Files
qinglong/脚本库/微信小程序/抓包版/益禾堂/2026-04-12_yht_3f2d67f0.js
2026-05-24 04:36:41 +00:00

260 lines
9.6 KiB
JavaScript
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
// # Source: https://github.com/smallfawn/QLScriptPublic/blob/main/daily/yht.js
// # Raw: https://raw.githubusercontent.com/smallfawn/QLScriptPublic/main/daily/yht.js
// # Repo: smallfawn/QLScriptPublic
// # Path: daily/yht.js
// # UploadedAt: 2026-04-12T06:41:36Z
// # SHA256: 3f2d67f0b71391331c9cc40ea43a3b49855e4fbefc611dd27988f1974cb41533
// # Category: 微信小程序/抓包版
// # Evidence: appid/openid/session_key/encryptedData等小程序字段
//
/*
------------------------------------------
@Author: sm
@Date: 2024.06.07 19:15
@Description:
@cron: 30 8 * * *
------------------------------------------
益禾堂 qm-user-token
------------------------------------------
*/
window = {}
const {
Env
} = require("../tools/env")
const $ = new Env("益禾堂");
let ckName = `yht`;
const strSplitor = "#";
const axios = require("axios");
const defaultUserAgent = "Mozilla/5.0 (iPhone; CPU iPhone OS 16_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 MicroMessenger/8.0.31(0x18001e31) NetType/WIFI Language/zh_CN miniProgram"
class Task {
constructor(env) {
this.index = $.userIdx++
this.user = env.split(strSplitor);
this.token = this.user[0];
this.activityUrl = ''
}
async run() {
await this.getLoginUrl()
await this.getActivityToken()
let key = await this.getActivityKey()
await this.doSign(key)
}
async getLoginUrl() {
let options = {
method: 'POST',
url: `https://webapi.qmai.cn/web/catering/crm/member/redirect`,
headers: {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 MicroMessenger/7.0.20.1781(0x6700143B) NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF WindowsWechat(0x63090a13) UnifiedPCWindowsWechat(0xf254173b) XWEB/19027',
'Accept': 'v=1.0',
'Content-Type': 'application/json',
'xweb_xhr': '1',
'gdt-vid': '',
'work-staff-name': '',
'channelcode': '',
'work-wechat-userid': '',
'qz-gtd': '',
'qm-from-type': 'catering',
'accept-language': 'zh-CN',
'scene': '1101',
'qm-from': 'wechat',
'qm-user-token': '' + this.token,
'work-staff-id': '',
'multi-store-id': '',
'store-id': '203009',
'promotion-code': '',
'sec-fetch-site': 'cross-site',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'empty',
'referer': 'https://servicewechat.com/wx4080846d0cec2fd5/517/page-frame.html',
'priority': 'u=1, i'
},
data: {
"redirectUrl": "https://86019.activity-12.m.duiba.com.cn/chw/visual-editor/skins?id=203576",
"appid": "wx4080846d0cec2fd5"
}
}
let {
data: result
} = await axios.request(options);
if (result.data && result.status) {
this.activityUrl = result.data
return result.data
}
}
ObjectKeys2LowerCase(e) { return e = Object.fromEntries(Object.entries(e).map((([e, t]) => [e.toLowerCase(), t]))), new Proxy(e, { get: function (e, t, r) { return Reflect.get(e, t.toLowerCase(), r) }, set: function (e, t, r, n) { return Reflect.set(e, t.toLowerCase(), r, n) } }) }
async getActivityToken() {
const opts = {
method: "GET",
url: this.activityUrl,
maxRedirects: 0,
// 关键点 2: 默认 Axios 认为非 2xx 是错误,需定义 302 为合法状态
validateStatus: function (status) {
return status >= 200 && status < 400; // 允许 302 (或 3xx) 进入 .then
},
headers: {}
}
let res = await axios.request(opts);
let headers = this.ObjectKeys2LowerCase(res?.headers);
//对青龙进行兼容
let session = Array.isArray(headers['set-cookie']) ? [...new Set(headers['set-cookie'])].join("") : headers['set-cookie'];
let [wdata4, w_ts, _ac, wdata3, dcustom] = session.match(/(wdata4|w_ts|_ac|wdata3|dcustom)=.+?;/g)
this.session = wdata4 + w_ts + _ac + wdata3 + dcustom;
$.log(`✅ 获取活动token成功`)
}
async getActivityKey() {
let options = {
method: 'POST',
url: `https://86019-activity.dexfu.cn/chw/ctoken/getToken`,
headers: {
'Content-type': 'application/x-www-form-urlencoded',
'Cookie': this.session,
},
data: {
timestamp: Date.now(),
}
}
let {
data: result
} = await axios.request(options);
if (result.success) {
// 自动修复:将旧式八进制 (如 0123) 替换为现代写法 (0o123)
// 匹配以 0 开头后面跟数字,且不含 x (十六进制) 或 b (二进制) 的部分
const fixedCode = result.token.replace(/\b0([0-7]+)\b/g, '0o$1');
eval(fixedCode)
return window['620fa72t']
}
}
async doSign(key) {
let data = ({
'signOperatingId': '326649747164581',
'token': '' + key
});
let options = {
method: 'POST',
url: 'https://86019-activity.dexfu.cn/sign/component/doSign?_=' + Date.now(),
headers: {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 MicroMessenger/7.0.20.1781 NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF XWEB/50249',
'Accept': 'application/json, text/plain, */*',
'Content-Type': 'application/x-www-form-urlencoded',
'origin': 'https://86019-activity.dexfu.cn',
'sec-fetch-site': 'same-origin',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'empty',
'referer': 'https://86019-activity.dexfu.cn/sign/component/page?signOperatingId=326649747164581',
'accept-language': 'zh-CN,zh;q=0.9',
'Cookie': this.session
},
data: data
};
let {
data: result
} = await axios.request(options);
console.log(result);
/*if (result.success) {
$.log(`✅ 签到成功!获得${result.data.signResult}积分`)
}*/
}
/**
* 通用 eval 混淆解密函数(动态执行劫持)
* @param {string} obfuscatedCode - 原始的混淆代码
* @returns {string} - 解密后的真实代码
*/
decryptByHookingEval(obfuscatedCode) {
let decryptedCode = "";
// 1. 备份系统原生的 eval
const originalEval = globalThis.eval;
try {
// 2. 劫持全局 eval 函数
globalThis.eval = function (payload) {
decryptedCode = payload; // 将解密后的字符串保存下来
// 重要:不往下执行原生的 eval从而阻止危险/恶意代码实际运行
};
// 3. 构造一个沙箱函数并执行混淆代码的外壳
// 外壳代码会执行所有的解密运算,并最终调用我们上面劫持的 eval()
const runner = new Function(obfuscatedCode);
runner();
} catch (error) {
console.error("执行解密外壳时发生错误:", error);
} finally {
// 4. 无论成功与否,务必恢复系统的 eval避免影响其他正常业务
globalThis.eval = originalEval;
}
return decryptedCode || "未能拦截到 eval 调用,可能代码结构不适用此方法。";
}
}
!(async () => {
await getNotice()
$.checkEnv(ckName);
for (let user of $.userList) {
await new Task(user).run();
}
})()
.catch((e) => console.log(e))
.finally(() => $.done());
async function getNotice() {
console.log(`1、此脚本仅用于学习研究不保证其合法性、准确性、有效性请根据情况自行判断本人对此不承担任何保证责任。
2、由于此脚本仅用于学习研究您必须在下载后 24 小时内将所有内容从您的计算机或手机或任何存储设备中完全删除,若违反规定引起任何事件本人对此均不负责。
3、请勿将此脚本用于任何商业或非法目的若违反规定请自行对此负责。
4、此脚本涉及应用与本人无关本人对因此引起的任何隐私泄漏或其他后果不承担任何责任。
5、本人对任何脚本引发的问题概不负责包括但不限于由脚本错误引起的任何损失和损害。
6、如果任何单位或个人认为此脚本可能涉嫌侵犯其权利应及时通知并提供身份证明所有权证明我们将在收到认证文件确认后删除此脚本。
7、所有直接或间接使用、查看此脚本的人均应该仔细阅读此声明。本人保留随时更改或补充此声明的权利。一旦您使用或复制了此脚本即视为您已接受此免责声明。`)
try {
let options = {
url: `https://ghproxy.net/https://raw.githubusercontent.com/smallfawn/Note/refs/heads/main/Notice.json`,
headers: {
"User-Agent": defaultUserAgent,
},
timeout: 3000
}
let {
data: res
} = await axios.request(options);
$.log(res)
return res
} catch (e) { }
}