Locating and Executing JavaScript for Parameter Extraction Using Chrome DevTools and js2py
This guide explains how to locate the JavaScript responsible for generating URL parameters by inspecting event listeners and searching source files in Chrome, observe its execution with breakpoints, and then replicate the logic in Python using js2py to obtain login credentials.
First, identify where the JavaScript that creates the URL parameters resides. In Chrome DevTools, inspect the button element and view its bound Event Listener ; if no listener is attached, use the "Search all files" feature to look for keywords such as livecell .
Next, observe the JavaScript execution flow. Set breakpoints by clicking the line numbers in the Sources panel; the debugger will pause at each breakpoint, allowing you to inspect variable values in the Scope pane and control execution with the step‑over, step‑into, and step‑out buttons.
To automate the extraction, use the js2py library, which provides a pure‑Python JavaScript interpreter. Install the required JavaScript libraries ( BigInt.js , RSA.js , Barrett.js ) and load them into a js2py.EvalJs() context.
<code>import requests
import json
import js2py
# Create a session and set headers
session = requests.session()
headers = {
"User-Agent": "Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Mobile Safari/537.36",
"X-Requested-With": "XMLHttpRequest",
"Content-Type": "application/x-www-form-urlencoded"
}
session.headers = headers
# Retrieve rKey
response = session.get("http://activity.renren.com/livecell/rKey")
n = json.loads(response.content)['data']
# Prepare credentials
phoneNum = "131..."
password = "****"
# Build js2py execution context
context = js2py.EvalJs()
with open("BigInt.js", "r", encoding='utf8') as f:
context.execute(f.read())
with open("RSA.js", "r", encoding='utf8') as f:
context.execute(f.read())
with open("Barrett.js", "r", encoding='utf8') as f:
context.execute(f.read())
# Pass data to the context
context.t = {'password': password}
context.n = n
js = '''
t.password = t.password.split("").reverse().join("");
setMaxDigits(130);
var o = new RSAKeyPair(n.e,"",n.n), r = encryptedString(o, t.password);
'''
context.execute(js)
encrypted_password = context.r
# Send login request
data = {
'phoneNum': phoneNum,
'password': encrypted_password,
'c1': 0,
'rKey': n['rkey']
}
login_resp = session.post("http://activity.renren.com/livecell/ajax/clog", data=data)
print(login_resp.content.decode())
# Access logged‑in page
profile_resp = session.get("http://activity.renren.com/home#profile")
print(profile_resp.content.decode())
</code>The script first obtains the rKey via a GET request, then uses the loaded JavaScript libraries to reverse the password string, set the RSA key size, and encrypt the password. Finally, it posts the encrypted credentials along with the phone number and rKey to perform the login and accesses the user profile.
In summary, by inspecting element bindings, searching source files, debugging with breakpoints, and reproducing the JavaScript logic in Python with js2py , you can programmatically extract the parameters needed for automated login.
Python Programming Learning Circle
A global community of Chinese Python developers offering technical articles, columns, original video tutorials, and problem sets. Topics include web full‑stack development, web scraping, data analysis, natural language processing, image processing, machine learning, automated testing, DevOps automation, and big data.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.