-
江西财经大学智慧江财登录分析
先抓包看看
- 发现提交登录的参数
如图,提交的参数
- 然后试着搜索这些参数,看哪里用到了,关键的是
password是怎么加密的,全局搜索ctrl+shift+f来进行代码搜索,定位在如下图
- 然后我们就知道了加密方式
逻辑总结
- 我就懒得写了,直接引用@K哥爬虫
- 加密入口可以在 index 首页找到,用到了 rsa.js 里面的三个加密函数
RSAKey()、setPublic()、encrypt(); - rsa.js 里的
BigInteger()函数依赖 jsbn.js,SecureRandom()函数依赖 rng.js; - rng.js 里的变量
rng_psize在 prng4.js 中定义,prng_newstate()函数也依赖 prng4.js
提交方式
前置知识
-
表单的name作用:name 属性用于对提交到服务器后的表单数据进行标识
-
注意:只有设置了 name 属性的表单元素才能在提交表单时传递它们的值。
-
简单来说,name就是提交到后台的索引,比如在复选框中都要设置成name="hobby"说明几个复选框都在爱好下。
-
查看网页源代码发现,是在网页通过
form表单提交的,并不是通过axios或者加jQuery进行js提交,可以看看下面的代码,通过form表单提交到/cas/login
<form id="fm1" action="`" method="post" autocomplete="off"> <div id="errorMessage" class="error" style="display:none;"> <div class="error-massage"></div> </div> <table cellpadding="0" cellspacing="0"> <tr> <td colspan="2"> <input id="username" name="username" type="text" class="user" placeholder="校园卡号/首次登录请激活" value="" /> <input type="text" class="user" style="display: none;" /> </td> </tr> <tr> <td colspan="2"> <input id="passwordEnc" name="password" type="hidden" value="" /> <input id="password" type="password" class="pw" placeholder="统一身份认证密码" /> <input type="text" class="pw" style="display: none;" /> </td> </tr> <tr id="imageCode" style="display:none;"> <td colspan="2" style="position:relative;"> <input id="errors" name="errors" type="hidden" value="0" /> <input id="imageCodeName" name="imageCodeName" type="text" size="4" class="yzm" placeholder="验证码" /><input type="text" class="yzm" style="display: none;" /> <div style="position:absolute; top:5px; right:0;"> <img width="100" style="height:2.5rem;" src='/cas/codeimage' style="cursor: pointer;" onclick="this.src='/cas/codeimage?'+Math.floor(Math.random()*100)" /> </div> </td> </tr> <tr style="display:none;" id="rememberPwd"> <td colspan="2" style="height: 15px;"><input id="ckbRememberPP" name="rememberMe" type="checkbox" value="true"/><input type="hidden" name="_rememberMe" value="on"/><label for="ckbRememberPP" style="vertical-align: middle;height: 13px;">记住密码,2周内自动登录</label></td> </tr> <tr> <td colspan="2"><input type="submit" value="登 录" onclick="javascript:return checkInput();" /></td> </tr> <tr> <td colspan="2"> <a href='https://ssl.jxufe.edu.cn/uid/activateAuth?t=20161208120000' class="zhjh-a" target="_blank">账号激活</a><a href='https://ssl.jxufe.edu.cn/uid/forget?t=20161208120000' class="wjmm-a" target="_blank">忘记密码</a> </td> </tr> <tr> <td class="line" width="60%"> <a href="pages/account_activate.html?t=20161208120000" class="zhjh">统一认证账号激活攻略</a> <div class="clear-1"></div> <a href="pages/password_forget.html?t=20161208120000" class="mmzh">信息门户密码找回攻略</a> </td> <td class="line" align="right" width="40%"> <div align="center" class="ewm"> <img src="images/ewm.jpg" width="70"><br>移动门户二维码 </div> </td> </tr> </table> <input type="hidden" name="cryptoType" value="1" /> <input type="hidden" name="lt" value="_c4ECACA77-B52F-B3C8-EF78-7F2DE9C616E0_k8175C76F-F064-D984-F521-22035A30AD09" /> <input type="hidden" name="_eventId" value="submit" /> </form>- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
加密示例代码
- 其他依赖github看看就可以 https://github.com/superBiuBiuMan/jxufe_loginRSA
关键代码
//RSA加密 const { RSAKey } = require("./tools/rsa"); var rsa = new RSAKey(); //如果下面二个参数变动了,就去官网看看源代码就可以 var n = "5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9"; var e = "10001"; //密码加密 rsa.setPublic(n, e); var encodedPassword = rsa.encrypt('123456789'); //输出加密的密码 console.log(encodedPassword);- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
注意
二个参数可能会发生变动,就去官网看看源代码就可以
附带下登录的js
- 本来想写一个查询成绩的,后面发现不会,抓包分析也不会…跳来跳去的那个认证…
ts版本
const axios = require('axios'); const qs = require('qs'); const { RSAKey } = require("./tools/rsa"); const cheerio = require("cheerio"); const nDefault = '5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9'; const eDefault = '10001'; class LoginAndGet { n: string; e: string; userName: string; passWord: string; encodedPassword: string;//加密过后的密码 constructor(userName: string, passWord: string, n: string = nDefault, e: string = eDefault) { this.n = n; this.e = e; this.userName = userName; this.passWord = passWord; this.getRSAPassword(this.passWord); } /* 获取加密后的密码 */ getRSAPassword(originPass: string): void { let rsa = new RSAKey(); //设置加密 rsa.setPublic(this.n, this.e); //进行加密 this.encodedPassword = rsa.encrypt(originPass); } /* 开始 */ start() { this.getIt(); } /* 获取it参数 */ getIt(): void { axios({ method: 'get', url: 'https://ssl.jxufe.edu.cn/cas/login', headers: { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36', } }).then((data) => { var Data = []; Data.push(data.headers['set-cookie'][0].toString().match(/\w*(?=\.)/m).join()); //获取JSESSIONID Data.push(data.headers['set-cookie'][1].toString().match(/\w*(?=;)/m).join()); //获取sessoinMapKey Data.push(cheerio.load(data.data)(":input[name='lt']").attr('value')); //获取It // ) console.log("载入页面获取的东西", Data); return Data; }).then(data => { // console.log(data); // JSESSIONID 0索引和 sessoinMapKey 1 和It 2 this.loginF(data[2], data[1], data[0], this.userName, this.encodedPassword); }); } /* 登录 */ loginF(lt: string, sess: string, jsess: string, userName: string, encodedPassword: string) { //传送的数据 var data = qs.stringify({ 'username': userName, 'password': encodedPassword, 'errors': '0', '_rememberMe': 'on', 'cryptoType': '1', '_eventId': 'submit', 'imageCodeName': '', 'lt': lt }); //axios配置 var config = { method: 'post', url: 'https://ssl.jxufe.edu.cn/cas/login?jsessionid=' + jsess + '.cas_app_2', // url: 'https://ssl.jxufe.edu.cn/cas/login', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': ' Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36', 'Cookie': 'JSESSIONID=' + jsess + '.cas_app_2;sessoinMapKey=' + sess + '; jxufe_username=' + userName, 'Referer': 'https://ssl.jxufe.edu.cn/cas/login', 'Origin': 'https://ssl.jxufe.edu.cn', }, data: data }; //发送请求 axios(config) .then(function (response) { var result = cheerio.load(response.data)(".error-massage span").text(); console.log("登录结果为:" + result); console.log('cookie1为',response.headers); }) .catch(function (error) { console.log(error); }); } } //测试代码 var test = new LoginAndGet('2202140875', 'superBiuBB'); test.start();- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 转换后的js
var axios = require('axios'); var qs = require('qs'); var RSAKey = require("./tools/rsa").RSAKey; var cheerio = require("cheerio"); var nDefault = '5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9'; var eDefault = '10001'; var LoginAndGet = /** @class */ (function () { function LoginAndGet(userName, passWord, n, e) { if (n === void 0) { n = nDefault; } if (e === void 0) { e = eDefault; } this.n = n; this.e = e; this.userName = userName; this.passWord = passWord; this.getRSAPassword(this.passWord); } /* 获取加密后的密码 */ LoginAndGet.prototype.getRSAPassword = function (originPass) { var rsa = new RSAKey(); //设置加密 rsa.setPublic(this.n, this.e); //进行加密 this.encodedPassword = rsa.encrypt(originPass); }; /* 开始 */ LoginAndGet.prototype.start = function () { this.getIt(); }; /* 获取it参数 */ LoginAndGet.prototype.getIt = function () { var _this = this; axios({ method: 'get', url: 'https://ssl.jxufe.edu.cn/cas/login', headers: { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36' } }).then(function (data) { var Data = []; Data.push(data.headers['set-cookie'][0].toString().match(/\w*(?=\.)/m).join()); //获取JSESSIONID Data.push(data.headers['set-cookie'][1].toString().match(/\w*(?=;)/m).join()); //获取sessoinMapKey Data.push(cheerio.load(data.data)(":input[name='lt']").attr('value')); //获取It // ) console.log("载入页面获取的东西", Data); return Data; }).then(function (data) { // console.log(data); // JSESSIONID 0索引和 sessoinMapKey 1 和It 2 _this.loginF(data[2], data[1], data[0], _this.userName, _this.encodedPassword); }); }; /* 登录 */ LoginAndGet.prototype.loginF = function (lt, sess, jsess, userName, encodedPassword) { //传送的数据 var data = qs.stringify({ 'username': userName, 'password': encodedPassword, 'errors': '0', '_rememberMe': 'on', 'cryptoType': '1', '_eventId': 'submit', 'imageCodeName': '', 'lt': lt }); //axios配置 var config = { method: 'post', url: 'https://ssl.jxufe.edu.cn/cas/login?jsessionid=' + jsess + '.cas_app_2', // url: 'https://ssl.jxufe.edu.cn/cas/login', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': ' Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36', 'Cookie': 'JSESSIONID=' + jsess + '.cas_app_2;sessoinMapKey=' + sess + '; jxufe_username=' + userName, 'Referer': 'https://ssl.jxufe.edu.cn/cas/login', 'Origin': 'https://ssl.jxufe.edu.cn' }, data: data }; //发送请求 axios(config) .then(function (response) { var result = cheerio.load(response.data)(".error-massage span").text(); console.log("登录结果为:" + result); console.log('cookie1为', response.headers); })["catch"](function (error) { console.log(error); }); }; return LoginAndGet; }()); //测试代码 var test = new LoginAndGet('2202140875', 'superBiuBB'); test.start();- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
-
相关阅读:
19 OpenCV 霍夫曼变换检测圆
消防宣传科普|消防安全知识网上答题挑战赛活动方案
头戴式耳机怎么戴好看?头戴式耳机正确代法
电脑QQ如何录制视频文件?
Dubbo——Dubbo协议整合Jackson序列化解决方案
Linux安装nodejs问题
数据库系统概论学习 1 绪论
MySQL约束详解
百趣代谢组学实验室分享-细胞培养避坑指南
解决:执行virtuoso&命令打开cadence很慢,很卡
- 原文地址:https://blog.csdn.net/u014582342/article/details/125495485
