时间戳

首页 > 解决方案 > 用 PHP 解压 Javascript

javascript - 用 PHP 解压 Javascript

问题描述

我需要一种用 PHP 解压 JavaScript 的方法,更改代码在我的域上http://beastfeeds.com/ty9.php完整代码在页面源视图源中:http: //beastfeeds.com/ty9.php出于某种奇怪的原因,网页只显示了部分代码,但完整的代码就在那里!我只需要它来运行和解密代码,以便它显示解密的代码,这样我就可以从输出中获取 m3u8,因为它在每次页面加载时都会发生变化。这是我试图运行以实现它,它适用于 Javascript Eval (Unpacked) 但不适用于这种格式

<?php

class JavaScriptUnpacker
{
    private $unbaser;
    private $payload;
    private $symtab;
    private $radix;
    private $count;

    function Detect($source)
    {
        $source = preg_replace("/ /","",$source);
        preg_match("/eval\(function\(p,a,c,k,e,[r|d]?/", $source, $res);

        Debug::Write($res,"detection result");

        return (count($res) > 0);
    }

    function Unpack($source)
    {
        preg_match_all("/}\('(.*)', *(\d+), *(\d+), *'(.*?)'\.split\('\|'\)/",$source,$out);

        Debug::Write($out,"DOTALL", false);

        // Payload
        $this->payload = $out[1][0];
        Debug::Write($this->payload,"payload");
        // Words
        $this->symtab = preg_split("/\|/",$out[4][0]); 
        Debug::Write($this->symtab,"symtab");
        // Radix
        $this->radix = (int)$out[2][0];
        Debug::Write($this->radix,"radix");
        // Words Count
        $this->count = (int)$out[3][0];
        Debug::Write($this->count,"count");

        if( $this->count != count($this->symtab)) return; // Malformed p.a.c.k.e.r symtab !

        //ToDo: Try catch
        $this->unbaser = new Unbaser($this->radix);

        $result = preg_replace_callback(
                    '/\b\w+\b/',
                        array($this, 'Lookup')
                    ,
                    $this->payload
                );
        $result = str_replace('\\', '', $result);
        Debug::Write($result);
        $this->ReplaceStrings($result);
        return $result;
    }

    function Lookup($matches)
    {
        $word = $matches[0];
        $ub = $this->symtab[$this->unbaser->Unbase($word)];
        $ret = !empty($ub) ? $ub : $word;
        return $ret;
    }

    function ReplaceStrings($source)
    {
        preg_match_all("/var *(_\w+)\=\[\"(.*?)\"\];/",$source,$out);
        Debug::Write($out);
    }

}

class Unbaser
{
    private $base;
    private $dict;
    private $selector = 52;
    private $ALPHABET = array(
        52 => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOP',
        54 => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQR',
        62 => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ',
        95 => ' !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~'
    );


    function __construct($base)
    {
        $this->base = $base;

        if($this->base > 62) $this->selector = 95;
        else if($this->base > 54) $this->selector = 62;
        else if($this->base > 52) $this->selector = 54;
    }

    function Unbase($val)
    {
        if( 2 <= $this->base && $this->base <= 36)
        {
            return intval($val,$this->base);
        }else{
            if(!isset($this->dict)){

                $this->dict = array_flip(str_split($this->ALPHABET[$this->selector]));
            }
            $ret = 0;
            $valArray = array_reverse(str_split($val));

            for($i = 0; $i < count($valArray) ; $i++)
            {
                $cipher = $valArray[$i];
                $ret += pow($this->base, $i) * $this->dict[$cipher];
            }
            return $ret;
            // UnbaseExtended($x, $base)
        }
    }

}


class Debug
{
    public static $debug = false;
    public static function Write($data, $header = "", $mDebug = true)
    {
        if(!self::$debug || !$mDebug) return;

        if(!empty($header))
            echo "<h4>".$header."</h4>";

        echo "<pre>";
        print_r($data);
        echo "</pre>";
    }

}


// FOLLOW ALL REDIRECTS:
// This makes multiple requests, following each redirect until it reaches the
// final destination.
function get_redirect_final_target($url)
{
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_NOBODY, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // follow redirects
    curl_setopt($ch, CURLOPT_AUTOREFERER, 1); // set referer on redirect
    curl_exec($ch);
    $target = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
    curl_close($ch);

    if ($target)
        return $target;

    return false;
}
function getURL($u){
    $ops = array(
      'http'=>array(
        'method'=>"GET",
        'header'=>"Accept: text/html\r\n" .
                  "User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0\r\n"
      )
    );
    $co = stream_context_create($ops);
    $r = file_get_contents('http://' . $u, false, $co);
    return $r != false ? $r : "";

}
function GetStringBetween($string, $start, $finish){
    $string = " ".$string;
    $position = strpos($string, $start);
    if ($position == 0) return "";
    $position += strlen($start);
    $length = strpos($string, $finish, $position) - $position;
    return substr($string, $position, $length);
}

$grab = file_get_contents("http://beastfeeds.com/ty9.php"); 
$streama = GetStringBetween($grab, 'var', '</script>');
$unpacker = new JavaScriptUnpacker();
$unpacked = $unpacker->Unpack($grab);
preg_match_all('/\b(?:(?:https?|ftp|file):\/\/|www\.|ftp\.)[-A-Z0-9+&@#\/%=~_|$?!:,.]*[A-Z0-9+&@#\/%=~_|$]/i', $unpacked, $result, PREG_PATTERN_ORDER);
$result = $result[0];
$stream = GetStringBetween($unpacked, "src:'", "'");
?>
<?= trim($unpacked, "\r\n\t ")?>

我真的需要这个!!!!非常感谢任何帮助,我已经尝试了一周。

标签: javascriptphp

解决方案

推荐阅读