Article directory
- Foreword
- achieve effect
- Finished product
- advertise
- Packet capture analysis
-
- 1. Locate encrypted files
- 2. Edit JS `enable local replacement`
- Transcoding with Chatgpt
- Get scheduled task id
- Simulate data requests
- at last
Foreword
Because station C has too many copyrights, all crawler-related information is recorded and will not be in-depth!
Today I found that there is no such thing on github. After capturing the packets, I found that the software has a lot of security protection. Through comparison, I found that the cookie and software interface requests are the same, so the web interface can be used instead of the APP interface. The final data is the same.
Achieve results
APP login effect
Although I am stuck on the SMS verification code, if there is another way to skip it, I will choose the latter.
After-effect of bypassing
Log in by converting the mobile phone number and password into an encrypted string and converting it to Cookie and token.
Finished product
Advertising
A series of practical articles on Python crawler projects! !
Welcome to subscribe
[Python crawler project practice 1] Obtain the free interface text code of Chatgpt3.5 (passed Authorization certification)
[Python crawler project practice 2] Chatgpt restoration verification algorithm-decrypting the data interface of a fake CNKI network
Welcome to subscribe
Python crawler script project practice
Packet capture analysis
1. Locating encrypted files
Find encrypted js
code show as below:
var t = $("#t").val(); if(t == "true"){ var transferKey = "u2oh6Vu^HWe4_AES"; pwd = encryptByAES(pwd, transferKey); console.log(pwd); }
Find encryption method
code show as below:
function encryptByAES(message, key){ let CBCOptions = { iv: CryptoJS.enc.Utf8.parse(key), mode:CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }; let aeskey = CryptoJS.enc.Utf8.parse(key); let secretData = CryptoJS.enc.Utf8.parse(message); let encrypted = CryptoJS.AES.encrypt( secretData, aeskey, CBCOptions ); return CryptoJS.enc.Base64.stringify(encrypted.ciphertext); } </code><img class="look-more-preCode contentImg-no-view" src="//i2.wp.com/csdnimg.cn/release/blogv2/dist/pc/img/newCodeMoreBlack. png" alt="" title="">
2. Edit JS Enable local replacement
1. Edit the code and save it to enable breakpoint debugging.
Write to console.log(pwd); for debugging, fill in the generated account password into my interface for request testing
2. Generate account and password after running
Copy the generated encrypted account and password to my program interface for test login
3. Copy to the interface program for testing
Returns successful login and cookie data, indicating that the data is indeed encrypted through the above method
Use Chatgpt for code conversion
Since the code is written in JS, I wanted to convert it into Python, and I left this matter to my good friend Chatgpt
from Crypto.Cipher import AES import base64 def encrypt_by_aes(message, key): key = key.encode('utf-8') message = message.encode('utf-8') # Use AES CBC mode for encryption cipher = AES.new(key, AES.MODE_CBC, iv=key) # Fill the message (using PKCS7 filling) block_size = AES.block_size padded_message = message + (block_size - len(message) % block_size) * chr(block_size - len(message) % block_size).encode() # Encrypt message ciphertext = cipher.encrypt(padded_message) # Return Base64 encoded ciphertext return base64.b64encode(ciphertext).decode('utf-8') # Set the key and message here transferKey = "u2o****S" message = "qw******" phone="15*********9" # Use functions to encrypt we = encrypt_by_aes(phone, transferKey) passw = encrypt_by_aes(message, transferKey) print("Encrypted message:", we) print("password:", passw) </code><img class="look-more-preCode contentImg-no-view" src="//i2.wp.com/csdnimg.cn/release/blogv2/dist/pc/img/newCodeMoreBlack. png" alt="" title="">
Get scheduled task id
Use cookies to exchange tokens and then send requests in exchange for pcid
and pcmajorid
#Get the check-in task id cookies = { 'source': '""' } headers = { 'Host': 'sx.chaoxing.com', 'Connection': 'keep-alive', 'Upgrade-Insecure-Requests': '1', 'Accept': 'text/html,application/xhtml + xml,application/xml;q=0.9,*/*;q=0.8', 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1', 'Referer': 'http://i.mooc.chaoxing.com/', 'Accept-Language': 'zh-CN,zh-Hans;q=0.9', } params = { 's': '', } response = requests.get('http://sx.chaoxing.com/dgsx/space', params=params, cookies=cookies, headers=headers) print(response.text) </code><img class="look-more-preCode contentImg-no-view" src="//i2.wp.com/csdnimg.cn/release/blogv2/dist/pc/img/newCodeMoreBlack. png" alt="" title="">
Simulate data request
Replace the data
data = { 'id': '0', 'type': '0', 'pcid': '7**1', 'pcmajorid': '2***1', 'address': 'Guangdong ********* number', 'geolocation': '9*8.5***2,24.4****7', 'remark': '', 'workStart': '', 'workEnd': '', 'images': '', 'allowOffset': '3000', 'offset': 'NaN', 'offduty': '0', 'changeLocation': '', } </code><img class="look-more-preCode contentImg-no-view" src="//i2.wp.com/csdnimg.cn/release/blogv2/dist/pc/img/newCodeMoreBlack. png" alt="" title="">
Simulation results after sending the request:
Login successful p1: 9**4, p2: 24***2 {"success":true,"msg":"Punch in successfully","info":{"id":100383225,"status":1}} Check in successfully {'url': 'http://mooc1-2.***.com/visit/courses/study?s=83e3800a41848cf6c0a327c3a174de78', 'status': True} Landed successfully p1: **4, p2: 3*** {"success":true,"msg":"Punch in successfully","info":{"id":100383227,"status":1}} Check in successfully
Finished spreading flowers. Due to copyright issues, the relevant code cannot be released. The above is just a reverse analysis record.
Finally
The above is today's packet capture analysis
, a tutorial on how to bypass the mobile phone verification code login by restoring a certain software login algorithm through ChatGPT decryption. This article is only for learning records.
Hope you like my other works
“Remember a Cloud House Check-in and Grab Bag”
“Remember a video capture m3u8 decryption process”
“There is no network when capturing some software + proxy detection solution Android Yellow Bird httpcanary + vmos”
“Python] Record packet capture analysis and automatically receive Sesame HTTP daily free IP (finished product + tutorial)”
“Video of Packet Capture for a Certain Class Android Phone: Yellow Bird + Certain Class App + VirtualXposed Virtual Framework”
Recommended columns:
“Python crawler script project practice”
Previous articles in this column:
“[Python crawler project practice 1] Obtain the free interface text of Chatgpt3.5 and pay the code (passed Authorization certification)”
If you feel that you are not satisfied after reading the article, you are welcome to check out my other columns.
If you also like crawler packet capture analysis, please follow me. I have also completed many independent projects: such as Dianyitong and other scripts, but they have been removed from the shelves due to copyright reasons. The review of crawlers is more rigorous. If there is any infringement or violation of regulations, the articles will be screened while ensuring the quality.
If you are interested in crawlers, please bookmark or subscribe to this column “Python crawler script project practice”. If you have a project, please contact me and I will synchronize the tutorials to this column!
A series of practical articles on Python crawler projects! !
Welcome to subscribe
[Python crawler project practice 1] Obtain the free interface text code of Chatgpt3.5 (passed Authorization certification)
[Python crawler project practice 2] Chatgpt restoration verification algorithm-decrypting the data interface of a fake CNKI network
Welcome to subscribe
Python crawler script project practice