0


网络爬虫js逆向解决网站登录RSA加密问题,不使用selenium如何实现登录,session维持登录状态请求爬取

记录中大网校破解登录后爬取的方法:

案例请求地址:中大网校会员中心-登陆入口-中大网校

使用工具:打码平台(超级鹰)

分析请求:

分析此请求,得知没有data,保持状态登录需要服务器知道是这个用户对应请求的相应验证码,所以要用session来维护状态

get_img ="https://user.wangxiao.cn/apis//common/getImageCaptcha"

session = requests.session()

session.headers = {
    'Referer' : "https://user.wangxiao.cn/login?url=http%3A%2F%2Fks.wangxiao.cn%2F",
    "Content-Type": "application/json;charset=UTF-8",
    "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"
}

session.get("https://user.wangxiao.cn/login?url=http%3A%2F%2Fks.wangxiao.cn%2F")
time.sleep(0.5)
image_b = session.post(get_img).json()["data"].split(",")[1]
print(image_b)
with open("photo.png","wb") as f:
    f.write(base64.b64decode(image_b))

获取到后验证码保存下来

接着接入超级鹰,识别获得验证码

超级鹰文件:

#!/usr/bin/env python
# coding:utf-8

import requests
from hashlib import md5

class Chaojiying_Client(object):

    def __init__(self, username, password, soft_id):
        self.username = username
        password =  password.encode('utf8')
        self.password = md5(password).hexdigest()
        self.soft_id = soft_id
        self.base_params = {
            'user': self.username,
            'pass2': self.password,
            'softid': self.soft_id,
        }
        self.headers = {
            'Connection': 'Keep-Alive',
            'User-Agent': 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
        }

    def PostPic(self, im, codetype):
        """
        im: 图片字节
        codetype: 题目类型 参考 http://www.chaojiying.com/price.html
        """
        params = {
            'codetype': codetype,
        }
        params.update(self.base_params)
        files = {'userfile': ('ccc.jpg', im)}
        r = requests.post('http://upload.chaojiying.net/Upload/Processing.php', data=params, files=files, headers=self.headers)
        return r.json()

    def PostPic_base64(self, base64_str, codetype):
        """
        im: 图片字节
        codetype: 题目类型 参考 http://www.chaojiying.com/price.html
        """
        params = {
            'codetype': codetype,
            'file_base64':base64_str
        }
        params.update(self.base_params)
        r = requests.post('http://upload.chaojiying.net/Upload/Processing.php', data=params, headers=self.headers)
        return r.json()

    def ReportError(self, im_id):
        """
        im_id:报错题目的图片ID
        """
        params = {
            'id': im_id,
        }
        params.update(self.base_params)
        r = requests.post('http://upload.chaojiying.net/Upload/ReportError.php', data=params, headers=self.headers)
        return r.json()

if __name__ == '__main__':
    chaojiying = Chaojiying_Client('超级鹰用户名', '超级鹰用户名的密码', '938422')    #用户中心>>软件ID 生成一个替换 96001
    im = open('a.jpg', 'rb').read()                                                    #本地图片文件路径 来替换 a.jpg 有时WIN系统须要//
    print (chaojiying.PostPic(im, 9004))                                        #1902 验证码类型  官方网站>>价格体系 3.4+版 print 后要加()
    #print chaojiying.PostPic(base64_str, 1902)  #此处为传入 base64代码

调用获取验证码


im = open("photo.png","rb").read()
chaojiying = Chaojiying_Client('cjy账号', 'cjy密码', '938422')    #用户中心>>软件ID 生成一个替换 96001                                                #本地图片文件路径 来替换 a.jpg 有时WIN系统须要//
image_code = chaojiying.PostPic(im, '1004')["pic_str"]
print(image_code)

接着研究登录的xhr请求:

明显看出密码经过了加密,只要解决密码的加密,带上验证码,账号就能成功登录

分析搜索:

搜索password寻找加密入口,encrypt顾名思义加密,所以进入查看

    由此明显库看出是一个密钥,而JSEncrypt是前端常用的加密库,接下来就是查看用的什么类型加密。

并且i.encryptFn传入的参数是pwd+ress.data,而data的数据经过研究是另一个请求获得的数据见下图

所以登录前,需要请求一次getTime获得data数据

由此处可以看见e就是密码,还是明文格式,接着进入encrypt查看

由上图此处明显可以看到是RSA加密,接着再debug后能看到d已经是密文格式

接下来python使用RSA加密:

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5

def dispose(s):
    rsa_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA5Zq6ZdH/RMSvC8WKhp5gj6Ue4Lqjo0Q2PnyGbSkTlYku0HtVzbh3S9F9oHbxeO55E8tEEQ5wj/+52VMLavcuwkDypG66N6c1z0Fo2HgxV3e0tqt1wyNtmbwg7ruIYmFM+dErIpTiLRDvOy+0vgPcBVDfSUHwUSgUtIkyC47UNQIDAQAB"
    rsa_keys = RSA.importKey(base64.b64decode(rsa_key))
    rsa_new = PKCS1_v1_5.new(rsa_keys)
    cipher = rsa_new.encrypt(s.encode("utf-8"))
    return base64.b64encode(cipher).decode("utf-8")

上述代码就是python调用RSA的加密方式

维护登录状态:

在此处可以看见加载进入cookie中的数据,跟着将数据加入session的cookie中即可保持状态

知道加密流程后整理代码:

import json

import requests
import time
import base64
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5

from encryption.中大网校登录ras.chaojiying_Python.chaojiying import Chaojiying_Client

get_img ="https://user.wangxiao.cn/apis//common/getImageCaptcha"

session = requests.session()

session.headers = {
    'Referer' : "https://user.wangxiao.cn/login?url=http%3A%2F%2Fks.wangxiao.cn%2F",
    "Content-Type": "application/json;charset=UTF-8",
    "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"
}

session.get("https://user.wangxiao.cn/login?url=http%3A%2F%2Fks.wangxiao.cn%2F")
time.sleep(0.5)
image_b = session.post(get_img).json()["data"].split(",")[1]
print(image_b)
with open("photo.png","wb") as f:
    f.write(base64.b64decode(image_b))

datatime = session.post("https://user.wangxiao.cn/apis//common/getTime").json()["data"]
print(datatime)

im = open("photo.png","rb").read()
chaojiying = Chaojiying_Client('cjy账号', 'cjy密码', '938422')    #用户中心>>软件ID 生成一个替换 96001                                                #本地图片文件路径 来替换 a.jpg 有时WIN系统须要//
image_code = chaojiying.PostPic(im, '1004')["pic_str"]
print(image_code)

username = you id
password = "you**"

def dispose(s):
    rsa_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA5Zq6ZdH/RMSvC8WKhp5gj6Ue4Lqjo0Q2PnyGbSkTlYku0HtVzbh3S9F9oHbxeO55E8tEEQ5wj/+52VMLavcuwkDypG66N6c1z0Fo2HgxV3e0tqt1wyNtmbwg7ruIYmFM+dErIpTiLRDvOy+0vgPcBVDfSUHwUSgUtIkyC47UNQIDAQAB"
    rsa_keys = RSA.importKey(base64.b64decode(rsa_key))
    rsa_new = PKCS1_v1_5.new(rsa_keys)
    cipher = rsa_new.encrypt(s.encode("utf-8"))
    return base64.b64encode(cipher).decode("utf-8")

data = {
    "imageCaptchaCode": image_code,
    "password": dispose(password+datatime),
    "userName": username,
}
#遇到Request Payload,传入就必须要用json.dumps()
resp = session.post("https://user.wangxiao.cn/apis//login/passwordLogin",data = json.dumps(data))

dic = resp.json()['data']
print(dic)

session.cookies['UserCookieName'] = dic['userName']
session.cookies['OldUsername2'] = dic['userNameCookies']
session.cookies['OldUsername'] = dic['userNameCookies']
session.cookies['OldPassword'] = dic['passwordCookies']
session.cookies['UserCookieName_'] = dic['userName']
session.cookies['OldUsername2_'] = dic['userNameCookies']
session.cookies['OldUsername_'] = dic['userNameCookies']
session.cookies['OldPassword_'] = dic['passwordCookies']
session.cookies['autoLogin'] = "null"
session.cookies['userInfo'] = json.dumps(dic)
session.cookies['token'] = dic['token']

print(session)

允许结果:

接着即可在下面编写对该网站任意地方进行解析与请求


本文转载自: https://blog.csdn.net/weixin_47481982/article/details/127632689
版权归原作者 Hares_ 所有, 如有侵权,请联系我们删除。

“网络爬虫js逆向解决网站登录RSA加密问题,不使用selenium如何实现登录,session维持登录状态请求爬取”的评论:

还没有评论