对路由器的破解有点好奇,尝试了使用暴力破解的方法,于是在页面的js文件上上打断点,找到了生成对应的密文的方式。
本文记录TP-Link路由器的登录密码的加密方式,用python实现和js实现的版本
js的版本是页面中的原版
js版本:
function make_passwd(a, b, c) {
var e = "", f, g, h, k, l = 187, n = 187;
g = a.length;
h = b.length;
k = c.length;
f = g > h ? g : h;
for (var p = 0; p < f; p++)
n = l = 187,
p >= g ? n = b.charCodeAt(p) : p >= h ? l = a.charCodeAt(p) : (l = a.charCodeAt(p),
n = b.charCodeAt(p)),
e += c.charAt((l ^ n) % k);
return e
}
passwd = make_passwd("RDpbLfCPsJZ7fiv", "password", "yLwVl0zKqws7LgKPRQ84Mdt708T1qQ3Ha7xv3H7NyU84p21BriUWBU43odz3iP4rBL3cD02KZciXTysVXiV8ngg6vL48rPJyAUw0HurW20xqxv9aYb4M9wK1Ae0wlro510qXeU07kV57fQMc8L6aLgMLwygtc0F10a0Dg70TOoouyFhdysuRMO51yY5ZlOZZLEal1h0t9YQW0Ko7oBwmCAHoic4HYbUyVeU3sfQ1xtXcPcf1aT303wAQhv66qzW")
python版本:
def create_passwd(b: str) -> str:
"""根据输入来生成加密后的password"""
e = ""
a = "RDpbLfCPsJZ7fiv"
c = (
"yLwVl0zKqws7LgKPRQ84Mdt708T1qQ3Ha7xv3H7NyU84p21BriUWBU43odz3iP4"
f"rBL3cD02KZciXTysVXiV8ngg6vL48rPJyAUw0HurW20xqxv9aYb4M9wK1Ae0wl"
f"ro510qXeU07kV57fQMc8L6aLgMLwygtc0F10a0Dg70TOoouyFhdysuRMO51yY5"
f"ZlOZZLEal1h0t9YQW0Ko7oBwmCAHoic4HYbUyVeU3sfQ1xtXcPcf1aT303wAQhv66qzW"
)
g = len(a)
h = len(b)
k = len(c)
f = g if g > h else h
for p in range(0, f):
n = 187
l = 187
if p > g:
n = ord(b[p])
elif p >= h:
l = ord(a[p])
else:
l = ord(a[p])
n = ord(b[p])
e += c[(l ^ n) % k]
return e
