标签:逆向 bf img fx fy 爱企查 item data 百度
查看重定向的url,获取as, ds, tk 三个值
获取旋转的原图 和 backstr 的值
旋转验证参数提交,dbug 调试参数跟进, 跟进来后发现重点在 r.rzData
控制台打印 r.raData
在r.rzData中ac_c是检测的关键,ac_c=round((o / 212),2),而o是滑动的距离,o=angle*212/360 (angle)是识别的角度。然后backstr是前面返回的,其他的所有参数都可固定,包括轨迹fs是对r.rzData进行aes加密的结果(key是ac+'appsapi0')
重写js文件
var CryptoJS = require('crypto-js');
function encrypt_(angle, as, backstr) {
var tt = {
"cl": [
{
"x": 862,
"y": 287,
"t": 1657760616916
}
],
"mv": [
{
"fx": 987,
"fy": 149,
"t": 1657760613905,
"bf": 2
},
{
"fx": 979,
"fy": 370,
"t": 1657760615529,
"bf": 2
},
{
"fx": 948,
"fy": 339,
"t": 1657760615688,
"bf": 2
},
{
"fx": 911,
"fy": 321,
"t": 1657760615848,
"bf": 2
},
{
"fx": 892,
"fy": 309,
"t": 1657760616008,
"bf": 2
},
{
"fx": 880,
"fy": 299,
"t": 1657760616176,
"bf": 2
},
{
"fx": 869,
"fy": 290,
"t": 1657760616440,
"bf": 2
},
{
"fx": 864,
"fy": 288,
"t": 1657760616641,
"bf": 2
},
{
"fx": 862,
"fy": 287,
"t": 1657760616866,
"bf": 2
},
{
"fx": 864,
"fy": 288,
"t": 1657760617026,
"bf": 1
},
{
"fx": 877,
"fy": 293,
"t": 1657760617186,
"bf": 1
},
{
"fx": 882,
"fy": 295,
"t": 1657760617360,
"bf": 1
},
{
"fx": 891,
"fy": 298,
"t": 1657760617537,
"bf": 1
},
{
"fx": 900,
"fy": 300,
"t": 1657760617688,
"bf": 1
},
{
"fx": 908,
"fy": 301,
"t": 1657760617864,
"bf": 1
},
{
"fx": 910,
"fy": 301,
"t": 1657760618585,
"bf": 1
}
],
"sc": [],
"kb": [
{
"key": "a",
"t": 1657760606047
}
],
"sb": [],
"sd": [],
"sm": [],
"cr": {
"screenTop": 0,
"screenLeft": 0,
"clientWidth": 1920,
"clientHeight": 979,
"screenWidth": 1920,
"screenHeight": 1080,
"availWidth": 1920,
"availHeight": 1050,
"outerWidth": 1920,
"outerHeight": 1050,
"scrollWidth": 1920,
"scrollHeight": 1920
},
"simu": 0,
"ac_c": (angle * 212 / 360 / 212).toFixed(2),
"backstr": backstr
};
var t = as + 'appsapi0'
, n = CryptoJS.enc.Utf8.parse(t)
, i = CryptoJS.enc.Utf8.parse(JSON.stringify(tt))
, r = CryptoJS.AES.encrypt(i, n, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
return [r.toString(), tt['ac_c']];
}
// console.log(encrypt_('175','77af72b4','3665-Px4DcLoit3uVe824uBkHUhYlQRP9J1snLUo3oUo4NCni3QAeNyHrm3CQYE1d0+bG4z2Vv/PQXdv1Qp9j+bImhNo+yvQeYZjOGBVq/fJYQARPO+z357jr0N2VdtJR6PLV/ZF/4vWSekHq0V0F9PvNX4E9FL+bBVTtveoWXlDB3zxsr30wdtMey7lw/HDDDKm05KTU72MoN+B2g6pXkXJLfwXeK557yhbIgeqaUUxYRgI46RjrwoF1Em3LISq+4Ke5TIyH89awQ6ups+DSlxyJZbU/WxmL6wSrpxmVpQ0rYrwgtgO8yAPCE2myWZ7uQnMkWTnNNBThHZHALC3YA4xWkA=='))
调用旋转模型,整体代码
from urllib.parse import unquote
import requests
import execjs
import time
import json
import re
import urllib3
from baidu_aiqicha_rotate.rotate_captcha import fun_get_angle_
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
class BaiduAiqichaRotate:
def __init__(self):
self.session = requests.session()
self.headers = {
'Accept': 'text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, '
'*/*; q=0.01',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Connection': 'keep-alive',
'Sec-Fetch-Dest': 'empty',
'Sec-Fetch-Mode': 'cors',
'Sec-Fetch-Site': 'same-origin',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/103.0.0.0 Safari/537.36',
'X-Requested-With': 'XMLHttpRequest',
'Referer': 'https://wappass.baidu.com/static/captcha/tuxing.html?ak=33c48884b7df83d4230e07cbcd0d07fd&backurl=http%3A%2F%2Fwww.aiqicha.com%2Fs%3Fq%3D%E5%8D%8E%E4%B8%BA%E6%8A%80%E6%9C%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%26t%3D0%26p_type%3D2×tamp=1658303050&signature=0a25abf3ad473d83e846a510b7b5d1ed',
'sec-ch-ua': '".Not/A)Brand";v="99", "Google Chrome";v="103", "Chromium";v="103"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
}
def get_image_request_data(self):
"""
:return: 获取需要获取图片的参数
"""
url = "https://wappass.baidu.com/viewlog"
params = {
"callback": "jQuery110205449684422426735_" + str(int(time.time() * 1000)),
"ak": "33c48884b7df83d4230e07cbcd0d07fd",
"_": str(int(time.time() * 1000))
}
response = self.session.get(url, headers=self.headers, params=params)
res_data = re.findall(r'.*?(\{.*?})\)', response.text)[0]
res_data = json.loads(res_data)
item = {
"tk": res_data['data']['tk'],
"as": res_data['data']['as'],
"ds": res_data['data']['ds']
}
return item
def get_img(self, item):
url = "https://wappass.baidu.com/viewlog/getstyle"
params = {
"callback": "jQuery110205449684422426735_" + str(time.time() * 1000),
"ak": '33c48884b7df83d4230e07cbcd0d07fd',
"tk": item["tk"],
"isios": "0",
"type": "spin",
"_": str(time.time() * 1000)
}
response = self.session.get(url, headers=self.headers, params=params)
ret_data = re.findall(r'.*?(\{.*?})\)', response.text)[0]
ret_data = json.loads(ret_data)
item_img = {
"img_url": unquote(ret_data['data']['ext']['img']),
"backstr": ret_data['data']['backstr'],
"tk": item["tk"],
"as": item["as"]
}
response = self.session.get(item_img['img_url'], verify=False)
with open('img.png', 'wb')as f:
f.write(response.content)
return item_img
def verify_data(self, item):
url = "https://wappass.baidu.com/viewlog"
print("angle:", item['angle'])
print("as:", item['as'])
with open('get_encrypt.js', 'r', encoding='utf-8') as f:
js_text = f.read()
fs = execjs.compile(js_text).call('encrypt_', str(item['angle']), str(item['as']), str(item['backstr']))
print("fs:", fs)
params = {
"callback": "jQuery110204100787474351779_" + str(time.time() * 1000),
"ak": "33c48884b7df83d4230e07cbcd0d07fd",
"as": item['as'],
"fs": fs[0],
"tk": item['tk'],
"cv": "submit",
"_": str(time.time() * 1000)
}
response = self.session.get(url, headers=self.headers, params=params)
ret_data = re.findall(r'.*?(\{.*?})\)', response.text)[0]
ret_data = json.loads(ret_data)
print("验证结果:", ret_data)
return ret_data
if __name__ == '__main__':
item = BaiduAiqichaRotate().get_image_request_data()
item_img = BaiduAiqichaRotate().get_img(item)
angle = fun_get_angle_('img.png')
item_img['angle'] = angle
print(item_img)
ret_data = BaiduAiqichaRotate().verify_data(item_img)
if 1 == ret_data['data']['op']:
print("验证通过")
# break
标签:逆向,bf,img,fx,fy,爱企查,item,data,百度 来源: https://www.cnblogs.com/wyh0923/p/16499379.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。