Last active
January 30, 2022 06:39
-
-
Save buptczq/0d0fc73a1a8d2232b4d21b5e1ac13344 to your computer and use it in GitHub Desktop.
QQ URL detect
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import hashlib | |
import struct | |
import sqlite3 | |
def md5hash(buf): | |
return hashlib.md5(buf.encode("utf-16")[2:]).digest() | |
def md5cmp(buf, postfix, a1, a2, a3, a4): | |
if len(buf) < postfix: | |
return False | |
index = 0 | |
while index <= (len(buf)-postfix): | |
md5 = md5hash(buf[index:index+postfix]) | |
if md5 == struct.pack("<IIII", a1, a2, a3, a4): | |
return True | |
index += 1 | |
return False | |
def detect(url): | |
urlbuf = url.upper() | |
return md5cmp(urlbuf, 23, 0x1C6389BA, 0xF2FA5666, 0xF2A2E0D3, 0xC892E7BA) or \ | |
md5cmp(urlbuf, 34, 0xB829484C, 0x520F7CC3, 0x94EC8A73, 0xD808E79) or \ | |
md5cmp(urlbuf, 30, 0xDDA1029, 0x9E67F3BB, 0xB18ACC45, 0x597CF438) or \ | |
md5cmp(urlbuf, 21, 0x2564591C, 0x5B11347B, 0x846A0F72, 0xEF704A8) | |
conn = sqlite3.connect("History") | |
cursor = conn.cursor() | |
cursor.execute("select url from urls") | |
count = 0 | |
for row in cursor: | |
url = row[0] | |
if detect(url): | |
print('detect: ' + url) | |
count += 1 | |
if count == 0: | |
print('nothing') | |
cursor.close() | |
conn.close() |
更新:
所有md5已经解密完成:
# (23, 0x1C6389BA, 0xF2FA5666, 0xF2A2E0D3, 0xC892E7BA): b'', # ://S.TAOBAO.COM/SEARCH?
# (34, 0xB829484C, 0x520F7CC3, 0x94EC8A73, 0xD808E79): b'', # LIST.TMALL.COM/SEARCH_PRODUCT.HTM?
# (30, 0xDDA1029, 0x9E67F3BB, 0xB18ACC45, 0x597CF438): b'', # ULAND.TAOBAO.COM/SEM/TBSEARCH?
# (21, 0x2564591C, 0x5B11347B, 0x846A0F72, 0xEF704A8): b'', # SEARCH.JD.COM/SEARCH?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
使用方法, 将
%USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\History
文件拷贝至某个文件夹, 下载上面的脚本至相同文件夹, 然后用 python 运行脚本qq的上报逻辑: