JD-encrypt8还原

JJD-encrypt8还原

image-20211027173020258

“jd.com/bypass”

https://github.com/znlkws/jdddd/blob/d1661ce67bdb510194441d05f813eddae914cdb0/ZooFaker_Necklace.js

image-20211027173232240

image-20211027173201073

appname 50082

appname 50089

image-20211027173345998

50082返回的joytoken解密:

1
2
3
4
5
6
7
8
9
{
  jjt: 't',
  expire: 1635327431693,
  outtime: 2,
  time_correction: true,
  encrypt_id: '1,6,5,1',
  q: -14306,
  cf_v: '02'
}

50089返回的joytoken解密

1
2
3
4
5
6
7
8
9
{
  jjt: 't',
  expire: 1635314068228,
  outtime: 2,
  time_correction: true,
  encrypt_id: '1,6,8,2',
  q: -13250317,
  cf_v: '01'
}

encrypt_id[2]对应不同的加密方法,而网上的代码中并不包含最新的加密方法。

image-20211027174335810

image-20211027174518242

image-20211027174551777

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
function encrypt8(e, t) {
    var a = {
        WDpLK: function (e, t) {
            return e in t
        }
    };
    a["ygMZG"] = "callPhantom",
        a.WAnQO = "phantom",
        a["wFHzi"] = "_phantom",
        a["UKAna"] = function (e, t) {
            return e + t
        }
        ,
        a["ZCnCd"] = function (e, t) {
            return e - t
        }
        ,
        a["pkCGb"] = function (e, t) {
            return e < t
        }
        ,
        a["FBcra"] = function (e, t) {
            return e === t
        }
        ,
        a.QIolG = "hndFy";
    var o = a;
    try {
        for (var i, s = t["toString"](), c = s["substr"](0, 1), u = s["substr"](1) + c, l = e.substr(-1), d = o["UKAna"](l, e["substr"](0, o["ZCnCd"](e["length"], 1)))["split"]("")["reverse"]()["join"](""), p = s["slice"](-3), f = ""["concat"](d)["concat"](p), m = [], h = 0; o["pkCGb"](h, u["length"]); h++)
            o["FBcra"](o.QIolG, o["QIolG"]) && (i = (u["charCodeAt"](h) ^ f["charCodeAt"](h)).toString(16),
                m["push"](i));
        return m["join"]("")
    } catch (e) {
        console.log(e)
        return null
    }
}

image-20211027174758824