X-Gorgon算法参数获取(python版,附源码)
昨天在搜索X-Gorgon算法的时候看到⼀个⽼哥写的⽐较好,具体⽹址忘了,怕下次不到了所以发在这⾥码住,稍作了点改动
代码仅⽤于学习探讨
1# -*- coding: utf-8 -*-
2"""
3X-Gorgon加密算法python版
41.时间戳转⼗六进制
52.将时间戳排序俩次,
6  a1 v3 是排序key
7  sprintf(byte_102323F30, "%08x", a1);
8  sprintf(byte_102323F3A, "%08x", v3);
93.将url参数⽤MD5加密⼀次或俩次根据时间戳&;运算
104.将第⼀次排序结果写⼊前16位地址加⼀写⼊(从1插⼊),隔⼀位插⼊,前边拼a1
115.将第⼆次排序结果写⼊后16位(从0插⼊)后边拼e1
12"""
13import requests
14import hashlib
15import time
16
17 byteTable1 = "D6 28 3B 71 70 76 BE 1B A4 FE 19 57 5E 6C BC 21 B2 14 37 7D 8C A2 FA 67 55 6A 95 E3 FA 67 78 ED 8E 55 33 89 A8 CE 36 B3 5
C D6 B2 6F 96 C4 34 B9 6A EC 34 95 C4 FA 72 FF B8 42 8
D FB EC 70 F0 85 46 D8 B2 A1 E0 C
E AE 4B 7D AE A4 87 CE E3 AC 51 55 C4 36 AD FC C4 EA 97 70 6A 85 37 6A C8 68 FA FE B0 33 B9 67 7E CE E3 CC 86 D6 9
F 76 74 89 E9 DA 9C 78 C5 95 AA B0 34 B3 F2 7D B2 A2 ED E0 B5 B6 88 9 5 D1 51 D6 9E 7D D1 C8 F9 B7 70 CC 9C B6 92 C5 FA DD 9F 28 DA C7 E0 CA 95 B2 DA 34 97 CE 74 FA 37 E9 7D C4 A2 37 FB FA F1 CF AA 89 7D 55 AE 87 BC F5 E9 6A C4 68 C7 FA 76 85 14 D0 D0 E5 CE FF 19 D6 E5 D6 CC F1 F4 6C E9 E7 89 B2 B7 AE 28 89 BE 5E DC 87 6C F7 51 F2 67 78 AE B3 4B A2 B3 21 3B 55 F8 B3 76 B2 CF B3 B3 FF B3 5E 71 7D FA FC FF A8 7D FE D8 9C 1B C4 6A F9 88 B5 E5"
18
19def encryption(url):
20"""
21对参数全部挨个进⾏md5加密
22"""
23    obj = hashlib.md5()  # 先创建⼀个md5的对象
24# 写⼊要加密的字节
25    obj.de("UTF-8"))
26# 获取密⽂
27    secret = obj.hexdigest()
28return secret.lower()
29
30def getXGon(url, stub, cookies):
31"""
32通过请求数据获取XGon加密字符串
33"""
34    NULL_MD5_STRING = "00000000000000000000000000000000"
35    sb = ""
36if len(url) < 1:
37        sb = NULL_MD5_STRING
38else:
39        sb = encryption(url)
40if len(stub) < 1:
41        sb += NULL_MD5_STRING
42else:
43        sb += stub
44if len(cookies) < 1:
45        sb += NULL_MD5_STRING
46else:
47        sb += encryption(cookies)
48# 这⾥没看太懂,先直接给-1试试
49    index = -1
50# index = cookies.index("sessionid=")
51if index == -1:
52        sb += NULL_MD5_STRING
53else:
54        sessionid = cookies[index + 10:]
55if sessionid.__contains__(';'):
56            endIndex = sessionid.index(';')
57            sessionid = sessionid[:endIndex]
58        sb += encryption(sessionid)
59return sb
60
61def input(timeMillis, inputBytes):
62"""
63对时间戳和XGon加密串进⾏加⼯
64"""
65    result = []
66for i in range(4):
67if inputBytes[i] < 0:
68            temp = hex(inputBytes[i]) + ''
69            temp = temp[6:]
70            result.append(temp)
71else:
72            temp = hex(inputBytes[i]) + ''
73            result.append(temp)
74for i in range(4):
75        result.append("0")
76for i in range(4):
77if inputBytes[i + 32] < 0:
78            result.append(hex(inputBytes[i + 32]) + '')[6:]
79else:
80            result.append(hex(inputBytes[i + 32]) + '')
81for i in range(4):
82        result.append("0")
83    tempByte = hex(int(timeMillis)) + ""
84    tempByte = place("0x", "")
85for i in range(4):
86        a = tempByte[i * 2:2 * i + 2]
87        result.append(tempByte[i * 2:2 * i + 2])
88for i in range(len(result)):
89        result[i] = result[i].replace("0x", "")
90return result
91
92def initialize(data):
93"""
94对加⼯后的数据进⾏转码,利⽤秘钥初始化
95"""
96    myhex = 0
97    byteTable2 = byteTable1.split("")
98for i in range(len(data)):
99        hex1 = 0
100if i == 0:
101            hex1 = int(byteTable2[int(byteTable2[0], 16) - 1], 16) 102            byteTable2[i] = hex(hex1)
103# byteTable2[i] = HexString(hex1);
104elif i == 1:
105            temp = int("D6", 16) + int("28", 16)
106if temp > 256:
107                temp -= 256
108            hex1 = int(byteTable2[temp - 1], 16)
109            myhex = temp
110            byteTable2[i] = hex(hex1)
111else:
112            temp = myhex + int(byteTable2[i], 16)
113if temp > 256:
114                temp -= 256
115            hex1 = int(byteTable2[temp - 1], 16)
116            myhex = temp
117            byteTable2[i] = hex(hex1)
118if hex1 * 2 > 256:
119            hex1 = hex1 * 2 - 256
120else:
121            hex1 = hex1 * 2
122        hex2 = byteTable2[hex1 - 1]
123        result = int(hex2, 16) ^ int(data[i], 16)
124        data[i] = hex(result)
125for i in range(len(data)):
126        data[i] = data[i].replace("0x", "")
127return data
128
129def handle(data):
130"""
131对转码后的数据进⾏替换
133for i in range(len(data)):
134        byte1 = data[i]
135if len(byte1) < 2:
136            byte1 += '0'
137else:
138            byte1 = data[i][1] + data[i][0]
139if i < len(data) - 1:
140            byte1 = hex(int(byte1, 16) ^ int(data[i + 1], 16)).replace("0x", "")
141else:
142            byte1 = hex(int(byte1, 16) ^ int(data[0], 16)).replace("0x", "")
143        byte1 = place("0x", "")
144        a = (int(byte1, 16) & int("AA", 16)) / 2
145        a = int(abs(a))
146        byte2 = ((int(byte1, 16) & int("55", 16)) * 2) | a
147        byte2 = ((byte2 & int("33", 16)) * 4) | (int)((byte2 & int("cc", 16)) / 4)
148        byte3 = hex(byte2).replace("0x", "")
149if len(byte3) > 1:
150            byte3 = byte3[1] + byte3[0]
151else:
152            byte3 += "0"
153        byte4 = int(byte3, 16) ^ int("FF", 16);
154        byte4 = byte4 ^ int("14", 16)
155        data[i] = hex(byte4).replace("0x", "")
156return data
157
158def xGorgon(timeMillis, inputBytes):
159"""
160时间戳和XGon加密字符串处理,⽣成最终X-Gorgon参数
161"""
162    data1 = []
163    data1.append("3")
164    data1.append("61")
165    data1.append("41")
166    data1.append("10")
167    data1.append("80")
168    data1.append("0")
169    data2 = input(timeMillis, inputBytes)
170    data2 = initialize(data2)
171    data2 = handle(data2)
172for i in range(len(data2)):
173        data1.append(data2[i])
174
175    xGorgonStr = ""
176for i in range(len(data1)):
177        temp = data1[i] + ""
178if len(temp) > 1:
旗舰28源码179            xGorgonStr += temp
180else:
181            xGorgonStr += "0"
182            xGorgonStr += temp
183return xGorgonStr
184
185def strToByte(str):
186"""
187对XGon加密字符串进⾏⼆次转换
188"""
189    length = len(str)
190    str2 = str
191    bArr = []
192    i = 0
193while i < length:
194# bArr[i/2] = b'\xff\xff\xff'+(str2hex(str2[i]) << 4+str2hex(str2[i+1])).to_bytes(1, "big") 195        a = str2[i]
196        b = str2[1 + i]
197        c = ((str2hex(a) << 4) + str2hex(b))
198        bArr.append(c)
199        i += 2
200return bArr
201
202def str2hex(s):
204    16进制处理
205"""
206    odata = 0
207    su = s.upper()
208for c in su:
209        tmp = ord(c)
210if tmp <= ord('9'):
211            odata = odata << 4
212            odata += tmp - ord('0')
213elif ord('A') <= tmp <= ord('F'):
214            odata = odata << 4
215            odata += tmp - ord('A') + 10
216return odata
217
218if__name__ == "__main__":
219# 抓包获取请求url
220    url = "xxxxx"
221    ts = str(time.time()).split(".")[0]
222# ts = "1638959449"
223# _rticket = str(time.time() * 1000).split(".")[0]
224    params = url[url.index('?') + 1:]
225# 下⾯两个参数按需填写
226    STUB = ""
227    cookies = ""
228# 获取gorgon参数
229    s = getXGon(params, STUB, cookies)
230    gorgon = xGorgon(ts, strToByte(s))
231# 拼请求头
232    headers = {
233"X-Gorgon": gorgon,
234# "X-SS-REQ-TICKET": "1585711173953",
235"X-Khronos": ts,
236# "sdk-version": "1",
237# "Accept-Encoding": "gzip",
238# "X-SS-REQ-TICKET": _rticket,
239# "User-Agent": "",
240# "Host": "aweme.snssdk",
241# "Cookie": cookies,
242# "Connection": "Keep-Alive",
243# "x-tt-token": "00080ab789c0bf0519740314c59de87d8ace96d49d8ab2afd7a0f09cba0911612f99baf92acae289860e0f84ffd97fc2c344" 244    }
245    resp = (url, headers=headers)
)
247