深度解析：boss直聘登录 网易易盾 无感 滑块 分析

声明:

本文章中所有内容仅供学习交流使用，不用于其他任何目的，抓包内容、敏感网址、数据接口等均已做脱敏处理，严禁用于商业用途和非法用途，否则由此产生的一切后果均与作者无关！

逆向分析

实测网站是存在风控的比较难过监测点也会增加很多。我才用补环境解决部分代码如下

window.addEventListener = function(){ }

document.addEventListener = function(){ }

XMLHttpRequest = function(val){ console.log('XMLHttpRequest',arguments) } XMLHttpRequest.prototype.send = function(val){ console.log('XMLHttpRequest.prototype.send',val) }

XMLHttpRequest.prototype.open = function(val){ console.log('XMLHttpRequest.prototype.open',val) }

Storage = function(){}

devicePixelRatio = 1.25

indexedDB = {}

sessionStorage = {}

sessionStorage.__proto__ = Storage.prototype

localStorage = {}

localStorage.__proto__ = Storage.prototype

WebGLRenderingContext = function(){}

performance = {

"timeOrigin": 1739518588088.3,

"timing": {

"connectStart": 1739518588405,

"secureConnectionStart": 0,

"unloadEventEnd": 0,

"domainLookupStart": 1739518588405,

"domainLookupEnd": 1739518588405,

"responseStart": 1739518588472,

"connectEnd": 1739518588405,

"responseEnd": 1739518588474,

"requestStart": 1739518588410,

"domLoading": 1739518588481,

"redirectStart": 0,

"loadEventEnd": 1739518589359,

"domComplete": 1739518589357,

"navigationStart": 1739518588088,

"loadEventStart": 1739518589358,

"domContentLoadedEventEnd": 1739518589025,

"unloadEventStart": 0,

"redirectEnd": 0,

"domInteractive": 1739518588931,

"fetchStart": 1739518588405,

"domContentLoadedEventStart": 1739518589025

},

"navigation": {

"type": 0,

"redirectCount": 0

}

}

结果

总结

1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。