共计 7226 个字符,预计需要花费 19 分钟才能阅读完成。
分析日志和 sensor-data 数据结构
该文章提供 web 端思路,ios 和 android 端思路不提供,api 也已经下线,本文也不提供任何可执行代码。有更多疑问欢迎查看 github 代码
协议
授权协议:只允许研究、学习目的的分享、使用、修改,不允许任何商业用途。转载请注明出处,感谢。
开始分析
提供部分结构
// 数据对称结构
export const KeysMap = {
'-1,2,-94,-100,': 'user_agent',
'-1,2,-94,-101,': 'sensor_status',
'-1,2,-94,-105,': 'informinfo',
'-1,2,-94,-102,': '','-1,2,-94,-108,':'kact','-1,2,-94,-110,':'',
'-1,2,-94,-117,': '','-1,2,-94,-111,':'',
'-1,2,-94,-109,': '','-1,2,-94,-114,':'',
'-1,2,-94,-103,': '','-1,2,-94,-112,':'',
'-1,2,-94,-115,': '','-1,2,-94,-106,':'',
'-1,2,-94,-119,': '','-1,2,-94,-122,':'host_url','-1,2,-94,-124,':'',
'-1,2,-94,-70,': '','-1,2,-94,-80,':'',
'-1,2,-94,-116,': '','-1,2,-94,-118,':'',
'-1,2,-94,-121,': '',
// '-1,2,-94,-120,': '',
};
第一步开启日志 debug
F12 控制开启 bmak 日志
bmak.sd_debug=(a)=>{console.log(a); }
然后可以看到日志,后续我们可以根据他内部的 debug 数据来进行分析程序的执行流程,当然可以直接走 debug,但是不准确,我的想法是提供 nike 官网,然后执行一些 hook 流程,来监控他的流程,这样更加的真实,数据也是真实 1:1 数据,不会产生误差
<bpd>
VM695:1 ,s1:1.43-1,2,-
VM695:1 ,s4
VM695:1 </bpd>
VM695:1 <bpd>
VM695:1 ,s1:1.43-1,2,-
VM695:1 ,s4
VM695:1 </bpd>
VM695:1 <bpd>
例如我们优化代码后可以看到一部分逻辑
bmak.sensor_data = bmak['ver'] + '-1,2,-94,-100,' + n;
bmak.sensor_data += '-1,2,-94,-101,' + i;
bmak.sensor_data += '-1,2,-94,-105,' + bmak['informinfo'];
bmak.sensor_data += '-1,2,-94,-102,' + c;
bmak.sensor_data += '-1,2,-94,-108,' + bmak['kact'];
bmak.sensor_data += '-1,2,-94,-110,' + bmak['mact'];
bmak.sensor_data += '-1,2,-94,-117,' + bmak['tact'];
bmak.sensor_data += '-1,2,-94,-111,' + bmak['doact'];
bmak.sensor_data += '-1,2,-94,-109,' + bmak['dmact'];
bmak.sensor_data += '-1,2,-94,-114,' + bmak['pact'];
bmak.sensor_data += '-1,2,-94,-103,' + bmak['vcact'];
bmak.sensor_data += '-1,2,-94,-112,' + b;
bmak.sensor_data += '-1,2,-94,-115,' + f;
bmak.sensor_data += '-1,2,-94,-106,' + d;
bmak.sensor_data += '-1,2,-94,-119,' + bmak['mr'];
bmak.sensor_data += '-1,2,-94,-122,' + v;
bmak.sensor_data += '-1,2,-94,-123,' + h;
bmak.sensor_data += '-1,2,-94,-124,' + g;
const w = bmak.ab(bmak.sensor_data);
bmak.sensor_data += '-1,2,-94,-70,' + bmak['fpcf']['fpValstr'];
bmak.sensor_data += '-1,2,-94,-80,' + p;
bmak.sensor_data += '-1,2,-94,-116,' + bmak['o9'];
bmak.sensor_data += '-1,2,-94,-118,' + w;
bmak.sensor_data += '-1,2,-94,-121,';
console.log(bmak.sensor_data);
bmak['sd_debug'](',s1:' + bmak.sensor_data.slice(0, 10));
拆分部分数据打印实例
export class AkamaiWeb {static splitStr(str: string) {for (let keysMapKey in KeysMap) {const reg = new RegExp(`${keysMapKey}`, 'g');
//str = str.replace(reg, `$FUCK${KeysMap[keysMapKey]}$FUCK`);
str = str.replace(reg, `$FUCK${keysMapKey}$FUCK`);
}
const list = str.split('$FUCK');
console.log(list);
}
public static publicKey = 'afSbep8yjnZUjq3aL010jO15Sawj2VZfdYK8uY90uxq';
mock() {const data = {};
}
}
大概的数据结构如下,接下来我们只需要一步一步把这里面的数据完善起来填充和 mock 就能完成了
[
'7a74G7m23Vrp0o5c9018361.43',
'-1,2,-94,-100,',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0,uaend,11059,20100101,zh-CN,Gecko,0,0,0,0,386747,9033567,2560,1410,2560,1440,1301,1314,2576,,cpen:0,i1:0,dm:0,cwen:0,non:1,opc:0,fc:1,sc:0,wrc:1,isc:96,vib:1,bat:0,x11:0,x12:1,5549,0.425236066212,785919516783.5,loc:',
'-1,2,-94,-101,',
'do_en,dm_en,t_dis',
'-1,2,-94,-105,',
'','-1,2,-94,-102,','',
'-1,2,-94,-108,',
'','-1,2,-94,-110,','0,1,182,1254,605;1,1,195,1184,595;2,1,217,1083,574;3,1,231,1046,569;4,1,253,972,556;5,1,265,937,547;6,1,279,925,544;7,1,300,883,531;8,1,314,859,525;9,1,334,828,514;10,1,349,804,506;11,1,363,782,496;12,1,384,769,491;13,1,397,767,490;14,3,419,767,490,-1;15,4,488,767,490,-1;16,2,488,767,490,-1;17,1,502,766,490;18,1,516,765,490;19,1,529,764,490;20,1,550,761,494;21,1,556,756,500;22,1,563,748,515;23,1,571,742,530;24,1,578,736,551;25,1,584,723,577;26,1,598,712,606;27,1,605,702,633;28,1,612,693,659;29,1,619,684,676;30,1,626,679,689;31,1,633,675,697;32,1,647,673,702;33,1,654,672,703;34,1,661,671,704;35,3,680,671,704,-1;36,4,768,671,704,-1;37,2,768,671,704,-1;38,1,786,672,705;39,1,793,676,705;40,1,806,683,709;41,1,814,693,712;42,1,821,702,715;43,1,827,718,720;44,1,834,745,728;45,1,841,773,736;46,1,848,803,746;47,1,861,837,753;48,1,868,870,763;49,1,876,892,771;50,1,882,914,776;51,1,890,930,780;52,1,896,942,783;53,1,910,952,787;54,1,917,962,790;55,1,924,967,792;56,1,931,972,795;57,1,938,973,795;58,1,952,975,795;59,1,1001,975,796;60,1,1015,975,798;61,1,1022,975,801;62,1,1029,974,805;63,1,1036,968,812;64,1,1042,961,818;65,1,1049,952,825;66,1,1056,942,832;67,1,1070,933,837;68,1,1077,920,844;69,1,1084,909,849;70,1,1091,898,852;71,1,1098,887,856;72,1,1105,879,859;73,1,1119,870,860;74,1,1126,864,860;75,1,1133,859,861;76,1,1140,857,861;77,1,1184,856,861;78,1,1195,856,857;79,1,1202,856,850;80,1,1209,856,842;81,1,1223,860,832;82,1,1230,866,820;83,1,1237,874,803;84,1,1245,878,789;85,1,1251,886,774;86,1,1257,887,762;87,1,1264,888,751;88,1,1279,889,740;89,1,1286,888,732;90,1,1293,886,724;91,1,1300,880,717;92,1,1307,870,711;93,1,1313,856,707;94,1,1320,839,705;95,1,1334,814,704;96,1,1342,782,704;97,1,1348,746,704;98,1,1355,706,704;99,1,1362,665,704;100,1,1369,624,704;101,1,1383,584,704;102,1,1390,551,704;103,1,1396,519,711;104,1,1404,498,715;105,1,1410,483,721;343,3,3600,701,246,-1;345,4,3673,700,247,-1;346,2,3673,700,247,-1;736,3,7089,728,392,-1;737,4,7160,728,392,-1;738,2,7161,728,392,-1;811,3,7786,725,372,-1;820,4,7874,725,382,-1;821,2,7874,725,382,-1;1054,3,9784,424,739,-1;1064,4,9880,1004,801,-1;1065,2,9880,1004,801,-1;1085,3,10160,631,421,-1;1086,4,10248,631,421,-1;1087,2,10248,631,421,-1;1088,3,10369,631,421,-1;1089,4,10433,631,421,-1;1090,2,10433,631,421,-1;1101,3,10554,571,397,-1;1103,4,10622,570,397,-1;1104,2,10622,570,397,-1;1117,3,10729,627,382,-1;1121,4,10810,645,382,-1;1122,2,10810,645,382,-1;1219,3,11627,381,114,217;1223,4,11707,373,124,217;1224,2,11707,373,124,217;1243,3,11864,272,278,-1;1252,4,11969,309,324,-1;1253,2,11969,309,324,-1;1284,3,12235,576,685,-1;1286,4,12321,577,686,-1;1287,2,12321,577,686,-1;1303,3,12457,404,756,-1;1313,4,12568,600,784,-1;1314,2,12568,600,784,-1;1321,3,12657,679,807,-1;1327,4,12745,644,818,-1;1328,2,12745,644,818,-1;1341,3,12856,380,836,-1;1346,4,12928,399,829,-1;1347,2,12928,399,829,-1;1362,3,13050,887,773,-1;1371,4,13129,826,457,-1;1372,2,13129,826,457,-1;1397,3,13402,361,501,-1;1404,4,13504,389,527,-1;1405,2,13504,389,527,-1;1416,3,13608,558,557,-1;1417,4,13689,558,557,-1;1418,2,13690,558,557,-1;1419,3,13769,558,557,-1;1420,4,13848,558,557,-1;1421,2,13848,558,557,-1;1422,3,13928,558,557,-1;1423,4,14002,558,557,-1;1424,2,14002,558,557,-1;1425,3,14088,558,557,-1;1426,4,14168,558,557,-1;1427,2,14168,558,557,-1;1428,3,14232,558,557,-1;1430,4,14330,558,558,-1;1431,2,14330,558,558,-1;1432,3,14400,558,558,-1;1433,4,14490,558,558,-1;1434,2,14490,558,558,-1;1435,3,14560,558,558,-1;1436,4,14656,558,558,-1;1437,2,14656,558,558,-1;','-1,2,-94,-117,','',
'-1,2,-94,-111,',
'','-1,2,-94,-109,','',
'-1,2,-94,-114,',
'','-1,2,-94,-103,','3,422;2,40969;3,43251;','-1,2,-94,-112,','http://nike.oeynet.com/snkrs/index.html','-1,2,-94,-115,','1,1230925,0,0,0,0,1230924,44089,0,1571839033567,28,16815,0,2670,2802,319,0,44089,903788,1,2,50,654,800069665,25510064','-1,2,-94,-106,','1,0','-1,2,-94,-119,','200,200,0,0,0,0,200,0,0,0,0,0,0,0,','-1,2,-94,-122,','0,0,0,0,1,0,0-1,2,-94,-123,','-1,2,-94,-124,','',
'-1,2,-94,-70,',
'-350861708;dis;;true;true;true;-480;true;24;24;true;false;unspecified',
'-1,2,-94,-80,',
'5878',
'-1,2,-94,-116,',
'9033550',
'-1,2,-94,-118,',
'223224',
'-1,2,-94,-121,',
';0;4;0'
]
好了,我目前提供思路到这里,下一部分,我们开始拆分 sensor-data 中的数据,然后进行以此说明和 mock
博客: https://github.com/zhaojunlike
正文完
发表至: javascript
2019-10-24