0
点赞
收藏
分享

微信扫一扫

RES加密登录案例

外贸达人小峻先森 2022-02-23 阅读 50
javascript开发语言ecmascript

中国通讯服务。祥云系统
https://portal.chinaccs.cn/client/portal/login

https://portal.chinaccs.cn/static/js/app.dbf91c56.js
登录js 位置
 var s = new i["a"];
 s.setPublicKey(a.map.publicKey),
 e.doLogin(a.map.key, s)
formData位置
data: {
      username: this.dataForm.username,
      password: t.encrypt(this.dataForm.password),
      uuid: this.dataForm.uuid,
      captcha: this.dataForm.captcha,
      key: e
 }


# encoding: utf-8
"""
@author: _Jack Sparrow
@time:  2022/2/21 17:48
@file: aaa.py
@desc: https://portal.chinaccs.cn/client/portal/login 登录
"""
from requests import Session
import requests
import uuid as UUID
import cv2 as cv
import numpy as np
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
import base64



class Login():

    uuid = UUID.uuid1()
    session = Session()

    @classmethod
    def __del__(cls):
        cls.session.close()

    @classmethod
    def getCookiesDict(cls):
        """获取字典类型的cookies"""
        return requests.utils.dict_from_cookiejar(cls.session.cookies)

    @classmethod
    def getPublicKey(cls):
        """获取RES加密公钥"""
        url = "https://portal.chinaccs.cn/portal/paas/auth/getKey.do"
        headers = {
            'Accept': '*/*',
            'Accept-Encoding': 'gzip, deflate, br',
            'Accept-Language': 'zh-CN,zh-TW;q=0.9,zh;q=0.8,en;q=0.7',
            'accessToken': 'null',
            'Connection': 'keep-alive',
            'Host': 'portal.chinaccs.cn',
            'Referer': 'https://portal.chinaccs.cn/client/portal/login',
            'refreshToken': 'null',
            'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"',
            'sec-ch-ua-mobile': '?0',
            'sec-ch-ua-platform': '"Windows"',
            'Sec-Fetch-Dest': 'empty',
            'Sec-Fetch-Mode': 'cors',
            'Sec-Fetch-Site': 'same-origin',
            'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36'
        }
        resp = cls.session.get(url, headers=headers)
        if resp.status_code == 200:
            dataDict = resp.json()
            return dataDict.get("map",{})
        else:
            raise Exception("Error:获取加密公钥失败")

    @classmethod
    def getCaptchaImage(cls):
        """获取图片验证码"""
        url = f"https://portal.chinaccs.cn/portal/paas/auth/captcha.do?uuid={cls.uuid}"
        headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36'}
        resp = cls.session.get(url, headers=headers)
        if resp.status_code == 200:
            imgBytes = resp.content
            img = cv.imdecode(np.frombuffer(imgBytes, np.uint8), cv.IMREAD_COLOR)
            cv.imshow("Image", img)
            cv.waitKey(0)
            cv.destroyAllWindows()
            # 用于显示图片 关闭Image窗口继续运行
        else:
            raise Exception("Error:获取验证码图片失败")



    @classmethod
    def encryptPWD(cls, passwrod, publicKey):
        """密码加密"""
        rsakey = RSA.importKey(f"""-----BEGIN PUBLIC KEY-----
        {publicKey}
        -----END PUBLIC KEY-----""")
        cipher = Cipher_pkcs1_v1_5.new(rsakey)  # 创建用于执行pkcs1_v1_5加密或解密的密码
        cipher_text = base64.b64encode(cipher.encrypt(passwrod.encode('utf-8')))
        return cipher_text.decode('utf-8')

    @classmethod
    def send(cls, userName, password):
        cls.getCaptchaImage()
        mapData = cls.getPublicKey()
        publicKey = mapData.get("publicKey")
        key = mapData.get("key")
        password = cls.encryptPWD(password, publicKey)

        captcha= input("输入验证码:")
        url = "https://portal.chinaccs.cn/portal/login"
        formData =  {
                      'captcha': f'{captcha}',
                      'key': f"{key}",
                      'password': f"{password}",
                      'username': f"{userName}",
                      'uuid': f"{cls.uuid}"
                    }
        headers = {
            'Accept': '*/*',
            'Accept-Encoding': 'gzip, deflate, br',
            'Accept-Language': 'zh-CN,zh-TW;q=0.9,zh;q=0.8,en;q=0.7',
            'accessToken': 'null',
            'Connection': 'keep-alive',
            'Content-Length': '140',
            'Content-Type': 'application/json; charset=UTF-8',
            'Host': 'portal.chinaccs.cn',
            'Origin': 'https://portal.chinaccs.cn',
            'Referer': 'https://portal.chinaccs.cn/client/portal/login',
            'refreshToken': 'null',
            'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"',
            'sec-ch-ua-mobile': '?0',
            'sec-ch-ua-platform': '"Windows"',
            'Sec-Fetch-Dest': 'empty',
            'Sec-Fetch-Mode': 'cors',
            'Sec-Fetch-Site': 'same-origin',
            'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36'
        }
        resp = cls.session.post(url, json=formData, headers=headers)
        if resp.status_code == 200:
            print(resp.json())
            print("cookie:", cls.getCookiesDict())
            # try:
            #     print(resp.json())
            #     print("cookie:", cls.getCookiesDict())
            # except:
            #     print(resp.text)

        else:
            raise Exception("登录请求异常")





if __name__ == '__main__':
    Login.send("xxxx","xxxx")
举报

相关推荐

DES登录加密

javascript

关于前端--RSA加密(对登录密码加密)

安全httphttps

案例-用户登录

服务器安全运维

用户登录案例

java算法eclipse开发语言后端

RES协议

#definehtmlicoHtml/CSS前端开发

res.......

p2pleetcodelinq

App登录模块密码加密方案

流程管理iOS|And...Android收藏集Java技术升华

ecmall后台登录验证,密码加密

数据库系统/运维

【JavaWeb】案例:用户登录、用户自动登录

servletjavamvcjavawebweb编程语言

security单点登录案例

Spring Securityspringmavenxml虚拟化云计算
0 条评论