V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
推荐学习书目
Learn Python the Hard Way
Python Sites
PyPI - Python Package Index
http://diveintopython.org/toc/index.html
Pocoo
值得关注的项目
PyPy
Celery
Jinja2
Read the Docs
gevent
pyenv
virtualenv
Stackless Python
Beautiful Soup
结巴中文分词
Green Unicorn
Sentry
Shovel
Pyflakes
pytest
Python 编程
pep8 Checker
Styles
PEP 8
Google Python Style Guide
Code Style from The Hitchhiker's Guide
livesmart
V2EX  ›  Python

用 python 写模拟登陆,一段 javascript 加密代码,我用 python 重写了一遍,但是运行结果不对。。求指点。。。

  •  
  •   livesmart · 2016-04-26 16:38:57 +08:00 · 4810 次点击
    这是一个创建于 3115 天前的主题,其中的信息可能已经有所发展或是发生改变。

    这段代码关键部分就是 function ee(){} 我输入密码,然后经过加密,通过 post 方式请求返回服务器。我用 python 写个模拟登陆,但是这段加密搞不定,照着写出来的代码,运行结果不对。。 正确的值如下: upass: E1f0813d4cea349c75b135043842608b123456781

    ~~~~~~~~~~~~~javascript 代码~~~~~~~~~~~~~~~~~~~~~~~~

    <html>
    
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
    <script language="JavaScript"><!--
    sv=0;sv1=0;v6='http://[::]:9002/v6                                     ';myv6ip='                                       ';v4serip='10.100.10.104'  ;m46=0;v46ip='172.19.213.68'                          ;
    ps=1;pid='1';calg='12345678';
    function safe_add(x,y){
    var lsw=(x&0xFFFF)+(y&0xFFFF)
    var msw=(x>>16)+(y>>16)+(lsw>>16)
    return(msw<<16)|(lsw&0xFFFF)}
    
    function rol(num,cnt){return(num<<cnt)|(num>>>(32-cnt));}
    function cmn(q,a,b,x,s,t){return safe_add(rol(safe_add(safe_add(a,q),safe_add(x,t)),s),b);}
    function ff(a,b,c,d,x,s,t){return cmn((b&c)|((~b)&d),a,b,x,s,t);}
    function gg(a,b,c,d,x,s,t){return cmn((b&d)|(c&(~d)),a,b,x,s,t);}
    function hh(a,b,c,d,x,s,t){return cmn(b^c^d,a,b,x,s,t);}
    function ii(a,b,c,d,x,s,t){return cmn(c^(b|(~d)),a,b,x,s,t);}
    function coreMD5(x){
    var a=1732584193
    var b=-271733879
    var c=-1732584194
    var d=271733878
    for(i=0; i < x.length; i+=16){
    var olda=a
    var oldb=b
    var oldc=c
    var oldd=d
    a=ff(a,b,c,d,x[i+0],7,-680876936)
    d=ff(d,a,b,c,x[i+1],12,-389564586)
    c=ff(c,d,a,b,x[i+2],17,606105819)
    b=ff(b,c,d,a,x[i+3],22,-1044525330)
    a=ff(a,b,c,d,x[i+4],7,-176418897)
    d=ff(d,a,b,c,x[i+5],12,1200080426)
    c=ff(c,d,a,b,x[i+6],17,-1473231341)
    b=ff(b,c,d,a,x[i+7],22,-45705983)
    a=ff(a,b,c,d,x[i+8],7,1770035416)
    d=ff(d,a,b,c,x[i+9],12,-1958414417)
    c=ff(c,d,a,b,x[i+10],17,-42063)
    b=ff(b,c,d,a,x[i+11],22,-1990404162)
    a=ff(a,b,c,d,x[i+12],7,1804603682)
    d=ff(d,a,b,c,x[i+13],12,-40341101)
    c=ff(c,d,a,b,x[i+14],17,-1502002290)
    b=ff(b,c,d,a,x[i+15],22,1236535329)
    a=gg(a,b,c,d,x[i+1],5,-165796510)
    d=gg(d,a,b,c,x[i+6],9,-1069501632)
    c=gg(c,d,a,b,x[i+11],14,643717713)
    b=gg(b,c,d,a,x[i+0],20,-373897302)
    a=gg(a,b,c,d,x[i+5],5,-701558691)
    d=gg(d,a,b,c,x[i+10],9,38016083)
    c=gg(c,d,a,b,x[i+15],14,-660478335)
    b=gg(b,c,d,a,x[i+4],20,-405537848)
    a=gg(a,b,c,d,x[i+9],5,568446438)
    d=gg(d,a,b,c,x[i+14],9,-1019803690)
    c=gg(c,d,a,b,x[i+3],14,-187363961)
    b=gg(b,c,d,a,x[i+8],20,1163531501)
    a=gg(a,b,c,d,x[i+13],5,-1444681467)
    d=gg(d,a,b,c,x[i+2],9,-51403784)
    c=gg(c,d,a,b,x[i+7],14,1735328473)
    b=gg(b,c,d,a,x[i+12],20,-1926607734)
    a=hh(a,b,c,d,x[i+5],4,-378558)
    d=hh(d,a,b,c,x[i+8],11,-2022574463)
    c=hh(c,d,a,b,x[i+11],16,1839030562)
    b=hh(b,c,d,a,x[i+14],23,-35309556)
    a=hh(a,b,c,d,x[i+1],4,-1530992060)
    d=hh(d,a,b,c,x[i+4],11,1272893353)
    c=hh(c,d,a,b,x[i+7],16,-155497632)
    b=hh(b,c,d,a,x[i+10],23,-1094730640)
    a=hh(a,b,c,d,x[i+13],4,681279174)
    d=hh(d,a,b,c,x[i+0],11,-358537222)
    c=hh(c,d,a,b,x[i+3],16,-722521979)
    b=hh(b,c,d,a,x[i+6],23,76029189)
    a=hh(a,b,c,d,x[i+9],4,-640364487)
    d=hh(d,a,b,c,x[i+12],11,-421815835)
    c=hh(c,d,a,b,x[i+15],16,530742520)
    b=hh(b,c,d,a,x[i+2],23,-995338651)
    a=ii(a,b,c,d,x[i+0],6,-198630844)
    d=ii(d,a,b,c,x[i+7],10,1126891415)
    c=ii(c,d,a,b,x[i+14],15,-1416354905)
    b=ii(b,c,d,a,x[i+5],21,-57434055)
    a=ii(a,b,c,d,x[i+12],6,1700485571)
    d=ii(d,a,b,c,x[i+3],10,-1894986606)
    c=ii(c,d,a,b,x[i+10],15,-1051523)
    b=ii(b,c,d,a,x[i+1],21,-2054922799)
    a=ii(a,b,c,d,x[i+8],6,1873313359)
    d=ii(d,a,b,c,x[i+15],10,-30611744)
    c=ii(c,d,a,b,x[i+6],15,-1560198380)
    b=ii(b,c,d,a,x[i+13],21,1309151649)
    a=ii(a,b,c,d,x[i+4],6,-145523070)
    d=ii(d,a,b,c,x[i+11],10,-1120210379)
    c=ii(c,d,a,b,x[i+2],15,718787259)
    b=ii(b,c,d,a,x[i+9],21,-343485551)
    a=safe_add(a,olda)
    b=safe_add(b,oldb)
    c=safe_add(c,oldc)
    d=safe_add(d,oldd);}
    return [a,b,c,d];}
    
    function binl2hex(binarray){
    var hex_tab="0123456789abcdef"
    var str=""
    for(var i=0; i < binarray.length * 4; i++){
    str+=hex_tab.charAt((binarray[i>>2] >>((i%4)*8+4))&0xF)+
    hex_tab.charAt((binarray[i>>2] >>((i%4)*8))&0xF)
    }
    return str;}
    
    function binl2b64(binarray){
    var tab="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
    var str=""
    for(var i=0; i < binarray.length * 32; i+=6){
    str+=tab.charAt(((binarray[i>>5] <<(i%32))&0x3F)|((binarray[i>>5+1] >>(32-i%32))&0x3F))
    }
    return str;}
    
    function str2binl(str){
    var nblk=((str.length+8)>>6)+1 // number of 16-word blocks
    var blks=new Array(nblk * 16)
    for(var i=0; i < nblk * 16; i++) blks[i]=0
    for(var i=0; i < str.length; i++)
    blks[i>>2]|=(str.charCodeAt(i)&0xFF) <<((i%4) * 8)
    blks[i>>2]|=0x80 <<((i%4) * 8)
    blks[nblk*16-2]=str.length * 8
    return blks;}
    
    function strw2binl(str){
    var nblk=((str.length+4)>>5)+1 // number of 16-word blocks
    var blks=new Array(nblk * 16)
    for(var i=0; i < nblk * 16; i++) blks[i]=0
    for(var i=0; i < str.length; i++)
    blks[i>>1]|=str.charCodeAt(i) <<((i%2) * 16)
    blks[i>>1]|=0x80 <<((i%2) * 16)
    blks[nblk*16-2]=str.length * 16
    return blks;}
    
    function hexMD5(str){return binl2hex(coreMD5( str2binl(str)))}
    function hexMD5w(str){return binl2hex(coreMD5(strw2binl(str)))}
    function b64MD5(str){return binl2b64(coreMD5( str2binl(str)))}
    function b64MD5w(str){return binl2b64(coreMD5(strw2binl(str)))}
    function calcMD5(str){return binl2hex(coreMD5( str2binl(str)))}
    
    function xproc1(str){
    var EChars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    var out,i,len,c1,c2,c3;
    len=str.length;
    i=0;
    out = "";
    while(i<len){
    c1=str.charCodeAt(i++)&0xff;
    if(i==len){out+=EChars.charAt(c1>>2);
    out+=EChars.charAt((c1&0x3)<<4);
    out+= "==";
    break;}
    c2=str.charCodeAt(i++);
    if(i==len){out+=EChars.charAt(c1>>2);
    out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4));
    out+=EChars.charAt((c2&0xF)<<2);
    out+="=";
    break;}
    c3=str.charCodeAt(i++);
    out+=EChars.charAt(c1>>2);
    out+=EChars.charAt(((c1&0x3)<<4)|((c2&0xF0)>>4));
    out+=EChars.charAt(((c2&0xF)<<2)|((c3&0xC0)>>6));
    out+=EChars.charAt(c3&0x3F);}
    return out;}
    
    function cc(ss){f0.R1.value=ss;}
    function ee(){
    if(f1.DDDDD.value==""){alert("??ê?è??úμ???o? Please enter your account account number");return false;}
    f0.DDDDD.value=f1.DDDDD.value
    if(ps==0){f0.upass.value=xproc1(f1.upass.value);}
    else{tmpchar=pid+f1.upass.value+calg;f0.upass.value=calcMD5(tmpchar)+calg+pid;f0.R2.value=1;}
    document.f0.submit();
    return false;}
    
    
    

    //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` 我用 python 写的加密代码

    
    def safe_add(x,y):
        lsw=(x & 0xFFFF)+(y & 0xFFFF)
        msw=(x >> 16)+(y >> 16)+(lsw >> 16)
        return(msw << 16)|(lsw & 0xFFFF)
    
    def rol(num,cnt):
        tmp = num << 2
        tmp1 = abs(num) >> (32 - cnt)
        return (tmp | tmp1)
    
    def cmn(q,a,b,x,s,t):
        return safe_add(rol(safe_add(safe_add(a, q), safe_add(x, t)), s), b)
    
    def ff(a,b,c,d,x,s,t):
        return cmn((b & c)|((~b) & d),a,b,x,s,t)
    
    def gg(a,b,c,d,x,s,t):
        return cmn((b & d)|(c & (~d)),a,b,x,s,t)
    
    def hh(a,b,c,d,x,s,t):
        return cmn(b ^ c ^ d, a, b, x, s, t)
    
    def ii(a,b,c,d,x,s,t):
        return cmn(c^(b|(~d)),a,b,x,s,t)
    
    def coreMD5(x):
        a=1732584193
        b=-271733879
        c=-1732584194
        d=271733878
        for i in range(0,len(x),16):
            olda=a
            oldb=b
            oldc=c
            oldd=d
            a = ff(a, b, c, d, x[i + 0], 7, -680876936)
            d = ff(d, a, b, c, x[i + 1], 12, -389564586)
            c = ff(c, d, a, b, x[i + 2], 17, 606105819)
            b = ff(b, c, d, a, x[i + 3], 22, -1044525330)
            a = ff(a, b, c, d, x[i + 4], 7, -176418897)
            d = ff(d, a, b, c, x[i + 5], 12, 1200080426)
            c = ff(c, d, a, b, x[i + 6], 17, -1473231341)
            b = ff(b, c, d, a, x[i + 7], 22, -45705983)
            a = ff(a, b, c, d, x[i + 8], 7, 1770035416)
            d = ff(d, a, b, c, x[i + 9], 12, -1958414417)
            c = ff(c, d, a, b, x[i + 10], 17, -42063)
            b = ff(b, c, d, a, x[i + 11], 22, -1990404162)
            a = ff(a, b, c, d, x[i + 12], 7, 1804603682)
            d = ff(d, a, b, c, x[i + 13], 12, -40341101)
            c = ff(c, d, a, b, x[i + 14], 17, -1502002290)
            b = ff(b, c, d, a, x[i + 15], 22, 1236535329)
            a = gg(a, b, c, d, x[i + 1], 5, -165796510)
            d = gg(d, a, b, c, x[i + 6], 9, -1069501632)
            c = gg(c, d, a, b, x[i + 11], 14, 643717713)
            b = gg(b, c, d, a, x[i + 0], 20, -373897302)
            a = gg(a, b, c, d, x[i + 5], 5, -701558691)
            d = gg(d, a, b, c, x[i + 10], 9, 38016083)
            c = gg(c, d, a, b, x[i + 15], 14, -660478335)
            b = gg(b, c, d, a, x[i + 4], 20, -405537848)
            a = gg(a, b, c, d, x[i + 9], 5, 568446438)
            d = gg(d, a, b, c, x[i + 14], 9, -1019803690)
            c = gg(c, d, a, b, x[i + 3], 14, -187363961)
            b = gg(b, c, d, a, x[i + 8], 20, 1163531501)
            a = gg(a, b, c, d, x[i + 13], 5, -1444681467)
            d = gg(d, a, b, c, x[i + 2], 9, -51403784)
            c = gg(c, d, a, b, x[i + 7], 14, 1735328473)
            b = gg(b, c, d, a, x[i + 12], 20, -1926607734)
            a = hh(a, b, c, d, x[i + 5], 4, -378558)
            d = hh(d, a, b, c, x[i + 8], 11, -2022574463)
            c = hh(c, d, a, b, x[i + 11], 16, 1839030562)
            b = hh(b, c, d, a, x[i + 14], 23, -35309556)
            a = hh(a, b, c, d, x[i + 1], 4, -1530992060)
            d = hh(d, a, b, c, x[i + 4], 11, 1272893353)
            c = hh(c, d, a, b, x[i + 7], 16, -155497632)
            b = hh(b, c, d, a, x[i + 10], 23, -1094730640)
            a = hh(a, b, c, d, x[i + 13], 4, 681279174)
            d = hh(d, a, b, c, x[i + 0], 11, -358537222)
            c = hh(c, d, a, b, x[i + 3], 16, -722521979)
            b = hh(b, c, d, a, x[i + 6], 23, 76029189)
            a = hh(a, b, c, d, x[i + 9], 4, -640364487)
            d = hh(d, a, b, c, x[i + 12], 11, -421815835)
            c = hh(c, d, a, b, x[i + 15], 16, 530742520)
            b = hh(b, c, d, a, x[i + 2], 23, -995338651)
            a = ii(a, b, c, d, x[i + 0], 6, -198630844)
            d = ii(d, a, b, c, x[i + 7], 10, 1126891415)
            c = ii(c, d, a, b, x[i + 14], 15, -1416354905)
            b = ii(b, c, d, a, x[i + 5], 21, -57434055)
            a = ii(a, b, c, d, x[i + 12], 6, 1700485571)
            d = ii(d, a, b, c, x[i + 3], 10, -1894986606)
            c = ii(c, d, a, b, x[i + 10], 15, -1051523)
            b = ii(b, c, d, a, x[i + 1], 21, -2054922799)
            a = ii(a, b, c, d, x[i + 8], 6, 1873313359)
            d = ii(d, a, b, c, x[i + 15], 10, -30611744)
            c = ii(c, d, a, b, x[i + 6], 15, -1560198380)
            b = ii(b, c, d, a, x[i + 13], 21, 1309151649)
            a = ii(a, b, c, d, x[i + 4], 6, -145523070)
            d = ii(d, a, b, c, x[i + 11], 10, -1120210379)
            c = ii(c, d, a, b, x[i + 2], 15, 718787259)
            b = ii(b, c, d, a, x[i + 9], 21, -343485551)
            a = safe_add(a, olda)
            b = safe_add(b, oldb)
            c = safe_add(c, oldc)
            d = safe_add(d, oldd)
        return [a,b,c,d]
    
    def str2binl(str):
        nblk=((len(str)+8) >> 6)+1
        blks=[0 for i in range(0,nblk*16)]
    
        for i in range(0,len(str)):
            blks[i>>2] = blks[i>>2] | ((int(str[i])& 0xFF) <<((i%4) * 8))
            blks[i>>2] = blks[i>>2] | (0x80 <<((i%4) * 8))
            blks[(nblk*16 - 2)] = len(str) * 8
        return blks
    
    
    def binl2hex(binarray):
        hex_tab="0123456789abcdef"
        str=""
        for i in range(len(binarray)*4):
            str= str + hex_tab[(binarray[i>>2] >>((i%4)*8+4))&0xF]+hex_tab[(binarray[i>>2] >>((i%4)*8))&0xF]
        return str
    
    def calcMD5(str):
        return binl2hex(coreMD5( str2binl(str)))
    
    
    str = '12345678'
    pid = '1'
    calg = '12345678'
    
    
    def main():
        tmpchar = pid + str +calg
        tmpchar2 = calcMD5(tmpchar)
        passd = tmpchar2 +calg +pid
        print passd
    
    
    if __name__ == "__main__":
        main()
    
    
    18 条回复    2016-04-27 09:19:55 +08:00
    m939594960
        1
    m939594960  
       2016-04-26 16:51:07 +08:00
    用 pyv8
    直接用 js 算结果啊
    livesmart
        2
    livesmart  
    OP
       2016-04-26 16:55:22 +08:00
    @m939594960
    谢谢,我去试试。。但是你能不能告诉我,我哪里错了。。。。
    fish267
        3
    fish267  
       2016-04-26 16:59:10 +08:00   ❤️ 1
    I prefer go die.
    m939594960
        4
    m939594960  
       2016-04-26 17:01:35 +08:00   ❤️ 1
    @livesmart 太多了 我也没仔( KAN )细( BU )看( DONG ) 不过对效率等等要求不是很高的话 直接运行这个 js 取结果就好了 应该是最好的办法 。中间那么长一段 其实就是个 md5 加密, python 直接用库生成就好了

    如果非得要用 python 去实现这个加密的过程 推荐吧 js 放到 chrome 中运行一下 然后下断点 看下每一步的数值
    然后 python 也进行一步一步的 查看一下数值 问题出现在哪就很好看出来了
    mV2GK
        5
    mV2GK  
       2016-04-26 17:01:56 +08:00   ❤️ 1
    每一步都加个 print 对比下输出不就知道了。。。
    j0kER
        6
    j0kER  
       2016-04-26 17:09:00 +08:00
    @m939594960 pyv8 怎么安装啊。。 pip 安装不起来
    mdzz
        8
    mdzz  
       2016-04-26 17:19:02 +08:00   ❤️ 6
    你 TM 在逗我

    >>> import hashlib
    >>> ANS = 'E1f0813d4cea349c75b135043842608b123456781'
    >>>
    >>> str = '12345678'
    >>> pid = '1'
    >>> calg = '12345678'
    >>>
    >>> tmpchar = pid + str + calg
    >>> tmpchar2 = hashlib.md5(tmpchar).hexdigest()
    >>> passd = tmpchar2 + calg + pid
    >>> passd.capitalize() == ANS
    True
    >>>
    livesmart
        9
    livesmart  
    OP
       2016-04-26 17:34:33 +08:00
    @mdzz 万分感谢,,,,
    leyle
        10
    leyle  
       2016-04-26 17:39:19 +08:00
    @mdzz ID 配合回复内容,好有喜感。
    qqmishi
        11
    qqmishi  
       2016-04-26 17:46:53 +08:00
    怎么感觉和我们学校教务网加密方式一样啊 23333

    当初我也是耐心的看了一遍源码,最后放弃直接用 python 的 md5 库了 23333
    fy
        12
    fy  
       2016-04-26 17:49:38 +08:00
    @mdzz 蛤蛤蛤蛤
    est
        13
    est  
       2016-04-26 18:02:45 +08:00
    爬的网站还不够多,没看出来这是 md5 库。。。
    lxy
        14
    lxy  
       2016-04-26 18:13:30 +08:00
    看到那个 calcMD5 还不明白么……
    blotd
        15
    blotd  
       2016-04-26 21:59:26 +08:00   ❤️ 1
    ```javascript
    // JS Hashlib Lib : https://github.com/LuoZijun/hashlib.js
    // 把 hashlib.js 引入你的 html 。
    // <script type="text/javascript" src="hashlib.js"></script>

    var target = 'E1f0813d4cea349c75b135043842608b123456781';

    var str = '12345678';
    var pid = '1';
    var calg = '12345678';

    var tmpchar = pid + str + calg;
    var hash = new hashlib.md5(tmpchar).hexdigest();
    var array = (hash + calg + pid).split('');
    array.splice(0, 1, array[0].toUpperCase() );
    var result = array.join('');
    console.log( 'Target: ' + result + ' Result: ' + result );
    console.log( target == result );

    ```
    zmj1316
        16
    zmj1316  
       2016-04-26 22:03:06 +08:00
    带 js 的除非像这种特别明显的我都是偷懒直接上 pyV8
    guokeke
        17
    guokeke  
       2016-04-27 02:12:30 +08:00 via Android
    →_→,感觉这是某校园网的登录啊,你一定是要干坏事!
    wwxiong
        18
    wwxiong  
       2016-04-27 09:19:55 +08:00   ❤️ 1
    python 的位运算机制和 js 是不一样的。特别针对高位有符号左移位。你可以借助 python ctypes 模块来处理。
    python
    >>> -1231313132112 << 2
    -4925252528448
    js
    -1231313132112 << 2
    1074960064
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5748 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 32ms · UTC 01:43 · PVG 09:43 · LAX 17:43 · JFK 20:43
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.