zoukankan      html  css  js  c++  java

  • 正方教務管理系統RSA 加密

    RSA公开密钥密码体制。所谓的公开密钥密码体制就是使用不同的加密密钥与解密密钥,是一种“由已知加密密钥推导出解密密钥在计算上是不可行的”密码体制。

    前端使用的對密碼的加密方式

    获取modules的方式

     使用python 对密码加密

        password = str(mm).encode("utf8").decode("utf8")
    name = str(yhm).encode("utf8").decode("utf8")
    weibo_rsa_e = 65537
    message = str(password).encode()
    rsa_n = binascii.b2a_hex(binascii.a2b_base64(modules))
    key = rsa.PublicKey(int(rsa_n, 16), weibo_rsa_e)
    encropy_pwd = rsa.encrypt(message, key)
    password = binascii.b2a_base64(encropy_pwd)

    用bs4 获取csrftoken

        page = session.get(url)
    soup = bs(page.text, "html.parser")
    # 获取认证口令csrftoken
    csrftoken = soup.find(id="csrftoken").get("value")

    完整获取cookie代码

    # -*- coding:UTF-8 -*-
import binascii
import requests
from bs4 import BeautifulSoup as bs
import time
import rsa


def get_cookie(yhm, mm):
    now_time = int(time.time())
    url = "http://学校地址/jwglxt/xtgl/login_slogin.html?language=zh_CN&_t="
    session = requests.Session()
    publickey = session.get(
        'http://学校地址/jwglxt/xtgl/login_getPublicKey.html?time=1611556780554&_=1611556779458').json()
    modules = publickey["modulus"]
    page = session.get(url)
    soup = bs(page.text, "html.parser")
    # 获取认证口令csrftoken
    csrftoken = soup.find(id="csrftoken").get("value")
    password = str(mm).encode("utf8").decode("utf8")
    name = str(yhm).encode("utf8").decode("utf8")
    weibo_rsa_e = 65537
    message = str(password).encode()
    rsa_n = binascii.b2a_hex(binascii.a2b_base64(modules))
    key = rsa.PublicKey(int(rsa_n, 16), weibo_rsa_e)
    encropy_pwd = rsa.encrypt(message, key)
    password = binascii.b2a_base64(encropy_pwd)
    header = {
        'Accept': 'text/html, */*; q=0.01',
        'Accept-Encoding': 'gzip, deflate',
        'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0',
        'Connection': 'keep-alive',
        'Referer': url + str(now_time),
        'Upgrade-Insecure-Requests': '1',
    }
    data = {
        'csrftoken': csrftoken,
        'mm': password,
        'mm': password,
        'yhm': name
    }
    request = session.post(url, headers=header, data=data)
    cookie = request.request.headers['cookie']
    return cookie


if __name__ == '__main__':
    yhm = ''  # 账号
    mm = ""  # 密码
    cookie = get_cookie(yhm, mm)
    print(cookie)

      难点可能就是RSA 加密,通过公钥进行加密,使用python 实现

    解密方式2:

    # -*- coding:UTF-8 -*-
import requests
import base64
import rsa
from bs4 import BeautifulSoup as bs

yhm = '*****'
mm = b"*****"
session = requests.Session()
publickey = session.get(
    'http://*******/jwglxt/xtgl/login_getPublicKey.html?time=1611556780554&_=1611556779458').json()
b_modulus = base64.b64decode(publickey['modulus'])  # 将base64解码转为bytes
b_exponent = base64.b64decode(publickey['exponent'])  # 将base64解码转为bytes
# 公钥生成, python3从bytes中获取int:int.from_bytes(bstring,'big')
mm_key = rsa.PublicKey(int.from_bytes(b_modulus, 'big'), int.from_bytes(b_exponent, 'big'))
# 利用公钥加密,bytes转为base64编码
rsa_mm = base64.b64encode(rsa.encrypt(mm, mm_key))
url = "http://*******/jwglxt/xtgl/login_slogin.html?time=1611556053622"
headers = {
  'Connection': 'keep-alive',
  'Pragma': 'no-cache',
  'Cache-Control': 'no-cache',
  'Upgrade-Insecure-Requests': '1',
  'Origin': 'http://25.system.haue.edu.cn:38025',
  'Content-Type': 'application/x-www-form-urlencoded',
  'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36',
  'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
  'Referer': 'http://25.system.haue.edu.cn:38025/jwglxt/xtgl/login_slogin.html?time=1611555951506',
  'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8',
}
page = session.get(url)
soup = bs(page.text, "html.parser")
# 获取认证口令csrftoken
csrftoken = soup.find(id="csrftoken").get("value")
postdata = {'csrftoken': csrftoken, 'yhm': yhm, 'mm': rsa_mm, "language": "zh_CN"}
rq = session.post(url, data=postdata)
print(rq.request.headers['Cookie'])

      
  • 相关阅读:
    【做题记录】区间排序—线段树
    【做题记录】CF1428E Carrots for Rabbits—堆的妙用
    线段树合并、分裂
    一、drf入门规范
    七、Django实战--图书管理系统搭建
    六、ORM模型层补充
    五、Django之模型层
    四、Django之模板层
    三、Django之视图层
    二、Django之路由层
  • 原文地址:https://www.cnblogs.com/lqn404/p/14329129.html
Copyright © 2011-2022 走看看