關於逆向webpack的模型
常見程式碼模型
有見解的一些分析
https://blog.csdn.net/sin_0119/article/details/129658679
215
最具有代表性的程式碼 含引入下面外部 webpackJson 模組 和 內部 傳入的模組
require("./webpackJson") // 這裡引入同目錄下 webpackJson.js 裡面都是功能模組函式
var jzq,
window = global;
!function(e) {
function r(r) {
for (var n, u, i = r[0], c = r[1], f = r[2], p = 0, s = []; p < i.length; p++)
u = i[p],
Object.prototype.hasOwnProperty.call(o, u) && o[u] && s.push(o[u][0]),
o[u] = 0;
for (n in c)
Object.prototype.hasOwnProperty.call(c, n) && (e[n] = c[n]);
for (l && l(r); s.length; )
s.shift()();
return a.push.apply(a, f || []),
t()
}
function t() {
for (var e, r = 0; r < a.length; r++) {
for (var t = a[r], n = !0, i = 1; i < t.length; i++) {
var c = t[i];
0 !== o[c] && (n = !1)
}
n && (a.splice(r--, 1),
e = u(u.s = t[0]))
}
return e
}
var n = {}
, o = {
1: 0
}
, a = [];
function u(r) {
if (n[r])
return n[r].exports;
var t = n[r] = {
i: r,
l: !1,
exports: {}
}
, o = !0;
try {
e[r].call(t.exports, t, t.exports, u),
o = !1
} finally {
o && delete n[r]
}
return t.l = !0,
t.exports
}
jzq = u;
u.e = function(e) {
var r = []
, t = o[e];
if (0 !== t)
if (t)
r.push(t[2]);
else {
var n = new Promise((function(r, n) {
t = o[e] = [r, n]
}
));
r.push(t[2] = n);
var a, i = document.createElement("script");
i.charset = "utf-8",
i.timeout = 120,
u.nc && i.setAttribute("nonce", u.nc),
i.src = function(e) {
return u.p + "static/chunks/" + ({}[e] || e) + "." + {
65: "171ca62a04a6be76f495",
66: "f2e18edd4b3b1ee68f7d",
67: "8fb35e19319cb3505775",
68: "aa9bfb31d6a18a5f8e5a"
}[e] + ".js"
}(e);
var c = new Error;
a = function(r) {
i.onerror = i.onload = null,
clearTimeout(f);
var t = o[e];
if (0 !== t) {
if (t) {
var n = r && ("load" === r.type ? "missing" : r.type)
, a = r && r.target && r.target.src;
c.message = "Loading chunk " + e + " failed.\n(" + n + ": " + a + ")",
c.name = "ChunkLoadError",
c.type = n,
c.request = a,
t[1](c)
}
o[e] = void 0
}
}
;
var f = setTimeout((function() {
a({
type: "timeout",
target: i
})
}
), 12e4);
i.onerror = i.onload = a,
document.head.appendChild(i)
}
return Promise.all(r)
}
,
u.m = e,
u.c = n,
u.d = function(e, r, t) {
u.o(e, r) || Object.defineProperty(e, r, {
enumerable: !0,
get: t
})
}
,
u.r = function(e) {
"undefined" !== typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, {
value: "Module"
}),
Object.defineProperty(e, "__esModule", {
value: !0
})
}
,
u.t = function(e, r) {
if (1 & r && (e = u(e)),
8 & r)
return e;
if (4 & r && "object" === typeof e && e && e.__esModule)
return e;
var t = Object.create(null);
if (u.r(t),
Object.defineProperty(t, "default", {
enumerable: !0,
value: e
}),
2 & r && "string" != typeof e)
for (var n in e)
u.d(t, n, function(r) {
return e[r]
}
.bind(null, n));
return t
}
,
u.n = function(e) {
var r = e && e.__esModule ? function() {
return e.default
}
: function() {
return e
}
;
return u.d(r, "a", r),
r
}
,
u.o = function(e, r) {
return Object.prototype.hasOwnProperty.call(e, r)
}
,
u.p = "",
u.oe = function(e) {
throw console.error(e),
e
}
;
var i = window.webpackJsonp = window.webpackJsonp || []
, c = i.push.bind(i);
i.push = r,
i = i.slice();
for (var f = 0; f < i.length; f++)
r(i[f]);
var l = c;
t()
}({
"module_001_inside":function(e,t,n){// 這三個引數分別是 module,module.exports,require 透過n("module_name") 執行 module_name 函式 並且 返回一個 在這個函式里面 透過 e.exports = xx 匯出的東西 物件 函式 或者變數 都可以 如下面 a002 就是 函式 e.exports 匯出的 可以直接執行 這裡的 e.exports === t 是 true 不能 t = xxx (xxx 無論是 函式 變數 還是 物件 都不行) 必須 t.x = x
console.log("module_001_inside")
var a002 = n("module_002_inside") // module_002_inside
a002() // module_001_inside_a002
function a001(){
console.log("module_001_inside_a001")
}
e.exports = a001;
},
"module_002_inside":function(e,t,n){
console.log("module_002_inside")
function a002(){
console.log("module_001_inside_a002")
}
e.exports = a002;
}
});
var tt = "app=CailianpressWeb&os=web&sv=7.7.5"
var obj = jzq("KjvB")
console.log(obj.sync(tt)) //461038b6359a50edfa8ff19d4b917fa12a7b3b56
jzq("module_001_inside") // module_001_inside
需要上面 引入的外部 webpackJson 模組 程式碼
var window = global
if (!window.webpackJsonp) {
window.webpackJsonp = []
}
(window.webpackJsonp = window.webpackJsonp || []).push([[4], {
"json_001": function (e, t, n) {
console.log("json_001")
},
"json_002": function (e, t, n) {
console.log("json_002")
function a(e) {
console.log("my name is " + e)
}
e.exports.sync = a
},
KjvB: function (e, t, n) {
var r = new (n("c4+4"))
, o = "undefined" !== typeof window ? window : self
, i = o.crypto || o.msCrypto || {}
, u = i.subtle || i.webkitSubtle;
function a(e) {
return r.digest(e)
}
try {
u.digest({
name: "sha-1"
}, new Uint8Array).catch((function () {
u = !1
}
))
} catch (s) {
u = !1
}
e.exports = function (e, t) {
u ? ("string" === typeof e && (e = function (e) {
for (var t = e.length, n = new Uint8Array(t), r = 0; r < t; r++)
n[r] = e.charCodeAt(r);
return n
}(e)),
u.digest({
name: "sha-1"
}, e).then((function (e) {
t(function (e) {
for (var t = e.length, n = [], r = 0; r < t; r++) {
var o = e[r];
n.push((o >>> 4).toString(16)),
n.push((15 & o).toString(16))
}
return n.join("")
}(new Uint8Array(e)))
}
), (function (n) {
t(a(e))
}
))) : setTimeout(t, 0, a(e))
}
,
e.exports.sync = a
},
"c4+4": function(e, t, n) {
var r;
"undefined" !== typeof self && self,
r = function() {
return function(e) {
var t = {};
function n(r) {
if (t[r])
return t[r].exports;
var o = t[r] = {
i: r,
l: !1,
exports: {}
};
return e[r].call(o.exports, o, o.exports, n),
o.l = !0,
o.exports
}
return n.m = e,
n.c = t,
n.d = function(e, t, r) {
n.o(e, t) || Object.defineProperty(e, t, {
configurable: !1,
enumerable: !0,
get: r
})
}
,
n.n = function(e) {
var t = e && e.__esModule ? function() {
return e.default
}
: function() {
return e
}
;
return n.d(t, "a", t),
t
}
,
n.o = function(e, t) {
return Object.prototype.hasOwnProperty.call(e, t)
}
,
n.p = "",
n(n.s = 3)
}([function(e, t, n) {
var r = n(5)
, o = n(1)
, i = o.toHex
, u = o.ceilHeapSize
, a = n(6)
, s = function(e) {
for (e += 9; e % 64 > 0; e += 1)
;
return e
}
, c = function(e, t) {
var n = new Int32Array(e,t + 320,5)
, r = new Int32Array(5)
, o = new DataView(r.buffer);
return o.setInt32(0, n[0], !1),
o.setInt32(4, n[1], !1),
o.setInt32(8, n[2], !1),
o.setInt32(12, n[3], !1),
o.setInt32(16, n[4], !1),
r
}
, f = function() {
function e(t) {
if (function(e, t) {
if (!(e instanceof t))
throw new TypeError("Cannot call a class as a function")
}(this, e),
(t = t || 65536) % 64 > 0)
throw new Error("Chunk size must be a multiple of 128 bit");
this._offset = 0,
this._maxChunkLen = t,
this._padMaxChunkLen = s(t),
this._heap = new ArrayBuffer(u(this._padMaxChunkLen + 320 + 20)),
this._h32 = new Int32Array(this._heap),
this._h8 = new Int8Array(this._heap),
this._core = new r({
Int32Array: Int32Array
},{},this._heap)
}
return e.prototype._initState = function(e, t) {
this._offset = 0;
var n = new Int32Array(e,t + 320,5);
n[0] = 1732584193,
n[1] = -271733879,
n[2] = -1732584194,
n[3] = 271733878,
n[4] = -1009589776
}
,
e.prototype._padChunk = function(e, t) {
var n = s(e)
, r = new Int32Array(this._heap,0,n >> 2);
return function(e, t) {
var n = new Uint8Array(e.buffer)
, r = t % 4
, o = t - r;
switch (r) {
case 0:
n[o + 3] = 0;
case 1:
n[o + 2] = 0;
case 2:
n[o + 1] = 0;
case 3:
n[o + 0] = 0
}
for (var i = 1 + (t >> 2); i < e.length; i++)
e[i] = 0
}(r, e),
function(e, t, n) {
e[t >> 2] |= 128 << 24 - (t % 4 << 3),
e[14 + (2 + (t >> 2) & -16)] = n / (1 << 29) | 0,
e[15 + (2 + (t >> 2) & -16)] = n << 3
}(r, e, t),
n
}
,
e.prototype._write = function(e, t, n, r) {
a(e, this._h8, this._h32, t, n, r || 0)
}
,
e.prototype._coreCall = function(e, t, n, r, o) {
var i = n;
this._write(e, t, n),
o && (i = this._padChunk(n, r)),
this._core.hash(i, this._padMaxChunkLen)
}
,
e.prototype.rawDigest = function(e) {
var t = e.byteLength || e.length || e.size || 0;
this._initState(this._heap, this._padMaxChunkLen);
var n = 0
, r = this._maxChunkLen;
for (n = 0; t > n + r; n += r)
this._coreCall(e, n, r, t, !1);
return this._coreCall(e, n, t - n, t, !0),
c(this._heap, this._padMaxChunkLen)
}
,
e.prototype.digest = function(e) {
return i(this.rawDigest(e).buffer)
}
,
e.prototype.digestFromString = function(e) {
return this.digest(e)
}
,
e.prototype.digestFromBuffer = function(e) {
return this.digest(e)
}
,
e.prototype.digestFromArrayBuffer = function(e) {
return this.digest(e)
}
,
e.prototype.resetState = function() {
return this._initState(this._heap, this._padMaxChunkLen),
this
}
,
e.prototype.append = function(e) {
var t = 0
, n = e.byteLength || e.length || e.size || 0
, r = this._offset % this._maxChunkLen
, o = void 0;
for (this._offset += n; t < n; )
o = Math.min(n - t, this._maxChunkLen - r),
this._write(e, t, o, r),
t += o,
(r += o) === this._maxChunkLen && (this._core.hash(this._maxChunkLen, this._padMaxChunkLen),
r = 0);
return this
}
,
e.prototype.getState = function() {
var e = void 0;
if (this._offset % this._maxChunkLen)
e = this._heap.slice(0);
else {
var t = new Int32Array(this._heap,this._padMaxChunkLen + 320,5);
e = t.buffer.slice(t.byteOffset, t.byteOffset + t.byteLength)
}
return {
offset: this._offset,
heap: e
}
}
,
e.prototype.setState = function(e) {
return this._offset = e.offset,
20 === e.heap.byteLength ? new Int32Array(this._heap,this._padMaxChunkLen + 320,5).set(new Int32Array(e.heap)) : this._h32.set(new Int32Array(e.heap)),
this
}
,
e.prototype.rawEnd = function() {
var e = this._offset
, t = e % this._maxChunkLen
, n = this._padChunk(t, e);
this._core.hash(n, this._padMaxChunkLen);
var r = c(this._heap, this._padMaxChunkLen);
return this._initState(this._heap, this._padMaxChunkLen),
r
}
,
e.prototype.end = function() {
return i(this.rawEnd().buffer)
}
,
e
}();
e.exports = f,
e.exports._core = r
}
, function(e, t) {
for (var n = new Array(256), r = 0; r < 256; r++)
n[r] = (r < 16 ? "0" : "") + r.toString(16);
e.exports.toHex = function(e) {
for (var t = new Uint8Array(e), r = new Array(e.byteLength), o = 0; o < r.length; o++)
r[o] = n[t[o]];
return r.join("")
}
,
e.exports.ceilHeapSize = function(e) {
var t = 0;
if (e <= 65536)
return 65536;
if (e < 16777216)
for (t = 1; t < e; t <<= 1)
;
else
for (t = 16777216; t < e; t += 16777216)
;
return t
}
,
e.exports.isDedicatedWorkerScope = function(e) {
var t = "WorkerGlobalScope"in e && e instanceof e.WorkerGlobalScope
, n = "SharedWorkerGlobalScope"in e && e instanceof e.SharedWorkerGlobalScope
, r = "ServiceWorkerGlobalScope"in e && e instanceof e.ServiceWorkerGlobalScope;
return t && !n && !r
}
}
, function(e, t, n) {這三個引數分別是 module,module.exports,require 透過n("module_name") 執行 module_name 函式 並且 返回一個 在這個函式里面 透過 e.exports = xx 匯出的東西 物件 函式 或者變數 都可以 如下面 o 就是 函式 e.exports = o 匯出的 可以直接執行
e.exports = function() {
var e = n(0)
, t = function(e, n, r, o, i) {
var u = new self.FileReader;
u.onloadend = function() {
if (u.error)
return i(u.error);
var a = u.result;
n += u.result.byteLength;
try {
e.append(a)
} catch (s) {
return void i(s)
}
n < o.size ? t(e, n, r, o, i) : i(null, e.end())
}
,
u.readAsArrayBuffer(o.slice(n, n + r))
}
, r = !0;
return self.onmessage = function(n) {
if (r) {
var o = n.data.data
, i = n.data.file
, u = n.data.id;
if ("undefined" !== typeof u && (i || o)) {
var a = n.data.blockSize || 4194304
, s = new e(a);
s.resetState();
var c = function(e, t) {
e ? self.postMessage({
id: u,
error: e.name
}) : self.postMessage({
id: u,
hash: t
})
};
o && function(e, t, n) {
try {
n(null, e.digest(t))
} catch (r) {
return n(r)
}
}(s, o, c),
i && t(s, 0, a, i, c)
}
}
}
,
function() {
r = !1
}
}
}
, function(e, t, n) {
var r = n(4)
, o = n(0)
, i = n(7)
, u = n(2)
, a = n(1).isDedicatedWorkerScope
, s = "undefined" !== typeof self && a(self);
o.disableWorkerBehaviour = s ? u() : function() {}
,
o.createWorker = function() {
var e = r(2)
, t = e.terminate;
return e.terminate = function() {
URL.revokeObjectURL(e.objectURL),
t.call(e)
}
,
e
}
,
o.createHash = i,
e.exports = o
}
, function(e, t, n) {
function r(e) {
var t = {};
function n(r) {
if (t[r])
return t[r].exports;
var o = t[r] = {
i: r,
l: !1,
exports: {}
};
return e[r].call(o.exports, o, o.exports, n),
o.l = !0,
o.exports
}
n.m = e,
n.c = t,
n.i = function(e) {
return e
}
,
n.d = function(e, t, r) {
n.o(e, t) || Object.defineProperty(e, t, {
configurable: !1,
enumerable: !0,
get: r
})
}
,
n.r = function(e) {
Object.defineProperty(e, "__esModule", {
value: !0
})
}
,
n.n = function(e) {
var t = e && e.__esModule ? function() {
return e.default
}
: function() {
return e
}
;
return n.d(t, "a", t),
t
}
,
n.o = function(e, t) {
return Object.prototype.hasOwnProperty.call(e, t)
}
,
n.p = "/",
n.oe = function(e) {
throw console.error(e),
e
}
;
var r = n(n.s = ENTRY_MODULE);
return r.default || r
}
var o = "[\\.|\\-|\\+|\\w|/|@]+"
, i = "\\((/\\*.*?\\*/)?s?.*?(" + o + ").*?\\)";
function u(e) {
return (e + "").replace(/[.?*+^$[\]\\(){}|-]/g, "\\$&")
}
function a(e, t, r) {
var a = {};
a[r] = [];
var s = t.toString()
, c = s.match(/^function\s?\(\w+,\s*\w+,\s*(\w+)\)/);
if (!c)
return a;
for (var f, p = c[1], l = new RegExp("(\\\\n|\\W)" + u(p) + i,"g"); f = l.exec(s); )
"dll-reference" !== f[3] && a[r].push(f[3]);
for (l = new RegExp("\\(" + u(p) + '\\("(dll-reference\\s(' + o + '))"\\)\\)' + i,"g"); f = l.exec(s); )
e[f[2]] || (a[r].push(f[1]),
e[f[2]] = n(f[1]).m),
a[f[2]] = a[f[2]] || [],
a[f[2]].push(f[4]);
return a
}
function s(e) {
return Object.keys(e).reduce((function(t, n) {
return t || e[n].length > 0
}
), !1)
}
e.exports = function(e, t) {
t = t || {};
var o = {
main: n.m
}
, i = t.all ? {
main: Object.keys(o)
} : function(e, t) {
for (var n = {
main: [t]
}, r = {
main: []
}, o = {
main: {}
}; s(n); )
for (var i = Object.keys(n), u = 0; u < i.length; u++) {
var c = i[u]
, f = n[c].pop();
if (o[c] = o[c] || {},
!o[c][f] && e[c][f]) {
o[c][f] = !0,
r[c] = r[c] || [],
r[c].push(f);
for (var p = a(e, e[c][f], c), l = Object.keys(p), d = 0; d < l.length; d++)
n[l[d]] = n[l[d]] || [],
n[l[d]] = n[l[d]].concat(p[l[d]])
}
}
return r
}(o, e)
, u = "";
Object.keys(i).filter((function(e) {
return "main" !== e
}
)).forEach((function(e) {
for (var t = 0; i[e][t]; )
t++;
i[e].push(t),
o[e][t] = "(function(module, exports, __webpack_require__) { module.exports = __webpack_require__; })",
u = u + "var " + e + " = (" + r.toString().replace("ENTRY_MODULE", JSON.stringify(t)) + ")({" + i[e].map((function(t) {
return JSON.stringify(t) + ": " + o[e][t].toString()
}
)).join(",") + "});\n"
}
)),
u = u + "(" + r.toString().replace("ENTRY_MODULE", JSON.stringify(e)) + ")({" + i.main.map((function(e) {
return JSON.stringify(e) + ": " + o.main[e].toString()
}
)).join(",") + "})(self);";
var c = new window.Blob([u],{
type: "text/javascript"
});
if (t.bare)
return c;
var f = (window.URL || window.webkitURL || window.mozURL || window.msURL).createObjectURL(c)
, p = new window.Worker(f);
return p.objectURL = f,
p
}
}
, function(e, t) {
e.exports = function(e, t, n) {
"use asm";
var r = new e.Int32Array(n);
function o(e, t) {
e = e | 0;
t = t | 0;
var n = 0
, o = 0
, i = 0
, u = 0
, a = 0
, s = 0
, c = 0
, f = 0
, p = 0
, l = 0
, d = 0
, h = 0
, y = 0
, v = 0;
i = r[t + 320 >> 2] | 0;
a = r[t + 324 >> 2] | 0;
c = r[t + 328 >> 2] | 0;
p = r[t + 332 >> 2] | 0;
d = r[t + 336 >> 2] | 0;
for (n = 0; (n | 0) < (e | 0); n = n + 64 | 0) {
u = i;
s = a;
f = c;
l = p;
h = d;
for (o = 0; (o | 0) < 64; o = o + 4 | 0) {
v = r[n + o >> 2] | 0;
y = ((i << 5 | i >>> 27) + (a & c | ~a & p) | 0) + ((v + d | 0) + 1518500249 | 0) | 0;
d = p;
p = c;
c = a << 30 | a >>> 2;
a = i;
i = y;
r[e + o >> 2] = v
}
for (o = e + 64 | 0; (o | 0) < (e + 80 | 0); o = o + 4 | 0) {
v = (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) << 1 | (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) >>> 31;
y = ((i << 5 | i >>> 27) + (a & c | ~a & p) | 0) + ((v + d | 0) + 1518500249 | 0) | 0;
d = p;
p = c;
c = a << 30 | a >>> 2;
a = i;
i = y;
r[o >> 2] = v
}
for (o = e + 80 | 0; (o | 0) < (e + 160 | 0); o = o + 4 | 0) {
v = (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) << 1 | (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) >>> 31;
y = ((i << 5 | i >>> 27) + (a ^ c ^ p) | 0) + ((v + d | 0) + 1859775393 | 0) | 0;
d = p;
p = c;
c = a << 30 | a >>> 2;
a = i;
i = y;
r[o >> 2] = v
}
for (o = e + 160 | 0; (o | 0) < (e + 240 | 0); o = o + 4 | 0) {
v = (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) << 1 | (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) >>> 31;
y = ((i << 5 | i >>> 27) + (a & c | a & p | c & p) | 0) + ((v + d | 0) - 1894007588 | 0) | 0;
d = p;
p = c;
c = a << 30 | a >>> 2;
a = i;
i = y;
r[o >> 2] = v
}
for (o = e + 240 | 0; (o | 0) < (e + 320 | 0); o = o + 4 | 0) {
v = (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) << 1 | (r[o - 12 >> 2] ^ r[o - 32 >> 2] ^ r[o - 56 >> 2] ^ r[o - 64 >> 2]) >>> 31;
y = ((i << 5 | i >>> 27) + (a ^ c ^ p) | 0) + ((v + d | 0) - 899497514 | 0) | 0;
d = p;
p = c;
c = a << 30 | a >>> 2;
a = i;
i = y;
r[o >> 2] = v
}
i = i + u | 0;
a = a + s | 0;
c = c + f | 0;
p = p + l | 0;
d = d + h | 0
}
r[t + 320 >> 2] = i;
r[t + 324 >> 2] = a;
r[t + 328 >> 2] = c;
r[t + 332 >> 2] = p;
r[t + 336 >> 2] = d
}
return {
hash: o
}
}
}
, function(e, t) {
var n = this
, r = void 0;
"undefined" !== typeof self && "undefined" !== typeof self.FileReaderSync && (r = new self.FileReaderSync);
var o = function(e, t, n, r, o, i) {
var u = void 0
, a = i % 4
, s = (o + a) % 4
, c = o - s;
switch (a) {
case 0:
t[i] = e[r + 3];
case 1:
t[i + 1 - (a << 1) | 0] = e[r + 2];
case 2:
t[i + 2 - (a << 1) | 0] = e[r + 1];
case 3:
t[i + 3 - (a << 1) | 0] = e[r]
}
if (!(o < s + (4 - a))) {
for (u = 4 - a; u < c; u = u + 4 | 0)
n[i + u >> 2 | 0] = e[r + u] << 24 | e[r + u + 1] << 16 | e[r + u + 2] << 8 | e[r + u + 3];
switch (s) {
case 3:
t[i + c + 1 | 0] = e[r + c + 2];
case 2:
t[i + c + 2 | 0] = e[r + c + 1];
case 1:
t[i + c + 3 | 0] = e[r + c]
}
}
};
e.exports = function(e, t, i, u, a, s) {
if ("string" === typeof e)
return function(e, t, n, r, o, i) {
var u = void 0
, a = i % 4
, s = (o + a) % 4
, c = o - s;
switch (a) {
case 0:
t[i] = e.charCodeAt(r + 3);
case 1:
t[i + 1 - (a << 1) | 0] = e.charCodeAt(r + 2);
case 2:
t[i + 2 - (a << 1) | 0] = e.charCodeAt(r + 1);
case 3:
t[i + 3 - (a << 1) | 0] = e.charCodeAt(r)
}
if (!(o < s + (4 - a))) {
for (u = 4 - a; u < c; u = u + 4 | 0)
n[i + u >> 2] = e.charCodeAt(r + u) << 24 | e.charCodeAt(r + u + 1) << 16 | e.charCodeAt(r + u + 2) << 8 | e.charCodeAt(r + u + 3);
switch (s) {
case 3:
t[i + c + 1 | 0] = e.charCodeAt(r + c + 2);
case 2:
t[i + c + 2 | 0] = e.charCodeAt(r + c + 1);
case 1:
t[i + c + 3 | 0] = e.charCodeAt(r + c)
}
}
}(e, t, i, u, a, s);
if (e instanceof Array)
return o(e, t, i, u, a, s);
if (n && n.Buffer && n.Buffer.isBuffer(e))
return o(e, t, i, u, a, s);
if (e instanceof ArrayBuffer)
return o(new Uint8Array(e), t, i, u, a, s);
if (e.buffer instanceof ArrayBuffer)
return o(new Uint8Array(e.buffer,e.byteOffset,e.byteLength), t, i, u, a, s);
if (e instanceof Blob)
return function(e, t, n, o, i, u) {
var a = void 0
, s = u % 4
, c = (i + s) % 4
, f = i - c
, p = new Uint8Array(r.readAsArrayBuffer(e.slice(o, o + i)));
switch (s) {
case 0:
t[u] = p[3];
case 1:
t[u + 1 - (s << 1) | 0] = p[2];
case 2:
t[u + 2 - (s << 1) | 0] = p[1];
case 3:
t[u + 3 - (s << 1) | 0] = p[0]
}
if (!(i < c + (4 - s))) {
for (a = 4 - s; a < f; a = a + 4 | 0)
n[u + a >> 2 | 0] = p[a] << 24 | p[a + 1] << 16 | p[a + 2] << 8 | p[a + 3];
switch (c) {
case 3:
t[u + f + 1 | 0] = p[f + 2];
case 2:
t[u + f + 2 | 0] = p[f + 1];
case 1:
t[u + f + 3 | 0] = p[f]
}
}
}(e, t, i, u, a, s);
throw new Error("Unsupported data type.")
}
}
, function(e, t, n) {
var r = function() {
function e(e, t) {
for (var n = 0; n < t.length; n++) {
var r = t[n];
r.enumerable = r.enumerable || !1,
r.configurable = !0,
"value"in r && (r.writable = !0),
Object.defineProperty(e, r.key, r)
}
}
return function(t, n, r) {
return n && e(t.prototype, n),
r && e(t, r),
t
}
}()
, o = n(0)
, i = n(1).toHex
, u = function() {
function e() {
!function(e, t) {
if (!(e instanceof t))
throw new TypeError("Cannot call a class as a function")
}(this, e),
this._rusha = new o,
this._rusha.resetState()
}
return e.prototype.update = function(e) {
return this._rusha.append(e),
this
}
,
e.prototype.digest = function(e) {
var t = this._rusha.rawEnd().buffer;
if (!e)
return t;
if ("hex" === e)
return i(t);
throw new Error("unsupported digest encoding")
}
,
r(e, [{
key: "state",
get: function() {
return this._rusha.getState()
},
set: function(e) {
this._rusha.setState(e)
}
}]),
e
}();
e.exports = function() {
return new u
}
}
])
}
,
e.exports = r()
},
}]);
常見模型程式碼 1
var _e;
!(function (t) {
var i = {};
function e(s) {
if (i[s]) return i[s].exports;
var n = (i[s] = {
exports: {},
id: s,
loaded: !1,
});
return t[s].call(n.exports, n, n.exports, e), (n.loaded = !0), n.exports;
}
_e = e;
})(
{
0:function(){
console.log("0000")
},
1:function(){
console.log("11111")
},
}
);
var res = _e(0) //0000 只有這個輸出
var res = _e(0) //這裡不輸出 因為 if (i[s]) return i[s].exports 這句話 有快取直接返回了 來不及呼叫 這個函式的程式碼
// 也就是走不到這一句 return t[s].call(n.exports, n, n.exports, e), (n.loaded = !0), n.exports;
常見模型程式碼 2
var jzq;
!function (e) {
var a = {} //存放載入器
, s = {
app: 0
}
, n = [];
function r(t) {
if (a[t])
return a[t].exports;
var i = a[t] = {
i: t,
l: !1, // 標記當前模組是否被載入
exports: {} // 匯入的模組存到空物件中
};
// 執行函式中的方法 e是接受的列表 t是呼叫下標 call方法是執行
return e[t].call(i.exports, i, i.exports, r),
i.l = !0,
i.exports
}
jzq = r;
r.m = e, // e獲取的對應引數資訊 會存放所有模組資訊
r.c = a,
r.d = function (e, t, i) {
r.o(e, t) || Object.defineProperty(e, t, {
enumerable: !0,
get: i
})
}
r.hello = function(){
console.log("hello")
}
}(
[
function () {
console.log(11111)
},
function () {
console.log(22222)
}
]
)
// [裡面的模組集合 也可以寫成如下 等價下面的模組集合]
{
0: function () {
console.log(11111)
},
1: function () {
console.log(22222)
}
}
jzq(0) // 11111
jzq(1) // 22222
jzq.hello() //hello 這裡在 載入器函式 r 上 直接寫 方法 比如上面的 r.m r.c 是變數 r.d r.hello 是函式 可以像 r.d() 這樣呼叫
var res = jzq.m // 顯示定義的模式 因為 程式碼裡面有 r.m = e, // e獲取的對應引數資訊 會存放所有模組資訊 這一行
console.log(res)
常見模型程式碼 3
require("./webpackJson") // 引入外部的 模組集合 在本檔案可以呼叫 看最下面呼叫程式碼 當然可以在本函式 實參傳入模組 同時存在
var jzq,
window = global;
!function(e) {
function r(r) {
for (var n, u, i = r[0], c = r[1], f = r[2], p = 0, s = []; p < i.length; p++)
u = i[p],
Object.prototype.hasOwnProperty.call(o, u) && o[u] && s.push(o[u][0]),
o[u] = 0;
for (n in c)
Object.prototype.hasOwnProperty.call(c, n) && (e[n] = c[n]);
for (l && l(r); s.length; )
s.shift()();
return a.push.apply(a, f || []),
t()
}
function t() {
for (var e, r = 0; r < a.length; r++) {
for (var t = a[r], n = !0, i = 1; i < t.length; i++) {
var c = t[i];
0 !== o[c] && (n = !1)
}
n && (a.splice(r--, 1),
e = u(u.s = t[0]))
}
return e
}
var n = {}
, o = {
1: 0
}
, a = [];
function u(r) {
if (n[r])
return n[r].exports;
var t = n[r] = {
i: r,
l: !1,
exports: {}
}
, o = !0;
try {
e[r].call(t.exports, t, t.exports, u),
o = !1
} finally {
o && delete n[r]
}
return t.l = !0,
t.exports
}
jzq = u;
u.n = function(e) {
var r = e && e.__esModule ? function() {
return e.default
}
: function() {
return e
}
;
return u.d(r, "a", r),
r
}
var i = window.webpackJsonp = window.webpackJsonp || []
, c = i.push.bind(i);
i.push = r,
i = i.slice();
for (var f = 0; f < i.length; f++)
r(i[f]);
var l = c;
t()
}([
function(e, r, t) {
console.log(11111)
},
function(e, r, t) {
console.log(22222)
}
]);//這裡傳入的模組 和 頂部 require("./webpackJson") 的 模組都可以引用
jzq("json_001") webpackJson 外部檔案裡面的 模組
jzq("json_002") webpackJson 外部檔案裡面的 模組
jzq(0) 本函式里面的 傳入的模組
jzq(1) 本函式里面的 傳入的模組
常見演算法和編碼型別
base64編碼
base64常見特徵
Base64演算法的主要特點如下
1. 可列印性:Base64編碼後的字串只包含可列印的ASCII字元,這使得它可以在文字協議中傳輸,例如在電子郵件中嵌入二進位制資料。
2. 字符集:Base64演算法使用64個字元作為編碼字符集。這些字元包括大小寫字母(A-Z, a-z)、數字(0-9),以及兩個特殊字元(+ 和 /)。
3. 固定長度:Base64編碼後的字串長度是原始資料長度的約4/3倍,如果原始資料長度不是3的倍數,則會進行填充。
4. 可逆性:Base64編碼是可逆的,也就是說,可以將Base64編碼的字串解碼回原始的二進位制資料
常見轉換方法
js中
window.btoa('123') // 編碼
window.atob('MTIz') // 解碼
nodejs中
// var a = "123"
// b = new Buffer(a).toString("base64"); 新版本棄用了 會出提示
// console.log(b)
// 編碼
const a = "123";
const b = Buffer.from(a, "utf-8").toString("base64");
console.log(b);
// 解碼
const c = Buffer.from(b, "base64").toString("utf-8");
console.log(c);
Hash 演算法
特點
1. 固定長度:無論輸入資料的長度如何,雜湊演算法都會生成固定長度的雜湊值。這使得雜湊演算法適用於需要固定長度資料的應用場景。
2. 不可逆性:雜湊演算法是一種單向函式,即從雜湊值無法推匯出原始輸入資料。這意味著無法透過雜湊值恢復出原始資料,從而保護了資料的安全性。
3. 高效性:雜湊演算法通常具有高速計算的特點,能夠在短時間內對大量資料進行雜湊計算。
4. 唯一性:不同的輸入資料很難生成相同的雜湊值,保證了雜湊值的唯一性。即使輸入資料的微小變化,也會導致生成的雜湊值發生顯著變化
常見的雜湊演算法包括MD5、SHA-1、SHA-256等
MD5資訊摘要演算法(英語:MD5 Message-Digest Algorithm)
Js實現
npm install crypto-js --save // --save 新增到package.json中dependencies物件中 以便重灌專案時會安裝
var CryptoJS = require('crypto-js')
var text = "123456"
md5Text = CryptoJS.MD5(text).toString()
console.log(md5Text)
//輸出: e10adc3949ba59abbe56e057f20f883e
python實現
import hashlib
def md5():
md5 = hashlib.md5()
md5.update('123456'.encode('utf-8'))
print(md5.hexdigest())
if __name__ == '__main__':
md5() # e10adc3949ba59abbe56e057f20f883e
SHA(Secure Hash Algorithm)是一系列密碼學雜湊函式的縮寫
特點
- 不可逆性:SHA演算法將輸入資料對映為固定長度的雜湊值,但無法從雜湊值還原出原始資料。
- 唯一性:不同的輸入資料很難生成相同的雜湊值,保證了雜湊值的唯一性。
- 雜湊性:輸入資料的微小變化會導致雜湊值的顯著變化,即使輸入資料的長度非常大。
常見Sha演算法長度
以加密123456為例 sha系列加密位數:
"SHA1": "7c4a8d09ca3762af61e59520943dc26494f8941b", # 40位
"SHA256":"8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92" # 64位
"SHA512":"ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413" # 128位
"SHA3-512":"808d63ba47fcef6a7c52ec47cb63eb1b747a9d527a77385fc05c8a5ce8007586265d003b4130f6b0c8f3bb2ad89965a5da07289ba5d1e35321e160bea4f766f8" # 128位
"SHA3-384":"b306d3569477576ab9c8a9d69b514df7acc89f4617d98af67fd04530b9937241a8a94f25ab5d114192c82cfedc2ce545" #96位
"SHA3-256":"c888c9ce9e098d5864d3ded6ebcc140a12142263bace3a23a36f9905f12bd64a" # 64位
"SHA3-224":"0811eedf8207e4d497dc45ba964d58ada516bfea1e72efb8721efca8" # 56位
Js實現
// 引用 crypto-js 加密模組
var CryptoJS = require('crypto-js')
function SHA1Encrypt(text) {
return CryptoJS.SHA1(text).toString();
}
var text = "123456"
console.log(SHA1Encrypt(text))
Python實現
import hashlib
def sha1test(t):
sha1 = hashlib.sha1()
sha1.update(t.encode('utf-8'))
return sha1.hexdigest()
if __name__ == '__main__':
res = sha1test("123456")
print(res)
HMAC(Hash-based Message Authentication Code)是一種基於雜湊函式的訊息認證碼演算法
HMAC演算法的主要特點包括:
1. 金鑰:HMAC演算法使用一個金鑰來增加資料的安全性。金鑰只有傳送方和接收方知道,用於生成和驗證認證碼。
2. 雜湊函式:HMAC演算法使用一個雜湊函式,如SHA-256或SHA-512,來將金鑰和資料進行處理。雜湊函式的選擇取決於所需的安全級別和效能要求。
3. 資料完整性:HMAC演算法透過生成認證碼來驗證資料的完整性。如果資料在傳輸過程中被修改或篡改,接收方計算生成的認證碼將與接收到的認證碼不匹配,從而發現資料的篡改.
4. 身份驗證:HMAC演算法可以用於驗證資料的傳送方身份。由於只有傳送方和接收方知道金鑰,接收方可以使用相同的金鑰和雜湊函式對接收到的資料進行處理,並與傳送方提供的認證碼進行比較,從而驗證傳送方的身份
Js實現
var CryptoJS = require('crypto-js')
function HMACEncrypt() {
var text = "123456"
var key = "xxxxxxxxx" // 金鑰檔案
return CryptoJS.HmacMD5(text, key).toString();
// return CryptoJS.HmacSHA1(text, key).toString();
// return CryptoJS.HmacSHA256(text, key).toString();
}
console.log(HMACEncrypt())
Python實現
import hmac
def hmac_1():
message = 'text'.encode()
key = b'secret'
md5 = hmac.new(key, message, digestmod='MD5')
print(md5.hexdigest())
def hmac_2():
key = 'secret'.encode('utf8')
sha1 = hmac.new(key, digestmod='sha1')
sha1.update('I love '.encode('utf8'))
sha1.update('Python!'.encode('utf8'))
print(sha1.hexdigest())
if __name__ == '__main__':
hmac_1()
hmac_2()
對稱加密演算法(對稱加密演算法包括DES AES 3DES 等)
DES(Data Encryp 對稱加密演算法,由IBM研發並於1977年被美國國家標準局
Js實現
const CryptoJS = require('crypto-js')
var key = CryptoJS.enc.Utf8.parse('dsa213d'),
iv = CryptoJS.enc.Utf8.parse('dsads23d'),
text = CryptoJS.enc.Utf8.parse('text'),
encrypted = CryptoJS.DES.encrypt(text, key,
{
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
}
).toString();
console.log(encrypted)
// nNGZ4YRQbSU=
AES演算法 AES(Advanced Encryption Standard)是一種對稱加密演算法,被廣泛用於保護敏感資料的機密性。它是目前最常用的加密演算法之一
Js實現
const CryptoJS = require('crypto-js')
var key = CryptoJS.enc.Utf8.parse('dsa213d'),
iv = CryptoJS.enc.Utf8.parse('dsads23d'),
text = CryptoJS.enc.Utf8.parse('text'),
encrypted = CryptoJS.AES.encrypt(text, key,
{
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
}
).toString();
console.log(encrypted)
// cvzvbPXffZbVIqRKKfxAVQ==
非對稱加密演算法 RSA
非對稱加密演算法的主要特點包括:
1.金鑰對:非對稱加密演算法使用金鑰對,包括公鑰和私鑰。公鑰可以公開,任何人都可以使用公鑰進行加密操作。私鑰是保密的,只有金鑰的擁有者可以使用私鑰進行解密操作。
2.加密和解密:使用公鑰對資料進行加密,只有對應的私鑰才能解密加密後的資料。這種加密和解密的過程是互逆的,即使用公鑰加密的資料只能使用私鑰解密,使用私鑰加密的資料只能使用公鑰解密
3.安全性:非對稱加密演算法的安全性基於數學問題的難解性。目前沒有已知的高效演算法可以在合理的時間內破解非對稱加密演算法,只有擁有私鑰的人才能解密加密的資料.
4.加密後的密文每次都不一樣。
5.要想解密只能用私鑰,私鑰是服務端自己保留並不公開,所以如果被人抓包拿到密文也無法解密。
6.由於演算法比對稱加密更復雜,所以速度也比對稱加密慢,但安全性更高
如何生成一對金鑰對
1.在dos視窗中
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
openssl rsa -pubout -in private_key.pem -out public_key.pem
2.注意
public_key 為公鑰 加密用
private_key 為私鑰 解密用
Js實現1
npm install jsencrypt --save
window = global;
const JSEncrypt = require('jsencrypt');
var encrypt = new JSEncrypt();
const publicKey = '-----BEGIN PUBLIC KEY-----MIIBAB-----END PUBLIC KEY-----'; // 公鑰
const privateKey = '-----BEGIN PRIVATE KEY-----MIIEvwIBADAPxRMw+Cw==-----END PRIVATE KEY-----'; // 私鑰
// 使用公鑰進行加密
function encryptMessage(message, publicKey) {
encrypt.setPublicKey(publicKey);
var encrypted = encrypt.encrypt(data);
return encrypted;
};
// 使用私鑰進行解密
function decryotMessage(encrypted,privateKey){
encrypt.setPrivateKey(privateKey);
var decrypted = encrypt.decrypt(encrypted);
return decrypted;
};
var data = 'Hello';
var encrypted = encryptMessage(data,publicKey);
console.log('加密後的密文:', encrypted);
var decrypted = decryotMessage(encrypted,privateKey);
console.log('解密後的明文:', decrypted);
Js實現2
npm install node-forge --save
const forge = require('node-forge');
// 使用公鑰進行加密
function encryptMessage(message, publicKeyPem) {
const publicKey = forge.pki.publicKeyFromPem(publicKeyPem);
const encrypted = publicKey.encrypt(message, 'RSA-OAEP'); // RSA-OAEP 公鑰加密演算法
const encryptedBase64 = forge.util.encode64(encrypted);
return encryptedBase64;
}
// 使用私鑰進行解密
function decryptMessage(encryptedBase64, privateKeyPem) {
const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
const encrypted = forge.util.decode64(encryptedBase64);
const decrypted = privateKey.decrypt(encrypted, 'RSA-OAEP');
return decrypted;
}
const publicKeyPem = '-----BEGIN PUBLIC KEY-----MIIIDAQAB-----END PUBLIC KEY-----'; // 公鑰
const privateKeyPem = '-----BEGIN PRIVATE KEY-----MIIEvPxRMw+Cw==-----END PRIVATE KEY-----'; // 私鑰
const message = 'abc';
console.log('原始訊息:', message);
const encrypted = encryptMessage(message, publicKeyPem);
console.log('加密後的密文:', encrypted);
const decrypted = decryptMessage(encrypted, privateKeyPem);
console.log('解密後的明文:', decrypted);
SM 國密演算法
常見國米演算法:
SM2非對稱(基於橢圓曲線 ECC)加密演算法 用於資料加密 ECC 橢圓曲線密碼機制 256 位,相比 RSA 處理速度快,消耗更少
SM3雜湊(hash)函式演算法 用於完整性校驗 安全性及效率與 SHA-256 相當,壓縮函式更復雜
SM4對稱(分組)加密演算法 用於資料加密和區域網產品 分組長度、金鑰長度均為 128 位元,計算輪數多
SM2是非對稱 替代RSA
SM3 是雜湊演算法 替代雜湊
SM4是對稱 替代AES
SM2
Js實現
npm install sm-crypto --save
// 引入sm-crypto庫
const sm = require('sm-crypto').sm2;
// 待加密的明文資料
const plaintext = 'babababababababababa';
// 生成金鑰對
const keypair = sm.generateKeyPairHex();
// 獲取公鑰和私鑰
const publicKey = keypair.publicKey;
const privateKey = keypair.privateKey;
// 加密
const ciphertext = sm.doEncrypt(plaintext, publicKey);
console.log('加密後的密文:', ciphertext);
// 解密
const decryptedText = sm.doDecrypt(ciphertext, privateKey);
console.log('解密後的明文:', decryptedText);
SM3
Js實現
const sm3 = require('sm-crypto').sm3;
var data = "333333333333333333"
var res = sm3(data)
console.log(res)
console.log(res.length)
SM4
JS實現
無config配置
const sm4 = require('sm-crypto').sm4;
const key = '0123456789abcdef0123456789abcdef';
var data = '444444444safdsafdsafdsafs4dsadsada44444';
const ciphertext = sm4.encrypt(data,key)
console.log('加密:',ciphertext)
const decryptedText = sm4.decrypt(ciphertext,key)
console.log('解密:',decryptedText)
有config配置
// npm install gm-crypt
function SM4(config, text) {
const sm4 = require("gm-crypt").sm4;
i = new sm4(config).encrypt(text);
return i
}
config = {
"key": "a85ec9f77459825e",
"mode": "ecb",
"cipherType": "base64"
}
console.log(SM4(config, '1234567'))
常見hook大法
JSON 相關
JSON程式碼
(function() {
var parse_ = JSON.parse;
JSON.parse = function(arg) {
console.log("您猜怎麼著?斷住了! ——> ",arg);
debugger;
return parse_(arg); // 不改變原來的執行邏輯
}})();
(function() {
var stringify_ = JSON.stringify;
JSON.stringify = function(arg) {
console.log("您猜怎麼著?斷住了! ——> ",arg);
debugger;
return stringify(arg); // 不改變原來的執行邏輯
}})();
XHR 相關
XHR程式碼
(function () {
var open = window.XMLHttpRequest.prototype.open;
window.XMLHttpRequest.prototype.open = function (method, url, async) {
if (url.indexOf("引數名稱") != -1) {
debugger;
}
return open.apply(this, arguments);
};
})();
(function (){
var sh = window.XMLHttpRequest.prototype.setRequestHeader;
window.XMLHttpRequest.prototype.setRequestHeader=function(key,value){
if(key == 'header的引數key'){
debugger;
}
return sh.apply(this,arguments);
};
})();
Cookie 相關
cookie 程式碼
(function () {
var cookieTemp = '';
Object.defineProperty(document, 'cookie', {
set: function (val) {
if (val.indexOf('v') != -1) {
debugger;
}
console.log('Hook捕獲到cookie設定->', val);
cookieTemp = val;
return val;
},
get: function () {
return cookieTemp;
},
});
})();
方法置空
點選檢視程式碼
function deg(){
debugger;
}
//debugger的方法deg 直接控制檯輸入
deg = function(){}
setInterval = function(){} //置空