post登录时js作妖加密了密码_qt post js加密-优快云博客

本文链接：https://blog.youkuaiyun.com/qq_32394351/article/details/103832914

本文介绍了一种使用Python实现JS JSEncrypt加密方法的技术，通过导入PyCryptodome库，利用RSA算法对数据进行加密，并与网站交互验证。文章详细展示了如何生成公钥和私钥，以及如何使用公钥对数据进行加密。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

一个案例，实际生活中经常遇到，写出来方便以后查看

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# File  : demo.py
# Author: DaShenHan&道长-----先苦后甜，任凭晚风拂柳颜------
# Date  : 2020/1/4
# pip install pycryptodome -i https://mirrors.aliyun.com/pypi/simple/
#实现js的  JSEncrypt
import base64
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
import requests
import json
from time import time

def JSEncrypt(pwd,public_key):
    rsakey = RSA.importKey(public_key)
    cipher = Cipher_pkcs1_v1_5.new(key=rsakey)  # 生成对象
    cipher_text = base64.b64encode(cipher.encrypt(pwd.encode(encoding="utf-8")))  # 对传递进来的用户名或密码字符串加密
    value = cipher_text.decode('utf8')  # 将加密获取到的bytes类型密文解码成str类型
    return value

def juxiangyou(pwd):
    r = requests.post("http://www.juxiangyou.com/login/getkey")
    if r.status_code == requests.codes.ok:
        backmsg = r.text
        json_text = json.loads(backmsg)
        e_key = json_text["key"]
        e_hash = json_text["hash"]
        print(e_hash)
        return JSEncrypt(e_hash+str(pwd), e_key)
    else:
        return None
def get_verifycode():
    v_time = round(time()*1000)
    print(v_time)
    r= requests.get(f"http://www.juxiangyou.com/verify?v={v_time}")
    if r.status_code == requests.codes.ok:
        with open("verify.png",mode="wb+") as f:
            f.write(r.content)
        print("验证码图片已保存到verify.png")

def jxy_login(username,password,verify_code):
    password = juxiangyou(password)
    print(password)
    jxy_parameter = {"c": "index", "fun": "login", "account": f"{username}",
                    "password": f"{password}",
                    "verificat_code": f"{verify_code}", "is_auto": False}
    jxy_paramete = json.dumps(jxy_parameter)
    data = {
        "jxy_parameter":jxy_paramete,
        "timestamp":round(time()*1000)
    }
    r = requests.post(url="http://www.juxiangyou.com/login/auth",data=data)
    return r.text

def crack_pwd(pwd):
    public_key="""-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGeDHRzMP9RAy7Xpxb/GW37uEXDF
HVYHZbJvu4OdO+TNGwdB9vLs1eWRlgkO740WyE9OO33PPNu4JOg0uXH6ehH+CUqM
SUHAeDmGGWYEMKB4IETl/c0c452tMKsm6kcxRUrnHleB0gJsNgW4czlomzpSUHLh
16HDJ7ZQ2r38k0nXAgMBAAE=
-----END PUBLIC KEY-----"""
    key_path = 'key.txt'
    with open(key_path,mode="w",encoding='utf-8') as f: #a模式是追加
        f.write(public_key)
    with open(key_path,mode="r",encoding='utf-8') as f:
        read_key = f.read()
    rsakey = RSA.importKey(read_key)
    cipher = Cipher_pkcs1_v1_5.new(key=rsakey)  # 生成对象
    cipher_text = base64.b64encode(cipher.encrypt(pwd.encode(encoding="utf-8")))  # 对传递进来的用户名或密码字符串加密
    value = cipher_text.decode('utf8')  # 将加密获取到的bytes类型密文解码成str类型
    return value
def test():
    pwd = "123456"
    # 亲测，这种方式加密密文的长度最多只能53个数字和英文字母。  这个跟公钥有关
    # 全是中文只能加密17个
    encrypted = crack_pwd(pwd)
    print(encrypted)

if __name__ == '__main__':
    # test()
    # pwd = juxiangyou("123456")
    # print(pwd)
    # get_verifycode()
    ret = jxy_login("test", "123456", "weyn")
    print(ret)