选哪儿字体加密破解 |
您所在的位置:网站首页 › 怎么破解网址充值 › 选哪儿字体加密破解 |
选哪儿字体加密破解
大致分析:常见的字体加密解决方案就是通过 下载字体进行关系映射 还原数据。 采集网址 https://www.xuanzhi.com/ (园区|土地|厂房|仓库)思路和方法都通用。 1.访问土地模块网址 https://www.xuanzhi.com/tudi/page1 简单分析发现就是一个get请求,page1,page2进行翻页,获取数据。 但是当我们看到源码的时候,发现一些金额,面积 等数字类型都对应不上,而且是很明显的字体加密情况。 2.抓包分析两个二级链接: 940223 : https://www.xuanzhi.com/tudi/detail/940223 942162: https://www.xuanzhi.com/tudi/detail/942162 看到两个土地100,分别对应的是 “金美美” ,“宁货货” 。 这难道网站是两套或多套字体吗? 3.在font查看两次字体文件链接,或直接在源码中找加载字体链接,发现字体链接不是一个. https://img2.xuanzhi.com/static/new/fonts/0cba0be20bebc039/font.woff?2021041902 https://img2.xuanzhi.com/static/new/fonts/d2c26d9305f12deb/font.woff?2021041902
直接把字体放到上面的字体文库中,查找对应关系。 4.接着按正常的分析思维,我们获取字体文件,到百度文字库映射一下。 百度字体编辑器网址(已失效):http://fontstore.baidu.com/static/editor/index.html github字体编辑器网址 : https://kekee000.github.io/fonteditor/ 5. 未查看出对应关系,只能将font字体文件转化成xml,分析下 ,看是不是进行了魔改或者其他操作。 def get_font(font_url): response = requests.get(font_url, verify=False) with open('font.woff', 'wb')as f: f.write(response.content) movie_font = TTFont('font.woff') movie_font.saveXML('font.xml') if __name__ == '__main__': get_font('https://img2.xuanzhi.com/static/new/fonts/0cba0be20bebc039/font.woff?2021041902')查看到很多 6.我们把 https://www.xuanzhi.com/tudi/detail/940223 中 “金美美” ,转成unicode编码尝试下。 金 - —> \u91d1 我们发现 这不是就对应的1吗? 思路理清后我们编写代码: def font_decrypt(xmlFile, Str): with open(xmlFile, 'r')as f: xml = f.read() res = '' for unicode in Str: if unicode in ('.', '-', ' '): res += unicode code = unicode.encode("unicode_escape").decode().replace("\\u", "0x") result = re.findall(f'map code="{code}" name="(.*?)"', xml, re.S) if result: res += str(result[0].replace("*#", "")) return res.replace("*", "0") if __name__ == '__main__': print(font_decrypt('font.xml',"金美美")) #100将文件传进去,以及要解密的字符串。 7.直接撸代码: import re import requests from lxml import etree from fontTools.ttLib import TTFont from requests import RequestException class XnrLand: def __init__(self): self.url = 'https://www.xuanzhi.com/tudi/page%d' self.headers = { 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'sec-ch-ua': '"Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"', 'sec-ch-ua-mobile': '?0', 'Upgrade-Insecure-Requests': '1', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4484.7 Safari/537.36', 'Accept': 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'Sec-Fetch-Site': 'cross-site', 'Sec-Fetch-Mode': 'no-cors', 'Sec-Fetch-User': '?1', 'Sec-Fetch-Dest': 'image', 'Accept-Language': 'zh-CN,zh;q=0.9', 'authority': 'fe-resource.cdn.bcebos.com', 'accept': '*/*', 'sec-fetch-dest': 'script', 'referer': 'https://www.xuanzhi.com/', 'accept-language': 'zh-CN,zh;q=0.9', 'origin': 'https://www.xuanzhi.com', 'X-Requested-With': 'XMLHttpRequest', 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8', 'Origin': 'https://www.xuanzhi.com', 'Content-Length': '0', 'Sec-WebSocket-Key': '5fJ48aBllkMKAz+Pw899Yg==', 'Upgrade': 'websocket', 'Sec-WebSocket-Extensions': 'permessage-deflate; client_max_window_bits', 'Sec-WebSocket-Version': '13', } @staticmethod def font_decrypt(xmlFile, Str): with open(xmlFile, 'r')as f: xml = f.read() res = '' for unicode in Str: if unicode in ('.', '-', ' '): res += unicode code = unicode.encode("unicode_escape").decode().replace("\\u", "0x") result = re.findall(f'map code="{code}" name="(.*?)"', xml, re.S) if result: res += str(result[0].replace("*#", "")) return res.replace("*", "0") @staticmethod def get_font(font_url): response = requests.get(font_url, verify=False) with open('font.woff', 'wb')as f: f.write(response.content) movie_font = TTFont('font.woff') movie_font.saveXML('font.xml') def requestHtml(self, url): for _ in range(5): try: res = requests.get( url=url, headers=self.headers, proxies=None, verify=False, timeout=10 ) # print("状态:",res.status_code) except RequestException: #todo 未处理 # time.sleep(random.randint(1, 3)) continue else: if res.status_code == 200: return res.text def parsePark(self, html): html = etree.HTML(html) url = html.xpath('//p[@class="product-tit"]/a/@href') for link in url: resp = self.requestHtml(link) if not resp: continue font = re.findall(r"/.*url\('(.*?)'\) format\('woff'\)", resp, re.S) if font: title, codeNumber, price = '','','' self.get_font(font[0]) data = etree.HTML(resp) headline = data.xpath('//h1[@class="title"]/text()') if headline: title = headline[0] codeNum = data.xpath('//p[@class="code-text"]/text()') if codeNum: codeNumber = codeNum[0] price_first = data.xpath('//div[@class="money"]/span[@class="xn-cf"]/text()') if price_first: price = self.font_decrypt('font.xml', price_first[0]) print(title, codeNumber, price) def main(self): for page in range(1, 30): print(f"正在{page}页采集完成") url = self.url % (page) html = self.requestHtml(url) self.parsePark(html) print(f"第{page}页采集完成") if __name__ == '__main__': spider = XnrLand() try: spider.main() except TimeoutError: raise ValueError |
今日新闻 |
推荐新闻 |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |