1. 本文是学习只用,不要将之用在非法用途
2. 先下载xiami的flash播放器, 通过Sothink SWFDecompiler 将之反编译;
3. 然后找出它的解密函数,关键代码如下:
if (_loc_6[_loc_7] == undefined)
{
_loc_6[_loc_7] = "";
}
_loc_6[_loc_7] = _loc_3.substr((_loc_4 + 1) * _loc_7, (_loc_4 + 1));
_loc_7 = _loc_7 + 1;
}
_loc_7 = _loc_5;
while (_loc_7 < _loc_2)
{
_loc_6[_loc_7] = _loc_3.substr(_loc_4 * (_loc_7 - _loc_5) + (_loc_4 + 1) * _loc_5, _loc_4);
_loc_7 = _loc_7 + 1;
}
_loc_8 = "";
_loc_7 = 0;
while (_loc_7 < _loc_6[0].length)
{
_loc_10 = 0;
while (_loc_10 < _loc_6.length)
{
_loc_8 = _loc_8 + _loc_6[_loc_10].charAt(_loc_7);
_loc_10 = _loc_10 + 1;
}
_loc_7 = _loc_7 + 1;
}
_loc_8 = unescape(_loc_8);
_loc_9 = "";
_loc_7 = 0;
while (_loc_7 < _loc_8.length)
{
if (_loc_8.charAt(_loc_7) == "^")
{
_loc_9 = _loc_9 + "0";
}
else
{
_loc_9 = _loc_9 + _loc_8.charAt(_loc_7);
}
_loc_7 = _loc_7 + 1;
}
_loc_9 = _loc_9.replace("+", " ");
return _loc_9;
}// end function
4. 使用python实现后的算法是:
var5 = var_mod;
while var5 < var_first:
tmp = var_floor * (var5 - var_mod) + (var_floor + 1 ) * var_mod;
result.insert(var5, var_sub[tmp : tmp + var_floor]);
var5 = var5 + 1 ;
print result;
tmpStr= "";
var5 = 0;
tmp2 = "";
while var5 < len(result[0]):
tmp = 0;
while tmp < len(result):
tmp2 = result[tmp];
try:
tmp2 = tmp2[var5];
except IndexError:
tmp2 = "";
tmpStr = tmpStr + tmp2;
tmp = tmp + 1;
var5 = var5 + 1;
print "tmp str " + tmpStr;
tmpStr = urllib.unquote(tmpStr);
print tmpStr;
print urllib.unquote(tmpStr);
var5 = 0;
tmp2 = "";
while var5 < len(tmpStr):
if tmpStr[var5] == "^":
tmp2 = tmp2 + "0";
else:
tmp2 = tmp2 + tmpStr[var5];
var5 += 1;
print tmp2;
tmp2.replace("+", " ");
print tmp2;
if __name__ == "__main__":
if len(sys.argv) < 2:
print("Usage: %s url"%sys.argv[0]);
else:
main(sys.argv[1]);
5. 一个简单的例子是:
输入: 7h%3.65531E88pt2.n2EE%%1563tFxe5%%22719p%it%25F5613%2a%5FE%29_33Fm2E455%71.AfiF%%4E545m
输出: http://f3.xiami.net/62500/400543/01%201769748511_1586933.mp3
6. 通过上面的方法,就可以写出一个自动下载虾米歌曲的软件, 具体的思路如下:
6.1 通过http请求得到某个专辑的页面,可以得到所有歌曲的一览和songId;
6.2 通过songId可以构造http请求得到对应歌曲的信息(xml格式)
6.3 然后通过上面的程序将xml 中location项解密,即可以得到歌曲下载地址。
-----
to xiami:
注意自己的安全。
因为已经有人写了这样的程序,就不再重写了。
http://www.appinn.com/longkey-xiami-music-dl/
to 自己
1. actionscript 中的子字符串处理函数有两个: substring 和substr,注意区分;
2. 异常处理:
try:
tmp2 = tmp2[var5];
except IndexError:
tmp2 = "";
get mustc info:
http://www.xiami.com/song/playlist/id/1770506132/object_name/default/object_id/0
python debug:
http://www.blogjava.net/Skynet/archive/2009/04/07/264259.html
my csdn blog xiami decrypt
http://blog.csdn.net/lantianjialiang/article/details/6339326