金山网络云盾计划首页
只提供了两个接口,一个判断是否是钓鱼网站,一个是判断下载文件是否有病毒。
1、需要申请apk、secret
2、生成签名
3、接口稍弱,有时候会访问不了。估计是n年前与某免费杀毒公司比谁跟免费期间弄出来的,然后就没然后了,估计是放在那里没人维护之类的把(个人感觉)。
http://code.ijinshan.com/api/devmore4.html
钓鱼网站判断java实现
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.NumberFormat;
import org.apache.commons.codec.binary.Base64;
/**
* 金山api解析
*
* @author Administrator 金山网址云安全开放API http://code.ijinshan.com/api/devmore4.html
*/
public class GoldMountainApiTest {
private static final String apkKey = "k-33356";
private static final String secrect = "a176201e188a0969cd7b7fa2ef3c8d14";
// timestamp必须满足两个条件:唯一,即一个timestamp只能使用一次;必须是5分钟内的timestamp
long timeStanp = 0;
public static void main(String[] args) {
try {
// aHR0cDovL3NoZW56aGVuLWd6Yy5pbmZv
// System.out.println( base64Query(
// "http://shenzhen-gzc.info/inde5.asp") );
// System.out.println( doubelNowStr(
// System.currentTimeMillis()/1000.00 ) );
// System.out.println( new String(
// Coder.decryptBASE64("aHR0cDovL3NoZW56aGVuLWd6Yy5pbmZv") ,"utf-8"
// ) );
// System.out.println(
// "baseSignStr/phish/?appkey=YXNkZmFzZGZqYXM&q=aHR0cDovL3NoZW56aGVuLWd6Yy5pbmZv×tamp=1295430113.546");
String url = "http://www.baidu.com/";
String q = base64Query(url);
String timestamp = doubelNowStr(nowMs());
String si = sign(apkKey, secrect, q, timestamp);
System.out.println("sigin:" + si);
String jsUrl = apiUrl(q, apkKey, timestamp, si) ;
System.out.println( jsUrl );
HttpURLConnection conn = (HttpURLConnection) new URL( jsUrl ).openConnection();
// 进行连接,但是实际上get request要在下一句的connection.getInputStream()函数中才会真正发到
// 服务器
conn.connect();
// 取得输入流,并使用Reader读取
BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"));// 设置编码,否则中文乱码
System.out.println("=============================");
System.out.println("Contents of get request");
System.out.println("=============================");
String lines;
StringBuilder result = new StringBuilder() ;
while ((lines = reader.readLine()) != null) {
// lines = new String(lines.getBytes(), "utf-8");
result.append( lines);
}
reader.close();
// 断开连接
conn.disconnect();
System.out.println("=============================");
System.out.println("Contents of get request ends");
System.out.println("=============================");
// $phish:-1 表示未知;0 表示非钓鱼;1 表示钓鱼;2 表示网站高风险,有钓鱼嫌疑
System.out.println( result.toString() );
// System.out.println( "sigin:e8daf81268b84f0dfa8e13b032cd6ae9" );
// right :
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static String apiUrl(String q, String apkkey, String timestamp, String sign) {
return "http://open.pc120.com/phish/?q=" + "" + q + "&appkey=" + apkkey + "×tamp=" + timestamp + "&sign="
+ sign;
}
/**
* http://code.ijinshan.com/api/devmore4.html#md3
* 计算签名(sign):首先需要生成签名字符基串(下文称此字符串为signature_base_string)。
* 具体生成算法是,将HTTP查询参数包括GET和POST中的参数按照参数名进行文本排序,然后参数名和参数值用等号(=)连接,
* 各个参数用&连接;将API的URI路径和上述排序之后的参数字符串用问号(?)连接之后形成signature_base_string。
* 接下来把signature_base_string + secret组合成一个字符串,计算出此字符串的md5码作为签名sign
*
* @return
* @throws NoSuchAlgorithmException
*/
public static String sign(String apkKey, String secrect, String q, String timestamp)
throws NoSuchAlgorithmException {
String baseSignStr = signBase(apkKey, q, timestamp);
// System.out.println("baseSignStr"+ baseSignStr );
return getMd5(baseSignStr + secrect);
}
/**
*
* @param apkKey
* 应用appkey
* @param q
* 需要查询的网址。需进行urlsafe base64编码
* @param timestamp
* Timestamp为从格林威治时间1970年01月01日00时00分00秒起至现在的总秒数,本文当要求精确到毫秒 ,eg
* 1295430113.546
* @return
*/
private static String signBase(String apkKey, String q, String timestamp) {
String str = "/phish/?appkey=" + apkKey + "&q=" + q + "×tamp=" + timestamp; // doubelNowStr(timestamp)
return str;
}
/**
* base64 encode the url
*
* @param url
* @return q
*/
public static String base64Query(String url) {
try {
return Base64.encodeBase64String(url.getBytes("utf-8"));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return url;
}
public static final String KEY_MD5 = "MD5";
/**
* 用于获取一个String的md5值
*
* @param string
* @return
* @throws NoSuchAlgorithmException
*/
public static String getMd5(String str) throws NoSuchAlgorithmException {
MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
byte[] bs = md5.digest(str.getBytes());
StringBuilder sb = new StringBuilder(40);
for (byte x : bs) {
if ((x & 0xff) >> 4 == 0) {
sb.append("0").append(Integer.toHexString(x & 0xff));
} else {
sb.append(Integer.toHexString(x & 0xff));
}
}
return sb.toString();
}
public static double nowMs() {
return System.currentTimeMillis() / 1000.0;
}
public static String doubelNowStr(double dbl) {
NumberFormat nf = NumberFormat.getInstance();
nf.setGroupingUsed(false);
return nf.format(dbl);
}
}