1、访问下面url获取pt_login_sig:
https://xui.ptlogin2.qq.com/cgi-bin/xlogin?appid=522005705&daid=4&s_url=https://mail.qq.com/cgi-bin/login?vt=passport%26vm=wpt%26ft=loginpage%26target=&style=25
2、获取初始化信息:
https://ssl.ptlogin2.qq.com/check?regmaster=&pt_tea=2&pt_vcode=0&uin=XXXXxx&appid=522005705&js_ver=10179&js_type=1&login_sig=q0zjUsCoIXDnGwifTlBgIvg9HHrr4gM*O*Htvj2gy*emEX6hwuCXnY-xXf-UY9F1&u1=https%3A%2F%2Fmail.qq.com%2Fcgi-bin%2Flogin%3Fvt%3Dpassport%26vm%3Dwpt%26ft%3Dloginpage%26target%3D&r=0.07185151645254728&pt_uistyle=25
通过上面的链接获取到:
ptui_checkVC('0','!VAX','\xf5\x8e\x00\x78\x04\x3c\x87\xac','3cdd20c52738395f255999fc458eb3b11b98bca27a1e9c7a20c88e96ee2f7b47f0c446a69d48dac9e0a1a8295e159c01181c36bfb230b9c6','3');
上面这三个值’!VAX’,’\xf5\x8e\x00\x78\x04\x3c\x87\xac’,’3cdd20c52738395f255999fc458eb3b11b98bca27a1e9c7a20c88e96ee2f7b47f0c446a69d48dac9e0a1a8295e159c01181c36bfb230b9c6’分别是verifycode,salt,sessionid。
3、依靠上面的几个值进行密码破解:
i.p = $.Encryption.getEncryption(n, pt.plogin.salt, i.verifycode, pt.plogin.armSafeEdit.isSafe)
通过调试可以发现n为密码,pt.plogin.salt为一个二进制值那么需要把’\xf5\x8e\x00\x78\x04\x3c\x87\xac’这个值转化成二进制,i.verifycode为验证码,pt.plogin.armSafeEdit.isSafe为空值。
//salt转二进制js
function getSalt(str) {
for (var arr = [], i = 0; i < str.length; i += 2)
arr.push("\\x" + str.substr(i, 2));
return arr = arr.join(""),
eval("var temp = '" + arr + "'"),
temp
}
3、拼接url进行登录:
https://ssl.ptlogin2.qq.com/login?u=xxxxxx&verifycode=!LBS&pt_vcode_v1=0&pt_verifysession_v1=1943c5ed44c3400b75b1c796447475fc4b134bd5b99cffabd903fd3be08c852337bba423efbc776c0746967db21f7858ebbdaf56a3bf4285&p=KAxPyBplOOcXmGX-aNoK6QAnK85cLcIsvolL7ILogJrpW8bwfp35U4UmW*QS*r8jdr4eygBGhqv7pVw6XAtkUtL83JRahHPdPNcD1u7nTe1pwEYRBj5XaD8xQiAvswR4BVVFwkeoPM3ATseGxOzwmGb67u4lIOuisvASc8A**ES3Krj2Y1pWH*1wg**fdl97mCMZilcJY8kRZbaJxS36OHQtJW4BYUZk87TQxmofOE*oHuSMxt-2q4V5UvtpwyMGknGbH9wdyAh52C*N2KmW4e6Zx3qIeA3gmCvQCciVeWDtE72seIG*EWf97DFZ9dNF3Y1Iu7or7bcEcQ3HRebSiQ__&pt_randsalt=3&u1=https%3A%2F%2Fmail.qq.com%2Fcgi-bin%2Flogin%3Fvt%3Dpassport%26vm%3Dwpt%26ft%3Dloginpage%26target%3D%26account%3Dxxxxxxxx%2540qq.com&ptredirect=1&h=1&t=1&g=1&from_ui=1&ptlang=2052&action=2-21-1479713584691&js_ver=10179&js_type=1&login_sig=3A5xvM-DbETWi5nMJLgH*pMaDLrC4OfQ4DQzpFDrg4I6tJvwADqp1h5KPPXqhpZS&pt_uistyle=25&aid=522005705&daid=4&
获得的值如下:
ptuiCB('0','0','https://ssl.ptlogin2.mail.qq.com/check_sig?pttype=1&uin=524751065&service=login&nodirect=0&ptsigx=7d4ebc96ef412b5d87a19a69de313cf506a5627ae11f0e60d0cc39cc0db2e47c2a10b8e21d731ce71d7a5d21c9b3f257522493cf3da88215d33282eb1db35e41&s_url=https%3A%2F%2Fmail.qq.com%2Fcgi-bin%2Flogin%3Fvt%3Dpassport&f_url=&ptlang=2052&ptredirect=101&aid=522005705&daid=4&j_later=0&low_login_hour=0®master=0&pt_login_type=1&pt_aid=0&pt_aaid=0&pt_light=0&pt_3rd_aid=0','1','登录成功!', '雁留声');
获取sid的cookies值
请求上一步骤获得的url,它重定向到:
https://mail.qq.com/cgi-bin/login?vt=passport&vm=wpt&ft=loginpage&target=&account=540224846%40qq.com&qqmailkey=94821669eac14818b8546f137dc9371ce1949980d806c582f889668762ae8551
然后访问这个url:
得到sid的值,这是数据请求所需的唯一cookies;
进行数据抓取
转载自原文链接, 如需删除请联系管理员。
原文链接:QQ邮箱模拟登录,转载请注明来源!