Backend Development 8 min read

How to Decode Obfuscated JS Video URLs with Python: A Step‑by‑Step Guide

This article demonstrates how to reverse‑engineer a JavaScript video‑encryption function, translate its logic into Python, and use the resulting code to retrieve the hidden video URL, providing a practical example for Python web‑scraping and JS deobfuscation.

Python Crawling & Data Mining

May 13, 2022

How to Decode Obfuscated JS Video URLs with Python: A Step‑by‑Step Guide

Introduction

Hello, I am a Python advanced learner.

JS Encryption Function

The target website uses a JavaScript encryption function to hide the video URL. The encrypted function is shown below.

The core of the encryption is the decodeMp4.decode() function, which relies on several helper functions.

define("tool", function(a, b, c) {
    var d = a("jquery"),
        e = a("support"),
        f = a("constants"),
        g = a("base64"),
        h = "substring",
        i = "split",
        j = "replace",
        k = "substr";
    b.decodeMp4 = {
        getHex: function(a) {
            return { str: a[h](4), hex: a[h](0, 4)[i]("").reverse().join("") };
        },
        getDec: function(a) {
            var b = parseInt(a, 16).toString();
            return { pre: b[h](0, 2)[i](""), tail: b[h](2)[i]("") };
        },
        substr: function(a, b) {
            var c = a[h](0, b[0]), d = a[k](b[0], b[1]);
            return c + a[h](b[0])[j](d, "");
        },
        getPos: function(a, b) {
            return b[0] = a.length - b[0] - b[1], b;
        },
        decode: function(a) {
            var b = this.getHex(a), c = this.getDec(b.hex), d = this[k](b.str, c.pre);
            return g.atob(this[k](d, this.getPos(d, c.tail)));
        }
    };
});

Conversion Process

Each helper function is re‑implemented in Python to reproduce the same behavior.

1. getHex

def getHex(a):
    return {
        "str": a[4:],  # JS substring(4)
        "hex": "".join(list(a[0:4])[::-1])  # reverse first 4 chars
    }

2. getDec

def getDec(a):
    b = str(int(a, 16))
    return {
        "pre": list(b[:2]),
        "tail": list(b[2:])
    }

3. substr

def substr(a, b):
    c = a[0:int(b[0])]
    d = a[int(b[0]):int(b[0]) + int(b[1])]
    return c + a[int(b[0]):].replace(d, '')

4. getPos

def getPos(a, b):
    b[0] = len(a) - int(b[0]) - int(b[1])
    return b

5. decode

def decode(a):
    b = getHex(a)
    c = getDec(b['hex'])
    d = substr(b['str'], c['pre'])
    return base64.b64decode(substr(d, getPos(d, c['tail'])))

Result Demonstration

Running the Python implementation on the captured string variable a yields the same encrypted video URL as the original site.

The obtained URL can be opened in a browser and the video plays normally; downloading the video is then straightforward.

Conclusion

This tutorial shows how to tackle a typical Python web‑scraping obstacle where JavaScript dynamically generates encrypted video URLs. By reverse‑engineering the JS logic and translating it into Python, the hidden URL can be recovered and accessed.

Encryption Code Conversion JS reverse engineering

Written by

Python Crawling & Data Mining

Life's short, I code in Python. This channel shares Python web crawling, data mining, analysis, processing, visualization, automated testing, DevOps, big data, AI, cloud computing, machine learning tools, resources, news, technical articles, tutorial videos and learning materials. Join us!

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.