Skip to content

Commit 4bcc801

Browse files
zhanghe06zhanghe06
committed
更新WebQQ登录
1 parent c175a9b commit 4bcc801

5 files changed

Lines changed: 122 additions & 2 deletions

File tree

pswEncrypt.py

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
# encoding: utf-8
2+
__author__ = 'zhanghe'
3+
4+
import hashlib
5+
6+
7+
class EncryptPsw():
8+
def __init__(self):
9+
pass
10+
11+
def _user_to_bin(self, user):
12+
return self._hex_to_bin(hex(int(user))[2:].zfill(16))
13+
14+
def encrypt(self, user, psw, verify_code):
15+
bin_user = self._user_to_bin(user)
16+
psw_1 = self._md5_encrypt_1(psw)
17+
18+
psw_1 = self._hex_to_bin(psw_1)
19+
psw_2 = self._md5_encrypt_2(psw_1, bin_user)
20+
psw_3 = self._md5_encrypt_3(psw_2, verify_code)
21+
22+
return psw_3
23+
24+
@staticmethod
25+
def _hex_to_bin(string): # 字符串转bytes数组
26+
length = len(string)
27+
tmp = []
28+
for i in range(0, length, 2):
29+
tmp.append(int("0x" + string[i:i + 2], base=16))
30+
return bytes(tmp)
31+
32+
@staticmethod
33+
def _md5_encrypt_1(psw): # 密码的第一次加密
34+
md5 = hashlib.md5()
35+
md5.update(psw.encode("ISO-8859-1"))
36+
return md5.hexdigest().upper()
37+
38+
@staticmethod
39+
def _md5_encrypt_2(psw, user): # 密码的第二次加密
40+
md5 = hashlib.md5()
41+
md5.update(psw + user)
42+
return md5.hexdigest().upper()
43+
44+
@staticmethod
45+
def _md5_encrypt_3(psw, verify_code): # 密码的第三次加密
46+
md5 = hashlib.md5()
47+
md5.update((psw + verify_code.upper()).encode("ISO-8859-1"))
48+
return md5.hexdigest().upper()
49+
50+
51+
def main():
52+
a = EncryptPsw()
53+
psw = a.encrypt("888888888", "123456", "!xyz")
54+
print(psw)
55+
56+
57+
if __name__ == "__main__":
58+
main()

static/js/web_qq/10125/mq_comm.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2326,6 +2326,7 @@ $.RSA = $pt.RSA = function() {
23262326
} else {
23272327
var z = 0;
23282328
for (var A = 0; A < D.length; A += 2) {
2329+
//解析十六进制,转为整数
23292330
B[z++] = parseInt(D.substr(A, 2), 16)
23302331
}
23312332
}
@@ -2336,7 +2337,7 @@ $.RSA = $pt.RSA = function() {
23362337
var z = h(A);
23372338
return w(z)
23382339
},enAsBase64: function(E, D) {
2339-
var C = o(E, D);
2340+
var C = o(E, D);//十六进制转为十进制整数
23402341
var B = h(C);
23412342
var z = "";
23422343
for (var A = 0; A < B.length; A++) {

template/web_qq/password.html

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head lang="en">
4+
<meta charset="UTF-8">
5+
<title>python web</title>
6+
<!--<script type="text/javascript" src="/static/js/jquery/jquery.min.js"></script>-->
7+
<script type="text/javascript" src="{{ static_url('js/web_qq/10125/mq_comm.js') }}"></script>
8+
9+
<script type="text/javascript">
10+
function GetRequest() {
11+
var url = location.search; //获取url中"?"符后的字串
12+
var Request = {};
13+
if (url.indexOf("?") != -1) {
14+
var str = url.substr(1);
15+
var params = str.split("&");
16+
for (var i = 0; i < params.length; i++) {
17+
Request[params[i].split("=")[0]] = (params[i].split("=")[1]);
18+
}
19+
}
20+
return Request;
21+
}
22+
alert('yyXuDoOMVzZ1r0O4yIS-D*jPubA0DsMz3*DFI4EQnFcOiA5xAQuyb4bsboFMvH6hPwEi*uX8Bi5uZUO-jLawSGGado9PkNE-wPWpZipgnvOln933dZyvpiJpwHudFq7Xme8fHlSoEaGee16uVKdkyMoriGOfQn99yBOtfz1UhLGEDP6zwntowp7aK5jvHtpbegeaeYflBDN71yIuCcBdPw__'.length);
23+
</script>
24+
<!--<script type="text/javascript">-->
25+
<!--$(document).ready(function () {-->
26+
<!--//接收参数-->
27+
<!--var Request = GetRequest();-->
28+
<!--var password = Request['password'];-->
29+
<!--var salt = Request['salt'];-->
30+
<!--var verify_code = Request['verify_code'];-->
31+
<!--// alert(Request['password']);-->
32+
<!--// alert(Request['salt']);-->
33+
<!--// alert(Request['verify_code']);-->
34+
<!--//加密-->
35+
<!--alert(chrsz);-->
36+
<!--var aa = getEncryption(password, salt, verify_code);-->
37+
<!--//var aa = password;-->
38+
<!--//alert(aa);-->
39+
<!--$('#password').html(aa);-->
40+
<!--});-->
41+
42+
<!--</script>-->
43+
</head>
44+
<body>
45+
<div id="password"></div>
46+
</body>
47+
</html>

web.py

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,10 +56,19 @@ def data_received(self, chunk):
5656
def get(self):
5757
self.render('web_qq/index.html')
5858

59+
60+
class QQPasswordHandler(tornado.web.RequestHandler):
61+
def data_received(self, chunk):
62+
pass
63+
64+
def get(self):
65+
self.render('web_qq/password.html')
66+
5967
handlers = [
6068
(r'/', IndexHandler),
6169
(r'/login', LoginHandler),
6270
(r'/qq', QQHandler),
71+
(r'/qq/password', QQPasswordHandler),
6372
# (r'/member', memberHandler),
6473
# (r'/chat/(\d+)', chatHandler),
6574
# (r'/register', registerHandler),

web_qq.py

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
url_check = 'https://ssl.ptlogin2.qq.com/check'
1717

1818
# 图形验证码
19-
url_img_verify = 'https://ssl.captcha.qq.com/getimage?aid=501004106&r=0.746980357915163&uin=555555&cap_cd=Yktn0uE_UcyPqpvIbJe99ncYNR1jVUbobBraaII7JI5aTuzo5UJzsA**'
19+
url_img_verify = 'https://ssl.captcha.qq.com/getimage'
2020

2121
# 登录页的url
2222
url_login = 'https://ssl.ptlogin2.qq.com/login'
@@ -153,3 +153,8 @@ def login():
153153
result = login()
154154
print result
155155

156+
157+
"""
158+
对于加密部分,最好的方案是引入外部js到本地作为单独的服务
159+
如果将算法集成到代码里,加密算法变更后,还要重写
160+
"""

0 commit comments

Comments
 (0)