ff[_0x2ab7('0x68')](_0xc894dc[_0x2ab7('0x69')], 0xb));
中间调试的过程就是各种函数调来调去,补充函数就行了,因为时间太久,细节的坑有些忘记了 b直聘的工程师应该是借鉴了sojson 站的js混淆加密方法(obfuscator),本人愚见,如有失误,请大佬斧正. 如果有最新的知识,请在评论区交流.
|
|