关于xymov解析乐多资源解析失效


本文主要分析xymov解析乐多资源解析失效的原因,由nohacks.cn原创,转载请注明出处!

昨天有用户反映乐多资源无法解析,今天抽空看了下。

乐多资源官网: http://www.leduozy.net/

在帮助中心下载解析文件发现它的解析地址已经换为:https://api.ldjx.cc/wp-api/ifr.php?vid=

测下播放:XMMTcxNjAzMDAwMF8x

curl取得核心源码如下:

</script>
</head>
<script type="text/javascript" src="https://vkceyugu.cdn.bspapp.com/VKCEYUGU-543a8026-9860-4c9b-95e7-6eab2c7999b0/9d0b54db-7bef-4215-af29-38a77281654e.js"></script>  
<body id="bodyContent">
<div id="a"></div>
<script>
var gvid = getQueryString('vid');
var href = window.location.href;
var query = href.split('ifr.php?')[1];
var u = navigator.userAgent;
var isBaidu = u.indexOf('baidu') > -1; //baidu
var noad = getQueryString('noad');
var kwArr = ["/live","live/","&live","live&","tv000000","PLTV/","TVOD/"];
var isLive = 0;
for (var i = 0; i <= kwArr.length; i++) {
	if (query.indexOf(kwArr[i]) > -1) {
		isLive = 1;
	}
}

if((
	(gvid.indexOf("qq.com") > -1)
	|| (gvid.indexOf("iqiyi.com") > -1)
	|| (gvid.indexOf("youku.com") > -1)
	|| (gvid.indexOf("mgtv.com") > -1)
	|| (gvid.indexOf("bilibili.com") > -1)
	|| (gvid.indexOf("le.com") > -1)
	|| (gvid.indexOf("ixigua.com") > -1)
	|| (gvid.indexOf("douyin.com") > -1)
	|| (gvid.indexOf("pptv.com") > -1)
	|| (gvid.indexOf("cctv.com") > -1)
	|| (gvid.indexOf("sohu.com") > -1)
	|| (gvid.indexOf("acfun.com") > -1)
	|| (gvid.indexOf("migu.com") > -1)
	|| (gvid.indexOf("gzc_") > -1)
	|| (gvid.indexOf("szg_") > -1)
	|| (gvid.indexOf("haokan.baidu.com") > -1)
	|| (gvid.indexOf("weishi.com") > -1)
	|| (gvid.indexOf("weibo.com") > -1)
	|| (gvid.indexOf("baofeng.com") > -1)
	|| (gvid.indexOf("1905.com") > -1)
	|| (gvid.indexOf("163.com") > -1)
	|| (gvid.indexOf("xigua_") > -1)
	|| (gvid.indexOf("kuaishou.com") > -1)
	) && (gvid.indexOf(".mp4") < 0) && (gvid.indexOf(".m3u8") < 0)
) {
	var isGf = 1
} else {
	var isGf = 0
}


if (href.indexOf('ifr.php') > -1) {
	if (isBaidu) {
		if (isLive || query.indexOf("_live") > -1) {
			window.location.replace("http://live.ldjx.cc/wp-api/ifrzb.php?" + query);
		} else {
			window.location.replace(href.replace("ifr.php","ifrbd.php"));
		}
	} else {
		if (isGf) {
			window.location.replace(href.replace("ifr.php","ifrgf.php"));
		} else {
			if (isLive || query.indexOf("_live") > -1) {
				window.location.replace("http://live.ldjx.cc/wp-api/ifrzb.php?" + query);
			} else {
				window.location.replace(href.replace("ifr.php","ifrty.php"));
			}
		}
	}
} else {
	document.getElementById('bodyContent').innerHTML="请检查接口是否正确!";
}
function getQueryString(name) {
	var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)", "i"); 
	var r = window.location.search.substr(1).match(reg); 
	if (r != null) return unescape(r[2]); 
	return null; 
}
</script>

从上面代码分析最终调用“ifrty.php”,curl 取https://api.ldjx.cc/wp-api/ifrty.php?vid=XMMTcxNjAzMDAwMF8x 核心源码如下:



<script type="text/javascript">
	var setIntervaler = 0;
	var noad='';
	var url1='RGlkLnBocD9WQ9WED92aWQ9WE1NVFU12awD92aWQ9WE1NVFU1TWQ9WE1NVFU1TWpaNrdt05L2xlZHVvcGxheWVyL2luZGV4LnBocD90eXBlPXVybGVuY29kZSZ1cmw9aHR0cHMlM0ElMkYlMkZuZXcuaXNrY2QuY29tJTJGMjAyMTEwMDMlMkZrNFdDOWtLNiUyRmluZGV4Lm0zdTgmbmV4dD0=';
	var url = deurl(url1);
	var next='';
	
	if(ly==0){
		var htm = '<iframe allowfullscreen="true" scrolling="no" allowtransparency="true" style="background:url(/wp-api/images/loadingbf.gif) #000 center center no-repeat;overflow:hidden;background-size: 50px 50px;" frameborder="0" src="' + url + '" width="100%" height="100%"></iframe>';
		document.getElementById('dplayer').innerHTML = htm;
	}else if(ly==1){
		if(IsPC()){
			var dp = new DPlayer({
							container: document.getElementById('dplayer'),
							live: false,
							autoplay: true,
							preload: 'auto',
							video: {
								url: url,
								pic: '',
								type: url.indexOf(".m3u8") > 0 ? 'hls' : 'mp4'
							},
							hlsjsConfig: {
								//debug: false,
								//Other hlsjsConfig options provided by hls.js
								p2pConfig: {
									logLevel: true,
									live: false,
									// Other p2pConfig options provided by CDNBye
									// https://docs.cdnbye.com/#/API
								}
							}
			});
			dp.on('loadeddata', function (stats) {
				clearInterval(setIntervaler); 
				setIntervaler = setInterval(() => {updateStats(randomNum(0,20), randomNum(1000,10000), randomNum(10000,100000))}, 1000);
			});
			dp.on('ended', function (){
				if(next){
					top.location.href = next;
				}
			});
			dp.on('playing', function (peers) {
				clearInterval(setIntervaler); 
				setIntervaler = setInterval(() => {updateStats(randomNum(0,20), randomNum(1000,10000), randomNum(10000,100000))}, 1000);
			});
			function randomNum(minNum,maxNum){ 
				switch(arguments.length){ 
					case 1: 
						return parseInt(Math.random()*minNum+1,10); 
					break; 
					case 2: 
						return parseInt(Math.random()*(maxNum-minNum+1)+minNum,10); 
					break; 
						default: 
							return 0;  
						break; 
				} 
			} 

			function updateStats(_peerNum, _totalP2PDownloaded, _totalP2PUploaded ) {
				var text = 'CDNBye P2P为您加速' + (_totalP2PDownloaded/1024).toFixed(2)
					+ 'MB 已分享' + (_totalP2PUploaded/1024).toFixed(2) + 'MB' + ' 节点' + _peerNum + '个';
				document.getElementById('stats').innerText = text
			}
		}else{
			var htm = '<video id="video" src="' + url + '" controls="controls" autoplay="autoplay"  preload="preload" poster="/static/img/loading_wap.gif" width="100%" height="100%" webkit-playsinline="true" playsinline="true" x5-playsinline="true"></video>';
			document.getElementById('dplayer').innerHTML = htm;
			document.getElementById("video").onended = function(){
				if(next){
					top.location.href = next;
				}
			}
		}//判断客服终端
	}//判断来源
</script>

</html>

以前乐多这里是明文的,现在进行了加密处理,在JS里有解密代码,不过JS被混淆加密了。

  <script>
  //...
  var url1='RGlkLnBocD9WQ9WED92aWQ9WE1NVFU12awD92aWQ9WE1NVFU1TWQ9WE1NVFU1TWpaNrdt05L2xlZHVvcGxheWVyL2luZGV4LnBocD90eXBlPXVybGVuY29kZSZ1cmw9aHR0cHMlM0ElMkYlMkZuZXcuaXNrY2QuY29tJTJGMjAyMTEwMDMlMkZrNFdDOWtLNiUyRmluZGV4Lm0zdTgmbmV4dD0=';
var url = deurl(url1);
 //...
</script>

所以,放弃乐多吧。


文章作者: nohacks
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 nohacks !