From cfde3662344f860b76a08b2f81400d9350e812a0 Mon Sep 17 00:00:00 2001 From: Tsukasa Kanzaki Date: Tue, 16 Jul 2019 06:36:20 +0000 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=AF=B7=E6=B1=82=E9=A2=84=E5=A4=84?= =?UTF-8?q?=E7=90=86=E8=84=9A=E6=9C=AC=EF=BC=88=E5=8A=A0=E5=AF=86=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- instagram-after-response-script.js | 231 +++++++++++++++++++++++++++++ 1 file changed, 231 insertions(+) create mode 100644 instagram-after-response-script.js diff --git a/instagram-after-response-script.js b/instagram-after-response-script.js new file mode 100644 index 0000000..ff62325 --- /dev/null +++ b/instagram-after-response-script.js @@ -0,0 +1,231 @@ +//console.log('responseBody'+responseBody) + + +function Base64 () { + // private property + this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; +} +//public method for encoding +Base64.prototype.encode = function (input) { + var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0; + input = this._utf8_encode(input); + while (i < input.length) { + chr1 = input.charCodeAt(i++); + chr2 = input.charCodeAt(i++); + chr3 = input.charCodeAt(i++); + enc1 = chr1 >> 2; + enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); + enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); + enc4 = chr3 & 63; + if (isNaN(chr2)) { + enc3 = enc4 = 64; + } else if (isNaN(chr3)) { + enc4 = 64; + } + output = output + + this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) + + this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4); + } + return output; +} + +// public method for decoding +Base64.prototype.decode = function (input) { + var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0; + input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); + while (i < input.length) { + enc1 = this._keyStr.indexOf(input.charAt(i++)); + enc2 = this._keyStr.indexOf(input.charAt(i++)); + enc3 = this._keyStr.indexOf(input.charAt(i++)); + enc4 = this._keyStr.indexOf(input.charAt(i++)); + chr1 = (enc1 << 2) | (enc2 >> 4); + chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); + chr3 = ((enc3 & 3) << 6) | enc4; + output = output + String.fromCharCode(chr1); + if (enc3 != 64) { + output = output + String.fromCharCode(chr2); + } + if (enc4 != 64) { + output = output + String.fromCharCode(chr3); + } + } + output = this._utf8_decode(output); + return output; +} + +// private method for UTF-8 encoding +Base64.prototype._utf8_encode = function (string) { + string = string.replace(/\r\n/g, "\n"); + var utftext = ""; + for (var n = 0; n < string.length; n++) { + var c = string.charCodeAt(n); + if (c < 128) { + utftext += String.fromCharCode(c); + } else if ((c > 127) && (c < 2048)) { + utftext += String.fromCharCode((c >> 6) | 192); + utftext += String.fromCharCode((c & 63) | 128); + } else { + utftext += String.fromCharCode((c >> 12) | 224); + utftext += String.fromCharCode(((c >> 6) & 63) | 128); + utftext += String.fromCharCode((c & 63) | 128); + } + + } + return utftext; +} + +// private method for UTF-8 decoding +Base64.prototype._utf8_decode = function (utftext) { + var string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0; + while (i < utftext.length) { + c = utftext.charCodeAt(i); + if (c < 128) { + string += String.fromCharCode(c); + i++; + } else if ((c > 191) && (c < 224)) { + c2 = utftext.charCodeAt(i + 1); + string += String.fromCharCode(((c & 31) << 6) | (c2 & 63)); + i += 2; + } else { + c2 = utftext.charCodeAt(i + 1); + c3 = utftext.charCodeAt(i + 2); + string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63)); + i += 3; + } + } + return string; +} + +var Base = new Base64(); + +function md5 (str) { + return CryptoJS.MD5(str).toString() +} +function authcode (string, isencrypt) { + var timestamp = Date.parse(new Date()) / 1000;//; + if (isencrypt) + string = string + timestamp; + var ckey_length = 5; + // 密匙 + var key = postman.getEnvironmentVariable("encryptkey"); + key = md5(key) + // 密匙a会参与加解密 + var keya = md5(key.substr(0, 12)); + //console.log('keya:'+keya) + // 密匙b会用来做数据完整性验证 + var keyb = md5(key.substr(12, 20)); + // 密匙c用于变化生成的密文 + //console.log('keyb:'+keyb) + var keyc = isencrypt ? md5(timestamp).substr(32 - ckey_length) : string.substr(0, ckey_length); + //console.log('keyc:'+keyc) + // 参与运算的密匙 + var cryptkey = keya + md5(keya + keyc); + var key_length = cryptkey.length; + // console.log('cryptkey:'+cryptkey) + + var tempstr = md5(string + keyb).substr(0, 18);//检验字符串 + string = isencrypt ? (timestamp + 120) + tempstr + string : Base.decode(string.substr(ckey_length));//timestamp+120过期时间 + + var string_length = string.length; + //console.log('string='+string+' length='+string_length); + var result = ''; + var box = []; + var rndkey = []; + + // 128是ascrii码,字符范围,也可取256以内其它数字,产生密匙簿,加解密的cryptkey是相同的,由当时时间md5生成的 + for (var i = 0; i < 128; i++) { + rndkey[i] = cryptkey.charCodeAt(i % key_length); + box[i] = i; + } + var tmp; + // 用固定的算法,打乱密匙簿,增加随机性,好像很复杂,实际上对并不会增加密文的强度 + for (var j = 0, i = 0; i < 128; i++) { + j = (j + box[i] + rndkey[i]) % 128;//rndkey[i]是随机数,j是也是随机,加起来也是随机数 + tmp = box[i]; + box[i] = box[j]; + box[j] = tmp; + } + + // 核心加解密部分 + for (var a = j = i = 0; i < string_length; i++) { + a = (a + 1) % 128; + j = (j + box[a]) % 128; + tmp = box[a];//再次打乱 + box[a] = box[j]; + box[j] = tmp; + // 从密匙簿得出密匙进行异或,再转成字符 + + var b = box[(box[a] + box[j]) % 128]; + + var c = a ^ b; + var d = String.fromCharCode(c); + result += String.fromCharCode(string.charCodeAt(i) ^ (box[(box[a] + box[j]) % 128])); + } + + //console.log('result='+result); + if (isencrypt) { + // 把动态密匙保存在密文里,这也是为什么同样的明文,生产不同密文后能解密的原因 + // 因为加密后的密文可能是一些特殊字符,复制过程可能会丢失,所以用base64编码 + return keyc + Base.encode(result); + } + else { + return result.substr(28) + } + +} +function removeinterruptchars (str) { + var newstring = ''; + for (var i = 0; i < str.length; i++) { + if (i % 2 == 0) + newstring = newstring + str.charAt(i); + } + return newstring; +} +function aesDecrypt (ciphertext, key, iv) { + var decrypted = CryptoJS.AES.decrypt(ciphertext, key, { + iv: iv, + mode: CryptoJS.mode.CBC, + padding: CryptoJS.pad.Pkcs7 + }); + return decrypted.toString(CryptoJS.enc.Utf8);//WordArray对象转utf8字符串 +} +// pm.environment.set("isencrypt", "0"); +try { + var data = JSON.parse(responseBody); + console.log(data) + tests["接口未加密,返回值查看body"] = 1 +} +catch (err) { + // pm.environment.set("isencrypt", "1"); + encstr = responseBody + //console.log(encstr) + if (pm.environment.get("interrupt_encrypt") == 1) { + encstr = removeinterruptchars(encstr) + //console.log('interupt '+encstr) + } + + if (pm.environment.get("authcode_encrypt") == 1) { + encstr = authcode(encstr, 0) + // console.log('authcode '+encstr) + } + //console.log(encstr) + encstr = encstr.replace(/_a/g, "/").replace(/_b/g, "+").replace(/_c/g, "=") + tests["接口进行了加密,以下是解密内容,详细输出,打开view-show postman console查看打印结果"] = 1 + response = CryptoJS.enc.Base64.parse(encstr).toString(CryptoJS.enc.Latin1); + iv = response.substr(0, 16) + + decdata = response.substr(48, response.length - 48) + var cryptkey = postman.getEnvironmentVariable("encryptkey"); + //console.log(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Latin1.parse(decdata))) + decryptedMessage = aesDecrypt(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Latin1.parse(decdata)), CryptoJS.enc.Utf8.parse(cryptkey), CryptoJS.enc.Utf8.parse(iv));//解密 + decryptedMessage = unescape(decryptedMessage.replace(/\\/g, "%")) + tests[decryptedMessage] = 1 + console.log('解密后' + decryptedMessage) + if (decryptedMessage) { + obj = JSON.parse(decryptedMessage) + console.log(obj) + } + +} + +