.

2026-04-04 05:22:53 +08:00 · 2020-05-07 09:05:20 +08:00
commit af4a95230e
257 changed files with 90965 additions and 0 deletions
--- a/ZooFaker_Necklace.js
+++ b/ZooFaker_Necklace.js
@@ -0,0 +1,165 @@
+const https = require('https');
+const fs = require('fs').promises;
+const { R_OK } = require('fs').constants;
+const vm = require('vm');
+const UA = require('./USER_AGENTS.js').USER_AGENT;
+
+const URL = 'https://h5.m.jd.com/babelDiy/Zeus/41Lkp7DumXYCFmPYtU3LTcnTTXTX/index.html';
+const REG_SCRIPT = /<script src="([^><]+\/(main\.\w+\.js))\?t=\d+">/gm;
+const REG_ENTRY = /^(.*?\.push\(\[)(\d+,\d+)/;
+const REG_PIN = /pt_pin=(.+?);/m;
+const KEYWORD_MODULE = 'get_risk_result:';
+const DATA = {appid:'50082',sceneid:'DDhomePageh5'};
+let smashUtils;
+
+class ZooFakerNecklace {
+    constructor(cookie, action) {
+        this.cookie = cookie;
+        this.action = action;
+    }
+
+    async run(data) {
+        if (!smashUtils) {
+            await this.init();
+        }
+
+        const t = Math.floor(1e+6 * Math.random()).toString().padEnd(6, '8');
+        const mpin = this.cookie.match(REG_PIN)
+        let pin = '-1'
+        // if(mpin) pin = mpin[1];
+        if(mpin) pin = decodeURIComponent(mpin[1]);
+        const { log } = smashUtils.get_risk_result({
+            id: this.action,
+            data: {
+                ...data,
+                pin,
+                random: t,
+            }
+        });
+        const body = {
+            ...data,
+            random: t,
+            extraData: { log, sceneid: DATA.sceneid },
+        };
+
+        // console.log(body);
+        return body;
+    }
+
+    async init() {
+        console.time('ZooFakerNecklace');
+        process.chdir(__dirname);
+        const html = await ZooFakerNecklace.httpGet(URL);
+        const script = REG_SCRIPT.exec(html);
+
+        if (script) {
+            const [, scriptUrl, filename] = script;
+            const jsContent = await this.getJSContent(filename, scriptUrl);
+            const fnMock = new Function;
+            const ctx = {
+                window: { addEventListener: fnMock },
+                document: {
+                    addEventListener: fnMock,
+                    removeEventListener: fnMock,
+                    cookie: this.cookie,
+                },
+                navigator: { userAgent: UA },
+            };
+            const _this = this;
+            Object.defineProperty(ctx.document,'cookie',{
+                get() {
+                    return _this.cookie;
+                },
+            });
+
+            vm.createContext(ctx);
+            vm.runInContext(jsContent, ctx);
+
+            smashUtils = ctx.window.smashUtils;
+            smashUtils.init(DATA);
+
+            // console.log(ctx);
+        }
+
+        // console.log(html);
+        // console.log(script[1],script[2]);
+        console.timeEnd('ZooFakerNecklace');
+    }
+
+    async getJSContent(cacheKey, url) {
+        try {
+            await fs.access(cacheKey, R_OK);
+            const rawFile = await fs.readFile(cacheKey, { encoding: 'utf8' });
+
+            return rawFile;
+        } catch (e) {
+            let jsContent = await ZooFakerNecklace.httpGet(url);
+            const findEntry = REG_ENTRY.test(jsContent);
+            const ctx = {
+                moduleIndex: 0,
+            };
+            const injectCode = `moduleIndex=arguments[0].findIndex(s=>s&&s.toString().indexOf('${KEYWORD_MODULE}')>0);return;`;
+            const injectedContent = jsContent.replace(/^(!function\(\w\){)/, `$1${injectCode}`);
+
+            vm.createContext(ctx);
+            vm.runInContext(injectedContent, ctx);
+
+            if (!(ctx.moduleIndex && findEntry)) {
+                throw new Error('Module not found.');
+            }
+            jsContent = jsContent.replace(REG_ENTRY, `$1${ctx.moduleIndex},1`);
+            // Fix device info (actually insecure, make less sense)
+            jsContent = jsContent.replace(/\w+\.getDefaultArr\(7\)/, '["a","a","a","a","a","a","1"]');
+            fs.writeFile(cacheKey, jsContent);
+            return jsContent;
+
+            REG_ENTRY.lastIndex = 0;
+            const entry = REG_ENTRY.exec(jsContent);
+
+            console.log(ctx.moduleIndex);
+            console.log(entry[2]);
+        }
+    }
+
+    static httpGet(url) {
+        return new Promise((resolve, reject) => {
+            const protocol = url.indexOf('http') !== 0 ? 'https:' : '';
+            const req = https.get(protocol + url, (res) => {
+                res.setEncoding('utf-8');
+
+                let rawData = '';
+
+                res.on('error', reject);
+                res.on('data', chunk => rawData += chunk);
+                res.on('end', () => resolve(rawData));
+            });
+
+            req.on('error', reject);
+            req.end();
+        });
+    }
+}
+
+async function getBody($ = {}) {
+    let riskData;
+    switch ($.action) {
+        case 'startTask':
+            riskData = { taskId: $.id };
+            break;
+        case 'chargeScores':
+            riskData = { bubleId: $.id };
+            break;
+        case 'sign':
+            riskData = {};
+        default:
+            break;
+    }
+    const zf = new ZooFakerNecklace($.cookie, $.action);
+    const log = await zf.run(riskData);
+
+    // return `body=${encodeURIComponent(JSON.stringify(log))}`;
+    return log;
+}
+
+ZooFakerNecklace.getBody = getBody;
+module.exports = ZooFakerNecklace;