2022-03-03 16:16:53 +08:00
|
|
|
|
require "config"
|
|
|
|
|
|
require "b64"
|
|
|
|
|
|
require "aes"
|
|
|
|
|
|
require "log"
|
|
|
|
|
|
require "403"
|
|
|
|
|
|
require "tableXstring"
|
|
|
|
|
|
require "fileio"
|
|
|
|
|
|
require "randomStr"
|
|
|
|
|
|
require "whiteList"
|
|
|
|
|
|
require "tools"
|
|
|
|
|
|
require "waf/waf"
|
|
|
|
|
|
|
|
|
|
|
|
local optionIsOn = function(options)
|
|
|
|
|
|
return options == "on" and true or false
|
|
|
|
|
|
end
|
2022-02-11 17:06:16 +08:00
|
|
|
|
ToolsProtect = optionIsOn(toolsProtect)
|
|
|
|
|
|
ShiroProtect = optionIsOn(shiroProtect)
|
|
|
|
|
|
JsProtect = optionIsOn(jsProtect)
|
|
|
|
|
|
JsConfuse = false
|
|
|
|
|
|
SensitiveProtect = optionIsOn(sensitiveProtect)
|
|
|
|
|
|
|
|
|
|
|
|
-- cookie加密
|
|
|
|
|
|
function reqCookieParse()
|
|
|
|
|
|
if ShiroProtect then
|
|
|
|
|
|
local userCookieX9 = ngx.var.cookie_x9i7RDYX23
|
2022-03-03 16:16:53 +08:00
|
|
|
|
if not userCookieX9 then -- 没有cookie
|
|
|
|
|
|
log("0-cookie 无cookie", "")
|
|
|
|
|
|
ngx.req.set_header("Cookie", "") -- 移除其他cookie
|
|
|
|
|
|
elseif #userCookieX9 < 32 then -- 判断cookie长度
|
|
|
|
|
|
log("1-cookie 不符合要求", userCookieX9)
|
|
|
|
|
|
ngx.say("4")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
say_html()
|
2022-03-03 16:16:53 +08:00
|
|
|
|
else --有cookie
|
2022-02-11 17:06:16 +08:00
|
|
|
|
local result = xpcall(dencrypT, emptyPrint, userCookieX9, aesKey)
|
|
|
|
|
|
if not result then --解密失败
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("2-cookie 无法解密", userCookieX9)
|
|
|
|
|
|
ngx.say("5")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
say_html()
|
2022-03-03 16:16:53 +08:00
|
|
|
|
else --解密成功
|
2022-02-11 17:06:16 +08:00
|
|
|
|
local originCookie = StrToTable(dencrypT(userCookieX9, aesKey))
|
2022-03-03 16:16:53 +08:00
|
|
|
|
ngx.req.set_header("Cookie", transTable(originCookie))
|
|
|
|
|
|
log("3-cookie 解密成功", userCookieX9)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
function respCookieEncrypt()
|
|
|
|
|
|
if ShiroProtect then
|
|
|
|
|
|
local value = ngx.resp.get_headers()["Set-Cookie"]
|
|
|
|
|
|
if value then
|
2022-03-03 16:16:53 +08:00
|
|
|
|
local encryptedCookie = cookieD .. "=" .. encrypT(TableToStr(value), aesKey)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
ngx.header["Set-Cookie"] = encryptedCookie
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("4-cookie 加密成功", encryptedCookie)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
-- reload机制
|
|
|
|
|
|
function toolsInfoSpider()
|
|
|
|
|
|
if ToolsProtect and not whiteExtCheck() then
|
|
|
|
|
|
local clientCookieA = ngx.var.cookie_h0yGbdRv
|
|
|
|
|
|
local clientCookieB = ngx.var.cookie_kQpFHdoh
|
2022-03-03 16:16:53 +08:00
|
|
|
|
if not (clientCookieA and clientCookieB) then --没有cookieA进入reload,302至html生成cookie后再请求原地址
|
|
|
|
|
|
local ip = "xxx"
|
|
|
|
|
|
local finalPath = "http://" .. ip .. "/" .. jsPath .. "?origin=" .. encodeBase64(ngx.var.request_uri)
|
|
|
|
|
|
log("1-tools 无cookieA/B", "")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
ngx.redirect(finalPath, 302)
|
|
|
|
|
|
else
|
|
|
|
|
|
local result = xpcall(dencrypT, emptyPrint, clientCookieB, clientCookieA)
|
|
|
|
|
|
if not result then
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("2-tools 解密失败", clientCookieA .. ", " .. clientCookieB)
|
|
|
|
|
|
ngx.say("1")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
say_html() -- 解密失败
|
2022-03-03 16:16:53 +08:00
|
|
|
|
else -- 可以解密,提取数据
|
2022-02-11 17:06:16 +08:00
|
|
|
|
local result2 = dencrypT(clientCookieB, clientCookieA)
|
|
|
|
|
|
if #result2 < 1 then
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("3-tools 解密失败", result2)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
else
|
2022-03-03 16:16:53 +08:00
|
|
|
|
local srs = split(result2, ",")
|
|
|
|
|
|
local _, e = string.find(srs[1], "0")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
if e ~= nil then
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("4-tools 工具请求", result2)
|
|
|
|
|
|
ngx.say("2")
|
2022-02-11 17:06:16 +08:00
|
|
|
|
say_html()
|
|
|
|
|
|
else
|
2022-03-03 16:16:53 +08:00
|
|
|
|
log("0-tools 工具验证通过, 记录浏览器指纹", "", srs[2])
|
2022-02-11 17:06:16 +08:00
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
-- js文件混淆
|
|
|
|
|
|
function jsExtDetect()
|
|
|
|
|
|
if JsProtect then
|
|
|
|
|
|
local ext = string.match(ngx.var.uri, ".+%.(%w+)$")
|
2022-03-03 16:16:53 +08:00
|
|
|
|
if ext == "js" then -- 加入检查,js文件是否存在
|
2022-02-11 17:06:16 +08:00
|
|
|
|
JsConfuse = true
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
function jsConfuse()
|
|
|
|
|
|
if JsConfuse then
|
|
|
|
|
|
local originBody = ngx.arg[1]
|
2022-03-03 16:16:53 +08:00
|
|
|
|
if #originBody > 200 then -- 筛选空js
|
2022-02-11 17:06:16 +08:00
|
|
|
|
local s = getRandom(8)
|
2022-03-03 16:16:53 +08:00
|
|
|
|
local path = "/tmp/" .. s
|
|
|
|
|
|
writefile(path, originBody, "w+")
|
|
|
|
|
|
local t = io.popen("export NODE_PATH=/usr/lib/node_modules && node /gate/node/js_confuse.js " .. path)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
local a = t:read("*all")
|
|
|
|
|
|
ngx.arg[1] = a
|
2022-03-03 16:16:53 +08:00
|
|
|
|
os.execute("rm -f " .. path)
|
2022-02-11 17:06:16 +08:00
|
|
|
|
end
|
|
|
|
|
|
JsConfuse = false
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
-- 响应包过滤
|
|
|
|
|
|
function dateReplace()
|
|
|
|
|
|
if SensitiveProtect then
|
|
|
|
|
|
local replaceTelephone = string.gsub(ngx.arg[1], "[1][3,4,5,7,8]%d%d%d%d%d%d%d%d%d", "******")
|
|
|
|
|
|
ngx.arg[1] = replaceTelephone
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
