Decode Obfuscated JS Video URLs Using Python: A Step‑by‑Step Guide
This article demonstrates how to reverse‑engineer a JavaScript encryption function used to hide video URLs, translating the logic into Python code step by step, and shows how to obtain the final downloadable link via web scraping, complete with code snippets and example outputs.
Preface
Recently, members of a Python community asked for JavaScript reverse‑engineering videos and code. The author shares a case study that records the process of decoding a JS‑based video URL encryption.
JS Code
The encrypted function originates from a small video site and is shown below.
The core of the encryption is the decodeMp4.decode() function.
define("tool", function(a, b, c) {
var d = a("jquery")
, e = a("support")
, f = a("constants")
, g = a("base64")
, h = "substring"
, i = "split"
, j = "replace"
, k = "substr";
b.decodeMp4 = {
getHex: function(a) {
return {
str: a[h](4),
hex: a[h](0, 4)[i]("").reverse().join("")
}
},
getDec: function(a) {
var b = parseInt(a, 16).toString();
return {
pre: b[h](0, 2)[i](""),
tail: b[h](2)[i]("")
}
},
substr: function(a, b) {
var c = a[h](0, b[0])
, d = a[k](b[0], b[1]);
return c + a[h](b[0])[j](d, "")
},
getPos: function(a, b) {
return b[0] = a.length - b[0] - b[1],
b
},
decode: function(a) {
var b = this.getHex(a)
, c = this.getDec(b.hex)
, d = this[k](b.str, c.pre);
return g.atob(this[k](d, this.getPos(d, c.tail)))
}
};
});Conversion Process
Assume the variable a contains a long string obtained by breakpoint debugging: a = "c0b1Ly9md..."; The following diagram lists the functions to be translated.
1. getHex(a) function
def getHex(a):
return {
"str": a[4:], # JS substring(4)
"hex": "".join(list(a[0:4])[::-1]) # reverse first 4 chars
}2. getDec(a) function
def getDec(a):
b = str(int(a, 16))
return {
"pre": list(b[:2]),
"tail": list(b[2:])
}3. substr(a, b) function
def substr(a, b):
c = a[0:int(b[0])]
d = a[int(b[0]):int(b[0])+int(b[1])]
return c + a[int(b[0]):].replace(d, '')4. getPos(a, b) function
def getPos(a, b):
b[0] = len(a) - int(b[0]) - int(b[1])
return b5. decode(a) function
def decode(a):
b = getHex(a)
c = getDec(b['hex'])
d = substr(b['str'], c['pre'])
return base64.b64decode(substr(d, getPos(d, c['tail'])))Effect Demonstration
Running the translated Python script yields the same encrypted URL that the web page uses, allowing the video to be played or downloaded.
Placing the obtained address in a browser plays the video and enables a direct download.
Summary
The article walks through a practical example of reverse‑engineering a JavaScript video‑URL encryption routine, translating each JavaScript helper into Python, and demonstrates how to retrieve the hidden video link using a web‑scraping approach.
Python Crawling & Data Mining
Life's short, I code in Python. This channel shares Python web crawling, data mining, analysis, processing, visualization, automated testing, DevOps, big data, AI, cloud computing, machine learning tools, resources, news, technical articles, tutorial videos and learning materials. Join us!
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.