0


Fiddler抓包自动解密aes

修改该文件,找到 OnBeforeResponse 方法并修改

import System;
import System.Windows.Forms;
import Fiddler;
import System.Security.Cryptography;
    

static function OnBeforeResponse(oSession: Session) {
        if (m_Hide304s && oSession.responseCode == 304) {
            oSession["ui-hide"] = "true";
        }

        if(oSession.host == "xxx.cn"){
            var responseStringOriginal = oSession.GetResponseBodyAsString();
            var responseJSON = Fiddler.WebFormats.JSON.JsonDecode(responseStringOriginal);
            if (responseJSON.JSONObject['data'] != "") {
                var data = AesDecrypt(responseJSON.JSONObject['data'], "key", "iv");
                responseJSON.JSONObject['ecrypt_data'] = Fiddler.WebFormats.JSON.JsonDecode(data).JSONObject;
                var result = Fiddler.WebFormats.JSON.JsonEncode(responseJSON.JSONObject)
                oSession.utilSetResponseBody(result)
            }
        }
        
        if(oSession.host == "xxx.cn"){
            var responseStringOriginal = oSession.GetResponseBodyAsString();
            var res = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(responseStringOriginal));
            oSession.utilSetResponseBody(res);
        }
    }
    
    static function AesDecrypt(decryptStr, aesKey, aesIV) {
        var byteKEY = System.Text.Encoding.UTF8.GetBytes(aesKey);
        var byteIV = System.Text.Encoding.UTF8.GetBytes(aesIV);
    
        var byteDecrypt = System.Convert.FromBase64String(decryptStr);
    
        var _aes = new RijndaelManaged();
        _aes.Padding = PaddingMode.PKCS7;
        _aes.Mode = CipherMode.CBC;
                 
        _aes.Key = byteKEY;
        _aes.IV = byteIV;
    
        var _crypto = _aes.CreateDecryptor(byteKEY, byteIV);
        var decrypted = _crypto.TransformFinalBlock(
        byteDecrypt, 0, byteDecrypt.Length);
    
        _crypto.Dispose();
    
        return System.Text.Encoding.UTF8.GetString(decrypted);
    }
标签: fiddler 前端 安全

本文转载自: https://blog.csdn.net/fangdong88/article/details/130243182
版权归原作者 fangdong88 所有, 如有侵权,请联系我们删除。

“Fiddler抓包自动解密aes”的评论:

还没有评论