目標(biāo)QN網(wǎng)pre參數(shù)着绊。
第一步钞瀑,先抓包:
果然之前遇到過這個套路喘落,那就是檢測換行唄,又想讓我爆內(nèi)存是吧最冰。不會上當(dāng)了瘦棋。我們先把這個地方的代碼挖出來分析分析:
var _0xa5ad5c = _0x2444db(this, function () {
var _0x35d02e = function () {
return "dev";
},
_0x18cced = function () {
return "window";
};
var _0x364152 = function () {
var _0x1d4f26 = new RegExp("\\w+ *\\(\\) *{\\w+ *['|\"].+['|\"];? *}");
return !_0x1d4f26.test(_0x35d02e.toString());
};
var _0xcfd92 = function () {
var _0x55eb7e = new RegExp("(\\\\[x|u](\\w){2,4})+");
return _0x55eb7e.test(_0x18cced.toString());
};
var _0x34c898 = function (_0x31b9ac) {
var _0x35b4e0 = 0;
if (_0x31b9ac.indexOf(false)) {
_0x3217e1(_0x31b9ac);
}
};
var _0x3217e1 = function (_0x4a8870) {
var _0xbd3fa8 = 3;
if (_0x4a8870.indexOf("true"[3]) !== 3) {
_0x34c898(_0x4a8870);
}
};
if (!_0x364152()) {
if (!_0xcfd92()) {
_0x34c898("indеxOf");
} else {
_0x34c898("indexOf");
}
} else {
_0x34c898("indеxOf");
}
});
local_storeage = {}
var location = {
href: "https://flight.qunar.com/site/oneway_list.htm?searchDepartureAirport=%E5%8C%97%E4%BA%AC&searchArrivalAirport=%E6%98%86%E6%98%8E&searchDepartureTime=2020-09-17&searchArrivalTime=2020-09-15&nextNDays=0&startSearch=true&fromCode=BJS&toCode=KMG&from=tejia_d_search&lowestPrice=null",
host: "flight.qunar.com",
hostname: "flight.qunar.com"
};
var localStorage = {
setItem: function (key, value) {
local_storeage[key] = value;
},
getItem: function (key) {
return local_storeage[key]
},
removeItem: function (key) {
delete local_storeage[key]
}
}
var window = {
location: location,
localStorage: localStorage
};
var document = {
createElement: function (ele) {
var element = {
src: ""
}
return element
},
head: {
getElementsByTagName: function(ele) {
if (ele == 'script') {
return [
{src:"https://rmcsdf.qunar.com/api/device/answer.json?callback=callback_1600070190853&sessionId=c922434c-d559-41e3-9cd8-18a493694dcd&answer=cv3I1H8GFcflk_IfUTmRSv6L-h0klNJrF0SPmn80HJvlkR4qFyTDyP87A4OilQprGfjSsHs8IFr15J5rQejSwKc9JF-llFpuQGyVw39LT_L2qd1bVrnIcixPSoK2g5I_7OyIEjh0x1-ku5HqLy2GceBPUsK3q91bMn3IjzRPXEgjdA4dKryUnyBOTEw2aUYuVrCUyOrRWsa1wBVbGnnG1ihPFoq2sJlaF2zUtn8HKwK2r9ldLvnGc2c8B50kA4Ix7aSNq-c90BRdLcG5OzXJg2x07VhiaYnuIujYOzROKha3lgIyMv3I7L6-ZF-jlgIyMb3UzTc9MFPdgd5wQzzJwfA0Y5Kjqxob77zX1Pc9V5OjtoJt7r3JcihRTwq3v91bOrXEm2RPKk623RYa0miGyqR6ZsP1gQIaQ7WIheMP-_KidcldBe3V"},
{src:"https://rmcsdf.qunar.com/api/device/challenge.json?callback=callback_1600070190262&sessionId=c922434c-d559-41e3-9cd8-18a493694dcd&domain=qunar.com&orgId=ucenter.login"},
{src:"https://webresource.c-ctrip.com/resaresonline/risk/ubtrms/latest/default/chlorofp.js?siteId=c7e55b219200&v=120-8-14"},
{src:"https://ws.qunar.com/rt_recommend?count=3&fromCity=%E5%8C%97%E4%BA%AC&toCity=%E6%98%86%E6%98%8E&depDate=2020-09-17&includeTax=0&callback=jsonp_1417whnctfho9p1"},
{src:"https://gw.flight.qunar.com/api/f/priceCalendar?dep=%E5%8C%97%E4%BA%AC&arr=%E6%98%86%E6%98%8E&days=&priceType=1&callback=jsonp_93vaq0viqu3rssh"},
{src:"https://lp.flight.qunar.com/api/dom/recommend/nearby_route?from=%E5%8C%97%E4%BA%AC&to=%E6%98%86%E6%98%8E&start_date=2020-09-17&callback=jsonp_qjqv30fbv34guzw"},
{src:"https://flightopdata.qunar.com/vataplan?&id=41&callback=jsonp_p5udnewvxw1uvfq"},
{src:""},
{src:""},
{src:""},
{src:"https://a.qunar.com/vataplan?framId=a_listBannerTop&vataposition=QNR_OQ==_CN&tag=0&rows=3&cur_page_num=0&rep=1&f=s&callback=QNR._AD.a_listBannerTop&ab=b&tile=16000701898246186355&vatafrom=%E5%8C%97%E4%BA%AC&vatato=%E6%98%86%E6%98%8E"}
]
}
}
},
getElementsByTagName: function(ele) {
if (ele == 'meta') {
return {
description: {
content: "去哪兒(Qunar.com)作為全球最大的中文旅游搜索引擎,通過對機票,酒店,旅游線路的整合與發(fā)布,提供專業(yè)分冈、實時圾另、可信的旅游產(chǎn)品價格比較與服務(wù)比較系統(tǒng),幫助消費者輕松進(jìn)行充分選擇,是您預(yù)訂機票、酒店雕沉、旅游線路的最佳選擇!"
}
}
}
}
}
這里有些方法比如getElementsByTagName集乔、localStorage.setItem等是Node里沒有的,這些可以用一些巧妙的方法處理坡椒,說到底他不就是要驗證瀏覽器環(huán)境嗎扰路,離不開一句話,他要什么倔叼,我們給什么汗唱。
瀏覽器運行結(jié)果:
一樣,通關(guān)丈攒!
