|
|
早上接到诈骗短信:
余额提示:您手机号内261800分将于明日全做废,请尽快戳 f.o6r.cn/DOSiML 换好物!拒收请回复R【优品兑】
用的是crypto-js的md5加密的头请求字段accept-locale
这个诈骗份子应该有很多域名,但是图片上传地址一直没变,三个月了加密也没换过
https://52.ht/thread-1199359-1-1.html
Bun运行时,node运行时拿gpt转换一下
- function generateRandomString(length) {
- const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
- let result = '';
- const charactersLength = characters.length;
- for (let i = 0; i < length; i++) {
- const randomIndex = Math.floor(Math.random() * charactersLength);
- result += characters.charAt(randomIndex);
- }
- return result;
- }
- const md5 = new Bun.CryptoHasher("md5");
- // 图片路径
- const imgFile = Bun.file("1.png");
- const fd = new FormData()
- const nonce = generateRandomString(8);
- const timestamp = (new Date).getTime() + ""
- fd.append("file", imgFile)
- fd.append("nonce", nonce);
- fd.append("timestamp", timestamp);
- md5.update(`nonce=${nonce}×tamp=${timestamp}fuck-your-mother-three-thousand-times-apes-not-kill-apes`)
- const acceptLocale = md5.digest("hex")
- fetch("https://api.weixinyanxuan.com/mall/api/img/upload", {
- "headers": {
- "accept": "application/json, text/plain, */*",
- "accept-language": "zh-CN,zh;q=0.9",
- "accept-locale": acceptLocale,
- "cache-control": "no-cache",
- "pragma": "no-cache",
- "sec-fetch-dest": "empty",
- "sec-fetch-mode": "cors",
- "sec-fetch-site": "cross-site"
- },
- "referrer": "https://e.zxhpmy.cn/",
- body: fd,
- "method": "POST",
- "mode": "cors",
- "credentials": "omit"
- }).then(res => res.json()).then(res => {
- console.log(res)
- // 图片地址
- const imgUrl = res.data
- console.log("图片地址", imgUrl)
- })
|
|
发表于 2023-11-24 10:18:01
