地址:http://openlaw.cn/login.jsp
需要登陆,Form data
找到_csrf和password,_csrf,在登陆页面
找加密password的js代码,ctrl+F搜索password,重新填入input
找到加密函数KeyEncrypt
找到JSEncrypt,CryptoJs
执行
用execjs执行js或者用js2py
node.js或Jscript报navigator is not define,可以用PhantomJS
#运行时环境设置
import execjs import execjs.runtime_names os.environ["EXECJS_RUNTIME"] = "PhantomJS" PhantomJS = execjs.get(execjs.runtime_names.PhantomJS) print(execjs.get().name)
结果如图
pytohn执行
#获取csfr
headers={ "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3", "Accept-Encoding":"gzip,deflate", "Accept-Language":"zh-CN,zh;q=0.9", "Cache-Control":"max-age=0", "Connection":"keep-alive", "Content-Type":"application/x-www-form-urlencoded", "Host":"openlaw.cn", "Upgrade-Insecure-Requests":"1", "User-Agent":"Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/73.0.3683.86Safari/537.36", } r=session.get("http://openlaw.cn/login.jsp?",headers=headers1) tree=etree.HTML(r.text) csrf=tree.xpath('//input[@name="_csrf"]/@value')[0]
#post form data post_url="http://openlaw.cn/login" with open(r"C:Users37576Desktop123.js",encoding="utf-8")as f: js=f.read() ctx = execjs.compile(js) pwd=ctx.call("keyEncrypt","XXXXXXXX")#密码 data={ "_csrf":csrf, "username":"#########",#账户 "password":pwd, "_spring_security_remember_me":"true", } res=session.post(post_url,data=data,headers=headers)
tree=etree.HTML(res.text)
lala=tree.xpath('//div[@class="bbp-user-section"]//text()')
登陆成功
页面
url="http://openlaw.cn/guidance/16444eba67afe97881fa6521d333ef10" headers1={ "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3", "Accept-Encoding":"gzip,deflate", "Accept-Language":"zh-CN,zh;q=0.9", "Connection":"keep-alive", "Host":"openlaw.cn", "Upgrade-Insecure-Requests":"1", "User-Agent":"Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/73.0.3683.86Safari/537.36", } a=session.get(url,headers=headers1)
是混淆的js
抓包
有二条请求
第一条加cookie,第二条正常,需要知道怎么加的cookie
jjencodeDemo:http://utf-8.jp/public/jjencode.html
],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[
jsfunk:http://www.jsfuck.com/
+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]
aaencode:http://utf-8.jp/public/aaencode.html
゚ω゚ノ= /`m´)ノ ~┻━┻ //*´∇`*/ ['_']; o=(゚ー゚) =_=3; c=(゚Θ゚) =(゚ー゚)-(゚ー゚); (゚Д゚) =(゚Θ゚)= (o^_^o)/ (o^_^o);(゚Д゚)={゚Θ゚: '_' ,゚ω゚ノ : ((゚ω゚ノ==3) +'_') [゚Θ゚] ,゚ー゚ノ :(゚ω゚ノ+ '_')[o^_^o -(゚Θ゚)] ,゚Д゚ノ:((゚ー゚==3) +'_')[゚ー゚] }; (゚Д゚) [゚Θ゚] =((゚ω゚ノ==3) +'_') [c^_^o];(゚Д゚) ['c'] = ((゚Д゚)+'_') [ (゚ー゚)+(゚ー゚)-(゚Θ゚) ];
代码执行一下或者找工具解密
(function anonymous() { if (window.wp1) { document.cookie = 'OPEN_E4C0C08491=' + wp3; document.cookie = 'OPEN_ID=B32pJOwfO/AJZJ3ZGmnunQNTaUie84jnyHoNCq/onZQ=' } } )
加cookie的部分
js:
var wp1 = 'xKIOt5jUZQcS8wurcX4lghwlET9K0IWBUsS3ZqmSamCBTAPg7Fl5sVr443dyK42p'; var wp2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; var wp3 = "548545fe3ced4f3494934e537e304705"; var wp4 = "464acf618bf62df3e7e37e80c2c1a04d"; var wp5 = "0aa9566c4aa30883e34d0e1a530bf508"; var wp6 = "a8f49232d343e4b94ff7958088fa6734"; var wp7 = "82f778b45a9fce8589105c852174947b"; var wp8 = "3221d819c9b96d2631d0b5084c736f69"; if (window.wp1) { document.cookie = 'OPEN_E4C0C08491=' + wp3; document.cookie = 'OPEN_ID=B32pJOwfO/AJZJ3ZGmnunQNTaUie84jnyHoNCq/onZQ=' } var getGlobal = function() { if (typeof self !== '') { return self } ;if (typeof window !== '') { return window } ;if (typeof global !== '') { return global } ;throw new Error('unable to locate global object') }; function _process(s) { var result = s.substring(5, 7).concat('s').concat(s.substring(14, 15)).concat('v').concat(s.substring(9, 13)).concat('g').concat(s.substring(5)).concat('l').concat(s.substring(11, 19)); return result.substr(0, 32); } ;var _switch = false; if ((getGlobal() === window)) { _switch = true } else { _switch = false };
document.cookie = 'SIGNIN_ID=3e2291010f36c9244c633aba4cdcdd42'; document.cookie = 'SIGNIN_UC=9e65d8fc646e49fb7a0f9f8237915bfb'; document.cookie = 'UNDEFINED=432e9111ecf89746f3046ca970814f41'; if (_switch) { document.cookie = 'OPEN_589D5869B5=' + _process(wp3); setTimeout("location.reload();", 100); }
。。。很多参数不知道哪里来的搞不定了,用selenium
#配置chorme
from selenium import webdriver from selenium.webdriver.chrome.options import Options chrome_options = Options() chrome_options.add_argument('--headless') driver = webdriver.Chrome(chrome_options=chrome_options,executable_path = 'D:pythonchromedriver.exe') from time import sleep
#登陆
driver.get("http://openlaw.cn/login.jsp?logout") driver.find_element_by_id("username").send_keys("XXXXXXXXX") driver.find_element_by_id("password").send_keys("XXXXXXXXX") sleep(2) driver.find_element_by_id("submit").click()
#页面数据
driver.get("http://openlaw.cn/guidance/167ce490ba94c3ed26baab5689fdd620") sleep(2) title=driver.find_element_by_xpath('//h1[@class="entry-title"]').text guid=driver.find_element_by_xpath('//div[@class="annotator-wrapper"]/p').text content=driver.find_element_by_xpath('//div[@class="annotator-wrapper"]/p[2]').text page_detail={"title":title,"content":guid+" "+content.replace("u3000"," ")}
结果
