设为首页收藏本站
开启辅助访问

CTBU重庆工商大学图书馆抢座位思路分析

 您所在的位置:网站首页 公众号图书馆自动抢座脚本 CTBU重庆工商大学图书馆抢座位思路分析

CTBU重庆工商大学图书馆抢座位思路分析

2024-07-13 12:56| 来源: 网络整理| 查看: 265

 

        听说大家在抱怨图书馆座位越来越难抢了,最近科技狠活很火那就给大家安排上。

        浏览器访问一下访问一下CTBU图书馆座位预约系统https://ic.ctbu.edu.cn/#/ic/home发现会被重定向到统一身份认证平台https://cas.ctbu.edu.cn/lyuapServer/login?service=http://ic.ctbu.edu.cn/authcenter/doAuth/f7e8bb47c240458486d7cbfd55d3e01e进行登录

facb2c6b77c2472d8699ce0386adbfbb.png

 右键-检查-网络 然后输入账号密码和验证码发现一个login请求:https://cas.ctbu.edu.cn/lyuapServer/login?v=0.09934131008660685https://cas.ctbu.edu.cn/lyuapServer/login?v=0.09934131008660685

打开这个请求发现是以Post方式向后端提交表单,且响应码为302,根据经验判断账号密码很可能就是这个请求提交到后端的400f80ce37d54929bec69fc1bfac078c.png

点击载荷后发现,验证了我的猜想果然账号、密码、验证码都通过这个表单提交到后端的,但是密码被加密过了还多了一个execution参数,且这个参数每次登录都是不一样,全局搜索发现

{"username":"20191****2", "password":"957d3eb66da2975917917270511cafb7b314212029b081b0486bc53c1fbbd1aaa438208b6b8a3275dd1e7f04850438e142244b0c363edb6fe8d138dae794280b", "authcode":"m6ac", "execution":"31bf3230-a76a-45a1-b325-253de4aa8760_ck8wQUJYTnlBRnB2Y21jdWFtRnphV2N1YzNCeWFXNW5MbmRsWW1ac2IzY3VjR3gxWjJsdUxrTnNhV1Z1ZEVac2IzZEZlR1ZqZFhScGIyNVNaWEJ2YzJsMGIzSjVKRk5sY21saGJHbDZaV1JHYkc5M1JYaGxZM1YwYVc5dVUzUmhkR1hJTXBGS1FaQ1V6QUlBQTB3QUVXTnZiblpsY25OaGRHbHZibE5qYjNCbGRBQkJURzl5Wnk5emNISnBibWRtY21GdFpYZHZjbXN2ZDJWaVpteHZkeTlqYjNKbEwyTnZiR3hsWTNScGIyNHZUWFYwWVdKc1pVRjBkSEpwWW5WMFpVMWhjRHRNQUFsbGVHVmpkWFJwYjI1MEFEVk1iM0puTDNOd2NtbHVaMlp5WVcxbGQyOXlheTkzWldKbWJHOTNMMlY0WldOMWRHbHZiaTlHYkc5M1JYaGxZM1YwYVc5dU8wd0FCbVpzYjNkSlpIUUFFa3hxWVhaaEwyeGhibWN2VTNSeWFXNW5PM2h3YzNJQVBXOXlaeTV6Y0hKcGJtZG1jbUZ0WlhkdmNtc3VkMlZpWm14dmR5NWpiM0psTG1OdmJHeGxZM1JwYjI0dVRHOWpZV3hCZEhSeWFXSjFkR1ZOWVhCL1lNbTlXRUNONndNQUFVd0FDbUYwZEhKcFluVjBaWE4wQUE5TWFtRjJZUzkxZEdsc0wwMWhjRHQ0Y0hOeUFCRnFZWFpoTG5WMGFXd3VTR0Z6YUUxaGNBVUgyc0hERm1EUkF3QUNSZ0FLYkc5aFpFWmhZM1J2Y2trQUNYUm9jbVZ6YUc5c1pIaHdQMEFBQUFBQUFBeDNDQUFBQUJBQUFBQUJkQUFLWm14aGMyaFRZMjl3WlhOeEFINEFCWE54QUg0QUNEOUFBQUFBQUFBQWR3Z0FBQUFRQUFBQUFIaDRlSGh6Y2dBNWIzSm5Mbk53Y21sdVoyWnlZVzFsZDI5eWF5NTNaV0ptYkc5M0xtVnVaMmx1WlM1cGJYQnNMa1pzYjNkRmVHVmpkWFJwYjI1SmJYQnN2MVYwOERRalVkME1BQUI0Y0g1eUFEdHZjbWN1YzNCeWFXNW5abkpoYldWM2IzSnJMbmRsWW1ac2IzY3VaVzVuYVc1bExtbHRjR3d1Um14dmQwVjRaV04xZEdsdmJsTjBZWFIxY3dBQUFBQUFBQUFBRWdBQWVISUFEbXBoZG1FdWJHRnVaeTVGYm5WdEFBQUFBQUFBQUFBU0FBQjRjSFFBQmtGRFZFbFdSWE55QUJScVlYWmhMblYwYVd3dVRHbHVhMlZrVEdsemRBd3BVMTFLWUlnaUF3QUFlSEIzQkFBQUFBRnpjZ0EzYjNKbkxuTndjbWx1WjJaeVlXMWxkMjl5YXk1M1pXSm1iRzkzTG1WdVoybHVaUzVwYlhCc0xrWnNiM2RUWlhOemFXOXVTVzF3YkF0azlEZk5ST2ozREFBQWVIQjBBQVZzYjJkcGJuUUFEWFpwWlhkTWIyZHBia1p2Y20xemNRQitBQVZ6Y1FCK0FBZy9RQUFBQUFBQUdIY0lBQUFBSUFBQUFCZDBBQkpEWVhOUFFYVjBhRmR5WVhCd1pYSlZjbXgwQUw5b2RIUndjem92TDJOaGN5NWpkR0oxTG1Wa2RTNWpiaTlzZVhWaGNGTmxjblpsY2k5dllYVjBhREl1TUM5aGRYUm9iM0pwZW1VL2NtVnpjRzl1YzJWZmRIbHdaVDFqYjJSbEptTnNhV1Z1ZEY5cFpEMTBaWE4wSm5KbFpHbHlaV04wWDNWeWFUMW9kSFJ3Y3lVelFTVXlSaVV5Um1OaGN5NWpkR0oxTG1Wa2RTNWpiaVV5Um14NWRXRndVMlZ5ZG1WeUpUSkdiRzluYVc0bE0wWmpiR2xsYm5SZmJtRnRaU1V6UkVOaGMwOUJkWFJvVjNKaGNIQmxja05zYVdWdWRIUUFDVmRsYVZocGJsVnliSFFBeVdoMGRIQnpPaTh2YjNCbGJpNTNaV2w0YVc0dWNYRXVZMjl0TDJOdmJtNWxZM1F2Y1hKamIyNXVaV04wUDJGd2NHbGtQWGg0Sm5KbFpHbHlaV04wWDNWeWFUMW9kSFJ3Y3lVelFTVXlSaVV5Um1OaGN5NWpkR0oxTG1Wa2RTNWpiaVV5Um14NWRXRndVMlZ5ZG1WeUpUSkdiRzluYVc0bE0wWmpiR2xsYm5SZmJtRnRaU1V6UkZkbGFWaHBia05zYVdWdWRDWnlaWE53YjI1elpWOTBlWEJsUFdOdlpHVW1jMk52Y0dVOWMyNXpZWEJwWDJ4dloybHVJM2RsWTJoaGRGOXlaV1JwY21WamRIUUFDMFJwYm1kRWFXNW5WWEpzZEFER2FIUjBjSE02THk5dllYQnBMbVJwYm1kMFlXeHJMbU52YlM5amIyNXVaV04wTDNGeVkyOXVibVZqZEQ5aGNIQnBaRDE0ZUNaeVpYTndiMjV6WlY5MGVYQmxQV052WkdVbWMyTnZjR1U5YzI1ellYQnBYMnh2WjJsdUpuTjBZWFJsUFZOVVFWUkZKbkpsWkdseVpXTjBYM1Z5YVQxb2RIUndjeVV6UVNVeVJpVXlSbU5oY3k1amRHSjFMbVZrZFM1amJpVXlSbXg1ZFdGd1UyVnlkbVZ5SlRKR2JHOW5hVzRsTTBaamJHbGxiblJmYm1GdFpTVXpSRVJwYm1kRWFXNW5RMnhwWlc1MGRBQUpkbWxsZDFOamIzQmxjM0VBZmdBRmMzRUFmZ0FJUDBBQUFBQUFBQXgzQ0FBQUFCQUFBQUFCZEFBTFkyOXRiV0Z1WkU1aGJXVjBBQXBqY21Wa1pXNTBhV0ZzZUhoMEFBOTNZWEp1UTI5dmEybGxWbUZzZFdWemNnQVJhbUYyWVM1c1lXNW5Ma0p2YjJ4bFlXN05JSEtBMVp6NjdnSUFBVm9BQlhaaGJIVmxlSEFBZEFBTVYyVnBXR2x1UjNwb1ZYSnNkQURpYUhSMGNITTZMeTl2Y0dWdUxuZGxhWGhwYmk1eGNTNWpiMjB2WTI5dWJtVmpkQzl2WVhWMGFESXZZWFYwYUc5eWFYcGxQMkZ3Y0dsa1BYaDRKbkpsWkdseVpXTjBYM1Z5YVQxb2RIUndjeVV6UVNVeVJpVXlSbU5oY3k1amRHSjFMbVZrZFM1amJpVXlSbXg1ZFdGd1UyVnlkbVZ5SlRKR2JHOW5hVzRsTTBaamJHbGxiblJmYm1GdFpTVXpSRmRsYVZocGJrZDZhRU5zYVdWdWRDWnlaWE53YjI1elpWOTBlWEJsUFdOdlpHVW1jMk52Y0dVOWMyNXpZWEJwWDNWelpYSnBibVp2Sm5OMFlYUmxQVk5VUVZSRkkzZGxZMmhoZEY5eVpXUnBjbVZqZEhRQUJsbDRlVlZ5YkhRQTFHaDBkSEJ6T2k4dmIzQmxiaTU0YVdGdlpuVmlZVzh1WTI5dEwzSnZkWFJsWVhWMGFDOWhkWFJvTDNKdmRYUmxMM1ZoTDJGMWRHaHZjbWw2WlM5blpYUkRiMlJsVmpJL2VXMUJjSEJKWkQweU1EQTVNRGN4TnpNNE1EWXdNRFV6TXpFd0ptTmhiR3hpWVdOclZYSnNQV2gwZEhCekpUTkJKVEpHSlRKR1kyRnpMbU4wWW5VdVpXUjFMbU51SlRKR2JIbDFZWEJUWlhKMlpYSWxNa1pzYjJkcGJpVXpSbU5zYVdWdWRGOXVZVzFsSlRORVdYaDVRMnhwWlc1MEptRjFkR2hVZVhCbFBUQW1jM1JoZEdVOWVtWnpiMlowZEFBSmNHRmpOR3BWY214emMzSUFGMnBoZG1FdWRYUnBiQzVNYVc1clpXUklZWE5vVFdGd05NQk9YQkJzd1BzQ0FBRmFBQXRoWTJObGMzTlBjbVJsY25oeEFINEFDRDlBQUFBQUFBQVlkd2dBQUFBZ0FBQUFEM1FBRDBOaGMwOUJkWFJvVjNKaGNIQmxjbkVBZmdBY2RBQUdWMlZwV0dsdWNRQitBQjUwQUFKUlVYUUFzMmgwZEhCek9pOHZaM0poY0dndWNYRXVZMjl0TDI5aGRYUm9NaTR3TDJGMWRHaHZjbWw2WlQ5amJHbGxiblJmYVdROU1UQXhPVGs0TURZeEpuSmxaR2x5WldOMFgzVnlhVDFvZEhSd2N5VXpRU1V5UmlVeVJtTmhjeTVqZEdKMUxtVmtkUzVqYmlVeVJteDVkV0Z3VTJWeWRtVnlKVEpHYkc5bmFXNGxNMFpqYkdsbGJuUmZibUZ0WlNVelJGRlJRMnhwWlc1MEpuSmxjM0J2Ym5ObFgzUjVjR1U5WTI5a1pTWnpkR0YwWlQxMFpYTjBkQUFJVVhsWFpXbFlhVzUwQU8xb2RIUndjem92TDI5d1pXNHVkMlZwZUdsdUxuRnhMbU52YlM5amIyNXVaV04wTDI5aGRYUm9NaTloZFhSb2IzSnBlbVUvWVhCd2FXUTlkM2hqT1dSbU0yWmlaR013WXpnMk5EVXlKbkpsWkdseVpXTjBYM1Z5YVQxb2RIUndjeVV6UVNVeVJpVXlSbU5oY3k1amRHSjFMbVZrZFM1amJpVXlSbXg1ZFdGd1UyVnlkbVZ5SlRKR2JHOW5hVzRsTTBaamJHbGxiblJmYm1GdFpTVXpSRkY1VjJWcFdHbHVRMnhwWlc1MEpuSmxjM0J2Ym5ObFgzUjVjR1U5WTI5a1pTWnpZMjl3WlQxemJuTmhjR2xmWW1GelpTWnpkR0YwWlQxVFZFRlVSU04zWldOb1lYUmZjbVZrYVhKbFkzUjBBQWhFYVc1blJHbHVaM0VBZmdBZ2RBQUpWMlZwV0dsdVIzcG9jUUIrQUNwMEFBUkVSSGw1ZEFEQ2FIUjBjSE02THk5dllYQnBMbVJwYm1kMFlXeHJMbU52YlM5amIyNXVaV04wTDNGeVkyOXVibVZqZEQ5aGNIQnBaRDE0ZUNaeVpYTndiMjV6WlY5MGVYQmxQV052WkdVbWMyTnZjR1U5YzI1ellYQnBYMnh2WjJsdUpuTjBZWFJsUFZOVVFWUkZKbkpsWkdseVpXTjBYM1Z5YVQxb2RIUndjeVV6UVNVeVJpVXlSbU5oY3k1amRHSjFMbVZrZFM1amJpVXlSbXg1ZFdGd1UyVnlkbVZ5SlRKR2JHOW5hVzRsTTBaamJHbGxiblJmYm1GdFpTVXpSRVJFZVhsRGJHbGxiblIwQUFWWmFVSmhiblFBaVdoMGRIQnpPaTh2YjNCbGJtRndhUzU1YVdKaGJpNWpiaTl2WVhWMGFDOWhkWFJvYjNKcGVtVS9ZMnhwWlc1MFgybGtQWGg0Sm5KbFpHbHlaV04wWDNWeWFUMW9kSFJ3Y3lVelFTVXlSaVV5Um1OaGN5NWpkR0oxTG1Wa2RTNWpiaVV5Um14NWRXRndVMlZ5ZG1WeUpUSkdXVUpNYjJkcGJpNW9kRzFzSm5OMFlYUmxQVk5VUVZSRmRBQUZXV1JCY0hCMEFLVm9kSFJ3Y3pvdkwyRndjQzU2Wm5OdlpuUXVZMjl0TDJOdmJtNWxZM1F2YjJGMWRHZ3lMMkYxZEdodmNtbDZaVDloY0hCcFpEMTRlQ1p5WldScGNtVmpkRjkxY21rOWVIZ2xNMFpqYkdsbGJuUmZibUZ0WlNVelJGbGtRWEJ3UTJ4cFpXNTBKbkpsYzNCdmJuTmxYM1I1Y0dVOVkyOWtaU1p6WTI5d1pUMXpibk5oY0dsZlltRnpaU1p6ZEdGMFpUMVRWRUZVUlNOM1pXTm9ZWFJmY21Wa2FYSmxZM1IwQUFSVWVGZDRkQURoYUhSMGNITTZMeTl2Y0dWdUxuZGxZMkZ5WkM1eGNTNWpiMjB2WTI5dWJtVmpkQzl2WVhWMGFDOXdZeTFoZFhSb2IzSnBlbVUvWVhCd1gydGxlVDE0ZUNaeVpYTndiMjV6WlY5MGVYQmxQV052WkdVbWMyTnZjR1U5YzI1ellYQnBYM1Z6WlhKcGJtWnZKbTlqYjJSbFBTWnlaV1JwY21WamRGOTFjbWs5YUhSMGNITWxNMEVsTWtZbE1rWmpZWE11WTNSaWRTNWxaSFV1WTI0bE1rWnNlWFZoY0ZObGNuWmxjaVV5UmxSNFYzaE1iMmRwYmk1b2RHMXNKVE5HWTJ4cFpXNTBYMjVoYldVbE0wUlVlRmQ0UTJ4cFpXNTBKbk4wWVhSbFBWTlVRVlJGZEFBSlIzaHpabGxwUW1GdWRBQ1NhSFIwY0RvdkwzbHBZbUZ1TG1kNGJuVXVaV1IxTG1OdUwzQnliM2g1TFhwbUwyOWhkWFJvTDJGMWRHaHZjbWw2WlQ5amJHbGxiblJmYVdROWVIZ21jbVZrYVhKbFkzUmZkWEpwUFdoMGRIQnpKVE5CSlRKR0pUSkdZMkZ6TG1OMFluVXVaV1IxTG1OdUpUSkdiSGwxWVhCVFpYSjJaWElsTWtaWlFreHZaMmx1TG1oMGJXd21jM1JoZEdVOVUxUkJWRVYwQUFaRVJIbDVWakowQU01b2RIUndjem92TDI5aGNHa3VaR2x1WjNSaGJHc3VZMjl0TDJOdmJtNWxZM1F2YjJGMWRHZ3lMM051YzE5aGRYUm9iM0pwZW1VL1lYQndhV1E5ZUhnbWNtVnpjRzl1YzJWZmRIbHdaVDFqYjJSbEpuTmpiM0JsUFhOdWMyRndhVjloZFhSb0puTjBZWFJsUFZOVVFWUkZKbkpsWkdseVpXTjBYM1Z5YVQxb2RIUndjeVV6UVNVeVJpVXlSbU5oY3k1amRHSjFMbVZrZFM1amJpVXlSbXg1ZFdGd1UyVnlkbVZ5SlRKR2JHOW5hVzRsTTBaamJHbGxiblJmYm1GdFpTVXpSRVJFZVhsV01rTnNhV1Z1ZEhRQUExTmlhM1FBU21oMGRIQnpPaTh2WTJGekxtTjBZblV1WldSMUxtTnVMMng1ZFdGd1UyVnlkbVZ5TDFOaWEweHZaMmx1VlhKc0xtaDBiV3cvWTJ4cFpXNTBYMjVoYldVOVUySnJRMnhwWlc1MGRBQURXWGg1Y1FCK0FDeDBBQTFIZUdSNFYyVnBXR2x1UjNwb2RBQ25hSFIwY0RvdkwyNWxkSGR2Y21zdFkyVnVkSEpsTG5SbGMzUXVaM2gxYVhRdVkyOXRMMkZ3YVM5M2VDOW5aWFJQY0dWdWFXUS9jbVZrYVhKbFkzUlZjbWs5YUhSMGNITWxNMEVsTWtZbE1rWmpZWE11WTNSaWRTNWxaSFV1WTI0bE1rWnNlWFZoY0ZObGNuWmxjaVV5UmtkNFpIaFhlR2Q2YUV4dloybHVMbWgwYld3bE0wWmpiR2xsYm5SZmJtRnRaU1V6UkVkNFpIaFhaV2xZYVc1SGVtaERiR2xsYm5SNEFIUUFCbE5pYTFWeWJIRUFmZ0JGZEFBSlJFUjVlVll5VlhKc2NRQitBRU4wQUF4SGVITm1XV2xDWVc1VmNteHhBSDRBUVhRQUNGbHBRbUZ1VlhKc2NRQitBRHQwQUE1aWFXNWtRM0psWkdWdWRHbGhiSE55QURKdmNtY3VhbUZ6YVdjdVkyRnpMbUYxZEdobGJuUnBZMkYwYVc5dUxrSnBibVJCWTJOdmRXNTBRM0psWkdWdWRHbGhiR3JDU1RNYjJtR0NBZ0FCVEFBR2NtVmpiMlJsY1FCK0FBTjRjZ0EzYjNKbkxtcGhjMmxuTG1OaGN5NWhkWFJvWlc1MGFXTmhkR2x2Ymk1VmMyVnlibUZ0WlZCaGMzTjNiM0prUTNKbFpHVnVkR2xoYlBaRzgyUHUrc0JGQWdBSFRBQUZaVzFoYVd4eEFINEFBMHdBQjJselJXMWhhV3gwQUJOTWFtRjJZUzlzWVc1bkwwSnZiMnhsWVc0N1RBQUhhWE5RYUc5dVpYRUFmZ0JRVEFBR2JXOWlhV3hsY1FCK0FBTk1BQWh3WVhOemQyOXlaSEVBZmdBRFRBQU1jbVZ0WlcxaVpYSk9ZVzFsY1FCK0FBTk1BQWgxYzJWeWJtRnRaWEVBZmdBRGVIQndjUUIrQUNoeEFINEFLSEJ3Y0hCd2RBQUtZM0psWkdWdWRHbGhiSE55QUVSdmNtY3VhbUZ6YVdjdVkyRnpMbUYxZEdobGJuUnBZMkYwYVc5dUxsVnpaWEp1WVcxbFVHRnpjM2R2Y21SWGFYUm9VR2h2Ym1WamIyUmxRM0psWkdWdWRHbGhiR0pHY1dEcVU1aldBZ0FFV2dBR1ptdFZjMlZ5VEFBS2JXOWlhV3hsUTI5a1pYRUFmZ0FEVEFBR2NtVmpiMlJsY1FCK0FBTk1BQXR5Wld4dloybHVWSGx3WlhFQWZnQURlSElBUTI5eVp5NXFZWE5wWnk1allYTXVZWFYwYUdWdWRHbGpZWFJwYjI0dVZYTmxjbTVoYldWUVlYTnpkMjl5WkVOeVpXUmxiblJwWVd4WGFYUm9RWFYwYUVOdlpHVUFBQUFBQUFBQUFRSUFBVXdBQ0dGMWRHaGpiMlJsY1FCK0FBTjRjZ0JCYjNKbkxtcGhjMmxuTG1OaGN5NWhkWFJvWlc1MGFXTmhkR2x2Ymk1U1pXMWxiV0psY2sxbFZYTmxjbTVoYldWUVlYTnpkMjl5WkVOeVpXUmxiblJwWVd5aTRVT1Z1M0pyQXdJQUFWb0FDbkpsYldWdFltVnlUV1Y0Y1FCK0FFOXdjUUIrQUNoeEFINEFLSEJ3Y0hBQWNBQndjSEIwQUFWUlVWVnliSEVBZmdBemRBQVFSM2hrZUZkbGFWaHBia2Q2YUZWeWJIRUFmZ0JJZEFBSGMyVnlkbWxqWlhOeUFFWnZjbWN1YW1GemFXY3VZMkZ6TG1GMWRHaGxiblJwWTJGMGFXOXVMbkJ5YVc1amFYQmhiQzVUYVcxd2JHVlhaV0pCY0hCc2FXTmhkR2x2YmxObGNuWnBZMlZKYlhCc2M2aVBqNkJ0OGRvQ0FBQjRjZ0JFYjNKbkxtcGhjMmxuTG1OaGN5NWhkWFJvWlc1MGFXTmhkR2x2Ymk1d2NtbHVZMmx3WVd3dVFXSnpkSEpoWTNSWFpXSkJjSEJzYVdOaGRHbHZibE5sY25acFkyVUlkNGVGUVVtd3JBSUFCMW9BRUd4dloyZGxaRTkxZEVGc2NtVmhaSGxNQUFwaGNuUnBabUZqZEVsa2NRQitBQU5NQUFabWIzSnRZWFIwQURGTWIzSm5MMnBoYzJsbkwyTmhjeTkyWVd4cFpHRjBhVzl1TDFaaGJHbGtZWFJwYjI1U1pYTndiMjV6WlZSNWNHVTdUQUFDYVdSeEFINEFBMHdBQzI5eWFXZHBibUZzVlhKc2NRQitBQU5NQUFsd2NtbHVZMmx3WVd4MEFESk1iM0puTDJwaGMybG5MMk5oY3k5aGRYUm9aVzUwYVdOaGRHbHZiaTl3Y21sdVkybHdZV3d2VUhKcGJtTnBjR0ZzTzB3QUQzSmxjM0J2Ym5ObFFuVnBiR1JsY25RQU9FeHZjbWN2YW1GemFXY3ZZMkZ6TDJGMWRHaGxiblJwWTJGMGFXOXVMM0J5YVc1amFYQmhiQzlTWlhOd2IyNXpaVUoxYVd4a1pYSTdlSEFBY0g1eUFDOXZjbWN1YW1GemFXY3VZMkZ6TG5aaGJHbGtZWFJwYjI0dVZtRnNhV1JoZEdsdmJsSmxjM0J2Ym5ObFZIbHdaUUFBQUFBQUFBQUFFZ0FBZUhFQWZnQVFkQUFEV0UxTWRBQklhSFIwY0RvdkwybGpMbU4wWW5VdVpXUjFMbU51TDJGMWRHaGpaVzUwWlhJdlpHOUJkWFJvTHpjNVl6TmxZbVJrTkRVME56Um1PV1JoWkRoa01EUXpZVEF3T0RFd1pqSTJjUUIrQUdOd2MzSUFTMjl5Wnk1cVlYTnBaeTVqWVhNdVlYVjBhR1Z1ZEdsallYUnBiMjR1Y0hKcGJtTnBjR0ZzTGxkbFlrRndjR3hwWTJGMGFXOXVVMlZ5ZG1salpWSmxjM0J2Ym5ObFFuVnBiR1JsY3ZRdnowd2FmY3ZDQWdBQlRBQU1jbVZ6Y0c5dWMyVlVlWEJsZEFBK1RHOXlaeTlxWVhOcFp5OWpZWE12WVhWMGFHVnVkR2xqWVhScGIyNHZjSEpwYm1OcGNHRnNMMUpsYzNCdmJuTmxKRkpsYzNCdmJuTmxWSGx3WlR0NGNnQlRiM0puTG1waGMybG5MbU5oY3k1aGRYUm9aVzUwYVdOaGRHbHZiaTV3Y21sdVkybHdZV3d1UVdKemRISmhZM1JYWldKQmNIQnNhV05oZEdsdmJsTmxjblpwWTJWU1pYTndiMjV6WlVKMWFXeGtaWExBWDd3MEJtMndhUUlBQUhod2ZuSUFQRzl5Wnk1cVlYTnBaeTVqWVhNdVlYVjBhR1Z1ZEdsallYUnBiMjR1Y0hKcGJtTnBjR0ZzTGxKbGMzQnZibk5sSkZKbGMzQnZibk5sVkhsd1pRQUFBQUFBQUFBQUVnQUFlSEVBZmdBUWRBQUlVa1ZFU1ZKRlExUjBBQWhaWkVGd2NGVnliSEVBZmdBOWRBQUhWSGhYZUZWeWJIRUFmZ0EvZEFBV2RHbGphMlYwUjNKaGJuUnBibWRVYVdOclpYUkpaSEIwQUF0UmVWZGxhVmhwYmxWeWJIRUFmZ0ExZEFBSFJFUjVlVlZ5YkhFQWZnQTVkQUFSY21WbmFYTjBaWEpsWkZObGNuWnBZMlZ6Y2dBN2IzSm5MbXBoYzJsbkxtTmhjeTV6ZFhCd2IzSjBMbTloZFhSb0xuTmxjblpwWTJWekxrOUJkWFJvVW1WbmFYTjBaWEpsWkZObGNuWnBZMlZKMElUN0loQ3FUUUlBQTB3QUZHSjVjR0Z6YzBGd2NISnZkbUZzVUhKdmJYQjBjUUIrQUZCTUFBaGpiR2xsYm5SSlpIRUFmZ0FEVEFBTVkyeHBaVzUwVTJWamNtVjBjUUIrQUFONGNnQXRiM0puTG1waGMybG5MbU5oY3k1elpYSjJhV05sY3k1U1pXZGxlRkpsWjJsemRHVnlaV1JUWlhKMmFXTmxqV05ZUzJVQlplVUNBQUI0Y2dBd2IzSm5MbXBoYzJsbkxtTmhjeTV6WlhKMmFXTmxjeTVCWW5OMGNtRmpkRkpsWjJsemRHVnlaV1JUWlhKMmFXTmxhaGw4NGFyeWlpMENBQlZhQUJKaGNIQnNhV05oZEdsdmJsOWhZM1JwZG1WYUFCVmhjSEJzYVdOaGRHbHZibDlwYzNKbGJHOW5hVzVKQUE5bGRtRnNkV0YwYVc5dVQzSmtaWEpLQUFKcFpGb0FFSEJsY20xcGMzTnBiMjVmWTJobFkydE1BQTVoWTJObGMzTlRkSEpoZEdWbmVYUUFPRXh2Y21jdmFtRnphV2N2WTJGekwzTmxjblpwWTJWekwxSmxaMmx6ZEdWeVpXUlRaWEoyYVdObFFXTmpaWE56VTNSeVlYUmxaM2s3VEFBTFlXTmpaWE56WDNSNWNHVnhBSDRBQTB3QURXRndjR3hwWTJGMGFXOXVTV1J4QUg0QUEwd0FGbUYwZEhKcFluVjBaVkpsYkdWaGMyVlFiMnhwWTNsMEFFQk1iM0puTDJwaGMybG5MMk5oY3k5elpYSjJhV05sY3k5U1pXZHBjM1JsY21Wa1UyVnlkbWxqWlVGMGRISnBZblYwWlZKbGJHVmhjMlZRYjJ4cFkzazdUQUFMWkdWelkzSnBjSFJwYjI1eEFINEFBMHdBQkd4dloyOTBBQTVNYW1GMllTOXVaWFF2VlZKTU8wd0FDbXh2WjI5MWRGUjVjR1YwQUNOTWIzSm5MMnBoYzJsbkwyTmhjeTl6WlhKMmFXTmxjeTlNYjJkdmRYUlVlWEJsTzB3QUNXeHZaMjkxZEZWeWJIRUFmZ0IyVEFBRWJtRnRaWEVBZmdBRFRBQUtjSEp2Y0dWeWRHbGxjM0VBZmdBR1RBQUxjSEp2ZUhsUWIyeHBZM2wwQURWTWIzSm5MMnBoYzJsbkwyTmhjeTl6WlhKMmFXTmxjeTlTWldkcGMzUmxjbVZrVTJWeWRtbGpaVkJ5YjNoNVVHOXNhV041TzB3QUNYQjFZbXhwWTB0bGVYUUFNMHh2Y21jdmFtRnphV2N2WTJGekwzTmxjblpwWTJWekwxSmxaMmx6ZEdWeVpXUlRaWEoyYVdObFVIVmliR2xqUzJWNU8wd0FFSEpsY1hWcGNtVmtTR0Z1Wkd4bGNuTjBBQk5NYW1GMllTOTFkR2xzTDBoaGMyaFRaWFE3VEFBSmMyVnlkbWxqWlVsa2NRQitBQU5NQUFWMGFHVnRaWEVBZmdBRFRBQVpkWE5sY201aGJXVkJkSFJ5YVdKMWRHVlFjbTkyYVdSbGNuUUFRMHh2Y21jdmFtRnphV2N2WTJGekwzTmxjblpwWTJWekwxSmxaMmx6ZEdWeVpXUlRaWEoyYVdObFZYTmxjbTVoYldWQmRIUnlhV0oxZEdWUWNtOTJhV1JsY2p0NGNBRUFBQUFBQUFBQUFBQUFBQUF6QVhOeUFEMXZjbWN1YW1GemFXY3VZMkZ6TG5ObGNuWnBZMlZ6TGtSbFptRjFiSFJTWldkcGMzUmxjbVZrVTJWeWRtbGpaVUZqWTJWemMxTjBjbUYwWldkNUVVZ2V5bFlvRDYwQ0FBWmFBQTlqWVhObFNXNXpaVzV6YVhScGRtVmFBQWRsYm1GaWJHVmtXZ0FVY21WeGRXbHlaVUZzYkVGMGRISnBZblYwWlhOYUFBcHpjMjlGYm1GaWJHVmtUQUFTY21WeGRXbHlaV1JCZEhSeWFXSjFkR1Z6Y1FCK0FBWk1BQmQxYm1GMWRHaHZjbWw2WldSU1pXUnBjbVZqZEZWeWJIUUFEa3hxWVhaaEwyNWxkQzlWVWtrN2VIQUFBUUVCYzNFQWZnQUlQMEFBQUFBQUFBQjNDQUFBQUJBQUFBQUFlSEIwQUFOallYTjBBQ0JGTVRjM09ETTVOVVF5T0RnMlFrUkZSVEExTTBNNU1EQXhSVUZETnpWR1JuTnlBRHB2Y21jdWFtRnphV2N1WTJGekxuTmxjblpwWTJWekxsSmxkSFZ5YmtGc2JHOTNaV1JCZEhSeWFXSjFkR1ZTWld4bFlYTmxVRzlzYVdONXIrZVR6NlovR1NjQ0FBRk1BQkZoYkd4dmQyVmtRWFIwY21saWRYUmxjM1FBRUV4cVlYWmhMM1YwYVd3dlRHbHpkRHQ0Y2dCR2IzSm5MbXBoYzJsbkxtTmhjeTV6WlhKMmFXTmxjeTVCWW5OMGNtRmpkRkpsWjJsemRHVnlaV1JUWlhKMmFXTmxRWFIwY21saWRYUmxVbVZzWldGelpWQnZiR2xqZVVubjFuTnNteFFIQWdBRVdnQWxZWFYwYUc5eWFYcGxaRlJ2VW1Wc1pXRnpaVU55WldSbGJuUnBZV3hRWVhOemQyOXlaRm9BSm1GMWRHaHZjbWw2WldSVWIxSmxiR1ZoYzJWUWNtOTRlVWR5WVc1MGFXNW5WR2xqYTJWMFRBQWRjSEpwYm1OcGNHRnNRWFIwY21saWRYUmxjMUpsY0c5emFYUnZjbmwwQUVaTWIzSm5MMnBoYzJsbkwyTmhjeTloZFhSb1pXNTBhV05oZEdsdmJpOXdjbWx1WTJsd1lXd3ZVSEpwYm1OcGNHRnNRWFIwY21saWRYUmxjMUpsY0c5emFYUnZjbms3VEFBZ2NtVm5hWE4wWlhKbFpGTmxjblpwWTJWQmRIUnlhV0oxZEdWR2FXeDBaWEowQURsTWIzSm5MMnBoYzJsbkwyTmhjeTl6WlhKMmFXTmxjeTlTWldkcGMzUmxjbVZrVTJWeWRtbGpaVUYwZEhKcFluVjBaVVpwYkhSbGNqdDRjQUFBYzNJQVMyOXlaeTVxWVhOcFp5NWpZWE11WVhWMGFHVnVkR2xqWVhScGIyNHVjSEpwYm1OcGNHRnNMa1JsWm1GMWJIUlFjbWx1WTJsd1lXeEJkSFJ5YVdKMWRHVnpVbVZ3YjNOcGRHOXllY0VQS3loeVg2cURBZ0FBZUhJQVVtOXlaeTVxWVhOcFp5NWpZWE11WVhWMGFHVnVkR2xqWVhScGIyNHVjSEpwYm1OcGNHRnNMbU5oWTJobExrRmljM1J5WVdOMFVISnBibU5wY0dGc1FYUjBjbWxpZFhSbGMxSmxjRzl6YVhSdmNubFlJSnJFcEFZd1lnSUFBMG9BQ21WNGNHbHlZWFJwYjI1TUFBOXRaWEpuYVc1blUzUnlZWFJsWjNsMEFHUk1iM0puTDJwaGMybG5MMk5oY3k5aGRYUm9aVzUwYVdOaGRHbHZiaTl3Y21sdVkybHdZV3d2WTJGamFHVXZRV0p6ZEhKaFkzUlFjbWx1WTJsd1lXeEJkSFJ5YVdKMWRHVnpVbVZ3YjNOcGRHOXllU1JOWlhKbmFXNW5VM1J5WVhSbFozazdUQUFJZEdsdFpWVnVhWFIwQUI5TWFtRjJZUzkxZEdsc0wyTnZibU4xY25KbGJuUXZWR2x0WlZWdWFYUTdlSEFBQUFBQUFBQUFBbkIrY2dBZGFtRjJZUzUxZEdsc0xtTnZibU4xY25KbGJuUXVWR2x0WlZWdWFYUUFBQUFBQUFBQUFCSUFBSGh4QUg0QUVIUUFCVWhQVlZKVGNITnlBQnBxWVhaaExuVjBhV3d1UVhKeVlYbHpKRUZ5Y21GNVRHbHpkTm1rUEw3TmlBYlNBZ0FCV3dBQllYUUFFMXRNYW1GMllTOXNZVzVuTDA5aWFtVmpkRHQ0Y0hWeUFCTmJUR3BoZG1FdWJHRnVaeTVUZEhKcGJtYzdyZEpXNStrZGUwY0NBQUI0Y0FBQUFBaDBBQWgxYzJWeWJtRnRaWFFBQW5odGRBQURaSGRvZEFBRVpIZHRZM1FBQ0hWelpYSjBlWEJsZEFBTlpXUjFjR1Z5YzI5dVkyRnlaSFFBQldWdFlXbHNkQUFJY21WaGJHNWhiV1Z3Y0g1eUFDRnZjbWN1YW1GemFXY3VZMkZ6TG5ObGNuWnBZMlZ6TGt4dloyOTFkRlI1Y0dVQUFBQUFBQUFBQUJJQUFIaHhBSDRBRUhRQURFSkJRMHRmUTBoQlRrNUZUSE55QUF4cVlYWmhMbTVsZEM1VlVreVdKVGMyR3Z6a2NnTUFCMGtBQ0doaGMyaERiMlJsU1FBRWNHOXlkRXdBQ1dGMWRHaHZjbWwwZVhFQWZnQURUQUFFWm1sc1pYRUFmZ0FEVEFBRWFHOXpkSEVBZmdBRFRBQUljSEp2ZEc5amIyeHhBSDRBQTB3QUEzSmxabkVBZmdBRGVIRC8vLy8vLy8vLy8zUUFEbWxqTG1OMFluVXVaV1IxTG1OdWRBQUFjUUIrQUtOMEFBUm9kSFJ3Y0hoMEFCamx1cWZrdlkzcG9vVG51cWJucnFIbmtJYm5zN3ZudTU5emNRQitBQWcvUUFBQUFBQUFBSGNJQUFBQUVBQUFBQUI0YzNJQU9XOXlaeTVxWVhOcFp5NWpZWE11YzJWeWRtbGpaWE11VW1WbWRYTmxVbVZuYVhOMFpYSmxaRk5sY25acFkyVlFjbTk0ZVZCdmJHbGplYkNrQUc3RFdPWlVBZ0FBZUhCd2MzSUFFV3BoZG1FdWRYUnBiQzVJWVhOb1UyVjB1a1NGbFphNHR6UURBQUI0Y0hjTUFBQUFFRDlBQUFBQUFBQUFlSFFBSUY0b2FIUjBjSHhvZEhSd2N5azZMeTlwWXk1amRHSjFMbVZrZFM1amJpNHFjSE55QUQ5dmNtY3VhbUZ6YVdjdVkyRnpMbk5sY25acFkyVnpMa1JsWm1GMWJIUlNaV2RwYzNSbGNtVmtVMlZ5ZG1salpWVnpaWEp1WVcxbFVISnZkbWxrWlhKUTB2ZEdKWmxoVndJQUFIaHdjM0VBZmdBbkFYUUFFa1Y2ZVVOc1FVdG9hMlpWTmtONFIzSkdPWFFBSUdVMU9URmxaakppWmpWallqUTFZMkZpWXpCbE5XUTNaalkzWXpKalpUbGtlSGh3ZUhoNGNRQitBQmM9", "_eventId":"submit"}

 execution这个参数就在被重定向到统一身份认证平台所返回的html代码中,我直科技狠活Jsoup解析html提取execution 到现在所有提交账号密码的表单参数都找到了,接下来就剩下破解密码加密算法了。

我一眼看到刚刚抓的包里有一个getPubKey的请求,且返回值为json

{"modulus":"aebab2f26a00708bed2333b2c08be971e7e58ca10dc4ab9887531dd6dfc4d85a2fb2932ae7e486a2e33bb20ad45655a0b4454158b65cd7103e6da356a2459343", "exponent":"10001"}

根据经验判断这不就是RSA加密中的modulus和exponent,经过一番寻找后发现一个login.jshttps://cas.ctbu.edu.cn/lyuapServer/js/login/login.js?v=0.12243627935153334请求返回了一堆js代码,仔细分析后发现密码加密算法就在其中

function checkForm(){ if (checkSubmitFlg == true) { return false; } if($("#username").val()==''){ $("#username").focus(); return false; } if($("#ppassword").val()==''){ $("#ppassword").focus(); return false; } if($("#kaptcha").css("display")!="none" && $("#authcode").val()==''){ $("#authcode").focus(); return false; } var password = $("#ppassword").val(); var key = new RSAUtils.getKeyPair(public_exponent, "", Modulus); var reversedPwd = password.split("").reverse().join(""); var encrypedPwd = RSAUtils.encryptedString(key,reversedPwd); $("#password").val(encrypedPwd); checkSubmitFlg = true; sessionStorage.setItem('loginType', 'zhdl'); $("#fm1").submit(); }

接下来就是用Java改写加密算法了,话不多说直接上代码

 

import java.math.BigInteger; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.Security; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import java.util.HashMap; import javax.crypto.Cipher; public class RSAUtils { /** * 生成公钥和私钥 * * @throws NoSuchAlgorithmException */ public static HashMap getKeys() throws NoSuchAlgorithmException { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); HashMap map = new HashMap(); KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); keyPairGen.initialize(1024); KeyPair keyPair = keyPairGen.generateKeyPair(); RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); map.put("public", publicKey); map.put("private", privateKey); return map; } /** * 使用模和指数生成RSA公钥 * * @param modulus 模 * @param exponent 指数 * @return */ public static RSAPublicKey getPublicKey(String modulus, String exponent) { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); try { BigInteger b1 = new BigInteger(modulus, 16); BigInteger b2 = new BigInteger(exponent, 16); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(b1, b2); return (RSAPublicKey) keyFactory.generatePublic(keySpec); } catch (Exception e) { e.printStackTrace(); return null; } } /** * 使用模和指数生成RSA私钥 * /None/NoPadding * * @param modulus 模 * @param exponent 指数 * @return */ public static RSAPrivateKey getPrivateKey(String modulus, String exponent) { try { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); BigInteger b1 = new BigInteger(modulus, 16); BigInteger b2 = new BigInteger(exponent); KeyFactory keyFactory = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(b1, b2); return (RSAPrivateKey) keyFactory.generatePrivate(keySpec); } catch (Exception e) { e.printStackTrace(); return null; } } /** * 公钥加密 * * @param data * @param publicKey * @return * @throws Exception */ public static String encryptByPublicKey(String data, RSAPublicKey publicKey) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); // 模长 int key_len = publicKey.getModulus().bitLength() / 8; // 加密数据长度 = asc_len) ? 0x00 : asc_to_bcd(ascii[j++])) + (bcd[i] = '0') && (asc = 'A') && (asc = 'a') && (asc > 4) & 0x0f); temp[i * 2] = (char) (val > 9 ? val + 'A' - 10 : val + '0'); val = (char) (bytes[i] & 0x0f); temp[i * 2 + 1] = (char) (val > 9 ? val + 'A' - 10 : val + '0'); } return new String(temp); } /** * 拆分字符串 */ public static String[] splitString(String string, int len) { int x = string.length() / len; int y = string.length() % len; int z = 0; if (y != 0) { z = 1; } String[] strings = new String[x + z]; String str = ""; for (int i = 0; i < x + z; i++) { if (i == x + z - 1 && y != 0) { str = string.substring(i * len, i * len + y); } else { str = string.substring(i * len, i * len + len); } strings[i] = str; } return strings; } /** * 拆分数组 */ public static byte[][] splitArray(byte[] data, int len) { int x = data.length / len; int y = data.length % len; int z = 0; if (y != 0) { z = 1; } byte[][] arrays = new byte[x + z][]; byte[] arr; for (int i = 0; i < x + z; i++) { arr = new byte[len]; if (i == x + z - 1 && y != 0) { System.arraycopy(data, i * len, arr, 0, y); } else { System.arraycopy(data, i * len, arr, 0, len); } arrays[i] = arr; } return arrays; } public static String encrypedPwd(String modulus, String public_exponent, String password) throws Exception { //String reversedPwd=new StringBuffer(password).reverse().toString(); RSAPublicKey pubKey = RSAUtils.getPublicKey(modulus, public_exponent); return RSAUtils.encryptByPublicKey(password, pubKey).toLowerCase(); } }

使用上面抓的包来进行验证结果相同,

ef7165d54b644f9caa1639cba237388c.png

f8ae938553a74e22a27c611725f9c2d1.png

至于验证码识别的话直接上打码平台,简单粗暴。

接下来就是抓包提交预约信息的接口了,随机找一个座位进行预约,抓包后发现一个接口    https://ic.ctbu.edu.cn/ic-web/reserve  返回值json:

{"code":0, "message":"新增成功", "data": {"uuid":"46bac594e7da405b930143fb9bc81d4e","resvId":217796878,"appAccNo":116717527,"memberKind":1,"resvDate":20220925,"resvBeginTime":1664091180000,"resvEndTime":1664111460000,"resvEndRealTime":null,"resvCheckTime":1664088192687,"resvDelTime":null,"resvStatus":1027,"classKind":8,"resvProperty":0,"appUrl":null,"testName":"","resvKind":16,"memo":"","resvRuleId":8,"openRuleId":1404,"statFlag":1,"feeRuleId":null,"dayOfWeek":6,"realUsers":null,"signTime":null,"addValueNum":0,"gmtCreate":1664088192688,"gmtModified":1664088192688,"devName":null,"leftTime":null,"checkInfo":null,"logonName":"2019****2","resvName":"**","resvDevInfoList":[{"resvId":217796878,"devId":100455990,"devName":"5F134","devSn":100455990,"kindId":100455847,"parentId":0,"devStatus":0,"devProp":2,"kindName":"座位","classKind":8,"roomId":100455854,"roomSn":"1","roomName":"南楼五楼","labId":100455850,"labName":"五楼","roomKind":8,"memo":null,"borrowDevStatus":null}],"resvMemberInfoList":[{"uuid":"7b3a7eadea684dbda0a5a551817b30a9","resvId":217796878,"accNo":116717527,"logonName":"2019134212","trueName":"**","ident":256,"handPhone":"***********","status":1,"kind":1,"memo":null,"signTime":null,"cardNo":"9621C4F2"}],"endEarly":false,"addServices":null,"tempLeaveEndTime":null,"activityNo":null,"resvEndOperationTime":null,"endNormal":false},"count":0,"vals":null}

基本上大体思路都出来了,接下来就是代码实现每日自动登录并预约座位了,经过我一番操作之后

299fc6e844ca44f7b57daa3acab074d4.png

 大功告成,然后打包为jar包部署到服务器上每天到时间自动预约。

有需要源码的可以私信我

仅供研究学习!!

 

 



【本文地址】


今日新闻

推荐新闻

CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3