It’s rare to have time to write an article. Recently, I’m learning data visualization. I may update the content of data visualization powerbi and tableau in the future. Today’s issue is about the reverse of Pinduoduo’s anti_content parameter. The actual test can be done on the Pinduoduo web app The website and the website of the wholesale mall. I feel that the encryption parameters of Pinduoduo are not very difficult, but the difficulty lies in its risk control. If you send an abnormal request during debugging, you will log in after refreshing the page in your browser. In the end, you may not even be able to open Pinduoduo, because its background may have remembered your browser fingerprint, you can try another browser or request again after a while.
URL 1:aHR0cHM6Ly9waWZhLnBpbmR1b2R1by5jb20v
URL 2:aHR0cHM6Ly9tb2JpbGUucGluZHVvZHVvLmNvbS8=
This chapter reverses the anti_content parameter of URL 1, which is the commodity wholesale website.
The text is long, sit tight and start off!
Directory
It’s rare to have time to write an article. Recently, I’m learning data visualization. I may update the content of data visualization powerbi and tableau in the future. Today’s issue is about the reverse of Pinduoduo’s anti_content parameter. The actual test can be done on the Pinduoduo web app The website and the website of the wholesale mall. I feel that the encryption parameters of Pinduoduo are not very difficult, but the difficulty lies in its risk control. If you send an abnormal request during debugging, you will log in after refreshing the page in your browser. In the end, you may not even be able to open Pinduoduo, because its background may have memorized your browser fingerprint, you can try another browser or request again after a while.
URL 1: aHR0cHM6Ly9waWZhLnBpbmR1b2R1by5jb20v
URL 2: aHR0cHM6Ly9tb2JpbGUucGluZHVvZHVvLmNvbS8=
It’s a long one, so sit tight and start off!
statement
All the content in this article is for learning and communication only, not for any other purpose, and complete code is not provided, and the content of captured packets, sensitive URLs, data interfaces, etc. have been desensitized, and are strictly prohibited for commercial and illegal purposes, otherwise by All consequences arising from this have nothing to do with the author!
This article is prohibited from reprinting without permission, and any secondary dissemination after modification is prohibited. The author is not responsible for any accidents caused by unauthorized use of the technology explained in this article. If there is any infringement, please contact the author to delete it immediately!
website analysis
Summarize
Statement
All content in this article is only for learning and communication, not for any other purpose, complete code, packet capture content, sensitive URLs, data are not provided The interface and so on have been desensitized, and it is strictly forbidden to be used for commercial and illegal purposes, otherwise all consequences arising therefrom have nothing to do with the author!
This article is prohibited from reprinting without permission, and any secondary dissemination after modification is prohibited. The author is not responsible for any accidents caused by unauthorized use of the technology explained in this article. If there is any infringement, please contact the author to delete it immediately!
Website analysis
Open a data packet at 1 and find that there is only one anti_content parameter that needs to be cracked. You can try to search globally first. If not, you can hook the header parameter. If you don’t know how to write hooks, you can refer to this website https://www.cnblogs.com/xiaoweigege/ p/14954648.html
2 Search and find that there are two. After setting a breakpoint, slide the scroll wheel and find that it can be broken. At this time, you can cancel the other breakpoint.
3 You can find that the parameters have been generated at this time, and then you can go up the stack 
4. I found a .then callback function. After setting a breakpoint here, finish this time first, then scroll down and walk again, and then break at the position of .then 
5 At this point, you only need to step down to this position, and output it on the console
It can be found that it is generated by a series of encryptions on the timestamp 
6 Output the n(284) on the console, enter the function from here 
7 Stopped at this position and found that it was confused by variable names, it is likely to be this position, non-key code websites generally will not be confused 
8 Click the mouse here, look up 
9 Then zoom the code 
10 found that it is a webpack, found the location of the outermost loader and deducted about 3,000 lines of code, and then went to debug and supplement the environment.
11 The environment to be supplemented includes window navigator document location history screen Math, etc. These environments are relatively simple, and you can pass it by casual supplementation. I will not take everyone to supplement it here, otherwise it would be too time-consuming (actually it is The author is lazy, it has already been posted, if you need it, take it yourself)
window=global;
window = {}
window.outerHeight = 836;
window.outerWidth = 1166;
window.chrome = class chrome{};
window.open = function(){};
window.DeviceOrientationEvent = function DeviceOrientationEvent(){};
window.DeviceMotionEvent = function DeviceMotionEvent(){};
Navigator = function Navigator(){};
Navigator.prototype.plugins = "";
Navigator.prototype.languages = ["zh-CN", "zh"];
Navigator.prototype.userAgent = "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198";
window.navigator={};
window.navigator.__proto__ = Navigator.prototype;
Location = function(){};
Location.prototype.port = "";
Location.prototype.href = "https://mobile.yangkeduo.com/search_result.html?search_key=Tumbling Monkey&search_met_track=history &search_type=goods&source=index&options=3& amp;refer_search_met_pos=0 &refer_page_el_sn=99887 &refer_page_name=search_result &refer_page_id=10015_1637246937996_0aduqu9x0x &refer_page_sn=10015 &page_id=10015 _1637246941701_vczypwl0zg &is_back= &bsch_is_search_mall= &bsch_show_active_page= & amp;list_id=GrPdP8boGw & amp;flip=0;0;0;0;cb9a6735-5700-43c3-faf1-7e175fb0980a;/40;36;0;a6253898c28578b971b57b81c1b63cb0 & amp;sort_type=default & amp;price_index=-1 &filter= &opt_tag_name= &brand_tab_filter=";
window. location = new Location;
History = function(){};
History.prototype.back = function back(){};
window.history = new History;
Screen = function(){};
Screen.prototype.availWidth=1920;
Screen.prototype.availHeightL=1040;
window.screen = new Screen;
window.localStorage = function(){};
Storage = function(){};
Storage.prototype.getItem = function getItem(key){};
Storage.prototype.setItem = function setItem(key,value){};
Document = function(){};
Document.prototype.cookie="ua=Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36;PDDAccessToken=OXABT2ASITL5QFXFFBJLHZEU4JWUKHYGVDEZ GH437XNOUR4R2QQA1133906;";
Document.prototype.referrer="https://mobile.yangkeduo.com/psnl_verification.html?VerifyAuthToken=dUoAiEwhlp936TpnWNWBKAd816c8390dcd18c2b & from=https://mobile.yangkeduo.com/goods.html?goods_id=27496 1072820&page_from=401&thumb_url=https %3A%2F%2Fimg.pddpic.com%2Fgaudit-image%2F2021-11-08%2F332ef37387161f59ecc95f0924ad83af.jpeg%3FimageView2%2F2%2Fw%2F1300%2Fq%2F80&refer_page_name=goods_detail &refer_page_id=10014_1637246639986_oc8t41rk89&refer_page_sn=10014 & amp;refer_page_name=goods_detail & amp ;refer_page_id=10014_1637246793877_8dp7j1a2td &refer_page_sn=10014";
Document.prototype.getElementById = function getElementById(id){return null;};
Document.prototype.addEventListener = function addEventListener(type, listener, options, useCapture){};
window.document = new Document;
setTimeout = function setTimeout(){};
window.Math = Math;
window.Date = Date;
window. parseInt = parseInt;
12 Finally, manually call the function in the loader to generate the result
13 Post a picture of the result 
Summary
1 For security reasons, this chapter does not provide a complete process, the debugging links are omitted, and only a general idea is provided. The specific details need to be restored by yourself, and I believe you can also debug it.
2 My writing level is limited. If there is any explanation that is not in place or wrong, please give me advice in the comment area and make progress together. If you need code, you can add my WeChat x484628143
3 The sharing of this article is over here, everyone is welcome to pay attention to the next issue, we will see you soon