return r(d[0]).post("/accounts/login/ajax/", { ...await r(d[6]).getEncryptedParam('password', n, _), username: t, queryParams: o, optIntoOneTap: s, stopDeletionNonce: c, trustedDeviceRecords: u }, { loggingData: _, timeout: P }) // 关注 r(d[6]).getEncryptedParam('password', n, _)
n
密码
_
uuid
进入enc函数进行查看分析
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
e.getEncryptedParam = async function(n, c, o, f="enc_") { let u = {} , l = {}; if (!i(d[0])._("540a27c9b465b678b75a387cf050e8d8")) return Object.freeze({ [n]: c }); const s = await t(c, o); null != s && (u = { [`${f}${n}`]: s }); return i(d[0])._("d35655349616aa247b37d45a4f8ef432") || (l = { [n]: c }), Object.freeze({ ...u, ...l }) }
进入t函数
生成了一份时间戳
同时出现了一个success 与 failure 的通知函数
先推测成功后将结果推送到send函数处 , 那么 l 大概率为加密结果
1 2
l = await r(d[3]).encryptAndFormat(t, c) "#PWD_INSTAGRAM_BROWSER:10:1659591100:AYtQALyxojdD2/dr+2vaJTJ7E1qKXpPtIh3hwsrpTltn87QIOSVbD1BFL4+kGf5wuNTqg5GJ351PC0NpzZio5hGYbqYk2BR5FPcjMIzkcXZDW+XMtk6x/7qMDBgBIpHFoLOWeUDK8xDWO2RA/mThxYYDFtw="