当前位置:网站首页>Analysis of smart jiangcai login in Jiangxi University of Finance and Economics
Analysis of smart jiangcai login in Jiangxi University of Finance and Economics
2022-06-30 12:41:00 【Minor dream】
Grab the bag first
- Found the parameters for submitting login
Pictured , Submitted parameters
- Then try to search for these parameters , Look where it's used , The key is
passwordHow it's encrypted , Global searchctrl+shift+fTo search for code , Locate as shown in the figure below
- Then we know the encryption method
Logical summary
- I'm too lazy to write , Direct reference @K Brother reptile
- The encryption entry can be in index Find... On the home page , Yes rsa.js The three encryption functions inside
RSAKey()、setPublic()、encrypt(); - rsa.js Inside
BigInteger()Function dependency jsbn.js,SecureRandom()Function dependency rng.js; - rng.js Variables in
rng_psizestay prng4.js In the definition of ,prng_newstate()Functions also depend on prng4.js
submission
Pre knowledge
Form name effect :name Property is used to identify the form data submitted to the server
Be careful : Only set name Property to pass their values when the form is submitted .
Simply speaking ,name Is the index submitted to the background , For example, the check box should be set to name="hobby" Explain that several check boxes are under the hobby .
Check the source code of the webpage to find , Is on the web through
formForm submitted by , It's not throughaxiosOr addjQueryConduct js Submit , Take a look at the code below , adoptformSubmit the form to/cas/login
<form id="fm1" action="`" method="post" autocomplete="off">
<div id="errorMessage" class="error" style="display:none;">
<div class="error-massage"></div>
</div>
<table cellpadding="0" cellspacing="0">
<tr>
<td colspan="2">
<input id="username" name="username" type="text" class="user" placeholder=" Campus card number / Please activate for the first time " value="" />
<input type="text" class="user" style="display: none;" />
</td>
</tr>
<tr>
<td colspan="2">
<input id="passwordEnc" name="password" type="hidden" value="" />
<input id="password" type="password" class="pw" placeholder=" Unified identity authentication password " />
<input type="text" class="pw" style="display: none;" />
</td>
</tr>
<tr id="imageCode" style="display:none;">
<td colspan="2" style="position:relative;">
<input id="errors" name="errors" type="hidden" value="0" />
<input id="imageCodeName" name="imageCodeName" type="text" size="4" class="yzm" placeholder=" Verification Code " /><input type="text" class="yzm" style="display: none;" />
<div style="position:absolute; top:5px; right:0;">
<img width="100" style="height:2.5rem;" src='/cas/codeimage' style="cursor: pointer;" onclick="this.src='/cas/codeimage?'+Math.floor(Math.random()*100)" />
</div>
</td>
</tr>
<tr style="display:none;" id="rememberPwd">
<td colspan="2" style="height: 15px;"><input id="ckbRememberPP" name="rememberMe" type="checkbox" value="true"/><input type="hidden" name="_rememberMe" value="on"/><label for="ckbRememberPP" style="vertical-align: middle;height: 13px;"> Remember the password ,2 Automatic login within a week </label></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value=" deng record " onclick="javascript:return checkInput();" /></td>
</tr>
<tr>
<td colspan="2">
<a href='https://ssl.jxufe.edu.cn/uid/activateAuth?t=20161208120000' class="zhjh-a" target="_blank"> Account activation </a><a href='https://ssl.jxufe.edu.cn/uid/forget?t=20161208120000' class="wjmm-a" target="_blank"> Forget the password </a>
</td>
</tr>
<tr>
<td class="line" width="60%">
<a href="pages/account_activate.html?t=20161208120000" class="zhjh"> Unified authentication account activation strategy </a>
<div class="clear-1"></div>
<a href="pages/password_forget.html?t=20161208120000" class="mmzh"> Information portal password retrieval Introduction </a>
</td>
<td class="line" align="right" width="40%">
<div align="center" class="ewm">
<img src="images/ewm.jpg" width="70"><br> Mobile portal QR code
</div>
</td>
</tr>
</table>
<input type="hidden" name="cryptoType" value="1" />
<input type="hidden" name="lt" value="_c4ECACA77-B52F-B3C8-EF78-7F2DE9C616E0_k8175C76F-F064-D984-F521-22035A30AD09" />
<input type="hidden" name="_eventId" value="submit" />
</form>
Encryption sample code
- Other dependence github Just have a look https://github.com/superBiuBiuMan/jxufe_loginRSA
Key code
//RSA encryption
const {
RSAKey
} = require("./tools/rsa");
var rsa = new RSAKey();
// If the following two parameters change , Just go to the official website to see the source code
var n = "5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9";
var e = "10001";
// Password encryption
rsa.setPublic(n, e);
var encodedPassword = rsa.encrypt('123456789');
// Output encrypted password
console.log(encodedPassword);
Be careful
The two parameters may change , Just go to the official website to see the source code
With js
- Originally wanted to write a query results , Later, I found that it would not , Packet capture analysis will not … The certificate that jumps around …
ts edition
const axios = require('axios');
const qs = require('qs');
const {
RSAKey } = require("./tools/rsa");
const cheerio = require("cheerio");
const nDefault = '5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9';
const eDefault = '10001';
class LoginAndGet {
n: string;
e: string;
userName: string;
passWord: string;
encodedPassword: string;// Encrypted password
constructor(userName: string, passWord: string, n: string = nDefault, e: string = eDefault) {
this.n = n;
this.e = e;
this.userName = userName;
this.passWord = passWord;
this.getRSAPassword(this.passWord);
}
/* Get the encrypted password */
getRSAPassword(originPass: string): void {
let rsa = new RSAKey();
// Set encryption
rsa.setPublic(this.n, this.e);
// To encrypt
this.encodedPassword = rsa.encrypt(originPass);
}
/* Start */
start() {
this.getIt();
}
/* obtain it Parameters */
getIt(): void {
axios({
method: 'get',
url: 'https://ssl.jxufe.edu.cn/cas/login',
headers: {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36',
}
}).then((data) => {
var Data = [];
Data.push(data.headers['set-cookie'][0].toString().match(/\w*(?=\.)/m).join()); // obtain JSESSIONID
Data.push(data.headers['set-cookie'][1].toString().match(/\w*(?=;)/m).join()); // obtain sessoinMapKey
Data.push(cheerio.load(data.data)(":input[name='lt']").attr('value')); // obtain It
// )
console.log(" Load the page to get something ", Data);
return Data;
}).then(data => {
// console.log(data);
// JSESSIONID 0 Index and sessoinMapKey 1 and It 2
this.loginF(data[2], data[1], data[0], this.userName, this.encodedPassword);
});
}
/* Sign in */
loginF(lt: string, sess: string, jsess: string, userName: string, encodedPassword: string) {
// Transmitted data
var data = qs.stringify({
'username': userName,
'password': encodedPassword,
'errors': '0',
'_rememberMe': 'on',
'cryptoType': '1',
'_eventId': 'submit',
'imageCodeName': '',
'lt': lt
});
//axios To configure
var config = {
method: 'post',
url: 'https://ssl.jxufe.edu.cn/cas/login?jsessionid=' + jsess + '.cas_app_2',
// url: 'https://ssl.jxufe.edu.cn/cas/login',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': ' Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36',
'Cookie': 'JSESSIONID=' + jsess + '.cas_app_2;sessoinMapKey=' + sess + '; jxufe_username=' + userName,
'Referer': 'https://ssl.jxufe.edu.cn/cas/login',
'Origin': 'https://ssl.jxufe.edu.cn',
},
data: data
};
// Send a request
axios(config)
.then(function (response) {
var result = cheerio.load(response.data)(".error-massage span").text();
console.log(" Login result is :" + result);
console.log('cookie1 by ',response.headers);
})
.catch(function (error) {
console.log(error);
});
}
}
// Test code
var test = new LoginAndGet('2202140875', 'superBiuBB');
test.start();
- Converted js
var axios = require('axios');
var qs = require('qs');
var RSAKey = require("./tools/rsa").RSAKey;
var cheerio = require("cheerio");
var nDefault = '5598e3b75d21a2989274e222fa59ab07d829faa29b544e3a920c4dd287aed9302a657280c23220a35ae985ba157400e0502ce8e44570a1513bf7146f372e9c842115fb1b86def80e2ecf9f8e7a586656d12b27529f487e55052e5c31d0836b2e8c01c011bca911d983b1541f20b7466c325b4e30b4a79652470e88135113c9d9';
var eDefault = '10001';
var LoginAndGet = /** @class */ (function () {
function LoginAndGet(userName, passWord, n, e) {
if (n === void 0) {
n = nDefault; }
if (e === void 0) {
e = eDefault; }
this.n = n;
this.e = e;
this.userName = userName;
this.passWord = passWord;
this.getRSAPassword(this.passWord);
}
/* Get the encrypted password */
LoginAndGet.prototype.getRSAPassword = function (originPass) {
var rsa = new RSAKey();
// Set encryption
rsa.setPublic(this.n, this.e);
// To encrypt
this.encodedPassword = rsa.encrypt(originPass);
};
/* Start */
LoginAndGet.prototype.start = function () {
this.getIt();
};
/* obtain it Parameters */
LoginAndGet.prototype.getIt = function () {
var _this = this;
axios({
method: 'get',
url: 'https://ssl.jxufe.edu.cn/cas/login',
headers: {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36'
}
}).then(function (data) {
var Data = [];
Data.push(data.headers['set-cookie'][0].toString().match(/\w*(?=\.)/m).join()); // obtain JSESSIONID
Data.push(data.headers['set-cookie'][1].toString().match(/\w*(?=;)/m).join()); // obtain sessoinMapKey
Data.push(cheerio.load(data.data)(":input[name='lt']").attr('value')); // obtain It
// )
console.log(" Load the page to get something ", Data);
return Data;
}).then(function (data) {
// console.log(data);
// JSESSIONID 0 Index and sessoinMapKey 1 and It 2
_this.loginF(data[2], data[1], data[0], _this.userName, _this.encodedPassword);
});
};
/* Sign in */
LoginAndGet.prototype.loginF = function (lt, sess, jsess, userName, encodedPassword) {
// Transmitted data
var data = qs.stringify({
'username': userName,
'password': encodedPassword,
'errors': '0',
'_rememberMe': 'on',
'cryptoType': '1',
'_eventId': 'submit',
'imageCodeName': '',
'lt': lt
});
//axios To configure
var config = {
method: 'post',
url: 'https://ssl.jxufe.edu.cn/cas/login?jsessionid=' + jsess + '.cas_app_2',
// url: 'https://ssl.jxufe.edu.cn/cas/login',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': ' Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36',
'Cookie': 'JSESSIONID=' + jsess + '.cas_app_2;sessoinMapKey=' + sess + '; jxufe_username=' + userName,
'Referer': 'https://ssl.jxufe.edu.cn/cas/login',
'Origin': 'https://ssl.jxufe.edu.cn'
},
data: data
};
// Send a request
axios(config)
.then(function (response) {
var result = cheerio.load(response.data)(".error-massage span").text();
console.log(" Login result is :" + result);
console.log('cookie1 by ', response.headers);
})["catch"](function (error) {
console.log(error);
});
};
return LoginAndGet;
}());
// Test code
var test = new LoginAndGet('2202140875', 'superBiuBB');
test.start();
边栏推荐
- Wechat launched the picture big bang function; Apple's self-developed 5g chip may have failed; Microsoft solves the bug that causes edge to stop responding | geek headlines
- Google refutes rumors and gives up tensorflow. It's still alive!
- 腾讯二面:@Bean 与 @Component 用在同一个类上,会怎么样?
- Swagger2自动生成APi文档
- List collection
- Use of polarplot function in MATLAB
- 问卷星问卷抓包分析
- 数据仓库建设之确定主题域
- Q-learning notes
- Edusoho enterprise training version intranet only deployment tutorial (to solve the problems of player, upload and background jam)
猜你喜欢
Redis configuration files and new data types
市值蒸发650亿后,“口罩大王”稳健医疗,盯上了安全套
Redis - problèmes de cache
Four Misunderstandings of Internet Marketing
How do different types of variables compare with zero
Why should offline stores do new retail?
90. (cesium chapter) cesium high level listening events
60 个神级 VS Code 插件!!
Sarsa notes
Set set
随机推荐
Splitting e-commerce systems into micro services
7 lightweight and easy-to-use tools to relieve pressure and improve efficiency for developers, and help enterprises' agile cloud launch | wonderful review of techo day
iServer发布ES服务查询设置最大返回数量
QT implementation dynamic navigation bar
[cf] 803 div2 B. Rising Sand
How to select an OLAP database engine?
Browser plays RTSP video based on nodejs
Mysql判断计算结果,除以100
edusoho企培版纯内网部署教程(解决播放器,上传,后台卡顿问题)
Tencent two sides: @bean and @component are used on the same class. What happens?
"Xiaodeng" user personal data management in operation and maintenance
Ensemble de cartes
How to detect 3D line spectral confocal sensors in semiconductors
Building of Hisilicon 3559 universal platform: obtaining the modified code of data frame
Reading the table data of Tencent documents in the applet
1175. prime number arrangement: application of multiplication principle
[QNX Hypervisor 2.2用户手册]6.2.3 Guest与外部之间通信
90.(cesium篇)cesium高度监听事件
SuperMap 3D SDKs_ Unity plug-in development - connect data services for SQL queries
视频按每100帧存一个文件夹,处理完再图片转视频