zhenze12345
commented
5 years ago could you share me the link which you use? it still works on my testing, maybe the new link doesn't work.
Open myleshk opened 5 years ago
zhenze12345
commented
5 years ago could you share me the link which you use? it still works on my testing, maybe the new link doesn't work.
myleshk
commented
5 years ago 比如这个:https://www.ximalaya.com/tracks/153101221.json
它所属的专辑是后期收费的,后面收费的音频拿不到很正常。
但是前面几段是免费试听的也拿不到play_path_32
zhenze12345
commented
5 years ago 但是感觉waveform拿到的group52/M0A/7C/3B/wKgLe1wywobynOAJAAAKfFRU3rM9265.js应该也不是audio的地址吧?需要再看下
myleshk
commented
5 years ago 是地址,但是需要校验签名及各种key……我也奇怪,免费的也要
例如这样(签名是假的,大概是这个格式):
http://audio.pay.xmcdn.com/download/1.0.0/group2/M0A/15/F3/wKgLflxEYuXyJqCCAH1D6vMvoAU089.m4a?sign=bfdfd20f3a1df167a32140b25986708a&buy_key=fe4f033ccbf4b22dfa2a1e704cdbbda8&token=6941×tamp=1559535956&duration=1013
你看看还有没有别的办法……
zhenze12345
commented
5 years ago 我现在这边连喜马拉雅太慢,感觉喜马拉雅把它当成收费节目来看了,晚上有空看下
zhenggu
commented
4 years ago 看了一下这个收费版的试听,感觉 url: https://audiopay.cos.xmcdn.com/download/1.0.0/group2/M05/11/8A/wKgLflw_HOSySLTKAIFrG9Y8z4E970.m4a?sign=41caeeb15ad096aac289e9fc64615e57&buy_key=fe4f133ccbf4b22dfa2a1e704ccbbda8&token=6009×tamp=1595332930&duration=1047
是从
{"ret":0,"msg":"0","trackId":153101221,"uid":2642819,"albumId":20485329,"title":"重回犯罪现场01","domain":"http://audiopay.cos.xmcdn.com","totalLength":8481563,"sampleDuration":0,"sampleLength":0,"isAuthorized":true,"apiVersion":"1.0.0","seed":2413,"fileId":"19*4*5*40*0*42*16*8*41*30*16*29*29*16*11*1*16*58*33*19*50*67*12*58*21*56*55*46*17*46*50*60*33*1*48*25*4*61*14*39*11*27*64*6*14*23*41*57*62*64*18*","buyKey":"fe4f133ccbf4b22dfa2a1e704ccbbda8","duration":1047,"ep":"ixdsaY59SiQC2v0Mb4wd414PUk0i1ibGSddPKQ7mX3e0zbOF2vKOnb4M2qze1aUzVeEkhSFWKvdkj6f2klQc3r4POy5UHKCqXtLFvCJbrkOl","highestQualityLevel":1,"downloadQualityLevel":1}
这个json的返回里面来的,不过感觉fileId加过密,不知道怎么解析出来
这个json是从https://mpay.ximalaya.com/mobile/track/pay/153101221/1595332930534?device=pc&isBackend=true&_=1595332930534 返回出来的
myleshk
commented
4 years ago 这个json的返回里面来的,不过感觉fileId加过密,不知道怎么解析出来
@zhenggu
果然fileId的值是m4a的URL简单加密得来的。加密算法就是一对一替换。我没时间去列完整表了,例子如下: |
密码*{数字}* | 对应字母 |
|---|---|---|
| 0 | p | |
| 1 | A | |
| 4 | r | |
| 5 | o | |
| 6 | E | |
| 8 | M | |
| 11 | 8 | |
| 12 | l | |
| 14 | 9 | |
| 16 | / | |
| 17 | y | |
| 18 | a | |
| 19 | g | |
| 21 | _ | |
| 23 | 7 | |
| 25 | F | |
| 27 | z |
总之fileId对应的是这部分:group2/M05/11/8A/wKgLflw_HOSySLTKAIFrG9Y8z4E970.m4a
zhenggu
commented
4 years ago 厉害厉害,看起来这还得搞个破译工作,呵呵
zhenggu
commented
4 years ago 发现这个对应关系还不是固定的
{"ret":0,"msg":"0","trackId":287340814,"uid":11129614,"albumId":35668060,"title":"1.5 王世充残暴无常,残杀出家大臣","domain":"http://audiopay.cos.xmcdn.com","totalLength":3952883,"sampleDuration":144,"sampleLength":1240809,"isAuthorized":true,"apiVersion":"1.0.0","seed":8661,"fileId":"7*33*12*14*8*29*10*32*56*26*10*26*67*10*36*64*10*58*27*7*62*16*16*34*35*45*0*62*7*5*29*21*55*67*23*0*18*40*34*67*25*49*34*67*64*63*11*53*60*29*22*","buyKey":"fe4f133ccbf4b22dfa2a1e704ccbbda8","duration":482,"ep":"ixdsaY59SiQC2v0Mb4wd414PUk0i1ibGSddPKQ7mX3e0y+nZjf3dybwG2/zfhaQ0X+d+0HtQea0y0vH8wFdA2bcPOy1RE6CqXtLFuiZfqUSh","highestQualityLevel":2,"downloadQualityLevel":1}
https://audiopay.cos.xmcdn.com/download/1.0.0/group4/M0B/BA/C9/wKgO116hSxOgv43XADxQ86Azi6A975.m4a?sign=bcda6dca893cb5f20939e08c8033be28&buy_key=fe4f133ccbf4b22dfa2a1e704ccbbda8&token=3569×tamp=1595577753&duration=482
zhenggu
commented
4 years ago 怀疑是和seed这个字段有关系的
zhenggu
commented
4 years ago 再贴一个例子
{"ret":0,"msg":"0","trackId":292014079,"uid":11129614,"albumId":35668060,"title":"2.4 女版慕容复,先后嫁父子四人","domain":"http://audiopay.cos.xmcdn.com","totalLength":3612454,"sampleDuration":132,"sampleLength":1137403,"isAuthorized":true,"apiVersion":"1.0.0","seed":4063,"fileId":"49*57*62*15*58*64*2*14*42*20*2*30*65*2*25*20*2*55*0*49*27*64*23*66*33*39*44*0*48*53*48*56*44*26*65*37*36*67*15*57*8*38*36*62*44*12*66*29*53*64*22*","buyKey":"fe4f133ccbf4b22dfa2a1e704ccbbda8","duration":441,"ep":"ixdsaY59SiQC2v0Mb4wd414PUk0i1ibGSddPKQ7mX3e0n+7cjq7fm+QO0PeO1aJhC7Ekh3sNffRpifb7kQwc2LkPPyhUHKCqXtLFuiZQpkOi","highestQualityLevel":2,"downloadQualityLevel":1}
https://audiopay.cos.xmcdn.com/download/1.0.0/group4/M03/CD/B3/wKgO4V6vy5KRmRs5ADcfJurFZfo586.m4a?sign=6dabef190282233ffcd984a8c74b9936&buy_key=fe4f133ccbf4b22dfa2a1e704ccbbda8&token=7036×tamp=1595578820&duration=441
myleshk
commented
4 years ago 哦对没注意到有seed……看来不容易破解了
zhenggu
commented
4 years ago 看了一下,如果是收费版,即使你破解了url,也只能download audio的前半部分
zhenggu
commented
4 years ago zhenggu
commented
4 years ago function vt(t) {
this._randomSeed = t, this.cg_hun()
}
vt.prototype = {
cg_hun: function() {
this._cgStr = "";
var t = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/\\:._-1234567890",
e = t.length,
n = 0;
for (n = 0; n < e; n++) {
var r = this.ran() * t.length,
o = parseInt(r);
this._cgStr += t.charAt(o), t = t.split(t.charAt(o)).join("")
}
},
cg_fun: function(t) {
t = t.split("*");
var e = "",
n = 0;
for (n = 0; n < t.length - 1; n++) e += this._cgStr.charAt(t[n]);
return e
},
ran: function() {
return this._randomSeed = (211 * this._randomSeed + 30031) % 65536, this._randomSeed / 65536
},
cg_decode: function(t) {
var e = "",
n = 0;
for (n = 0; n < t.length; n++) {
var r = t.charAt(n),
o = this._cgStr.indexOf(r); - 1 !== o && (e += o + "*")
}
return e
}
};用nodejs试了一下:
> new vt(4063).cg_fun("49*57*62*15*58*64*2*14*42*20*2*30*65*2*25*20*2*55*0*49*27*64*23*66*33*39*44*0*48*53*48*56*44*26*65*37*36*67*15*57*8*38*36*62*44*12*66*29*53*64*22*");
'group4/M03/CD/B3/wKgO4V6vy5KRmRs5ADcfJurFZfo586.m4a'
This line does not work any more.
play_path_32is now empty. You need to usewaveform.