首页 > 编程学习 > JAVA:网易微博模拟登陆
2014七月8

JAVA:网易微博模拟登陆

网易微博登陆验证,第一次请求使用BASE64加密、第二次请求使用MD5+RSA加密,比较变态,于是使用JAVA+JS相结合的方式,调用其JS方法得到加密字符串。

/core1.7.0.js 是经过处理的,删掉几行在JAVA引用中会报错的浏览器对象。

 

import org.apache.http.HttpResponse;
import org.apache.http.client.CookieStore;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.velocity.util.StringUtils;
import org.nutz.lang.Files;
import org.nutz.lang.util.ClassTools;
import org.nutz.repo.Base64;
import javax.script.Invocable;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;

/**
 * Created by Wizzer on 14-7-7.
 */
public class Netease {
    static String index_url = "http://t.163.com/session";
    static String login1_url = "http://reg.163.com/services/httpLoginExchgKeyNew";
    static String login2_url = "http://reg.163.com/httpLoginVerifyNew.jsp";
    static String status_url = "http://t.163.com/share/check/status";
    UrlUtil urlUtil = new UrlUtil();

    public static void main(String[] args) {
        CookieStore cookieStore = new Netease().login("email", "password");
    }

    public CookieStore login(String userid, String password) {
        try {
            DefaultHttpClient client = new DefaultHttpClient();
            HttpGet get = new HttpGet(login1_url + "?rnd=" + Base64.encodeToString(userid.getBytes(), true) + "&jsonp=setLoginStatus");
            get.setHeader("Accept", "*/*");
            get.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36");
            HttpResponse response = client.execute(get);
            int code = response.getStatusLine().getStatusCode();
            if (code == 200) {
                InputStream in = response.getEntity().getContent();
                BufferedReader reader = new BufferedReader(new InputStreamReader(in));
                String line = "", res = "";
                while (null != (line = reader.readLine())) {
                    res += line;
                }
                System.out.println("res:::" + res);
                if (res.contains("200")) {
                    String[] str = StringUtils.split(urlUtil.getStr(res, "setLoginStatus(\"", "\")"), "\\n");
                    String o = str[1], h = str[2];
                    ScriptEngineManager sem = new ScriptEngineManager();
                    ScriptEngine se = sem.getEngineByName("javascript");
                    se.eval(getJs());
                    String jiami = "";
                    if (se instanceof Invocable) {
                        Invocable invoke = (Invocable) se;
                        jiami = invoke.invokeFunction("getCode",
                                password, o, h).toString();

                        System.out.println("jiami = " + jiami);
                    }

                    DefaultHttpClient client2 = new DefaultHttpClient();
                    client2.setCookieStore(client.getCookieStore());
                    HttpGet get2 = new HttpGet(login2_url + "?rcode=" + jiami + "&product=t&jsonp=setLoginStatus&savelogin=0&username=" + userid);
                    get2.setHeader("Accept", "*/*");
                    get2.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36");
                    HttpResponse response2 = client2.execute(get2);
                    int code2 = response2.getStatusLine().getStatusCode();
                    if (code2 == 200) {
                        InputStream in2 = response2.getEntity().getContent();
                        BufferedReader reader2 = new BufferedReader(new InputStreamReader(in2));
                        String line2 = "", res2 = "";
                        while (null != (line2 = reader2.readLine())) {
                            res2 += line2;
                        }
                        System.out.println("res2:::" + res2);
                        if (res.contains("200")) {
                            return client2.getCookieStore();
                        }
                    }
                }
            }
            return null;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private String getJs() {
        String jscontent = Files.read(ClassTools.getClassLoader().getResource("").getPath() + "netease" + "/core1.7.0.js");
        jscontent += "function getCode(p,o,h){\n" +
                "\t\t\t\tvar l=new RSAKey();\n" +
                "\t\t\t\tl.setPublic(h,o);\n" +
                "\t\t\t\treturn l.encrypt(getMd5(p));\t\t\t\t\n" +
                "   }";
        return jscontent;
    }
}

Loading

本文地址:https://wizzer.cn/archives/2999 , 转载请保留.

2 Responses to “JAVA:网易微博模拟登陆”

  1. #1 javaiwo 回复 | 引用 Post:2014-09-01 15:49

    亲,能分享一下处理后的js吗 我自己处理了几次都没搞好 谢了 email:1036465064@qq.com

    • #2 Wizzer 回复 | 引用 Post:2014-09-26 16:25

      直接用网易登陆页面的JS,删掉浏览器的对象。

发表评论