FastMoss 国际电商Tiktok数据分析 JS 逆向 | MD5加密

1.目标

目标网址：https://www.fastmoss.com/zh/e-commerce/saleslist

切换周榜出现目标请求

只有请求头fm-sign签名加密

2.逆向分析

直接搜fm-sign

可以看到 i["fm-sign"] = A

进入encryptParams方法

里面有个S()方法加密，是MD5加密

3.代码示例

js代码示例

const crypto = require('crypto')function MD5Encrypt(e) {return crypto.createHash("md5").update(e.toString()).digest("hex")
}function encryptParams(e) {this.salt = "LAA6edGHBkcc3eTiOIRfg89bu9ODA6PB"let t = arguments.length > 1 && void 0 !== arguments[1] ? arguments[1] : "", o = Object.keys(e).sort(), n = "";o.forEach(t => {n += t + e[t] + this.salt});let r = MD5Encrypt(n + t), a = "", i = 0, s = r.length - 1;for (; i < r.length && !(i >= s); i++,s--)a += (parseInt(r[i], 16) ^ parseInt(r[s], 16)).toString(16);return a + r.substring(i)
}let S =   {_time: Math.floor(Date.now() / 1e3),cnonce: Math.floor(1e7 + 9e7 * Math.random())
}, r = {"time": 1748321467,"system": "windows","platform": 1,"id": 206,"type": 1,"ext": {"uri": "https://www.fastmoss.com/zh/e-commerce/newProducts","_src": null}
} ,d = JSON.stringify(r),A = encryptParams({...S}, d);
console.log(A)

python代码示例

import hashlib
import json
import random
import time# MD5 加密
def md5_encrypt(data):return hashlib.md5(str(data).encode('utf-8')).hexdigest()# 加密函数 encryptParams
def encrypt_params(e, t=""):salt = "LAA6edGHBkcc3eTiOIRfg89bu9ODA6PB"# 排序后的 key 列表keys = sorted(e.keys())n = ""for key in keys:n += f"{key}{e[key]}{salt}"r = md5_encrypt(n + t)a = ""i = 0s = len(r) - 1while i < len(r) and i < s:# 将十六进制字符转为整数，异或后再转回十六进制char_i = r[i]char_s = r[s]xor_result = int(char_i, 16) ^ int(char_s, 16)a += format(xor_result, 'x')  # 转为十六进制字符i += 1s -= 1a += r[i:]return aS = {'_time': int(time.time()),'cnonce': random.randint(1e7, 1e8)
}r = {"time": 1748321467,"system": "windows","platform": 1,"id": 206,"type": 1,"ext": {"uri": "https://www.fastmoss.com/zh/e-commerce/newProducts","_src": None}
}d = json.dumps(r, separators=(',', ':'))A = encrypt_params(S, d)
print(A)

请求不要sign也是可以的