解密虾米音乐下载地址

本文讲述的是凯撒密码的其中一种,内容含有前辈的一些解密方法, 半转载

目标:虾米音乐网

分析一下这首歌,地址是: http://www.xiami.com/song/ 1769397120
歌曲ID为: 1769397120

请求XML地址: http://www.xiami.com/song/playlist/id/1769397120 (此处是歌曲ID) /object_name/default/object_id/0

破解虾米音乐
破解虾米音乐

得出XML内容如下:

<playlist xmlns="http://xspf.org/ns/0/" version="1">
<trackList>
<track>
<title>
<![CDATA[ We The People ]]>
</title>
<song_id>1769397120</song_id>
<album_id>370721</album_id>
<album_name>
<![CDATA[ Everlasting Truth ]]>
</album_name>
<object_id>1</object_id>
<object_name>default</object_name>
<insert_type>1</insert_type>
<background>[img]http://img.xiami.net/res/player/bimg/bg-5.jpg[/img]</background>
<grade>-1</grade>
<artist>
<![CDATA[ Re:plus;Pismo ]]>
</artist>
<location>
8h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u
</location>
<ms/>
<lyric>[url]http://www.xiami.com/song/lyrictxt/id/1769397120</lyric>[/url]
<pic>
[url]http://img.xiami.net/images/album/img34/71534/3707211328600624_1.jpg[/url]
</pic>
<length>206</length>
<tryhq>0</tryhq>
<artist_id>71534</artist_id>
<rec_note/>
</track>
</trackList>
<lastSongId/>
<type>default</type>
<type_id>1</type_id>
<clearlist/>
<vip>0</vip>
<vip_role>0</vip_role>
<hqset>0</hqset>
</playlist>

歌曲信息在内,然而,下载地址被加密:

<location>
8h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u
</location>

加密方法使用的就是凯撒加密,我们如何去解开呢?

这串字符串中,把第一个字符 8 拿出来,然后把剩余的字符串分为四部分,若能整除则每部分都一样长,若不能整除,则后余数个字符串少一个字符,这里拆开后为:

[ h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u ]

一共78个字符 8-78%4 = 2,因此数列为[20,20,19,19].然后从第一个字符串的第一个字符开始拼接,若把这个拆分后的字符串数组看成一个二维的字符数组,拼接方式为 [0][0],[1][0],[2][0],[3][0],[4][0],[0][1],[1][1],[2][1],[3][1][4][1]… 拼完之后就是下载的真实地址,最后把^替换为字符0.

前辈的这段文字说明,只是把播放地址给解码出来了,可是还少了一个auth_key,为什么会少了auth_key呢? 原因是上述的解码方式算法有误。  我个人认为是这样的。

/*
虾米音乐下载地址,凯撒数列加密方式。
解密算法。
BY 老D www.laod.cn

XXX.php?id=歌曲ID
*/

 <?php
function u($t) {
$l = substr($t,0,1); 
$t = substr($t, 1);	
$tn = strlen($t);	
$ln = $tn / $l;	
$r = $tn % $l;	
$res = array();
for($i=0;$i<$l;$i++) { 
if($i<$r) $e = $ln+1;
else $e = $ln;
$m = substr($t, 0, $e);
$res[] = str_split($m);
$t = substr($t, $e);
}
$text = '';
for($i=0;$i<$ln;$i++) {
for($j=0;$j<$l;$j++) {
if(isset($res[$j][$i])) $text .= $res[$j][$i];
else break;
}
}
return str_replace('^', 0, urldecode($text));
}
function ua($t) {
$l = substr($t,0,1);
$t = substr($t, 1);
$tn = strlen($t);
$ln = floor($tn/$l);
$r = $tn % $l;
$tex = str_split($t);
$text = '';
for($i=0;$i<=$ln;$i++) {
for($j=0;$j<$l;$j++) {
$n = $j*$ln+$i;
if($j<$r) $n += $j;
else $n += $r;
if(isset($tex[$n])) $text .= $tex[$n];
else break;
}
}
$preg = array('^', '%');
$replace = array(0, '|');
return str_replace($preg, $replace, urldecode(substr($text, 0, $tn)));
}
function callback($text) {
if(isset($_GET['callback'])) {
return $_GET['callback'] . '(' . $text . ')';
} else {
return $text;
}
}
if(!isset($_GET['id'])) die('lack of the id parameter');
$xml = simplexml_load_file('http://www.xiami.com/song/playlist/id/'.$_GET['id']);
$track = $xml->trackList->track;
$song = array('id' => (string) $track->song_id,
  'title' => (string) $track->title,
  'artist' => (string) $track->artist,
  'location' => (string) ua($track->location),
  'lyric' => (string) $track->lyric,
  'pic' => (string) substr($track->pic,0, -5).'4.jpg'
  );
echo callback(json_encode($song));
?>

上面的是PHP版的最新虾米音乐地址 凯撒数列解码源代。 欢迎大家在看完本文后帮忙补充本文的解码错误地方。谢谢!

原创文章,作者:老D,如若转载,请注明出处:https://laod.cn/161.html

(0)
上一篇 2014-07-14 18:01
下一篇 2014-07-19 08:09

相关推荐

发表回复

登录后才能评论

评论列表(6条)

  • chsy1324
    chsy1324 2017-11-05 22:56

    lihai厉害!!!!

  • Ag2S20150909
    Ag2S20150909 2017-08-01 07:45

    JAVA版的
    public class XiaMi
    {
    public static void main(String[] args)
    {

    //http://www.xiami.com/song/1795316173
    String url=XiaMi.getById(“1795316173”);
    System.out.println(url);

    }

    public static String getById(String id){
    //http://www.xiami.com/song/playlist/id/1795316173
    String url=”http://www.xiami.com/song/playlist/id/”+id;
    String str=httpGet(url);
    JSONObject json=XML.toJSONObject(str);
    //String data=json.toString(4);
    String data = json.getJSONObject(“playlist”).getJSONObject(“trackList”).getJSONObject(“track”).getString(“location”);
    data=uu(data);
    return data;
    }

    private static String uu(String str)
    {
    //System.out.println(str);
    int l=Integer.parseInt(str.substring(0, 1));
    str = str.substring(1);
    int tn=str.length();
    int ln=(int)Math.floor((double)tn / (double)l);
    int r=tn % l;
    char[] tex=str.toCharArray();
    String text=””;
    for (int i=0;i <= ln;i++)
    {
    for (int j=0;j < l;j++)
    {
    int n = j * ln + i;
    if (j < r) n += j;
    else n += r;
    if (n < tex.length)
    {
    text += tex[n];
    }
    else
    {
    break;
    }
    }
    }
    text=text.substring(0,text.lastIndexOf("null")+4);
    try
    {
    text = URLDecoder.decode(text, "utf-8");
    }
    catch (UnsupportedEncodingException e)
    {
    e.printStackTrace();
    }
    text = text.replace("^", "0");
    // text = text.replace("%", "|");

    //System.out.println(text);
    return text;
    }

    private static String httpGet(String path)
    {
    try
    {
    URL url = new URL(path.trim());
    //打开连接
    HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
    if (200 == urlConnection.getResponseCode())
    {
    //得到输入流
    InputStream is =urlConnection.getInputStream();
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    byte[] buffer = new byte[1024];
    int len = 0;
    while (-1 != (len = is.read(buffer)))
    {
    baos.write(buffer, 0, len);
    baos.flush();
    }
    return baos.toString("utf-8");
    }
    }
    catch
    (IOException e)
    {
    e.printStackTrace();
    }

    return null;
    }
    }

  • 风一样的江江丶 2015-10-24 23:48

    好麻烦 用Chrome直接下载多方便

  • 曦和风
    曦和风 2014-10-15 19:47

    如何知道是使用哪种方法加密的呢?