Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

东财web登录接口加安全控件了。。。 #8

Closed
tongyuanfeng opened this issue Dec 5, 2022 · 7 comments
Closed

东财web登录接口加安全控件了。。。 #8

tongyuanfeng opened this issue Dec 5, 2022 · 7 comments

Comments

@tongyuanfeng
Copy link

这个咋绕过
@tongyuanfeng
Copy link
Author

f12 手机排版不需要安全控件
调整代码还是没登录成功。

@1xinghuan
Copy link

今天正好也碰到同样的问题...

@1xinghuan
Copy link

实测把headers里面的User-Agent改成
Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36
可以登录

@tongyuanfeng
Copy link
Author

实测把headers里面的User-Agent改成 Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36 可以登录

咦 我这边改了不行 翻了下js代码。感觉需要实现password: EMTradeEncrypt.encrypt(v), post提交上去的密文是动态变化的

@tongyuanfeng
Copy link
Author

折腾好久,还改写了加密部分代码,结果一直调试不通过。
最后发现,头部改写浏览器类别就好,其他改乱了(把这个给放开了X-Requested-With": "XMLHttpRequest",)

成功恢复

@tongyuanfeng
Copy link
Author

headers里面的User-Agent改成 Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36 可以登录

另外附上密码密文部分处理代码:
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pksc1_v1_5
from Crypto.PublicKey import RSA

def encrpt(password, public_key):
rsakey = RSA.importKey(public_key)
cipher = Cipher_pksc1_v1_5.new(rsakey)
cipher_text = base64.b64encode(cipher.encrypt(password.encode()))
return cipher_text.decode()

key是公钥,需要修改成自己的之后再进行加密
public_key ="- https://jywg.18.cn/JsBundles/BaseJS 中查找-'''

res=self.s.post(self.config['authentication'], data={
'duration': 1800,
'password': encrpt(self.account_config['password']明文密码, public_key) ,
'identifyCode': identifyCode,

@jadepeng
Copy link
Owner

headers里面的User-Agent改成 Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36 可以登录

另外附上密码密文部分处理代码: from Crypto.Cipher import PKCS1_v1_5 as Cipher_pksc1_v1_5 from Crypto.PublicKey import RSA

def encrpt(password, public_key): rsakey = RSA.importKey(public_key) cipher = Cipher_pksc1_v1_5.new(rsakey) cipher_text = base64.b64encode(cipher.encrypt(password.encode())) return cipher_text.decode()

key是公钥,需要修改成自己的之后再进行加密 public_key ="- https://jywg.18.cn/JsBundles/BaseJS 中查找-'''

res=self.s.post(self.config['authentication'], data={ 'duration': 1800, 'password': encrpt(self.account_config['password']明文密码, public_key) , 'identifyCode': identifyCode,

新版本代码支持了

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jadepeng @tongyuanfeng @1xinghuan