undefined #524
Comments
|
感谢提供 |
|
这个wasm的具体实现有人研究过吗,是加密还是hash还是编码呢? |
|
更新 Cookie 中的 source 从哪里获得呢? |
这里的 |
这是上下文介绍过的
|
|
wasm 使用 rust 写的,用到了 wasm-bindgen https://github.com/rustwasm/wasm-bindgen。这样打包除了生成 wasm 文件,还会生成一个 js 文件,wasm_ras_umd.js 应该就是那个文件再压缩和 umd 化得到的(原js是esm的)。 |
删除 |
|
虽然还没有大佬提供直接的方案,不过直接使用它的wasm也行。浏览器可以直接使用,无需处理。node 按照自己的情况更改,比如可能需要把 chrome 请求的代码删除,TextEncode 从 util 导入(低版本),url 补全 https 协议等。 这里是放在 github 的一个 node/浏览器 demo。 https://wasm-rsa.vercel.app/api/rsa?t=1123 python 等语言可以把 wasm_ras.js 胶水代码转为 py 也可以直接利用 wasm |
|
逆向 Wasm 发现是 RSA-OAEP 加密,用 Web Crypto 重实现如下。 const publicKey = await crypto.subtle.importKey(
"jwk",
{
kty: "RSA",
n: "y4HdjgJHBlbaBN04VERG4qNBIFHP6a3GozCl75AihQloSWCXC5HDNgyinEnhaQ_4-gaMud_GF50elYXLlCToR9se9Z8z433U3KjM-3Yx7ptKkmQNAMggQwAVKgq3zYAoidNEWuxpkY_mAitTSRLnsJW-NCTa0bqBFF6Wm1MxgfE",
e: "AQAB",
},
{ name: "RSA-OAEP", hash: "SHA-256" },
true,
["encrypt"],
);
async function getCorrespondURL(timestamp) {
const data = new TextEncoder().encode(`refresh_${timestamp}`);
const encrypted = new Uint8Array(
await crypto.subtle.encrypt({ name: "RSA-OAEP" }, publicKey, data),
);
return `https://www.bilibili.com/correspond/1/${
encrypted.reduce((str, c) => str + c.toString(16).padStart(2, "0"), "")
}`;
}
console.log(await getCorrespondURL(Date.now())); |
|
相关内容已经在此 commit 中完成 a46f140 感谢你们提供的研究报告以及逆向工程(抱 |
|
按照教程接入之后,一直得到86095结果,有遇到相同问题的同学吗? |
import binascii
import re
import time
import requests
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
key = RSA.importKey('''\
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLgd2OAkcGVtoE3ThUREbio0Eg
Uc/prcajMKXvkCKFCWhJYJcLkcM2DKKcSeFpD/j6Boy538YXnR6VhcuUJOhH2x71
nzPjfdTcqMz7djHum0qSZA0AyCBDABUqCrfNgCiJ00Ra7GmRj+YCK1NJEuewlb40
JNrRuoEUXpabUzGB8QIDAQAB
-----END PUBLIC KEY-----''')
def getCorrespondPath():
ts = round(time.time() * 1000)
cipher = PKCS1_OAEP.new(key, SHA256)
encrypted = cipher.encrypt(f'refresh_{ts}'.encode())
return binascii.b2a_hex(encrypted).decode()
def get_refresh_csrf(correspond_path, cookie_dict):
response = requests.get(url=f'https://www.bilibili.com/correspond/1/{correspond_path}', cookies=cookie_dict)
if response.status_code != 200:
raise Exception(f'correspondPath错误或过期 {response.status_code}')
html = response.text
pattern = r'<div\s+id="1-name">\s*(.*?)\s*</div>'
match = re.search(pattern, html)
if match:
div_contents = match.group(1)
return div_contents
else:
raise Exception(f'未获取到 refresh_csrf {html}')
def get_new_cookie(refresh_token, refresh_csrf, cookie_dict):
data = {'csrf': cookie_dict['bili_jct'], 'refresh_csrf': refresh_csrf, 'source': 'main_web', 'refresh_token': refresh_token}
response = requests.post('https://passport.bilibili.com/x/passport-login/web/cookie/refresh', data=data, headers={'Content-Type': 'application/x-www-form-urlencoded'},
cookies=cookie_dict)
json = response.json()
if json['code'] == 0:
refresh_token = json['data']['refresh_token']
cookies_dict = []
for name, value in response.cookies.items():
cookies_dict[name] = value
return refresh_token, cookies_dict
elif json['code'] == 86095:
raise Exception(f'refresh_csrf 错误或 refresh_token 与 cookie 不匹配')
else:
raise Exception(f'刷新cookie失败 {json}')
def confirm_refresh(refresh_token_old, cookie_dict):
data = {'csrf': cookie_dict['bili_jct'], 'refresh_token': refresh_token_old}
response = requests.post('https://passport.bilibili.com/x/passport-login/web/confirm/refresh', data=data, headers={'Content-Type': 'application/x-www-form-urlencoded'},
cookies=cookie_dict)
json = response.json()
if json['code'] != 0:
raise Exception(f'确认刷新cookie失败 {json}')
def check_login_user_info(cookie_dict):
response = requests.get('https://api.bilibili.com/x/web-interface/nav', cookies=cookie_dict)
json = response.json()
if json['code'] != 0:
raise Exception(f'新cookie检测异常 {json} {cookie_dict}')
# https://socialsisteryi.github.io/bilibili-API-collect/docs/login/cookie_refresh.html
# refresh_token: localStorage 中的ac_time_value
def refresh_cookie(refresh_token, cookie_dict):
correspond_path = getCorrespondPath()
refresh_csrf = get_refresh_csrf(correspond_path, cookie_dict)
refresh_token_old = refresh_token
new_refresh_token, new_cookie_dict = get_new_cookie(refresh_token_old, refresh_csrf, cookie_dict)
confirm_refresh(refresh_token_old, new_cookie_dict) # 这一步需要新的 Cookie 以及旧的 refresh_token
check_login_user_info(new_cookie_dict)
return new_refresh_token, new_cookie_dict |
我认为你应该新建一个 issue |
|
请问localStorage 中的ac_time_value怎么获取 |
|
大佬有没有Java版的代码 |
No description provided.
The text was updated successfully, but these errors were encountered: