推荐学习书目 Learn Python the Hard Way Python Sites PyPI - Python Package Index http://diveintopython.org/toc/index.html Pocoo 值得关注的项目 PyPy Celery Jinja2 Read the Docs gevent pyenv virtualenv Stackless Python Beautiful Soup 结巴中文分词 Green Unicorn Sentry Shovel Pyflakes pytest Python 编程 pep8 Checker Styles PEP 8 Google Python Style Guide Code Style from The Hitchhiker's Guide
用 python 写模拟登陆,一段 Javascript 加密代码,我用 python 重写了一遍,但是运行结果不对。。求指点。。。
livesmart 2016-04-26 16:38:57 +08:00 5396 次点击这是一个创建于 3458 天前的主题,其中的信息可能已经有所发展或是发生改变。
这段代码关键部分就是 function ee(){} 我输入密码,然后经过加密,通过 post 方式请求返回服务器。我用 python 写个模拟登陆,但是这段加密搞不定,照着写出来的代码,运行结果不对。。 正确的值如下: upass: E1f0813d4cea349c75b135043842608b123456781
~~~~~~~~~~~~~Javascript 代码~~~~~~~~~~~~~~~~~~~~~~~~
<html> <head> <meta http-equiv="Content-Type" cOntent="text/html; charset="> <script language="Javascript"><!-- sv=0;sv1=0;v6='http://[::]:9002/v6 ';myv6ip=' ';v4serip='10.100.10.104' ;m46=0;v46ip='172.19.213.68' ; ps=1;pid='1';calg='12345678'; function safe_add(x,y){ var lsw=(x&0xFFFF)+(y&0xFFFF) var msw=(x>>16)+(y>>16)+(lsw>>16) return(msw<<16)|(lsw&0xFFFF)} function rol(num,cnt){return(num<<cnt)|(num>>>(32-cnt));} function cmn(q,a,b,x,s,t){return safe_add(rol(safe_add(safe_add(a,q),safe_add(x,t)),s),b);} function ff(a,b,c,d,x,s,t){return cmn((b&c)|((~b)&d),a,b,x,s,t);} function gg(a,b,c,d,x,s,t){return cmn((b&d)|(c&(~d)),a,b,x,s,t);} function hh(a,b,c,d,x,s,t){return cmn(b^c^d,a,b,x,s,t);} function ii(a,b,c,d,x,s,t){return cmn(c^(b|(~d)),a,b,x,s,t);} function coreMD5(x){ var a=1732584193 var b=-271733879 var c=-1732584194 var d=271733878 for(i=0; i < x.length; i+=16){ var olda=a var oldb=b var oldc=c var oldd=d a=ff(a,b,c,d,x[i+0],7,-680876936) d=ff(d,a,b,c,x[i+1],12,-389564586) c=ff(c,d,a,b,x[i+2],17,606105819) b=ff(b,c,d,a,x[i+3],22,-1044525330) a=ff(a,b,c,d,x[i+4],7,-176418897) d=ff(d,a,b,c,x[i+5],12,1200080426) c=ff(c,d,a,b,x[i+6],17,-1473231341) b=ff(b,c,d,a,x[i+7],22,-45705983) a=ff(a,b,c,d,x[i+8],7,1770035416) d=ff(d,a,b,c,x[i+9],12,-1958414417) c=ff(c,d,a,b,x[i+10],17,-42063) b=ff(b,c,d,a,x[i+11],22,-1990404162) a=ff(a,b,c,d,x[i+12],7,1804603682) d=ff(d,a,b,c,x[i+13],12,-40341101) c=ff(c,d,a,b,x[i+14],17,-1502002290) b=ff(b,c,d,a,x[i+15],22,1236535329) a=gg(a,b,c,d,x[i+1],5,-165796510) d=gg(d,a,b,c,x[i+6],9,-1069501632) c=gg(c,d,a,b,x[i+11],14,643717713) b=gg(b,c,d,a,x[i+0],20,-373897302) a=gg(a,b,c,d,x[i+5],5,-701558691) d=gg(d,a,b,c,x[i+10],9,38016083) c=gg(c,d,a,b,x[i+15],14,-660478335) b=gg(b,c,d,a,x[i+4],20,-405537848) a=gg(a,b,c,d,x[i+9],5,568446438) d=gg(d,a,b,c,x[i+14],9,-1019803690) c=gg(c,d,a,b,x[i+3],14,-187363961) b=gg(b,c,d,a,x[i+8],20,1163531501) a=gg(a,b,c,d,x[i+13],5,-1444681467) d=gg(d,a,b,c,x[i+2],9,-51403784) c=gg(c,d,a,b,x[i+7],14,1735328473) b=gg(b,c,d,a,x[i+12],20,-1926607734) a=hh(a,b,c,d,x[i+5],4,-378558) d=hh(d,a,b,c,x[i+8],11,-2022574463) c=hh(c,d,a,b,x[i+11],16,1839030562) b=hh(b,c,d,a,x[i+14],23,-35309556) a=hh(a,b,c,d,x[i+1],4,-1530992060) d=hh(d,a,b,c,x[i+4],11,1272893353) c=hh(c,d,a,b,x[i+7],16,-155497632) b=hh(b,c,d,a,x[i+10],23,-1094730640) a=hh(a,b,c,d,x[i+13],4,681279174) d=hh(d,a,b,c,x[i+0],11,-358537222) c=hh(c,d,a,b,x[i+3],16,-722521979) b=hh(b,c,d,a,x[i+6],23,76029189) a=hh(a,b,c,d,x[i+9],4,-640364487) d=hh(d,a,b,c,x[i+12],11,-421815835) c=hh(c,d,a,b,x[i+15],16,530742520) b=hh(b,c,d,a,x[i+2],23,-995338651) a=ii(a,b,c,d,x[i+0],6,-198630844) d=ii(d,a,b,c,x[i+7],10,1126891415) c=ii(c,d,a,b,x[i+14],15,-1416354905) b=ii(b,c,d,a,x[i+5],21,-57434055) a=ii(a,b,c,d,x[i+12],6,1700485571) d=ii(d,a,b,c,x[i+3],10,-1894986606) c=ii(c,d,a,b,x[i+10],15,-1051523) b=ii(b,c,d,a,x[i+1],21,-2054922799) a=ii(a,b,c,d,x[i+8],6,1873313359) d=ii(d,a,b,c,x[i+15],10,-30611744) c=ii(c,d,a,b,x[i+6],15,-1560198380) b=ii(b,c,d,a,x[i+13],21,1309151649) a=ii(a,b,c,d,x[i+4],6,-145523070) d=ii(d,a,b,c,x[i+11],10,-1120210379) c=ii(c,d,a,b,x[i+2],15,718787259) b=ii(b,c,d,a,x[i+9],21,-343485551) a=safe_add(a,olda) b=safe_add(b,oldb) c=safe_add(c,oldc) d=safe_add(d,oldd);} return [a,b,c,d];} function binl2hex(binarray){ var hex_tab="0123456789abcdef" var str="" for(var i=0; i < binarray.length * 4; i++){ str+=hex_tab.charAt((binarray[i>>2] >>((i%4)*8+4))&0xF)+ hex_tab.charAt((binarray[i>>2] >>((i%4)*8))&0xF) } return str;} function binl2b64(binarray){ var tab="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" var str="" for(var i=0; i < binarray.length * 32; i+=6){ str+=tab.charAt(((binarray[i>>5] <<(i%32))&0x3F)|((binarray[i>>5+1] >>(32-i%32))&0x3F)) } return str;} function str2binl(str){ var nblk=((str.length+8)>>6)+1 // number o 16-word blocks var blks=new Array(nblk * 16) for(var i=0; i < nblk * 16; i++) blks[i]=0 for(var i=0; i < str.length; i++) blks[i>>2]|=(str.charCodeAt(i)&0xFF) <<((i%4) * 8) blks[i>>2]|=0x80 <<((i%4) * 8) blks[nblk*16-2]=str.length * 8 return blks;} function strw2binl(str){ var nblk=((str.length+4)>>5)+1 // number of 16-word blocks var blks=new Array(nblk * 16) for(var i=0; i < nblk * 16; i++) blks[i]=0 for(var i=0; i < str.length; i++) blks[i>>1]|=str.charCodeAt(i) <<((i%2) * 16) blks[i>>1]|=0x80 <<((i%2) * 16) blks[nblk*16-2]=str.length * 16 return blks;} function hexMD5(str){return binl2hex(coreMD5( str2binl(str)))} function hexMD5w(str){return binl2hex(coreMD5(strw2binl(str)))} function b64MD5(str){return binl2b64(coreMD5( str2binl(str)))} function b64MD5w(str){return binl2b64(coreMD5(strw2binl(str)))} function calcMD5(str){return binl2hex(coreMD5( str2binl(str)))} function xproc1(str){ var EChars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; var out,i,len,c1,c2,c3; len=str.length; i=0; out = ""; while(i<len){ c1=str.charCodeAt(i++)&0xff; if(i==len){out+=EChars.charAt(c1>>2); out+=EChars.charAt((c1&0x3)<<4); out+= "=="; break;} c2=str.charCodeAt(i++); if(i==len){out+=EChars.charAt(c1>>2); out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4)); out+=EChars.charAt((c2&0xF)<<2); out+="="; break;} c3=str.charCodeAt(i++); out+=EChars.charAt(c1>>2); out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4)); out+=EChars.charAt(((c2&0xF)<<2)|((c3&0xC0)>>6)); out+=EChars.charAt(c3&0x3F);} return out;} function cc(ss){f0.R1.value=ss;} function ee(){ if(f1.DDDDD.value==""){alert("??ê?è??úμ???o? Please enter your account account number");return false;} f0.DDDDD.value=f1.DDDDD.value if(ps==0){f0.upass.value=xproc1(f1.upass.value);} else{tmpchar=pid+f1.upass.value+calg;f0.upass.value=calcMD5(tmpchar)+calg+pid;f0.R2.value=1;} document.f0.submit(); return false;} //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` 我用 python 写的加密代码
def safe_add(x,y): lsw=(x & 0xFFFF)+(y & 0xFFFF) msw=(x >> 16)+(y >> 16)+(lsw >> 16) return(msw << 16)|(lsw & 0xFFFF) def rol(num,cnt): tmp = num << 2 tmp1 = abs(num) >> (32 - cnt) return (tmp | tmp1) def cmn(q,a,b,x,s,t): return safe_add(rol(safe_add(safe_add(a, q), safe_add(x, t)), s), b) def ff(a,b,c,d,x,s,t): return cmn((b & c)|((~b) & d),a,b,x,s,t) def gg(a,b,c,d,x,s,t): return cmn((b & d)|(c & (~d)),a,b,x,s,t) def hh(a,b,c,d,x,s,t): return cmn(b ^ c ^ d, a, b, x, s, t) def ii(a,b,c,d,x,s,t): return cmn(c^(b|(~d)),a,b,x,s,t) def coreMD5(x): a=1732584193 b=-271733879 c=-1732584194 d=271733878 for i in range(0,len(x),16): olda=a oldb=b oldc=c oldd=d a = ff(a, b, c, d, x[i + 0], 7, -680876936) d = ff(d, a, b, c, x[i + 1], 12, -389564586) c = ff(c, d, a, b, x[i + 2], 17, 606105819) b = ff(b, c, d, a, x[i + 3], 22, -1044525330) a = ff(a, b, c, d, x[i + 4], 7, -176418897) d = ff(d, a, b, c, x[i + 5], 12, 1200080426) c = ff(c, d, a, b, x[i + 6], 17, -1473231341) b = ff(b, c, d, a, x[i + 7], 22, -45705983) a = ff(a, b, c, d, x[i + 8], 7, 1770035416) d = ff(d, a, b, c, x[i + 9], 12, -1958414417) c = ff(c, d, a, b, x[i + 10], 17, -42063) b = ff(b, c, d, a, x[i + 11], 22, -1990404162) a = ff(a, b, c, d, x[i + 12], 7, 1804603682) d = ff(d, a, b, c, x[i + 13], 12, -40341101) c = ff(c, d, a, b, x[i + 14], 17, -1502002290) b = ff(b, c, d, a, x[i + 15], 22, 1236535329) a = gg(a, b, c, d, x[i + 1], 5, -165796510) d = gg(d, a, b, c, x[i + 6], 9, -1069501632) c = gg(c, d, a, b, x[i + 11], 14, 643717713) b = gg(b, c, d, a, x[i + 0], 20, -373897302) a = gg(a, b, c, d, x[i + 5], 5, -701558691) d = gg(d, a, b, c, x[i + 10], 9, 38016083) c = gg(c, d, a, b, x[i + 15], 14, -660478335) b = gg(b, c, d, a, x[i + 4], 20, -405537848) a = gg(a, b, c, d, x[i + 9], 5, 568446438) d = gg(d, a, b, c, x[i + 14], 9, -1019803690) c = gg(c, d, a, b, x[i + 3], 14, -187363961) b = gg(b, c, d, a, x[i + 8], 20, 1163531501) a = gg(a, b, c, d, x[i + 13], 5, -1444681467) d = gg(d, a, b, c, x[i + 2], 9, -51403784) c = gg(c, d, a, b, x[i + 7], 14, 1735328473) b = gg(b, c, d, a, x[i + 12], 20, -1926607734) a = hh(a, b, c, d, x[i + 5], 4, -378558) d = hh(d, a, b, c, x[i + 8], 11, -2022574463) c = hh(c, d, a, b, x[i + 11], 16, 1839030562) b = hh(b, c, d, a, x[i + 14], 23, -35309556) a = hh(a, b, c, d, x[i + 1], 4, -1530992060) d = hh(d, a, b, c, x[i + 4], 11, 1272893353) c = hh(c, d, a, b, x[i + 7], 16, -155497632) b = hh(b, c, d, a, x[i + 10], 23, -1094730640) a = hh(a, b, c, d, x[i + 13], 4, 681279174) d = hh(d, a, b, c, x[i + 0], 11, -358537222) c = hh(c, d, a, b, x[i + 3], 16, -722521979) b = hh(b, c, d, a, x[i + 6], 23, 76029189) a = hh(a, b, c, d, x[i + 9], 4, -640364487) d = hh(d, a, b, c, x[i + 12], 11, -421815835) c = hh(c, d, a, b, x[i + 15], 16, 530742520) b = hh(b, c, d, a, x[i + 2], 23, -995338651) a = ii(a, b, c, d, x[i + 0], 6, -198630844) d = ii(d, a, b, c, x[i + 7], 10, 1126891415) c = ii(c, d, a, b, x[i + 14], 15, -1416354905) b = ii(b, c, d, a, x[i + 5], 21, -57434055) a = ii(a, b, c, d, x[i + 12], 6, 1700485571) d = ii(d, a, b, c, x[i + 3], 10, -1894986606) c = ii(c, d, a, b, x[i + 10], 15, -1051523) b = ii(b, c, d, a, x[i + 1], 21, -2054922799) a = ii(a, b, c, d, x[i + 8], 6, 1873313359) d = ii(d, a, b, c, x[i + 15], 10, -30611744) c = ii(c, d, a, b, x[i + 6], 15, -1560198380) b = ii(b, c, d, a, x[i + 13], 21, 1309151649) a = ii(a, b, c, d, x[i + 4], 6, -145523070) d = ii(d, a, b, c, x[i + 11], 10, -1120210379) c = ii(c, d, a, b, x[i + 2], 15, 718787259) b = ii(b, c, d, a, x[i + 9], 21, -343485551) a = safe_add(a, olda) b = safe_add(b, oldb) c = safe_add(c, oldc) d = safe_add(d, oldd) return [a,b,c,d] def str2binl(str): nblk=((len(str)+8) >> 6)+1 blks=[0 for i in range(0,nblk*16)] for i in range(0,len(str)): blks[i>>2] = blks[i>>2] | ((int(str[i])& 0xFF) <<((i%4) * 8)) blks[i>>2] = blks[i>>2] | (0x80 <<((i%4) * 8)) blks[(nblk*16 - 2)] = len(str) * 8 return blks def binl2hex(binarray): hex_tab="0123456789abcdef" str="" for i in range(len(binarray)*4): str= str + hex_tab[(binarray[i>>2] >>((i%4)*8+4))&0xF]+hex_tab[(binarray[i>>2] >>((i%4)*8))&0xF] return str def calcMD5(str): return binl2hex(coreMD5( str2binl(str))) str = '12345678' pid = '1' calg = '12345678' def main(): tmpchar = pid + str +calg tmpchar2 = calcMD5(tmpchar) passd = tmpchar2 +calg +pid print passd if __name__ == "__main__": main()  | 1 m939594960 2016-04-26 16:51:07 +08:00 用 pyv8 直接用 js 算结果啊 |
 | 2 livesmart OP @m939594960 谢谢,我去试试。。但是你能不能告诉我,我哪里错了。。。。 |
 | 3 fish267 2016-04-26 16:59:10 +08:00  1 I prefer go die. |
| 4 m939594960 2016-04-26 17:01:35 +08:00 1 @livesmart 太多了 我也没仔( KAN )细( BU )看( DONG ) 不过对效率等等要求不是很高的话 直接运行这个 js 取结果就好了 应该是最好的办法 。中间那么长一段 其实就是个 md5 加密, python 直接用库生成就好了 如果非得要用 python 去实现这个加密的过程 推荐吧 js 放到 chrome 中运行一下 然后下断点 看下每一步的数值 然后 python 也进行一步一步的 查看一下数值 问题出现在哪就很好看出来了 |
 | 5 mV2GK 2016-04-26 17:01:56 +08:00 1 每一步都加个 print 对比下输出不就知道了。。。 |
 | 6 j0kER 2016-04-26 17:09:00 +08:00 @m939594960 pyv8 怎么安装啊。。 pip 安装不起来 |
 | 7 gimp 2016-04-26 17:16:16 +08:00 1 |
 | 8 mdzz 2016-04-26 17:19:02 +08:00 6 你 TM 在逗我  >>> import hashlib >>> ANS = 'E1f0813d4cea349c75b135043842608b123456781' >>> >>> str = '12345678' >>> pid = '1' >>> calg = '12345678' >>> >>> tmpchar = pid + str + calg >>> tmpchar2 = hashlib.md5(tmpchar).hexdigest() >>> passd = tmpchar2 + calg + pid >>> passd.capitalize() == ANS True >>> |
 | 11 qqmishi 2016-04-26 17:46:53 +08:00 怎么感觉和我们学校教务网加密方式一样啊 23333 当初我也是耐心的看了一遍源码,最后放弃直接用 python 的 md5 库了 23333 |
 | 13 est 2016-04-26 18:02:45 +08:00 爬的网站还不够多,没看出来这是 md5 库。。。 |
 | 14 lxy 2016-04-26 18:13:30 +08:00 看到那个 calcMD5 还不明白么…… |
 | 15 blotd 2016-04-26 21:59:26 +08:00 1 ```Javascript // JS Hashlib Lib : https://github.com/LuoZijun/hashlib.js // 把 hashlib.js 引入你的 html 。 // <script type="text/Javascript" src="hashlib.js"></script> var target = 'E1f0813d4cea349c75b135043842608b123456781'; var str = '12345678'; var pid = '1'; var calg = '12345678'; var tmpchar = pid + str + calg; var hash = new hashlib.md5(tmpchar).hexdigest(); var array = (hash + calg + pid).split(''); array.splice(0, 1, array[0].toUpperCase() ); var result = array.join(''); console.log( 'Target: ' + result + ' Result: ' + result ); console.log( target == result ); ``` |
 | 16 zmj1316 2016-04-26 22:03:06 +08:00 带 js 的除非像这种特别明显的我都是偷懒直接上 pyV8 |
 | 17 guokeke 2016-04-27 02:12:30 +08:00 via Android →_→,感觉这是某校园网的登录啊,你一定是要干坏事! |
 | 18 wwxiong 2016-04-27 09:19:55 +08:00 1 python 的位运算机制和 js 是不一样的。特别针对高位有符号左移位。你可以借助 python ctypes 模块来处理。 python >>> -1231313132112 << 2 -4925252528448 js -1231313132112 << 2 1074960064 |
Select Language