20147 月8
JAVA:网易微博模拟登陆
网易微博登陆验证,第一次请求使用BASE64加密、第二次请求使用MD5+RSA加密,比较变态,于是使用JAVA+JS相结合的方式,调用其JS方法得到加密字符串。
/core1.7.0.js 是经过处理的,删掉几行在JAVA引用中会报错的浏览器对象。
import org.apache.http.HttpResponse;
import org.apache.http.client.CookieStore;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.velocity.util.StringUtils;
import org.nutz.lang.Files;
import org.nutz.lang.util.ClassTools;
import org.nutz.repo.Base64;
import javax.script.Invocable;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
/**
* Created by Wizzer on 14-7-7.
*/
public class Netease {
static String index_url = "http://t.163.com/session";
static String login1_url = "http://reg.163.com/services/httpLoginExchgKeyNew";
static String login2_url = "http://reg.163.com/httpLoginVerifyNew.jsp";
static String status_url = "http://t.163.com/share/check/status";
UrlUtil urlUtil = new UrlUtil();
public static void main(String[] args) {
CookieStore cookieStore = new Netease().login("email", "password");
}
public CookieStore login(String userid, String password) {
try {
DefaultHttpClient client = new DefaultHttpClient();
HttpGet get = new HttpGet(login1_url + "?rnd=" + Base64.encodeToString(userid.getBytes(), true) + "&jsonp=setLoginStatus");
get.setHeader("Accept", "*/*");
get.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36");
HttpResponse response = client.execute(get);
int code = response.getStatusLine().getStatusCode();
if (code == 200) {
InputStream in = response.getEntity().getContent();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
String line = "", res = "";
while (null != (line = reader.readLine())) {
res += line;
}
System.out.println("res:::" + res);
if (res.contains("200")) {
String[] str = StringUtils.split(urlUtil.getStr(res, "setLoginStatus(\"", "\")"), "\\n");
String o = str[1], h = str[2];
ScriptEngineManager sem = new ScriptEngineManager();
ScriptEngine se = sem.getEngineByName("javascript");
se.eval(getJs());
String jiami = "";
if (se instanceof Invocable) {
Invocable invoke = (Invocable) se;
jiami = invoke.invokeFunction("getCode",
password, o, h).toString();
System.out.println("jiami = " + jiami);
}
DefaultHttpClient client2 = new DefaultHttpClient();
client2.setCookieStore(client.getCookieStore());
HttpGet get2 = new HttpGet(login2_url + "?rcode=" + jiami + "&product=t&jsonp=setLoginStatus&savelogin=0&username=" + userid);
get2.setHeader("Accept", "*/*");
get2.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36");
HttpResponse response2 = client2.execute(get2);
int code2 = response2.getStatusLine().getStatusCode();
if (code2 == 200) {
InputStream in2 = response2.getEntity().getContent();
BufferedReader reader2 = new BufferedReader(new InputStreamReader(in2));
String line2 = "", res2 = "";
while (null != (line2 = reader2.readLine())) {
res2 += line2;
}
System.out.println("res2:::" + res2);
if (res.contains("200")) {
return client2.getCookieStore();
}
}
}
}
return null;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
private String getJs() {
String jscontent = Files.read(ClassTools.getClassLoader().getResource("").getPath() + "netease" + "/core1.7.0.js");
jscontent += "function getCode(p,o,h){\n" +
"\t\t\t\tvar l=new RSAKey();\n" +
"\t\t\t\tl.setPublic(h,o);\n" +
"\t\t\t\treturn l.encrypt(getMd5(p));\t\t\t\t\n" +
" }";
return jscontent;
}
}
本文地址:https://wizzer.cn/archives/2999 , 转载请保留.
亲,能分享一下处理后的js吗 我自己处理了几次都没搞好 谢了 email:1036465064@qq.com
直接用网易登陆页面的JS,删掉浏览器的对象。