众所周知 耐克nick 阿迪adidas 德州仪器(TI ti.com) 得捷电子(digikey )贸泽电子(mouser)等较大的芯片 购物之类的网站都引入了akamai的js防机器人识别系统,现在最新的akamai版本是1.7,如果想实现http抢购,那么破解akamai的js 实现sensor_data 然后换取相关有用的_abck是必须的,然后模拟tsl(模拟浏览器怎么发送请求的 不是简单的python go php等)使用个requests就可以的,然后发送相关的数据,那么问题就解决了。
考虑了下,感觉从头读的话,太多的东西了,于是找了下程序入口,从入口开始读取吧,感觉还挺顺利的啊,可以看到整个程序执行下来的话,有很多函数是没用的如,方向运动等指纹的获取
虽说后面就几个步骤,但是粗略的追了下,好几个JS文件 不少步骤,更多的是嵌套,一个函数调用另一个这样的嵌套很多层。。。。。
_cf = [] bmak = { runFonts: !1, altFonts: !1, js_post: !1, pstate: !1, fsp:!1, bm: !1, doadma_en: 0, doa_throttle: 0, dma_throttle: 0, cf_url: "https://", params_url: "https://www.ti.com/get_params", t_tst: 0, ir: function() { bmak['start_ts'] = +new Date, bmak['kact'] = "", bmak['ke_cnt'] = 0, bmak['ke_vel'] = 0, bmak['mact'] = "", bmak['mme_cnt'] = 0, bmak['mduce_cnt'] = 0, bmak['me_vel'] = 0, bmak['pact'] = "", bmak['pme_cnt'] = 0, bmak['pduce_cnt'] = 0, bmak['pe_vel'] = 0, bmak['tact'] = "", bmak['tme_cnt'] = 0, bmak['tduce_cnt'] = 0, bmak['te_vel'] = 0, bmak['doact'] = "", bmak['doe_cnt'] = 0, bmak['doe_vel'] = 0, bmak['dmact'] = "", bmak['dme_cnt'] = 0, bmak['dme_vel'] = 0, bmak['vcact'] = "", bmak['vc_cnt'] = 0, bmak['aj_indx'] = 0, bmak['aj_ss'] = 0, bmak['aj_type'] = -1, bmak['aj_indx_doact'] = 0, bmak['aj_indx_dmact'] = 0, bmak['aj_indx_tact'] = 0, bmak['me_cnt'] = 0, bmak['pe_cnt'] = 0, bmak['te_cnt'] = 0, bmak['nav_perm'] = "", bmak['brv'] = 0, bmak['hbCalc'] = !1, bmak['fmh'] = "", bmak['fmz'] = "", bmak['ssh'] = "", bmak['wv'] = "", bmak['wr'] = "", bmak['weh'] = "", bmak['wl'] = 0 }, sd_debug: function (t){ if (!bmak.js_post) { var a = t; "string" == typeof _sd_trace ? _sd_trace += a : _sd_trace = a } }, getStateField: function(t) { for (var a = "", e = "aeiouy13579", n = 0, o = t.toLowerCase(); n < o.length; ) e.indexOf(o[n]) >= 0 || e.indexOf(o[n + 1]) >= 0 ? a += 1 : a += 0, n += 2; return a }, listFunctions: { _setFsp: function(t) { bmak.fsp = t, bmak.fsp && (bmak.cf_url = bmak.cf_url.replace(/^http:\/\//i,"https://")) }, _setBm: function(t) { bmak.bm = t, bmak.bm ? (bmak.cf_url = (bmak.fsp ? "https:" : "https:") + "//" + "www.ti.com" + "/_bm/_data", bmak.js_post = !0) : bmak.params_url = (bmak.fsp ? "https:" :"https:") + "//" + "www.ti.com/get_params" }, _setAu: function(t) { "string" == typeof t && (0 === t.lastIndexOf("/", 0) ? bmak.cf_url = (bmak.fsp ? "https:" : "https:") + "//" + "www.ti.com" + t : bmak.cf_url = t) }, _setPowState: function(t) { bmak.pstate = t }, }, startdoadma: function() { 0 == bmak.doadma_en && window.addEventListener && (window.addEventListener('deviceorientation', function (){}, !0), window.addEventListener('devicemotion', function (){}, !0), bmak.doadma_en = 1), bmak.doa_throttle= 0, bmak.dma_throttle = 0 }, to: function() { var t = bmak[_ac[115]]() % 1e7; bmak[_ac[631]] = t; for (var a = t, e = bmak[_ac[390]](bmak[_ac[117]](51)), n = 0; n < 5; n++) { var o = bmak[_ac[390]](t / Math[_ac[164]](10, n)) % 10 , m = o + 1; op = bmak[_ac[645]](o), a = op(a, m) } bmak[_ac[515]] = a * e }, x2: function() { var t = bmak[_ac[117]] , a = t(98) + t(109) + t(97) + t(107) , e = t(103) + t(101) + t(116) + t(95) + t(99) + t(102) + t(95) + t(100) + t(97) + t(116) + t(101) , n = window[a][e] , o = 0; return _ac[554] == typeof n && (o = n()), o }, startTracking: function() { bmak.startdoadma(); try { bmak[_ac[14]]() } catch (t) { bmak[_ac[515]] = -654321 } setInterval(function() { bmak[_ac[384]]() }, 3e3), document[_ac[252]] ? (document[_ac[252]](_ac[799], bmak[_ac[251]], !0), document[_ac[252]](_ac[5], bmak[_ac[391]], !0), document[_ac[252]](_ac[350], bmak[_ac[646]], !0), document[_ac[252]](_ac[125], bmak[_ac[215]], !0), document[_ac[252]](_ac[567], bmak[_ac[176]], !0), document[_ac[252]](_ac[4], bmak[_ac[359]], !0), document[_ac[252]](_ac[602], bmak[_ac[188]], !0), document[_ac[252]](_ac[754], bmak[_ac[337]], !0), document[_ac[252]](_ac[312], bmak[_ac[241]], !0), document[_ac[252]](_ac[651], bmak[_ac[289]], !0), document[_ac[252]](_ac[17], bmak[_ac[404]], !0), document[_ac[252]](_ac[522], bmak[_ac[271]], !0), document[_ac[252]](_ac[769], bmak[_ac[430]], !0)) : document[_ac[545]] && (document[_ac[545]](_ac[799], bmak[_ac[251]]), document[_ac[545]](_ac[5], bmak[_ac[391]]), document[_ac[545]](_ac[350], bmak[_ac[646]]), document[_ac[545]](_ac[125], bmak[_ac[215]]), document[_ac[545]](_ac[605], bmak[_ac[176]]), document[_ac[545]](_ac[536], bmak[_ac[359]]), document[_ac[545]](_ac[795], bmak[_ac[188]]), document[_ac[545]](_ac[607], bmak[_ac[337]]), document[_ac[545]](_ac[392], bmak[_ac[241]]), document[_ac[545]](_ac[760], bmak[_ac[289]]), document[_ac[545]](_ac[550], bmak[_ac[404]]), document[_ac[545]](_ac[334], bmak[_ac[271]]), document[_ac[545]](_ac[380], bmak[_ac[430]])), bmak[_ac[310]](), bmak[_ac[211]] = bmak[_ac[366]](), bmak[_ac[597]] && (bmak[_ac[446]] = 0, bmak[_ac[110]](), bmak[_ac[504]](!0)), bmak[_ac[268]] = !1 }, } t = {} if (function(t){ var a = {} t.fpcf = a a.sf4 = false a.fpValstr = "-1" a.fpValCalculated =!1 a.rCFP = "-1" a.cache = {} a.td = -999999 a.clearCache =function () { a.cache={} } a.fpVal=function () { a.fpValCalculated = !0 try { var t = 0; t = +new Date; var e = a.data(); // a[_ac[155]] = e[_ac[518]](/\"/g, _ac[277]); // var n = 0; // n = Date[_ac[82]] ? Date[_ac[82]]() : +new Date, // a[_ac[333]] = n - t } catch (t) {} } a.data = function() { var t = 24 //colorDepth , e = 24 //pixelDepth , n = true //检测开启cookie , o = false //检测开启java , m = -1 //是否开启追踪 , r = "default"; r = "dis" //和字体相关 // return [a.canvas("<@nv45. F1n63r,Pr1n71n6!"), a[_ac[382]](_ac[487]), r, a[_ac[83]](), a[_ac[54]](), a[_ac[158]](), a[_ac[1]](), a[_ac[92]](), a[_ac[174]](), t, e, n, o, m][_ac[179]](_ac[640]) } a.canvas =function () { console.log("ccc") } }(bmak), "firstLoad"){ //正式开始执行 if (bmak.sd_debug("<init/>"),_cf.length>0){ //似乎这个玩意都不执行 }else { //设置bm_script 为 script 对象 var bm_script = document.currentScript; if (bm_script.src){ bm_script.src = "https://www.ti.com/BH40Pj/R6whT/QkycT/yYNs/Suh7mbrz/HV9rWxMtAg/cC4cKlkD/YnAB" var bm_url = bm_script.src,url_split=bm_url.split("/"),obfus_state_field; if (url_split.length>=4 && (obfus_state_field = bm_url.split("/").slice(-4)[0]),obfus_state_field && obfus_state_field.length % 2 ==0){ var state_field_str = bmak.getStateField(obfus_state_field); state_field_str.length >= 3 && (bmak.listFunctions._setFsp(1 == state_field_str[0]), bmak.listFunctions._setBm("1" == state_field_str[1]), bmak.listFunctions._setPowState("1" == state_field_str[2]), bmak.listFunctions._setAu(bm_url)) } } } try { //挂载其他的属性 bmak.ir() bmak.t_tst = +new Date bmak.startTracking() }catch (t){ console.log(t) } }