用 python 写模拟登陆,一段 javascript 加密代码,我用 python 重写了一遍,但是运行结果不对。。求指点。。。

2016-04-26 16:38:57 +08:00
 livesmart

这段代码关键部分就是 function ee(){} 我输入密码,然后经过加密,通过 post 方式请求返回服务器。我用 python 写个模拟登陆,但是这段加密搞不定,照着写出来的代码,运行结果不对。。 正确的值如下: upass: E1f0813d4cea349c75b135043842608b123456781

~~~~~~~~~~~~~javascript 代码~~~~~~~~~~~~~~~~~~~~~~~~

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<script language="JavaScript"><!--
sv=0;sv1=0;v6='http://[::]:9002/v6                                     ';myv6ip='                                       ';v4serip='10.100.10.104'  ;m46=0;v46ip='172.19.213.68'                          ;
ps=1;pid='1';calg='12345678';
function safe_add(x,y){
var lsw=(x&0xFFFF)+(y&0xFFFF)
var msw=(x>>16)+(y>>16)+(lsw>>16)
return(msw<<16)|(lsw&0xFFFF)}

function rol(num,cnt){return(num<<cnt)|(num>>>(32-cnt));}
function cmn(q,a,b,x,s,t){return safe_add(rol(safe_add(safe_add(a,q),safe_add(x,t)),s),b);}
function ff(a,b,c,d,x,s,t){return cmn((b&c)|((~b)&d),a,b,x,s,t);}
function gg(a,b,c,d,x,s,t){return cmn((b&d)|(c&(~d)),a,b,x,s,t);}
function hh(a,b,c,d,x,s,t){return cmn(b^c^d,a,b,x,s,t);}
function ii(a,b,c,d,x,s,t){return cmn(c^(b|(~d)),a,b,x,s,t);}
function coreMD5(x){
var a=1732584193
var b=-271733879
var c=-1732584194
var d=271733878
for(i=0; i < x.length; i+=16){
var olda=a
var oldb=b
var oldc=c
var oldd=d
a=ff(a,b,c,d,x[i+0],7,-680876936)
d=ff(d,a,b,c,x[i+1],12,-389564586)
c=ff(c,d,a,b,x[i+2],17,606105819)
b=ff(b,c,d,a,x[i+3],22,-1044525330)
a=ff(a,b,c,d,x[i+4],7,-176418897)
d=ff(d,a,b,c,x[i+5],12,1200080426)
c=ff(c,d,a,b,x[i+6],17,-1473231341)
b=ff(b,c,d,a,x[i+7],22,-45705983)
a=ff(a,b,c,d,x[i+8],7,1770035416)
d=ff(d,a,b,c,x[i+9],12,-1958414417)
c=ff(c,d,a,b,x[i+10],17,-42063)
b=ff(b,c,d,a,x[i+11],22,-1990404162)
a=ff(a,b,c,d,x[i+12],7,1804603682)
d=ff(d,a,b,c,x[i+13],12,-40341101)
c=ff(c,d,a,b,x[i+14],17,-1502002290)
b=ff(b,c,d,a,x[i+15],22,1236535329)
a=gg(a,b,c,d,x[i+1],5,-165796510)
d=gg(d,a,b,c,x[i+6],9,-1069501632)
c=gg(c,d,a,b,x[i+11],14,643717713)
b=gg(b,c,d,a,x[i+0],20,-373897302)
a=gg(a,b,c,d,x[i+5],5,-701558691)
d=gg(d,a,b,c,x[i+10],9,38016083)
c=gg(c,d,a,b,x[i+15],14,-660478335)
b=gg(b,c,d,a,x[i+4],20,-405537848)
a=gg(a,b,c,d,x[i+9],5,568446438)
d=gg(d,a,b,c,x[i+14],9,-1019803690)
c=gg(c,d,a,b,x[i+3],14,-187363961)
b=gg(b,c,d,a,x[i+8],20,1163531501)
a=gg(a,b,c,d,x[i+13],5,-1444681467)
d=gg(d,a,b,c,x[i+2],9,-51403784)
c=gg(c,d,a,b,x[i+7],14,1735328473)
b=gg(b,c,d,a,x[i+12],20,-1926607734)
a=hh(a,b,c,d,x[i+5],4,-378558)
d=hh(d,a,b,c,x[i+8],11,-2022574463)
c=hh(c,d,a,b,x[i+11],16,1839030562)
b=hh(b,c,d,a,x[i+14],23,-35309556)
a=hh(a,b,c,d,x[i+1],4,-1530992060)
d=hh(d,a,b,c,x[i+4],11,1272893353)
c=hh(c,d,a,b,x[i+7],16,-155497632)
b=hh(b,c,d,a,x[i+10],23,-1094730640)
a=hh(a,b,c,d,x[i+13],4,681279174)
d=hh(d,a,b,c,x[i+0],11,-358537222)
c=hh(c,d,a,b,x[i+3],16,-722521979)
b=hh(b,c,d,a,x[i+6],23,76029189)
a=hh(a,b,c,d,x[i+9],4,-640364487)
d=hh(d,a,b,c,x[i+12],11,-421815835)
c=hh(c,d,a,b,x[i+15],16,530742520)
b=hh(b,c,d,a,x[i+2],23,-995338651)
a=ii(a,b,c,d,x[i+0],6,-198630844)
d=ii(d,a,b,c,x[i+7],10,1126891415)
c=ii(c,d,a,b,x[i+14],15,-1416354905)
b=ii(b,c,d,a,x[i+5],21,-57434055)
a=ii(a,b,c,d,x[i+12],6,1700485571)
d=ii(d,a,b,c,x[i+3],10,-1894986606)
c=ii(c,d,a,b,x[i+10],15,-1051523)
b=ii(b,c,d,a,x[i+1],21,-2054922799)
a=ii(a,b,c,d,x[i+8],6,1873313359)
d=ii(d,a,b,c,x[i+15],10,-30611744)
c=ii(c,d,a,b,x[i+6],15,-1560198380)
b=ii(b,c,d,a,x[i+13],21,1309151649)
a=ii(a,b,c,d,x[i+4],6,-145523070)
d=ii(d,a,b,c,x[i+11],10,-1120210379)
c=ii(c,d,a,b,x[i+2],15,718787259)
b=ii(b,c,d,a,x[i+9],21,-343485551)
a=safe_add(a,olda)
b=safe_add(b,oldb)
c=safe_add(c,oldc)
d=safe_add(d,oldd);}
return [a,b,c,d];}

function binl2hex(binarray){
var hex_tab="0123456789abcdef"
var str=""
for(var i=0; i < binarray.length * 4; i++){
str+=hex_tab.charAt((binarray[i>>2] >>((i%4)*8+4))&0xF)+
hex_tab.charAt((binarray[i>>2] >>((i%4)*8))&0xF)
}
return str;}

function binl2b64(binarray){
var tab="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
var str=""
for(var i=0; i < binarray.length * 32; i+=6){
str+=tab.charAt(((binarray[i>>5] <<(i%32))&0x3F)|((binarray[i>>5+1] >>(32-i%32))&0x3F))
}
return str;}

function str2binl(str){
var nblk=((str.length+8)>>6)+1 // number of 16-word blocks
var blks=new Array(nblk * 16)
for(var i=0; i < nblk * 16; i++) blks[i]=0
for(var i=0; i < str.length; i++)
blks[i>>2]|=(str.charCodeAt(i)&0xFF) <<((i%4) * 8)
blks[i>>2]|=0x80 <<((i%4) * 8)
blks[nblk*16-2]=str.length * 8
return blks;}

function strw2binl(str){
var nblk=((str.length+4)>>5)+1 // number of 16-word blocks
var blks=new Array(nblk * 16)
for(var i=0; i < nblk * 16; i++) blks[i]=0
for(var i=0; i < str.length; i++)
blks[i>>1]|=str.charCodeAt(i) <<((i%2) * 16)
blks[i>>1]|=0x80 <<((i%2) * 16)
blks[nblk*16-2]=str.length * 16
return blks;}

function hexMD5(str){return binl2hex(coreMD5( str2binl(str)))}
function hexMD5w(str){return binl2hex(coreMD5(strw2binl(str)))}
function b64MD5(str){return binl2b64(coreMD5( str2binl(str)))}
function b64MD5w(str){return binl2b64(coreMD5(strw2binl(str)))}
function calcMD5(str){return binl2hex(coreMD5( str2binl(str)))}

function xproc1(str){
var EChars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
var out,i,len,c1,c2,c3;
len=str.length;
i=0;
out = "";
while(i<len){
c1=str.charCodeAt(i++)&0xff;
if(i==len){out+=EChars.charAt(c1>>2);
out+=EChars.charAt((c1&0x3)<<4);
out+= "==";
break;}
c2=str.charCodeAt(i++);
if(i==len){out+=EChars.charAt(c1>>2);
out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4));
out+=EChars.charAt((c2&0xF)<<2);
out+="=";
break;}
c3=str.charCodeAt(i++);
out+=EChars.charAt(c1>>2);
out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4));
out+=EChars.charAt(((c2&0xF)<<2)|((c3&0xC0)>>6));
out+=EChars.charAt(c3&0x3F);}
return out;}

function cc(ss){f0.R1.value=ss;}
function ee(){
if(f1.DDDDD.value==""){alert("??ê?è??úμ???o? Please enter your account account number");return false;}
f0.DDDDD.value=f1.DDDDD.value
if(ps==0){f0.upass.value=xproc1(f1.upass.value);}
else{tmpchar=pid+f1.upass.value+calg;f0.upass.value=calcMD5(tmpchar)+calg+pid;f0.R2.value=1;}
document.f0.submit();
return false;}

//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` 我用 python 写的加密代码


def safe_add(x,y):
    lsw=(x & 0xFFFF)+(y & 0xFFFF)
    msw=(x >> 16)+(y >> 16)+(lsw >> 16)
    return(msw << 16)|(lsw & 0xFFFF)

def rol(num,cnt):
    tmp = num << 2
    tmp1 = abs(num) >> (32 - cnt)
    return (tmp | tmp1)

def cmn(q,a,b,x,s,t):
    return safe_add(rol(safe_add(safe_add(a, q), safe_add(x, t)), s), b)

def ff(a,b,c,d,x,s,t):
    return cmn((b & c)|((~b) & d),a,b,x,s,t)

def gg(a,b,c,d,x,s,t):
    return cmn((b & d)|(c & (~d)),a,b,x,s,t)

def hh(a,b,c,d,x,s,t):
    return cmn(b ^ c ^ d, a, b, x, s, t)

def ii(a,b,c,d,x,s,t):
    return cmn(c^(b|(~d)),a,b,x,s,t)

def coreMD5(x):
    a=1732584193
    b=-271733879
    c=-1732584194
    d=271733878
    for i in range(0,len(x),16):
        olda=a
        oldb=b
        oldc=c
        oldd=d
        a = ff(a, b, c, d, x[i + 0], 7, -680876936)
        d = ff(d, a, b, c, x[i + 1], 12, -389564586)
        c = ff(c, d, a, b, x[i + 2], 17, 606105819)
        b = ff(b, c, d, a, x[i + 3], 22, -1044525330)
        a = ff(a, b, c, d, x[i + 4], 7, -176418897)
        d = ff(d, a, b, c, x[i + 5], 12, 1200080426)
        c = ff(c, d, a, b, x[i + 6], 17, -1473231341)
        b = ff(b, c, d, a, x[i + 7], 22, -45705983)
        a = ff(a, b, c, d, x[i + 8], 7, 1770035416)
        d = ff(d, a, b, c, x[i + 9], 12, -1958414417)
        c = ff(c, d, a, b, x[i + 10], 17, -42063)
        b = ff(b, c, d, a, x[i + 11], 22, -1990404162)
        a = ff(a, b, c, d, x[i + 12], 7, 1804603682)
        d = ff(d, a, b, c, x[i + 13], 12, -40341101)
        c = ff(c, d, a, b, x[i + 14], 17, -1502002290)
        b = ff(b, c, d, a, x[i + 15], 22, 1236535329)
        a = gg(a, b, c, d, x[i + 1], 5, -165796510)
        d = gg(d, a, b, c, x[i + 6], 9, -1069501632)
        c = gg(c, d, a, b, x[i + 11], 14, 643717713)
        b = gg(b, c, d, a, x[i + 0], 20, -373897302)
        a = gg(a, b, c, d, x[i + 5], 5, -701558691)
        d = gg(d, a, b, c, x[i + 10], 9, 38016083)
        c = gg(c, d, a, b, x[i + 15], 14, -660478335)
        b = gg(b, c, d, a, x[i + 4], 20, -405537848)
        a = gg(a, b, c, d, x[i + 9], 5, 568446438)
        d = gg(d, a, b, c, x[i + 14], 9, -1019803690)
        c = gg(c, d, a, b, x[i + 3], 14, -187363961)
        b = gg(b, c, d, a, x[i + 8], 20, 1163531501)
        a = gg(a, b, c, d, x[i + 13], 5, -1444681467)
        d = gg(d, a, b, c, x[i + 2], 9, -51403784)
        c = gg(c, d, a, b, x[i + 7], 14, 1735328473)
        b = gg(b, c, d, a, x[i + 12], 20, -1926607734)
        a = hh(a, b, c, d, x[i + 5], 4, -378558)
        d = hh(d, a, b, c, x[i + 8], 11, -2022574463)
        c = hh(c, d, a, b, x[i + 11], 16, 1839030562)
        b = hh(b, c, d, a, x[i + 14], 23, -35309556)
        a = hh(a, b, c, d, x[i + 1], 4, -1530992060)
        d = hh(d, a, b, c, x[i + 4], 11, 1272893353)
        c = hh(c, d, a, b, x[i + 7], 16, -155497632)
        b = hh(b, c, d, a, x[i + 10], 23, -1094730640)
        a = hh(a, b, c, d, x[i + 13], 4, 681279174)
        d = hh(d, a, b, c, x[i + 0], 11, -358537222)
        c = hh(c, d, a, b, x[i + 3], 16, -722521979)
        b = hh(b, c, d, a, x[i + 6], 23, 76029189)
        a = hh(a, b, c, d, x[i + 9], 4, -640364487)
        d = hh(d, a, b, c, x[i + 12], 11, -421815835)
        c = hh(c, d, a, b, x[i + 15], 16, 530742520)
        b = hh(b, c, d, a, x[i + 2], 23, -995338651)
        a = ii(a, b, c, d, x[i + 0], 6, -198630844)
        d = ii(d, a, b, c, x[i + 7], 10, 1126891415)
        c = ii(c, d, a, b, x[i + 14], 15, -1416354905)
        b = ii(b, c, d, a, x[i + 5], 21, -57434055)
        a = ii(a, b, c, d, x[i + 12], 6, 1700485571)
        d = ii(d, a, b, c, x[i + 3], 10, -1894986606)
        c = ii(c, d, a, b, x[i + 10], 15, -1051523)
        b = ii(b, c, d, a, x[i + 1], 21, -2054922799)
        a = ii(a, b, c, d, x[i + 8], 6, 1873313359)
        d = ii(d, a, b, c, x[i + 15], 10, -30611744)
        c = ii(c, d, a, b, x[i + 6], 15, -1560198380)
        b = ii(b, c, d, a, x[i + 13], 21, 1309151649)
        a = ii(a, b, c, d, x[i + 4], 6, -145523070)
        d = ii(d, a, b, c, x[i + 11], 10, -1120210379)
        c = ii(c, d, a, b, x[i + 2], 15, 718787259)
        b = ii(b, c, d, a, x[i + 9], 21, -343485551)
        a = safe_add(a, olda)
        b = safe_add(b, oldb)
        c = safe_add(c, oldc)
        d = safe_add(d, oldd)
    return [a,b,c,d]

def str2binl(str):
    nblk=((len(str)+8) >> 6)+1
    blks=[0 for i in range(0,nblk*16)]

    for i in range(0,len(str)):
        blks[i>>2] = blks[i>>2] | ((int(str[i])& 0xFF) <<((i%4) * 8))
        blks[i>>2] = blks[i>>2] | (0x80 <<((i%4) * 8))
        blks[(nblk*16 - 2)] = len(str) * 8
    return blks


def binl2hex(binarray):
    hex_tab="0123456789abcdef"
    str=""
    for i in range(len(binarray)*4):
        str= str + hex_tab[(binarray[i>>2] >>((i%4)*8+4))&0xF]+hex_tab[(binarray[i>>2] >>((i%4)*8))&0xF]
    return str

def calcMD5(str):
    return binl2hex(coreMD5( str2binl(str)))


str = '12345678'
pid = '1'
calg = '12345678'


def main():
    tmpchar = pid + str +calg
    tmpchar2 = calcMD5(tmpchar)
    passd = tmpchar2 +calg +pid
    print passd


if __name__ == "__main__":
    main()
4628 次点击
所在节点    Python
18 条回复
m939594960
2016-04-26 16:51:07 +08:00
用 pyv8
直接用 js 算结果啊
livesmart
2016-04-26 16:55:22 +08:00
@m939594960
谢谢,我去试试。。但是你能不能告诉我,我哪里错了。。。。
fish267
2016-04-26 16:59:10 +08:00
I prefer go die.
m939594960
2016-04-26 17:01:35 +08:00
@livesmart 太多了 我也没仔( KAN )细( BU )看( DONG ) 不过对效率等等要求不是很高的话 直接运行这个 js 取结果就好了 应该是最好的办法 。中间那么长一段 其实就是个 md5 加密, python 直接用库生成就好了

如果非得要用 python 去实现这个加密的过程 推荐吧 js 放到 chrome 中运行一下 然后下断点 看下每一步的数值
然后 python 也进行一步一步的 查看一下数值 问题出现在哪就很好看出来了
mV2GK
2016-04-26 17:01:56 +08:00
每一步都加个 print 对比下输出不就知道了。。。
j0kER
2016-04-26 17:09:00 +08:00
@m939594960 pyv8 怎么安装啊。。 pip 安装不起来
gimp
2016-04-26 17:16:16 +08:00
@j0kER http://www.wikisecure.net/importing-pyv8-engine-into-python-v2-7-the-easy-way/
mdzz
2016-04-26 17:19:02 +08:00
你 TM 在逗我

>>> import hashlib
>>> ANS = 'E1f0813d4cea349c75b135043842608b123456781'
>>>
>>> str = '12345678'
>>> pid = '1'
>>> calg = '12345678'
>>>
>>> tmpchar = pid + str + calg
>>> tmpchar2 = hashlib.md5(tmpchar).hexdigest()
>>> passd = tmpchar2 + calg + pid
>>> passd.capitalize() == ANS
True
>>>
livesmart
2016-04-26 17:34:33 +08:00
@mdzz 万分感谢,,,,
leyle
2016-04-26 17:39:19 +08:00
@mdzz ID 配合回复内容,好有喜感。
qqmishi
2016-04-26 17:46:53 +08:00
怎么感觉和我们学校教务网加密方式一样啊 23333

当初我也是耐心的看了一遍源码,最后放弃直接用 python 的 md5 库了 23333
fy
2016-04-26 17:49:38 +08:00
@mdzz 蛤蛤蛤蛤
est
2016-04-26 18:02:45 +08:00
爬的网站还不够多,没看出来这是 md5 库。。。
lxy
2016-04-26 18:13:30 +08:00
看到那个 calcMD5 还不明白么……
blotd
2016-04-26 21:59:26 +08:00
```javascript
// JS Hashlib Lib : https://github.com/LuoZijun/hashlib.js
// 把 hashlib.js 引入你的 html 。
// <script type="text/javascript" src="hashlib.js"></script>

var target = 'E1f0813d4cea349c75b135043842608b123456781';

var str = '12345678';
var pid = '1';
var calg = '12345678';

var tmpchar = pid + str + calg;
var hash = new hashlib.md5(tmpchar).hexdigest();
var array = (hash + calg + pid).split('');
array.splice(0, 1, array[0].toUpperCase() );
var result = array.join('');
console.log( 'Target: ' + result + ' Result: ' + result );
console.log( target == result );

```
zmj1316
2016-04-26 22:03:06 +08:00
带 js 的除非像这种特别明显的我都是偷懒直接上 pyV8
guokeke
2016-04-27 02:12:30 +08:00
→_→,感觉这是某校园网的登录啊,你一定是要干坏事!
wwxiong
2016-04-27 09:19:55 +08:00
python 的位运算机制和 js 是不一样的。特别针对高位有符号左移位。你可以借助 python ctypes 模块来处理。
python
>>> -1231313132112 << 2
-4925252528448
js
-1231313132112 << 2
1074960064

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/274540

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX