反反爬小记

反反爬小记

HuAmI Lv3
  2026-05-30 18:16:18 2026-05-30 18:16:18 Created   2026-05-30 18:27:04 2026-05-30 18:27:04 Updated      

某车平台爬取反反爬小记(静态框架资源)

​ 说实话,没想到它会将价格这类数据以静态资源的形式放在html框架]中,但随之而来的就是稍显复杂的防护策略.

​ 没有基于常见的UA检测,也不是简单的Cookie携带就可以肆意,而是通过Cookie所含的参数失效性来判断是否属机器人/程序行为.

​ 其实的质初步防护原理是以检测Cookie所携参数有效期为标准来判断自动化程序,若Cookie所携参数过期,由代理服务器发送html+js脚本到访问者浏览器上执行从而更新Cookie参数,若为一般化自动化程序,无法进行此操作.

​ 不得不说.此方法一定程度上减轻了服务器负载的同时还起到了很好的反自动化程序的效果.

​ 代理服务器检查Cookie,若在有效期内,放行,返回真实数据;Cookie过期或没有,则返回JS脚本页面,使得浏览器执行JS,生成新cookie,自动刷新页面,重新请求,杜绝了一般化的程序.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
 <!DOCTYPE html><html>
<head>
  <meta charset="UTF-8">
  <script>
    var _xvasu = 1104796695;
    var _xvtsc = 300;
    var _xvpfs = "tws2_";
    var _xvpts = 1780132802.563;
  </script>
  <script>
function a3_0x5716(){var _0x13562e=[';expires=','call','2029657OiKuWL','action','2047707gPXFbJ','2350758IlPFbd','chain','tg09It3*9h','length','charCodeAt','input','7053ehJwxL','454UhEkJy','counter','2914975gHyGBS','3294NMsYfL','reload','8WFcSPZ','string','test','fromCharCode','cookie','634290RgjxiZ','stateObject','121bfwvKD','function\x20*\x5c(\x20*\x5c)','gger','constructor','apply','setTime','join','\x5c+\x5c+\x20*(?:[a-zA-Z_$][0-9a-zA-Z_$]*)','904ssKShX'];a3_0x5716=function(){return _0x13562e;};return a3_0x5716();}function a3_0x57ae(_0x3f0176,_0x1e8d53){var _0x38fe2b=a3_0x5716();return a3_0x57ae=function(_0x553b43,_0x31da99){_0x553b43=_0x553b43-0x7d;var _0x5716c5=_0x38fe2b[_0x553b43];return _0x5716c5;},a3_0x57ae(_0x3f0176,_0x1e8d53);}(function(_0x592141,_0x5502de){var _0x4757c1=a3_0x57ae,_0x23f782=_0x592141();while(!![]){try{var _0x3b310c=-parseInt(_0x4757c1(0x86))/0x1*(-parseInt(_0x4757c1(0x89))/0x2)+parseInt(_0x4757c1(0x85))/0x3*(-parseInt(_0x4757c1(0x9a))/0x4)+-parseInt(_0x4757c1(0x88))/0x5+-parseInt(_0x4757c1(0x7f))/0x6+parseInt(_0x4757c1(0x9d))/0x7*(parseInt(_0x4757c1(0x8b))/0x8)+parseInt(_0x4757c1(0x7e))/0x9+-parseInt(_0x4757c1(0x90))/0xa*(-parseInt(_0x4757c1(0x92))/0xb);if(_0x3b310c===_0x5502de)break;else _0x23f782['push'](_0x23f782['shift']());}catch(_0x559c78){_0x23f782['push'](_0x23f782['shift']());}}}(a3_0x5716,0x6f871),!(function(){var _0x5f487a=a3_0x57ae,_0x57bb53=(function(){var _0x415c0a=!![];return function(_0x2a3376,_0x42a6e3){var _0x577338=_0x415c0a?function(){var _0x4f3f86=a3_0x57ae;if(_0x42a6e3){var _0x4a867d=_0x42a6e3[_0x4f3f86(0x96)](_0x2a3376,arguments);return _0x42a6e3=null,_0x4a867d;}}:function(){};return _0x415c0a=![],_0x577338;};}()),_0x4f13bc,_0x29a37d;_0x4f13bc=[_xvpts,_xvasu],(_0x29a37d=new Date())[_0x5f487a(0x97)](_0x29a37d['getTime']()+0x3e8*_xvtsc),document[_0x5f487a(0x8f)]=_xvpfs+_xvasu+'='+btoa(function(_0x4770fa,_0x41ea13){var _0x3575b3=_0x5f487a;(function(){_0x57bb53(this,function(){var _0x285570=a3_0x57ae,_0x48676f=new RegExp(_0x285570(0x93)),_0x574749=new RegExp(_0x285570(0x99),'i'),_0x8ae72=_0x553b43('init');!_0x48676f[_0x285570(0x8d)](_0x8ae72+_0x285570(0x80))||!_0x574749['test'](_0x8ae72+_0x285570(0x84))?_0x8ae72('0'):_0x553b43();})();}());for(var _0x50061b,_0x2dbcc0=[],_0x53e70f=0x0,_0x17af66='',_0x23ced6=0x0;_0x23ced6<0x100;_0x23ced6++)_0x2dbcc0[_0x23ced6]=_0x23ced6;for(_0x23ced6=0x0;_0x23ced6<0x100;_0x23ced6++)_0x53e70f=(_0x53e70f+_0x2dbcc0[_0x23ced6]+_0x4770fa[_0x3575b3(0x83)](_0x23ced6%_0x4770fa[_0x3575b3(0x82)]))%0x100,_0x50061b=_0x2dbcc0[_0x23ced6],_0x2dbcc0[_0x23ced6]=_0x2dbcc0[_0x53e70f],_0x2dbcc0[_0x53e70f]=_0x50061b;_0x23ced6=0x0,_0x53e70f=0x0;for(var _0x25905b=0x0;_0x25905b<_0x41ea13[_0x3575b3(0x82)];_0x25905b++)_0x53e70f=(_0x53e70f+_0x2dbcc0[_0x23ced6=(_0x23ced6+0x1)%0x100])%0x100,_0x50061b=_0x2dbcc0[_0x23ced6],_0x2dbcc0[_0x23ced6]=_0x2dbcc0[_0x53e70f],_0x2dbcc0[_0x53e70f]=_0x50061b,_0x17af66+=String[_0x3575b3(0x8e)](_0x41ea13[_0x3575b3(0x83)](_0x25905b)^_0x2dbcc0[(_0x2dbcc0[_0x23ced6]+_0x2dbcc0[_0x53e70f])%0x100]);return _0x17af66;}(_0x5f487a(0x81),_0x4f13bc[_0x5f487a(0x98)](':')))+_0x5f487a(0x9b)+_0x29a37d['toUTCString'](),window['location'][_0x5f487a(0x8a)]();}()));function _0x553b43(_0x29cbba){function _0x24ed01(_0x46c4b5){var _0x61e801=a3_0x57ae;if(typeof _0x46c4b5===_0x61e801(0x8c))return function(_0x13be04){}[_0x61e801(0x95)]('while\x20(true)\x20{}')[_0x61e801(0x96)](_0x61e801(0x87));else(''+_0x46c4b5/_0x46c4b5)['length']!==0x1||_0x46c4b5%0x14===0x0?function(){return!![];}[_0x61e801(0x95)]('debu'+'gger')[_0x61e801(0x9c)](_0x61e801(0x7d)):function(){return![];}[_0x61e801(0x95)]('debu'+_0x61e801(0x94))[_0x61e801(0x96)](_0x61e801(0x91));_0x24ed01(++_0x46c4b5);}try{if(_0x29cbba)return _0x24ed01;else _0x24ed01(0x0);}catch(_0x28a1bd){}}
  </script>
</head>
<body></body>
</body>
</html>

​ 可见,js做了混淆.我们先格式化代码方便观察:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
function a3_0x5716() {
	var _0x13562e = [';expires=', 'call', '2029657OiKuWL', 'action', '2047707gPXFbJ', '2350758IlPFbd', 'chain', 'tg09It3*9h', 'length', 'charCodeAt', 'input', '7053ehJwxL', '454UhEkJy', 'counter', '2914975gHyGBS', '3294NMsYfL', 'reload', '8WFcSPZ', 'string', 'test', 'fromCharCode', 'cookie', '634290RgjxiZ', 'stateObject', '121bfwvKD', 'function\x20*\x5c(\x20*\x5c)', 'gger', 'constructor', 'apply', 'setTime', 'join', '\x5c+\x5c+\x20*(?:[a-zA-Z_$][0-9a-zA-Z_$]*)', '904ssKShX'];
	a3_0x5716 = function() {
		return _0x13562e;
	};
	return a3_0x5716();
}

function a3_0x57ae(_0x3f0176, _0x1e8d53) {
	var _0x38fe2b = a3_0x5716();
	return a3_0x57ae = function(_0x553b43, _0x31da99) {
		_0x553b43 = _0x553b43 - 0x7d;
		var _0x5716c5 = _0x38fe2b[_0x553b43];
		return _0x5716c5;
	}, a3_0x57ae(_0x3f0176, _0x1e8d53);
}(function(_0x592141, _0x5502de) {
	var _0x4757c1 = a3_0x57ae,
		_0x23f782 = _0x592141();
	while (!![]) {
		try {
			var _0x3b310c = -parseInt(_0x4757c1(0x86)) / 0x1 * (-parseInt(_0x4757c1(0x89)) / 0x2) + parseInt(_0x4757c1(0x85)) / 0x3 * (-parseInt(_0x4757c1(0x9a)) / 0x4) + -parseInt(_0x4757c1(0x88)) / 0x5 + -parseInt(_0x4757c1(0x7f)) / 0x6 + parseInt(_0x4757c1(0x9d)) / 0x7 * (parseInt(_0x4757c1(0x8b)) / 0x8) + parseInt(_0x4757c1(0x7e)) / 0x9 + -parseInt(_0x4757c1(0x90)) / 0xa * (-parseInt(_0x4757c1(0x92)) / 0xb);
			if (_0x3b310c === _0x5502de) break;
			else _0x23f782['push'](_0x23f782['shift']());
		} catch (_0x559c78) {
			_0x23f782['push'](_0x23f782['shift']());
		}
	}
}(a3_0x5716, 0x6f871), !(function() {
	var _0x5f487a = a3_0x57ae,
		_0x57bb53 = (function() {
			var _0x415c0a = !![];
			return function(_0x2a3376, _0x42a6e3) {
				var _0x577338 = _0x415c0a ? function() {
					var _0x4f3f86 = a3_0x57ae;
					if (_0x42a6e3) {
						var _0x4a867d = _0x42a6e3[_0x4f3f86(0x96)](_0x2a3376, arguments);
						return _0x42a6e3 = null, _0x4a867d;
					}
				} : function() {};
				return _0x415c0a = ![], _0x577338;
			};
		}()),
		_0x4f13bc, _0x29a37d;
	_0x4f13bc = [_xvpts, _xvasu], (_0x29a37d = new Date())[_0x5f487a(0x97)](_0x29a37d['getTime']() + 0x3e8 * _xvtsc), document[_0x5f487a(0x8f)] = _xvpfs + _xvasu + '=' + btoa(function(_0x4770fa, _0x41ea13) {
		var _0x3575b3 = _0x5f487a;
		(function() {
			_0x57bb53(this, function() {
				var _0x285570 = a3_0x57ae,
					_0x48676f = new RegExp(_0x285570(0x93)),
					_0x574749 = new RegExp(_0x285570(0x99), 'i'),
					_0x8ae72 = _0x553b43('init');
				!_0x48676f[_0x285570(0x8d)](_0x8ae72 + _0x285570(0x80)) || !_0x574749['test'](_0x8ae72 + _0x285570(0x84)) ? _0x8ae72('0') : _0x553b43();
			})();
		}());
		for (var _0x50061b, _0x2dbcc0 = [], _0x53e70f = 0x0, _0x17af66 = '', _0x23ced6 = 0x0; _0x23ced6 < 0x100; _0x23ced6++) _0x2dbcc0[_0x23ced6] = _0x23ced6;
		for (_0x23ced6 = 0x0; _0x23ced6 < 0x100; _0x23ced6++) _0x53e70f = (_0x53e70f + _0x2dbcc0[_0x23ced6] + _0x4770fa[_0x3575b3(0x83)](_0x23ced6 % _0x4770fa[_0x3575b3(0x82)])) % 0x100, _0x50061b = _0x2dbcc0[_0x23ced6], _0x2dbcc0[_0x23ced6] = _0x2dbcc0[_0x53e70f], _0x2dbcc0[_0x53e70f] = _0x50061b;
		_0x23ced6 = 0x0, _0x53e70f = 0x0;
		for (var _0x25905b = 0x0; _0x25905b < _0x41ea13[_0x3575b3(0x82)]; _0x25905b++) _0x53e70f = (_0x53e70f + _0x2dbcc0[_0x23ced6 = (_0x23ced6 + 0x1) % 0x100]) % 0x100, _0x50061b = _0x2dbcc0[_0x23ced6], _0x2dbcc0[_0x23ced6] = _0x2dbcc0[_0x53e70f], _0x2dbcc0[_0x53e70f] = _0x50061b, _0x17af66 += String[_0x3575b3(0x8e)](_0x41ea13[_0x3575b3(0x83)](_0x25905b) ^ _0x2dbcc0[(_0x2dbcc0[_0x23ced6] + _0x2dbcc0[_0x53e70f]) % 0x100]);
		return _0x17af66;
	}(_0x5f487a(0x81), _0x4f13bc[_0x5f487a(0x98)](':'))) + _0x5f487a(0x9b) + _0x29a37d['toUTCString'](), window['location'][_0x5f487a(0x8a)]();
}()));

function _0x553b43(_0x29cbba) {
	function _0x24ed01(_0x46c4b5) {
		var _0x61e801 = a3_0x57ae;
		if (typeof _0x46c4b5 === _0x61e801(0x8c)) return function(_0x13be04) {} [_0x61e801(0x95)]('while\x20(true)\x20{}')[_0x61e801(0x96)](_0x61e801(0x87));
		else('' + _0x46c4b5 / _0x46c4b5)['length'] !== 0x1 || _0x46c4b5 % 0x14 === 0x0 ? function() {
			return !![];
		} [_0x61e801(0x95)]('debu' + 'gger')[_0x61e801(0x9c)](_0x61e801(0x7d)) : function() {
			return ![];
		} [_0x61e801(0x95)]('debu' + _0x61e801(0x94))[_0x61e801(0x96)](_0x61e801(0x91));
		_0x24ed01(++_0x46c4b5);
	}
	try {
		if (_0x29cbba) return _0x24ed01;
		else _0x24ed01(0x0);
	} catch (_0x28a1bd) {}
}

做了{

字符串数组化

字符串索引偏移

数组自校验

变量名混淆

反调试检测 //用户若打开检查会陷入无限Debugger

布尔值混淆

}

javascript还原后代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
// 参数
var xvasu = 1104796695;    // cookie名后缀
var xvtsc = 300;           // 过期时间(秒)
var xvpfs = "tws2_";       // cookie前缀
var xvpts = 1780132802.563; // 当前时间戳

// RC4加密
function rc4Encrypt(key, data) {
    var S = [];
    for (var i = 0; i < 256; i++) {
        S[i] = i;
    }
    
    // KSA
    var j = 0;
    for (var i = 0; i < 256; i++) {
        j = (j + S[i] + key.charCodeAt(i % key.length)) % 256;
        var temp = S[i];
        S[i] = S[j];
        S[j] = temp;
    }
    
    // PRGA
    var i = 0;
    var j = 0;
    var result = '';
    for (var n = 0; n < data.length; n++) {
        i = (i + 1) % 256;
        j = (j + S[i]) % 256;
        var temp = S[i];
        S[i] = S[j];
        S[j] = temp;
        result += String.fromCharCode(
            data.charCodeAt(n) ^ S[(S[i] + S[j]) % 256]
        );
    }
    return result;
}

// 生成cookie
function generateCookie() {
    var key = "tg09It3*9h";
    var params = [xvpts, xvasu];
    var data = params.join(':');  // "1780132802.563:1104796695"
    
    // RC4加密后base64编码
    var encrypted = rc4Encrypt(key, data);
    var cookieValue = btoa(encrypted);
    
    // 设置过期时间
    var expires = new Date();
    expires.setTime(expires.getTime() + 1000 * xvtsc);
    
    // 写入cookie
    var cookieName = xvpfs + xvasu;  // "tws2_1104796695"
    document.cookie = cookieName + '=' + cookieValue + ';expires=' + expires.toUTCString();
    
    // 刷新页面
    window.location.reload();
}

generateCookie();

​ 这个目前自己也能做,AI也能做,选哪个仁者见仁,智者见智了.

​ 根据这个思路,我们可以指定获取Cookie,然后根据Cookie获取规则定时刷新获取xvasu配合时间戳来生成对应的新的Cookie值并携带访问,就可以实现自动化.

​ 基本上只有xvasu是需要通过访问服务器获取的,我们请求页面如果Cookie过期是可以访问到页面源码的,只不过需要执行而已.因此我们完全可以去访问来正则匹配获取xvasu.之后就是根据加密规则来还原加密过程,最后生成加密的新的Cookie.最后得到稳定每次运行的200响应状态码(not 203)

  • Title: 反反爬小记
  • Author: HuAmI
  • Created at : 2026-05-30 18:16:18
  • Updated at : 2026-05-30 18:27:04
  • Link: https://redefine.ohevan.com/2026/05/30/某车平台反反爬小记/
  • License: This work is licensed under CC BY-NC-SA 4.0.
Comments
On this page
反反爬小记
  1. 某车平台爬取反反爬小记(静态框架资源)