4399小游戲JS登錄逆向

!function(a, b) { "object" == typeof exports ? module.exports = exports = b() : "function" == typeof define && define.amd ? define([], b) : a.CryptoJS = b() }(this, function() { var a = a || function(a, b) { var n, c = Object.create || function() { function a() {} return function(b) { var c; return a.prototype = b, c = new a, a.prototype = null, c

滲透逆向 · 10-03 · 666 人浏览
4399小游戲JS登錄逆向

使用2captcha過reCAPTCHA V2驗證

API_KEY為2captcha的API import requests creat_task_url = 'https://2captcha.com/in.php?key=API_KEY&method=userrecaptcha&googlekey=WEBSITE_KEY&pageurl=URL' id = '' res = requests.get(creat_task_url) if res.status_code == 200: id = str(re.findall('\|(\d*)', res.text)[0]) time.sleep(20) code_res = requests.get(f'https://2captcha.com/res.php?key=API_KEY&action=get&id={id}') print(code_res.text)

滲透逆向 · 09-25 · 172 人浏览

記一次測試網站關於登錄頁面為AES加密

找登錄包后看到三個參數:1.token(網頁刷新直接頁面就可以通過f12搜尋到)2.email3.password(加密)剩下就是尋找加密函數了,搜索token后看到頁面加密的位置,encryptPass('emailPwdInp'),那麽接下來搜索 encryptPass找到加密函數了 function encrypt (str) { const key = CryptoJS.enc.Utf8.parse("idcsmart.finance") const iv = CryptoJS.enc.Utf8.parse("9311019310287172") var encrypted = CryptoJS.AES.encrypt(str, key, { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: iv, }).toString() return encrypted } function encryptPass (id) { le

滲透逆向 · 09-24 · 184 人浏览
記一次測試網站關於登錄頁面為AES加密

proxyscrape登錄逆向

關於上篇文章用到的驗證碼跳過工具,此次驗證類型為 Turnstile 請求示例為:{ "clientKey":"cc9c18d3e263515c2c072b36a7125eecc078618f", "task": { "type":"TurnstileTaskProxyless", "websiteURL":"https://react-turnstile.vercel.app", "websiteKey":"1x00000000000000000000AA" } }找到了key為 0x4AAAAAAAFWUVCKyusT9T8rwebsiteURL為 https://dashboard.proxyscrape.com/login然後獲取token,傳入到 cf-turnstile-response 參數,發送請求包就好了。

滲透逆向 · 04-14 · 226 人浏览
proxyscrape登錄逆向

Nodeseek跳過驗證自動登錄

看了一篇帖子,找到了思路來源。對於登錄包,我們通過f12查看到請求網址為:https://www.nodeseek.com/api/account/signIn 該請求為post。然後查看載荷發現該post包,由四部分組成:passwordusernametokenversion可以看到token是必備的,儅看到v3的時候我的反應是 reCaptcha V3驗證。整理思路:1.注冊api用來跳過驗證2.提取api返回的響應3.將api返回的響應添加並模擬發送post包正文開始:1.首先注冊yescaptcha2.獲取 ReCaptcha 网站密钥、Action,websiteURL,分別為:6LebtWYjAAAAAGeCv0BCBmvCcdgZiU6VbLfV3xktsubmithttps://www.nodeseek.com/api/account/signIn或者 f12后 在控制臺輸入以下脚本:function findRecaptchaClients() { // eslint-disable-next-line camelcase if (typeof (___gr

滲透逆向 · 04-06 · 343 人浏览
Nodeseek跳過驗證自動登錄
本站立足于美利堅合衆國,請讀者自覺遵守當地法律!如有違規,本站不承擔任何法律責任! This site is based in the United States of America, readers are requested to abide by local laws! If there are any violations, this site does not bear any legal responsibility!
2024 Xue Li Li's Blog. All Rights Reserved.
Theme Jasmine by Kent Liao