本文讲述的是凯撒密码的其中一种,内容含有前辈的一些解密方法, 半转载

目标:虾米音乐

分析一下这首歌,地址是: http://www.xiami.com/song/ 1769397120
歌曲ID为: 1769397120

请求XML地址: http://www.xiami.com/song/playlist/id/1769397120 (此处是歌曲ID) /object_name/default/object_id/0

解密虾米音乐下载地址-老D

破解虾米音乐

得出XML内容如下:

<playlist xmlns="http://xspf.org/ns/0/" version="1"><trackList><track><title><![CDATA[ We The People ]]></title><song_id>1769397120</song_id><album_id>370721</album_id><album_name><![CDATA[ Everlasting Truth ]]></album_name><object_id>1</object_id><object_name>default</object_name><insert_type>1</insert_type><background>[img]http://img.xiami.net/res/player/bimg/bg-5.jpg[/img]</background><grade>-1</grade><artist><![CDATA[ Re:plus;Pismo ]]></artist><location>8h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u</location><ms/><lyric>[url]http://www.xiami.com/song/lyrictxt/id/1769397120</lyric>[/url]<pic>[url]http://img.xiami.net/images/album/img34/71534/3707211328600624_1.jpg[/url]</pic><length>206</length><tryhq>0</tryhq><artist_id>71534</artist_id><rec_note/></track></trackList><lastSongId/><type>default</type><type_id>1</type_id><clearlist/><vip>0</vip><vip_role>0</vip_role><hqset>0</hqset></playlist>

歌曲信息在内,然而,下载地址被加密:

<location>8h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u</location>

加密方法使用的就是凯撒加密,我们如何去解开呢?

这串字符串中,把第一个字符 8 拿出来,然后把剩余的字符串分为四部分,若能整除则每部分都一样长,若不能整除,则后余数个字符串少一个字符,这里拆开后为:

[ h2fmF17274.u3dadd-%EltFii55%F17mtDa8bb15-lt%l.335123ph%eaea3E%p2ec44E7%23_5%6ee9%5%F.o%%7657%kE53%925E3mxm2229E33e7E55f3E-A5i%FF13__Fy9e5E43%n%.a273%92la%eb6b865u ]

一共78个字符 8-78%4 = 2,因此数列为[20,20,19,19].然后从第一个字符串的第一个字符开始拼接,若把这个拆分后的字符串数组看成一个二维的字符数组,拼接方式为 [0][0],[1][0],[2][0],[3][0],[4][0],[0][1],[1][1],[2][1],[3][1][4][1]… 拼完之后就是下载的真实地址,最后把^替换为字符0.

前辈的这段文字说明,只是把播放地址给解码出来了,可是还少了一个auth_key,为什么会少了auth_key呢? 原因是上述的解码方式算法有误。  我个人认为是这样的。

/*虾米音乐下载地址,凯撒数列加密方式。解密算法。BY 老D www.laod.cnXXX.php?id=歌曲ID*/ <?phpfunction u($t) {$l = substr($t,0,1); $t = substr($t, 1); $tn = strlen($t); $ln = $tn / $l; $r = $tn % $l; $res = array();for($i=0;$i<$l;$i++) { if($i<$r) $e = $ln+1;else $e = $ln;$m = substr($t, 0, $e);$res[] = str_split($m);$t = substr($t, $e);}$text = '';for($i=0;$i<$ln;$i++) {for($j=0;$j<$l;$j++) {if(isset($res[$j][$i])) $text .= $res[$j][$i];else break;}}return str_replace('^', 0, urldecode($text));}function ua($t) {$l = substr($t,0,1);$t = substr($t, 1);$tn = strlen($t);$ln = floor($tn/$l);$r = $tn % $l;$tex = str_split($t);$text = '';for($i=0;$i<=$ln;$i++) {for($j=0;$j<$l;$j++) {$n = $j*$ln+$i;if($j<$r) $n += $j;else $n += $r;if(isset($tex[$n])) $text .= $tex[$n];else break;}}$preg = array('^', '%');$replace = array(0, '|');return str_replace($preg, $replace, urldecode(substr($text, 0, $tn)));}function callback($text) {if(isset($_GET['callback'])) {return $_GET['callback'] . '(' . $text . ')';} else {return $text;}}if(!isset($_GET['id'])) die('lack of the id parameter');$xml = simplexml_load_file('http://www.xiami.com/song/playlist/id/'.$_GET['id']);$track = $xml->trackList->track;$song = array('id' => (string) $track->song_id, 'title' => (string) $track->title, 'artist' => (string) $track->artist, 'location' => (string) ua($track->location), 'lyric' => (string) $track->lyric, 'pic' => (string) substr($track->pic,0, -5).'4.jpg' );echo callback(json_encode($song));?>

上面的是PHP版的最新虾米音乐地址 凯撒数列解码源代。 欢迎大家在看完本文后帮忙补充本文的解码错误地方。谢谢!