0x00 Foreword
A few days ago my master and I mentioned this matter will be very confused situation encountered encrypted packet capture process normally in this Dounong a bit yesterday also thanks the middle of a big brother to guide me subconsciously begin to see the type of password base64 but is found not to decrypt all solution does not come out later learned was content after the DES encryption key specific need to see it below
0x01 text
First, let's talk about the simple DES encryption
DES Encryption: This is the same key for encryption simple symmetry are used in encryption and decryption
So we need to decrypt, then you need a key
Here you can see the red box in the information are encrypted so if we want a decryption key words must encounter this situation do not panic because the key hole set can be found on the page generally in the js file It took me some time to find this file
Therefore, we can directly use this function to get us a copy of the key to generate the key in this js file in that part of the function there run directly on it you can get directly to our key developer tools a
This key This key is actually quite simple value of the token is extracted and then the inside of this can be seen in the token request packet
Next we have the key parameters we have to put our decrypted by the decryption function but here referenced third party "library" so we could not be used directly in the developer tool which I used here is node.js
I'm here in advance because the function inside the crypto-js quoted by npm install crypto-js library installed
So just put back the encrypted content key and use this function runs you can get to the content after decryption
0x02 summary
Finally, to sum up experience is that when the package is encrypted Do not be afraid because, like the above-mentioned functions are such that we can find to nothing more than a good look hard to find the problem and then to our content by reference to the decryption function decryption