技术:HttpClient(易语言的只能做参考了)
抓包工具:HttpClient
抓包对象:58同城
首先:进入登录页面:http://passport.58.com/login?path=http://my.58.com,开始抓包,进入后发现,密码被进行了三次加密,分别是p1,p2,p3,这三次加密,前面的2次还是比较简单的,加密代码,都在js里面可以找到,后面的p3字段的加密,一直没搞明白,开始研究…,经过一小时奋战,终于发现,原来是老的rsa加密啊,那么就简单了,rsa加密算法,我这里存了一大堆了,很多网站,都用了这个加密技术,那么总体来讲,就没啥难度了,下面贴登录代码主体部分:
public class Login_58 {
public Map get(String username,String password,String ip ,int port,String uuname,String uuword,boolean isByuu){
List list = new ArrayList() ;
boolean re = false ;
String cookiess = “” ;
String sid = “” ;
Map remap = new HashMap();
int codeID01 = -1 ;
String ret = “” ;
String errorinfo = “” ;
DefaultHttpClient httpClient = null ;
DefaultHttpClient defaultClient;
HttpParams httpParams = new BasicHttpParams();
// HttpConnectionParams.
ConnManagerParams.setMaxTotalConnections(httpParams, 80);
ConnManagerParams.setTimeout(httpParams, 25000);
//每个路由的最大链接个数,标志对同一站点的并发请求
ConnPerRouteBean connPerRoute = new ConnPerRouteBean(100);
ConnManagerParams.setMaxConnectionsPerRoute(httpParams, connPerRoute);
HttpConnectionParams.setConnectionTimeout(httpParams,25000);
HttpConnectionParams.setSoTimeout(httpParams, 50000);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme(“http”, PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme(“https”, SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManagerconnectionManager = new ThreadSafeClientConnManager(httpParams,registry);
// httpParams.setParameter(ClientPNames.HANDLE_REDIRECTS,false);
defaultClient = new DefaultHttpClient(connectionManager, httpParams);
defaultClient.getParams().setIntParameter(HttpConnectionParams.SOCKET_BUFFER_SIZE, 20*1024);
HttpClientParams.setCookiePolicy(defaultClient.getParams(),CookiePolicy.BROWSER_COMPATIBILITY);
//defaultClient.getParams().setCookiePolicy();
httpClient = defaultClient ;
if(ip!=null && !ip.equals(“”)){
HttpHost proxy = new HttpHost(ip,port);
httpClient.getParams().setParameter(ConnRouteParams.DEFAULT_PROXY, proxy);
}
HttpGet g1 = null;
HttpPost g3 = null;
try {
g1 = new HttpGet(“http://passport.58.com/login?path=http://my.58.com”) ;
g1.setHeader(“Accept”, “text/html, application/xhtml+xml, */*”) ;
g1.setHeader(“Accept-Language”, “zh-CN”) ;
g1.setHeader(“Proxy-Connection”, “Keep-Alive”) ;
g1.setHeader(“Host”, “passport.58.com”) ;//Proxy-Connection: keep-alive
g1.setHeader(“User-Agent”, “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)”) ;
//g1.setRequestHeader(“Content-Type”, “application/x-www-form-urlencoded;charset=UTF-8″) ;
HttpResponse response2 = httpClient.execute(g1);
String sg1 = dump(response2.getEntity(),”utf-8”) ;
// sg1 = new String(sg1.getBytes(“ISO-8859-1″),”GBK”);
// System.out.println(sg1) ;
if(response2.getStatusLine().getStatusCode() == 200 && sg1.indexOf(“id=\”ptk\””)!=-1 && sg1.indexOf(“id=\”cd\””)!=-1 && sg1.indexOf(“name=\”path\””)!=-1 && sg1.indexOf(“$(\”#p3\”).val(encryptString(“)!=-1){
String cookiesimage01 = “” ;
System.out.println(cookiesimage01) ;
String ptk = “” ;
String cd = “” ;
String path = “” ;
String v3 = “” ;
String v4 = “” ;
sg1 = sg1.substring(sg1.indexOf(“name=\”path\””)) ;
sg1 = sg1.substring(sg1.indexOf(“value=\””)+7) ;
path = sg1.substring(0, sg1.indexOf(“\””));
sg1 = sg1.substring(sg1.indexOf(“id=\”ptk\””)) ;
sg1 = sg1.substring(sg1.indexOf(“value=\””)+7) ;
ptk = sg1.substring(0, sg1.indexOf(“\””));
sg1 = sg1.substring(sg1.indexOf(“id=\”cd\””)) ;
sg1 = sg1.substring(sg1.indexOf(“value=\””)+7) ;
cd = sg1.substring(0, sg1.indexOf(“\””));
sg1 = sg1.substring(sg1.indexOf(“$(\”#p3\”).val(encryptString(“)) ;
if(sg1.indexOf(“val()),”)!=-1){
sg1 = sg1.substring(sg1.indexOf(“val()),”)) ;
sg1 = sg1.substring(sg1.indexOf(“\””)+1) ;
v3 = sg1.substring(0, sg1.indexOf(“\””)) ;
sg1 = sg1.substring(sg1.indexOf(“, \””)+3) ;
v4 = sg1.substring(0, sg1.indexOf(“\””)) ;
}
System.out.println(ptk+”:”+cd+”:”+path) ;
System.out.println(v3+”:”+v4) ;
String stime = System.currentTimeMillis()+”” ;
Password p = new Password() ;
String p1 = p.encryp1(password, stime) ;
String p2 = p.encryp2(password, stime) ;
String p3 = p.encry(stime+URLEncoder.encode(password),v3,v4) ;
System.out.println(p1+”:”+p2+”:”+p3) ;
g3 = new HttpPost(“http://passport.58.com/dounionlogin”) ;
g3.setHeader(“Accept”, “text/html, application/xhtml+xml, */*”) ;
g3.setHeader(“Accept-Language”, “zh-CN”) ;
g3.setHeader(“Connection”, “Keep-Alive”) ;
g3.setHeader(“Host”, “passport.58.com”) ;
g3.setHeader(“Referer”, “http://passport.58.com/login?path=http://my.58.com”) ;
g3.setHeader(“User-Agent”, “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)”) ;
g3.setHeader(“Content-Type”, “application/x-www-form-urlencoded;charset=UTF-8”) ;
//g3.setHeader(“Cookie”, cookiesimage01) ;
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
qparams.add(new BasicNameValuePair(“cd”,cd));
qparams.add(new BasicNameValuePair(“isweak”,”0″));
qparams.add(new BasicNameValuePair(“mcresult”,”undefined”));
qparams.add(new BasicNameValuePair(“p1”,p1));
qparams.add(new BasicNameValuePair(“p2”,p2));
qparams.add(new BasicNameValuePair(“p3”,p3));
qparams.add(new BasicNameValuePair(“password”,”password”));
qparams.add(new BasicNameValuePair(“path”,path));
qparams.add(new BasicNameValuePair(“pptmobilecodeloginmobile”,”请输入手机号”));
qparams.add(new BasicNameValuePair(“pptmobilecodeloginmobilecode”,””));
qparams.add(new BasicNameValuePair(“ptk”,ptk));
qparams.add(new BasicNameValuePair(“source”,”pc-login”)); //图片
qparams.add(new BasicNameValuePair(“timesign”,stime));
qparams.add(new BasicNameValuePair(“username”,username));
UrlEncodedFormEntity params = new UrlEncodedFormEntity(qparams, “UTF-8″);
g3.setEntity(params);
HttpResponse response4 = httpClient.execute(g3);
String sg3 = dump(response4.getEntity(),”utf-8”) ;
// System.out.println(sg3) ;
if(response4.getStatusLine().getStatusCode() == 200 && sg3.indexOf(“http://my.58.com?pts=”)!=-1){
String cookiesimage02 = “” ;
System.out.println(cookiesimage02) ;
String urls = “” ;
sg3 = sg3.substring(sg3.indexOf(“http://my.58.com?pts=”)) ;
urls = sg3.substring(0, sg3.indexOf(“\””)) ;
g1 = new HttpGet(urls) ;
g1.setHeader(“Accept”, “text/html, application/xhtml+xml, */*”) ;
g1.setHeader(“Accept-Language”, “zh-CN”) ;
g1.setHeader(“Proxy-Connection”, “Keep-Alive”) ;
g1.setHeader(“Host”, “my.58.com”) ;//Proxy-Connection: keep-alive
g1.setHeader(“User-Agent”, “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)”) ;
//g1.setHeader(“Cookie”, cookiesimage02) ;
response2 = httpClient.execute(g1);
String sg31 = dump(response2.getEntity(),”utf-8″) ;
// System.out.println(sg31) ;
if(response2.getStatusLine().getStatusCode()==200 && sg31.indexOf(“用户中心”)!=-1){
System.out.println(“–“+cookiesimage03) ;
cookiess = cookiesimage03 ;
re = true ;
}else{
System.out.println(“2”);
}
}else{
System.out.println(“用户密码不对”);
}
}else{
System.out.println(“1”);
}
}catch(Exception e){
System.out.println(e.toString());
//e.printStackTrace() ;
}finally{
if(httpClient !=null){
// httpClient.getConnectionManager().shutdown();
}
}
remap.put(“re”,re+ “”);
//remap.put(“errorinfo”,errorinfo);
remap.put(“cookiess”,cookiess);
remap.put(“httpClient”,httpClient);
return remap ;
}
/**
* 正常解决io流成字符串
*
* @param entity
* @throws IOException
*/
private String dump(HttpEntity entity, String encoding) {
BufferedReader br = null;
StringBuilder sb = null;
try {
br = new BufferedReader(new InputStreamReader(entity.getContent(),
encoding));
sb = new StringBuilder();
String temp = null;
while ((temp = br.readLine()) != null) {
sb.append(temp);
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
br.close();
} catch (IOException e) {
e.printStackTrace();
}
}
return sb.toString();
}
public String convert(String utfString){
StringBuilder sb = new StringBuilder();
int i = -1;
int pos = 0;
while((i=utfString.indexOf(“\\u”, pos)) != -1){
sb.append(utfString.substring(pos, i));
if(i+5 < utfString.length()){
pos = i+6;
sb.append((char)Integer.parseInt(utfString.substring(i+2, i+6), 16));
}
}
return sb.toString();
}
public static String RandomString(int length) {
String str = “abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789”;
Random random = new Random();
StringBuffer buf = new StringBuffer();
for (int i = 0; i < length; i++) {
int num = random.nextInt(62);
buf.append(str.charAt(num));
}
return buf.toString();
}
public static String RandomStringSm(int length) {
String str = “abcdef0123456789”;
Random random = new Random();
StringBuffer buf = new StringBuffer();
for (int i = 0; i < length; i++) {
int num = random.nextInt(str.length());
buf.append(str.charAt(num));
}
return buf.toString();
}
public static String RandomNumber(int numinput) {
String str = “”;
str += (int) (Math.random() * 9 + 1);
for (int i = 0; i < numinput; i++) {
str += (int) (Math.random() * 10);
}
return str;
}
public String GetEnValue(String envvalue)
{
String ret = “” ;
ScriptEngineManager manager = new ScriptEngineManager();
ScriptEngine engine = manager.getEngineByName(“javascript”);
String jsFileName = “lib/env.js”;
FileReader reader;
try {
reader = new FileReader(jsFileName);
engine.eval(reader);
if (engine instanceof Invocable) {
Invocable invoke = (Invocable) engine;
ret = (String)invoke.invokeFunction(“env”, envvalue);
}
reader.close();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ret ;
}
/**
* @param args
*/
public static void main(String[] args) {
// TODO Auto-generated method stub
Login_58 cc = new Login_58() ;
String cookies = “” ;
DefaultHttpClient httpClient = null ;
String ret = “” ;
for(int i=0;i<10;i++){
Map map = cc.get(“用户”,”密码”, “”, 0,”1″,”1″,true) ;
if(map !=null){
cookies = map.get(“cookiess”) == null ? “” :(String) map.get(“cookiess”) ;
ret = map.get(“re”) == null ? “” :(String) map.get(“re”) ;
httpClient = map.get(“httpClient”) == null ? null :(DefaultHttpClient) map.get(“httpClient”) ;
if(ret.equals(“true”)){
break ;
}
}
}
System.out.println(ret) ;
System.out.println(httpClient) ;
System.out.println(cookies) ;
}
}
整体部分出来了,很多人就想问了,整体部分是有了,那加密部分呢,呵呵,别急,下面就贴加密部分的代码了:
public class Password {
public static final String HEXSTRING = “0123456789ABCDEF”;
public String encryp1(String v1,String v2){
String ret = “” ;
ScriptEngineManager manager = new ScriptEngineManager();
ScriptEngine engine = manager.getEngineByName(“javascript”);
String jsFileName = “lib/encry.js”;
FileReader reader;
try {
reader = new FileReader(jsFileName);
engine.eval(reader);
String jsstr = “function getm32strss(){“+
” var keyValue = getm32str(‘”+v1+”‘, ‘”+v2+”‘); “+
” return keyValue ; “+
“} ” ;
engine.eval(jsstr);
if (engine instanceof Invocable) {
Invocable invoke = (Invocable) engine;
ret = (String)invoke.invokeFunction(“getm32strss”);
}
reader.close();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ret ;
}
public String encryp2(String v1,String v2){
String ret = “” ;
ScriptEngineManager manager = new ScriptEngineManager();
ScriptEngine engine = manager.getEngineByName(“javascript”);
String jsFileName = “lib/encry.js”;
FileReader reader;
try {
reader = new FileReader(jsFileName);
engine.eval(reader);
String jsstr = “function getm16strss(){“+
” var keyValue = getm16str(‘”+v1+”‘, ‘”+v2+”‘); “+
” return keyValue ; “+
“} ” ;
engine.eval(jsstr);
if (engine instanceof Invocable) {
Invocable invoke = (Invocable) engine;
ret = (String)invoke.invokeFunction(“getm16strss”);
}
reader.close();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ret ;
}
public String encry(String v1,String v2,String v3){
String ret = “” ;
ScriptEngineManager manager = new ScriptEngineManager();
ScriptEngine engine = manager.getEngineByName(“javascript”);
String jsFileName = “lib/jquery.js”;
FileReader reader;
try {
// reader = new FileReader(“lib/jquery.js”);
// engine.eval(reader);
// reader = new FileReader(jsFileName);
// engine.eval(reader);
// reader = new FileReader(“lib/main.js”);
// engine.eval(reader);
// reader = new FileReader(“lib/rsa-v114890.js”);
// engine.eval(reader);
reader = new FileReader(“lib/rsa.pack.js”);
engine.eval(reader);
String jsstr = “function Encrypt(password){“+
” “+
” setMaxDigits(131);”+
” var encrypted = encryptedString(new RSAKeyPair(‘”+v2+”‘,”,'”+v3+”‘),password); ” +
” return encrypted ; “+
“} ” ;
engine.eval(jsstr);
if (engine instanceof Invocable) {
Invocable invoke = (Invocable) engine;
ret = (String)invoke.invokeFunction(“Encrypt”, v1);
}
reader.close();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ret ;
}
/**
* @param args
*/
public static void main(String[] args) {
// TODO Auto-generated method stub
}
}
好的,p1,p2,p3的加密算法,都已经贴了,很多人估计还很贪心,还会说,这里光加密算法,怎么没有加密的js啊,好吧,这个我后面提供下载地址,需要的人,都可以去下载啊
这部分,主要是想讲58的登录算法,后面,我还会继续更新58的发帖代码,这个发帖的地方,58做的很坑爹的,我也是被坑了很久,才研究出来的,希望大家多多支持
转自 http://blog.csdn.net/hu474676693/article/details/45483253
