字體反爬篇

一、總體思路

1、獲取字體文件
2、base64解密文件分別保存為woff文件與xml文件
3、查看映射關(guān)系創(chuàng)建映射字典
4、通過(guò)映射字典,第二次獲取響應(yīng)時(shí)替換成實(shí)際數(shù)據(jù)

二、解析過(guò)程

image.png

1、獲取字體文件

在開(kāi)發(fā)者工具中查找"font-face",如圖所示

image.png

獲取到base64字符串并刪除頭部信息,在這里就是data:application/font-ttf;charset=utf-8;base64, 逗號(hào)也要?jiǎng)h除,這樣就獲取到了字體信息,這一段密文就是加密后的字體文件

T1RUTwAJAIAAAwAQQ0ZGICGSe1oAAATUAAAEd09TLzJlNl+eAAABAAAAAGBjbWFwACoGOwAABAQAAACwaGVhZBf2b3IAAACcAAAANmhoZWEA3wBNAAAA1AAAACRobXR4B/AAAAAACUwAAAAkbWF4cAAJUAAAAAD4AAAABm5hbWUKXYQxAAABYAAAAqNwb3N0AAMAAAAABLQAAAAgAAEAAAABAACCl4DfXw889QADAQAAAAAA3DAYYwAAAADcMBhjAAf//wB4ALUAAAADAAIAAAAAAAAAAQAAAN3/xQAAAH4AAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAkAAFAAAAkAAAADAH4B9AAFAAACigK7AAAAjAKKArsAAAHfADEBAgAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAACBYWFhYAEAATgBVAN3/xQAAALUAAQAAAAEAAAAAAG8AtQAAAAAAAAAAACIBngABAAAAAAAAAAEAQgABAAAAAAABAAwAAAABAAAAAAACAAYAJAABAAAAAAADABUAxgABAAAAAAAEABMANgABAAAAAAAFAAsApQABAAAAAAAGABIAbwABAAAAAAAHAAEAQgABAAAAAAAIAAEAQgABAAAAAAAJAAEAQgABAAAAAAAKAAEAQgABAAAAAAALAAEAQgABAAAAAAAMAAEAQgABAAAAAAANAAEAQgABAAAAAAAOAAEAQgABAAAAAAAQAAwAAAABAAAAAAARAAYAJAADAAEECQAAAAIAYQADAAEECQABABgADAADAAEECQACAAwAKgADAAEECQADACoA2wADAAEECQAEACYASQADAAEECQAFABYAsAADAAEECQAGACQAgQADAAEECQAHAAIAYQADAAEECQAIAAIAYQADAAEECQAJAAIAYQADAAEECQAKAAIAYQADAAEECQALAAIAYQADAAEECQAMAAIAYQADAAEECQANAAIAYQADAAEECQAOAAIAYQADAAEECQAQABgADAADAAEECQARAAwAKk9wZW5UeXBlU2FucwBPAHAAZQBuAFQAeQBwAGUAUwBhAG4Ac01lZGl1bQBNAGUAZABpAHUAbU9wZW5UeXBlU2FucyBNZWRpdW0ATwBwAGUAbgBUAHkAcABlAFMAYQBuAHMAIABNAGUAZABpAHUAbU9wZW5UeXBlU2Fuc01lZGl1bQBPAHAAZQBuAFQAeQBwAGUAUwBhAG4AcwBNAGUAZABpAHUAbVZlcnNpb24gMC4xAFYAZQByAHMAaQBvAG4AIAAwAC4AMSA6T3BlblR5cGVTYW5zIE1lZGl1bQAgADoATwBwAGUAbgBUAHkAcABlAFMAYQBuAHMAIABNAGUAZABpAHUAbQAAAAACAAMAAQAAABQAAwAKAAAANAAEACAAAAAEAAQAAQAAAAD//wAAAAD//wAAAAEAAAAAAAwAAAAAAHwAAAAAAAAACQAAAAAAAAAAAAAAAAABAE4AAQBOAAAAAQABAE8AAQBPAAAAAgABAFAAAQBQAAAAAwABAFEAAQBRAAAABAABAFIAAQBSAAAABQABAFMAAQBTAAAABgABAFQAAQBUAAAABwABAFUAAQBVAAAACAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAQABAQETT3BlblR5cGVTYW5zTWVkaXVtAAEBAT/4GwD4HAL4HQP4HgSLivdx9xIFHQAAAOAPHQAAAPERix0AAAR3Eh4KADkGJf8eDx4PHgoAOQYl/x4PHg8MBwAMAQEMHysxOUFJUVlhaXFWZXJzaW9uIDAuMU9wZW5UeXBlU2FucyBNZWRpdW1PcGVuVHlwZVNhbnNNZWRpdW11bmkxMDA0ZXVuaTEwMDRmdW5pMTAwNTB1bmkxMDA1MXVuaTEwMDUydW5pMTAwNTN1bmkxMDA1NHVuaTEwMDU1AAAAAYsBjAGNAY4BjwGQAZEBkgAJAgABAAQASwDFAXIBzAH6AmoDDANw+pQO9xLtjhVHiwWLkgWbiwWQi46Oi5IIi4sFi/caBYuRiY2GiAiLiwV7gwWIkwWyoQWShwWL+zEFi4SOiJCLCIuLBZuLBYuEBQ73Eu33MBVQiwWDZwW9jKR2jGEIi4sFiGZ1d2GICIuLBXeLgZCKlAiLiwWLk46PkosIi4sFkIyRiJOECIuLBZOGkYiOiwiLiwWcjJSZjKUIi4sFjat3mmGKCIuLBYiLio2LjgiLiwWa2AXViwWHewWLiImJiIsIi4sFDvcSwd4Vi4sFe4CDfox8CIuLBYx0ln+gigiLiwWejZWWjJ4Ii4sFi5p9mnCaCJM3FYuLBWyNepmIpAiLiwWKnZacopoIi4sFdpmBm4ydCIuLBY2mmpmojQiLiwWmiZp+jXMIi4sFjHuBfXZ+CIuLBaZ8mHmKdQiLiwWKbnp8aooIcPcoFYuLBYp9lX2gfQiLiwWal5OYi5kIi4sFip2BlXiMCIuLBXyKg4KKewgO9xLK90EVi4sFdoyAb4tTCIuLBYpRlm+hjQiLiwWhipanisQIi4sFi8OAp3aKCIuTFYuLBayHnm2QUgiLiwWIUnhtaIgIi4sFaI14qYnGCIuLBY/EnqmsjggO9xKW90UV8IsFi4UFVvtABXaLBb/3MQVTiwWFjIiIioUIi4sFhHUFhYsFi74FDvcSmooVi4sFiZIFtpqkpJKuCIuLBYCAf4V+iwiLiwVwjnydiawIi4sFjLScoKyMCIuLBa6KnXKMWgiLiwWLUGpnSX8I1uoVi4sFjcCBpXWKCIuLBXiLgnuLawiLiwWKapV7oIwIi4sFloyUkZOWCA73ErLfFYuLBYmTBaeVmZqKngiLiwWLm4STfosIi4sFfIx9gX53CIuLBYWOBZaqnJuijAiLiwWliph/jHMIi4sFi3yCfnp/CIuLBaSIl3yLcQiLiwWJZHN3XIkIi4sFeYyCkIqUCIuLBYySjo+RjAiLiwWOi5CIkoYIi4sFioyMi42KCIuLBZKGkYmQiwiLiwWejpWZjaQIi4sFjqp6lmaDCA73EvXDFZGLBYtWBSOLBYuSBbrCBZyfk6CLogiLiwWLoIOVeosIi4sFfIx+f39zCIuLBYSNBZSvnZ2liwiLiwWniZp7jG0Ii4sFjHmAdnRyCIuLBWRfBb+LBZaKkpWOoQiLiwUOAAQAAAAAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH4AAA==

進(jìn)行base64解碼(為什么是bs64呢,因?yàn)閒ont-face中標(biāo)明了是base64)并分別保存為woff文件與xml文件

 # base64解密
    font_content = base64.b64decode(base64_str)
    # TTFont打開(kāi)從內(nèi)存讀取的二進(jìn)制woff數(shù)據(jù)
    font = TTFont(io.BytesIO(font_content))
    # 將woff文件轉(zhuǎn)換為xml文件
    font.save('ts.woff')
    font.saveXML('ts.xml')

使用Fontcreator打開(kāi)woff文件,就可以看到字形與實(shí)際字體的對(duì)應(yīng)關(guān)系,也就是映射

image.png

這就知道了結(jié)果,然后打開(kāi)xml文件,通過(guò)結(jié)果查找映射關(guān)系就事半功倍了。

image.png

至于創(chuàng)建映射字典和替換數(shù)據(jù)都是體力活了,就不一一介紹了。

其他內(nèi)容

將base64格式的字體信息解碼成可用的字體文件

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容