文章目录
1. 需求描述
ICP备案是指网站在信息产业部提交网站信息进行官方认可。对国内各大小网站(包括企业及个人站点)的严格审查工作,对于没有合法备案的非经营性网站或没有取得ICP许可证的经营性网站, 根据网站性质,将予以罚款,严重的关闭网站,以此规范网络安全,打击一切利用网络资源进行不法活动的犯罪行为。
可以通过工信部政务服务平台-ICP/IP地址/域名信息备案管理系统查询ICP备案信息, 如下图
页面展示了ICP备案主体信息和ICP备案网站信息, 我们尝试采集该页面数据。
-
目标网站
https://beian.miit.gov.cn/#/Integrated/recordQuery
-
调研日期
2020-11-30 -
难点分析
该网站需要经过滑块验证才能查询,需要尝试破解该滑块
2. 抓包分析
-
获取滑块配置信息
链接:https://hlwicpfwc.miit.gov.cn/icpproject_query/api/image/getCheckImage
请求信息:
返回信息(由于返回的内容过长,这里提供截图):- 该链接请求头有个token参数,看着像一个加密的字符串,先记录下。
-
验证滑块结果
链接:https://hlwicpfwc.miit.gov.cn/icpproject_query/api/image/checkImage
请求信息:
返回内容:
{"code":200,"msg":"操作成功","params":"eyJ0eXBlIjozLCJleHREYXRhIjp7InZhZnljb2RlX2ltYWdlX2tleSI6ImJjNjUxNWU0LTNlZDUtNGMxMy05MDU4LTkzNDlmMjg3NTFiNyJ9LCJlIjoxNjA2ODA5MTk2NjI0fQ.gcJqYl2S9e995dStmYsKhh5dBcyWFIsZ0X-Y6t3Oo4o","success":true}```
- 该请求的请求头依然有token参数,且和链接1的请求头中的值保持一致
- 该请求的参数中,key的值,跟链接1返回结果的uuid一致,value值未知。
- 这一步是用来验证滑块的滑动结果,按以往研究极验滑块的经验来看,这里应该写入的有滑动路径参数,但是很明显value不是路径参数,跟路径相关的,除了滑动路径外,很容易想到的是滑动的长度,猜测value的值为滑动的距离,单位是’px’,当然这个猜想稍后会进行验证。
- 正由于没有像极验滑块那种加入路径参数,才让这个破解难度大大的降低,也为后续继续研究提供了动力
-
滑块验证通过,获取ICP信息
链接:https://hlwicpfwc.miit.gov.cn/icpproject_query/api/icpAbbreviateInfo/queryByCondition
请求信息:
返回结果:
{"code":200,"msg":"操作成功","params":{"endRow":0,"firstPage":1,"hasNextPage":false,"hasPreviousPage":false,"isFirstPage":true,"isLastPage":true,"lastPage":1,"list":[{"contentTypeName":"","domain":"baidu.com","domainId":10000245113,"homeUrl":"www.baidu.com","leaderName":"","limitAccess":"否","mainId":282751,"mainLicence":"京ICP证030173号","natureName":"企业","serviceId":282911,"serviceLicence":"京ICP证030173号-1","serviceName":"百度","unitName":"北京百度网讯科技有限公司","updateRecordTime":"2020-11-13 09:30:49"}],"navigatePages":8,"navigatepageNums":[1],"nextPage":1,"pageNum":1,"pageSize":10,"pages":1,"prePage":1,"size":1,"startRow":0,"total":1},"success":true}
- 该请求的请求头依然有token参数,且和前两个链接请求头的token值一致
- 请求头多了sign参数,不难发现,该sign的值,正是第二步返回结果json中键params的值
- 请求头中还多一个uuid参数,对比发现,正式链接1返回结果的uuid值
- 通过抓包分析,我们发现,整个过程就只有链接1请求头中的参数token和链接2的请求参数value的值是未知的,其他的值均可以通过请求链接获取,因此只需要研究token和value的生成,即可完成破解
3. token参数破解
-
尝试全局搜索token关键字,看能否找到关键信息,搜索之后发现很多文件都有token关键字,经过筛选,发现index.js中的代码片段,太有价值了,结合注释,简直就是量身定做,哈哈
-
在index.js代码的第66行出打上断点
-
断点打好之后,开始逐步跟踪调试即可,调试过程不再演示,我给出生成token的关键点,authapi.js 第22行
-
逐步调试发现,authKey的生成,采用md5加密,对应utils.js的第33行
加密的字符串为 authAccount + authSecret + timeStamp = “testtest1606813754781”
加密后的结果为 “32a38d257a706642a79270011677a139”
我在调试的时候,跳过了加密过程的执行,由于是md5加密,我考虑使用python的hashlib模块对字串"testtest1606813754781"进行md5加密,观察其结果是否与js调试的结果一致
发现python结果和js调试的结果是一致的,后续我们在生成这个参数的时候,可以直接使用python脚本进行执行 -
继续调试,是发送一个post请求,目标链接为“https://hlwicpfwc.miit.gov.cn/icpproject_query/api/auth” ,传入的参数为上面获取到的authKey和时间戳参数timeStamp,获取到的tokenData是一个json,tokenData.bussiness值即为我们要获取的token值
该步调试的时候,会发现,token应该有一个三分钟的有效时间,每次请求的时候,js会先检测当前的token值是否已经过期,如果过期则重新生成token
-
至此,我们通过js调试了解到了token的生成,费那么大力气,总结下来其实就两步
-
使用md5加密字符串 “testtest”+timeStamp(当前时间戳),获取authKey
-
post方式请求链接https://hlwicpfwc.miit.gov.cn/icpproject_query/api/auth,参数为 authKey = authKey,timeStamp = timeStamp, 从结果中提取键 bussiness 的值即可
-
4. value分析
value参数,是在抓包分析第二步的时候需要写入的参数,开始想通过全局搜索的方式搜索value来找到有价值的代码段,但是搜索发现太多文件和代码片段包含value关键字,此时换个思路,请求的链接为https://hlwicpfwc.miit.gov.cn/icpproject_query/api/image/checkImage,尝试搜索checkImage关键字,看看会不会有什么发现
-
全局搜索checkImage关键字,只有两个文件含有该关键字,分析发现,我们要研究的文件是 index.vue
-
点进来,发现这段代码刚好是我们研究的,post参数为 key: that.uuid和value: Math.round(that.puzzle * 1) + ""要知道value的值,我们需要知道that.puzzle的值,在该文件中搜索puzzle关键字,看能否找到puzzle的声明和赋值的地方
-
puzzle声明在index.vue的第247行,其实从注释,我们几乎已经能确定puzzle鼠标滑动滑块的距离了,为了更好地说明,我们继续搜索puzzle,找到其赋值的地方
-
puzzle赋值,在index.vue的第669行,这段代码无疑是证明了开始的猜想,value的值为滑动滑块的长度
-
分析发现,value为鼠标滑动滑块的距离,为了能正确解锁滑块,很明显,这个value的值,应为滑动验证码的图片缺口位置,为此,我们只需要获取带缺口的滑动验证码图片,计算其缺口位置,就能对value进行赋值了
5. 带缺口的滑动验证码图片获取
抓包分析的第一步是获取滑块验证码的配置信息,其返回值是一个json,记做res, 我们发现res.params 有键 “bigImage”,这很容联想到,这个键对应的值应该为带缺口的图片地址,分析网络请求也能发现,有个请求的缩略图,很像是滑块的大图,对比其链接和 "bigImage"的值发现,请求的链接为“data:text/javascript;base64,”+res.params.bigImage
观察其返回内容,却是一堆乱码
明明该请求的缩略图就是一个图像啊,为啥这里却反回一堆乱码,很苦恼,没有拿到预想的结果,此时,注意观察,该请求下面的连续两个请求,其缩略图也是图像,但是开头是以"data:Image/png;base64,“开头的,我尝试点进去一个链接,发现其返回的是一张图片
那我想着是不是请求的链接由“data:text/javascript;base64,”+res.params.bigImage换成“data:Image/png;base64,”+res.params.bigImage就能获取到图片了? 抱着试一试的态度,发现真的返回了图片
我们还能通过同样的方式获取缺口图片,对应的链接为“data:Image/png;base64,”+res.params.smallImage
当然,如果你知识和经验足够丰富的话,res.params.bigImage其实是对应图片的base64编码,要将base64编码转回图片,大概有两种方式,一种就是前面提到的, 使用浏览器请求页面“data:Image/png;base64,”+图片base64编码可获取图片,另外一种相对更简单些,直接对编码进行解码,就能获取图片,对应的python代码为
def base642pic():
base64str = "/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAA0JCgsKCA0LCgsODg0PEyAVExISEyccHhcgLikxMC4pLSwzOko+MzZGNywtQFdBRkxOUlNSMj5aYVpQYEpRUk//2wBDAQ4ODhMREyYVFSZPNS01T09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0//wAARCAC+AfQDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDf20bafto216pwDNtN20/bRtoJE20baXbTttBQzbRtp+2igBm2l206igBu2k20+l21IyOm7Km20baXKUQqtTL9yjbTqA5g203bTqFaokVGQM/l03zajk3Uz5lqOUvmLUb1aWXdWdv20sb1HKVzGsr7qVapK7LU6y1JRMzqtJvVqrs+6k3M1AD5Jdv3aFu2WomZfutSKqq9AEkr+Ym5qrqu6rSqrPSyJEqbmqoyJIWib71V2ba9DO2z5fu0yOJpH21XMIe0u2jzahnXy32t96qzPUgWJHX+KoWl3VAzbqSmIk+WpFVaiVabuoGWNlPW1VvvVXWbbUjXVICb7PEtP3rH92qP2qomm3UAW5Jm30zzaqebSebTAv8An05biszzaPNpcocxqNcVG09UfNo30cocxo+dR9oqir09WoDmLfnNQr1ArVKvzUAOZqbuqaNYv4qSRFb7tEZBKJVZ6Zuqw0K03ylrSOpEiHc1G1qeq7XqVmWnKQcpFtpGXdUyutMZlpxmiZRkM8qm7KfvWkZ1Wr5ok8shuyipV+Zc0Uc0RcsjQop9No5gGUU6ijmHyiKtO20zeqvtqTev3ajn94rlG0U5lpKvmJ5RKXbRuWnUc1w5SPbTqbuWnUcwcoUu2hac3y0uYfKN20baFahmVfvUAG2jbR96loAayVEy1Ypki/JTAqNTvu/NVV5aczNsqCy4sy0Ldbvu1RWb+9Ufm7ajlK5jUWX+Kh5v7tZ3nbqb5tRyj5jRWWrCsrVlxzU/z6OUOY1FmVU+WopX8xKoea1OaegfMTxMrPtatGJIonRqxPNq0tx8lEgiS6kism6L738VZDPWi0u6qMturPupxFIi3rRvWj7Kzfdkpn2WWgQ/zqPOWo2t5V+9UXlNQBM0qtRuWoGRqPmoDmJ9q0xk/u0kaNJ92pvss9AFfbSbamaGVf8AlnT7Rf3yVRJWZKbtrXnt1b7tVJLdloAp0bqm8pqfFaNJT5QIFenrLUzWTRv/ALNSNZLso5Q5iBZakWenLZU/7FtpcoDVnqRbhqPs60/7OtHIHMQSSs1Pib+Fql8im+UtVyhzEcrLUW+pmt1ak+y7aOUXMRM9MZ6s+Sq0xolp8ocxBuo3VI0S0xl20uUOYev3aKZ81FLlA3WX5KYzNUqt8lH3qoki20xt38NTMu77tQqzfxUFFWR2V6VZqs/Z1b71P+yrU8o+YrR3DVKzM1TLarUv2emBnO0qvVyNfkpZYf4agbzVenEUiTbtqORttTxtu+9TmiVqJAVFl3JQzN/FT5Lf+7TtrMlLlHzDYlb73mUkqMz/ADVJEvz7fLqfbVEFGN/I+992rUTrIm5akaLzKI08tNtAEe/59tSbd1CptfdT9tAFKe1VvmWqM8TLWztqGSFZKQGG26k21ryWO591EtrTKMj5qK1WslZKga03UuUCjupfNqx9iZvu1XktZV/5Z1PKHMPWWnb6qNuWjfS5R8xb30vm1T307fS5Si55u6lVqpq9S+bUgT0bqrebR9ooGXWfdTdrVW+2xR/eqSLULZvvSbP96gCxGqr/AMs6d9nib/lnWfJrEC/LFHvqP+2/+mH/AI9RqHMbVtFFs+WpvKWNNzSfLXOSa3c/8so40qjPd3Nz/r55Ho5ZBzHVrcWMv7vz43ZKike2ifd5kdcnRVcpPMb1zrFtH8sXmStVCTWp2+7HGlZ1Npi5jUg1uWN/38cbr/3zWxbarp8/yrJ5Tf8ATSuT2tRsqhHYSXVt5PmefHtrFvNY3fu7P5F/vVksvz7asRxVMpDLFtq08X+t/erVn+3f+mH/AI9Wa1v/AHagZGWjmA1JdYlb/VRxpSLrVyv3vLesumtVCN9dbg2fNHJuqwup2jfN59cvupu+mB2EdxBJ8yyRvT2auM87bR9rl/hkko5gOy301nVfvfJXJNfag3/LeSq0vnyv+/n3/wC81T7QXKdbPqVjB/rZ46yLnxFB92CCR/8AaasZbVmpGt9v3pKn2g+UuNrt6zZQRqPSiqfkr/z0opcwz1DbUbNUtRNV8whN1NZ6cytTdm6lzDBZad9qam+VTGVlqRlqO6/vR0v2jdVPfUTPQHMaPmq1JuWs/wA1qhkvVi+ZpKANZWWlrCbWol+7HI9C67F/FHJVai0N3dTlVW+9JWTFqCy/dkjepvNajmkGhp7Fp6rFWcsrVl3niIWV49ubYvtx82/GcjPpSbsUkdQiqr7qe3ltXIf8Jav/AD5n/v5/9ageLFH/AC5n/v5/9ap5kVY6xViX/lnSt5DfwVyn/CWr/wA+Z/7+f/WpP+EsX/nzP/fz/wCtS5kFjptq0nlLXN/8Jav/AD5n/v5/9akHixf+fM/9/P8A61XzoXIjpdlDJXOHxYv/AD5n/v5/9ar2mauNT87EPl+Xt/iznOfb2o50LlNPbQ0VR76b5zU+YXKS+RVeSGVqsrLupkjtRzBylH+z5W+992mNp8X8VXGllWkV9z7m+SjmDlMmWyVfu+ZUf2Stidoqqtub/lnRzC5TMkh21C25a1pYvk3NHWPPMv3YqoBJJdtV2makamUCDdTWp22m0AJRS09VXZQBHtpdlWdqqn+rqFn+ep5hiKtNkWn+av8AzzpyurJ8tAEO2lXdTmba/wA1L5u2gBFZqGXd92ms+6mbqBFiOLbSyblqtv20xrvb/wAtKkY/zWX/AJaUxpf9uoWdm/5Z0eU38UlHMANLTNzNT2Vo/lpY0alzAM2N/FRtVamaXcm1fkpmz7m6o5gI9m7/AJ50qo1WFVV+9TGVl+bzKOYBlLtpGl2//FVE138n7qP5qRRMrbaRriL/AJ6VnSRXM/zb9/8AwKmNDcqn+zQBfaWBmzRWQzKrYbzM0UAezM1RM1cvZa3PB+7l/erW5FqVpKnmef8A8BqoyuItbqRmqhLqttH93zHqrJrDf8soP++qsRs/NTWbbXPSaldy/wDLTZ/u1Xklnl+9JI9PlFzHRSX1pH96SOqMutRbP3UG/wD3qyViZqd9nakAT3tzP96T/gK1Xqb7O1O+zstVzAVqNtPZaNtBIxfl+7VyDUrmL73zr/tVW20baCjoLbUraVPmk8pv7rVzmvsn9sT4df4en+6KftrC1PP26TPt/IVE9ioPUsBlPAI/On7TWUCRyKkSaVOjHFZGlzRwaUAmqS3cueQDQbmZumBQO6L+3A5qJ5Uj75qmZZmHLcU0ZPWgLlhrlv4RW34XvjC9zvXKnbn9a5wg1q6E+3z/APgP9auNrkyvY7+BllTdF861KqLXM2l1LA+6KtqLUraT/lpsb+61UTGRo/LSrVGS4ijTc0lZV3qssvywfIv/AI9Ryj5jU1C9tIPvSb5f7q1hS6lPI/yybFqq3zUlXykSkT/b7n/npVqDU22fvfnb/ZrM20tHKLmJ7u7nufvfd/u1WZafuanrtb71Ayttpu2rbRVDJt/hqhEW2kantTNtADactN20baADdSU+m0AJtopaSgkKbTqikfb96gBd1MZ/7tJuaT7tP8pv+A1nKRQzyZZKJYvsyJu+9Uysyp/tVDHC0j7m+9Ucwx8f7xPlqVYlX71Nnl8j70fy1XkvolT/AJaO1TzFFvcv8VU5ZWabb9yJKrtcefMm77tEt9FA/wC6+el8IFuR/k+Wqyyy7/8AWVUk1CWVP7i0xZd1Rzhyl9mlahVlb71Z0srR/MtQ/wBovG/y/wB2lzj5TZZIl+9HVS5u4Ivl8v8A4DWQ93K33nquzs33qOaRXKa0l8qv8scdM/tJl+VazFZm+X+9VxE2/L/DSkPlJ/te7lutFU2RlbH7uipJ5ToVnp63csdUkljl/wBW6U6SX/pn81LmJ5S2uof3vnqxFqSt/wAs6w5Lr5//AGWnx3HmbP4KftJIfKdVBLBJ/wAtKuRov8Nc1bXS79v36vRTS/w1cavcjlNnbTazlu51/wBurMV6rf635KuNTmAtbaaybqFmib7slSqtVzAVpLVWpq29XNtJtp8wiusK0jQ1PIyxpub5KoyataL/AMtN/wDu0vaDJVtK53V4tuoyj6fyFW5dVnabcsmxayr+/wDNu3fGScfyqXUuVFajNhpQlQfaTkcVKtwp4PFLmRdiUKBRihWVhwc0tMAxSYpelGQaQCYFbPh5c/aP+A/1rHrb8Oj/AI+P+A/1qluKWxq0771P27qPu/dqiSu0K1DJDtq8u3+L7tG6L7vmR0cwFHa1Mq95C0rQqv8At1ftCeUo7d1G2rvlLTGh/u0/aC5StSM1PaJlpPKar5ogRMzNSbamZKbsamSRVHtqx5Tf886PKalzAV9tCrRJcQR/8tKZ9rg/v0vaRHyyHstJT1dW/wBumM1T7SIuUbUUjqtJLKqp+9kqJXtG/wCWny0pVYlcoNKzfdojTd8332qOR2+9BHHtp6zKqfNJsqZVB8pJ/vU6Rt3yrJsqtLNEsPmL8/8Au1Ul1NlT5Y/uVnKRXKXPs+193mU9pZ1f5fLrIivp5f8AW/8AAasXLNJD8smz+9USmMbqF8y3XzfJtql9uZX3LTXh3/efY1Pgst3/AC0+WlzIZFPdyt/sUyP5fmar1zZLJs2/I1Oi01dn+sqea4aFKNvv7qkVmVN336fPaywfMvzrVdZv4VSgBWmZU/v1XjiaV/l+VaY7Nv8A7tKjNsqrFk7JH5O3+NarqFL/ADU7ym/hpnzRvSAseUv/AMTT13bNyyU2KVmTb5e+oHOx/loEDOytiio2d2OWbmiqK5TckSKL5YqdJF5Xyt93+FqsblXYq/PUc8zKnltHJtrAzHQMv3Wj+b+9TZUik8mTzNi1JH8yfN/3zUcqsyIyx/8AAaAI5bVo5t3mbKvWjNv21XVv4Zf46mgfy/8A0FaOYDR2/JULNtqWBWZN3l/LVeW1uZE3LHs/2aqMieUa0u1P9ZVu2vWi/wCWny1Qi0+fzv3sfy1PHaNv2y1XMHKTya1d+dtij/76qpJd3Mr+Y0klPSxn2fN/BTf7Nn8nav8ABS5g5SOea5l+9JvqrG21/wDV/wDstaC2Vyv3ail0qSR91IfKRxS7v9VWbd7WuWZehx/Kty0sZ40/fyb2/hVax7q2ljuCknUAZ/KmhpFSlORz2qXyD60m0KeTmncuwqTeWOe9K8+cYqPYH4APWpDbEDDcU0wsCzH608zCoTDt/jpREfXNO7FYnEy4zmtfRNQjt0uN0e4nbj9aw/LYdq0NKti/mk7uMdPxpObQNaGjLq1y3zL8lQrfXLf8tJN1P+ws33Y6VdMbfu+5WfMQI1xLJ/y0kpYG2v8ALU62K/xeZT/JWN/ljo5gJ/t06/K0dMlvblv9VHGn+9Sb5aa3mtR7SQB9ru1R/wCP/gNUJb25lfbL91Kmn89n2+ZsX+LbVSSHzH+b7v8A49Vcwyzvnl/5aSbv96j7W1t8st3IlQqu37v3ah2M33vLo5hF5tTn/hk3r/tU+PUpZPlaTyqztm5KetvFH8zeZR7SQGh/aG3713I/+zVGS7nkf5vMdaZHKsrvGsH3Km3L/wA899HtJDK2xl+7H8tPW33feqdng3+W3+tf+Go5ZYldI2/jqQK8rRL/AKqeNNlRRXTSf8tNi0XLRed5f/fW1atbVjh8z+FKrmEQ3LRRP5ksn36rrfK/zL92qN9cLLN/s1W3NVcvMM2Jbtdm5fkqlJes33ZKpfe+anfKiVXLYos+b5n/AD03VLvb5FWOs5W21Iszf7+6lygXZJWVPLoilVpt38Sf981BHF5ifvfk/wBqtjVXtE0+2h02D91F/rJmX5pXqQM68by/+WdWbaXbD/yzrPZVlfdV6BGVP3Xl/P8Aw0pCkWJJlkh/1ny0SRM2xV+6/wDdqtIzLCn8Df8AoVTxS/Jt8uRGqOUgkj3bH3ferOtpfLd2X5G+7WpHub7vl/7VY12y+cki/I38VOA4j7y3ll2SL937tUpbeSJ9rjbV03kATb+8207+0Iv+ee//AHqvmkWV9m3Yv3Gp32G5n3s1RXNw077tmzbVyC4byUb77UagMs7FpE3M+z+GnPpW102fOv8AFU0cq/e8zY1Wd87bPK/3mqOaROpnNawRnbKh3DrRVuSWFnJlXc3c0Uc0g5pE0d0v3Yvn/wBmrEbeZ8v3GrPsZYJXdVj+ar1tbxK/99v9qol7oi9Fpit8sslRT2rQb1X738O6p4nZUfd91E3fNT47q0kTc3ly0izBZfsz7bn7yfvNtMW4kk+Zo9kS1tSeVK7s0cb1TklX/V+X8qfw7afMEpIs2N8q/L/DVhr1pP8AVVm7Yovmi/75qeVGj/0qD54v+Wn95aQRLFy9zHsZvMdX/u1XtLfzNQSSWOR1/u0/zWX/AFUkm6rcEV8yf6v7/wDep8wbE0DytvVo9mz+KptlMW1aNPmk+anbG/56VHMLmiLtp23alQsqr96SOmM8TfL/ABf3qOYOZEkjxR/ekrnNUl338jDpx/IVrtCrfdrKv7SZ52kRMocYOR6VUZagjPZmxwaIihb97mniCbPypkf7wqWLTLqf/VRDpn74/wAa0TRZAkiLKSgyAakWRrhz5hwB0pPsN0jhWixkZ6irUFjNt3tGAgPJ3j/GndAVpbUqAVcOfbtSRxFO5JNakml3e4mOLKkZyHUj+dMGmXx/5Y/+PL/jRzIly1KOPU1r6AU/f7nx93+tVG0i+IBMWQemHX/GrGnaTPH5nmt5anGOQc9fSlJ6CcjdXbT/AJaox2U8fzLd72/u1eiSXZ+//wDHaz5SeYayq1M2VZji3f8ALOSn/ZJWTd5clPlkHMU9tNZV/iq99llX5vLpjW8v/POr9nInmKmxfu+XSbYv+edTNaSt83l1XktLlv8Alh/5Fp+ymVzCbYm/5Z03ZA33o46d/Z8//PDZ/wBtaiaxnX/ln/5Fp+ykTzD9loqf6ujbabNvkR7ag+wt/wA85P8Av7TWsWb/AJZ/+RaPZSHzFmJbSD/UR/M9O3Wzf8s46z49MuY5vMin2U7+zJP+elP2Ux8xYkSxabzGj+amNFab/mjqJtMbfu/d7qa2lNI6M0n3KPZTFzD/ALPY793l/N/vUjWVpJ/z0T/gVRSaK0k27z9lPbTJVh2rJT9lMCtLoli33ZJEqD+wbbftW7enz6Pc/wAM8lQ/2dex/duno5Jj5hG0GX+GeOoG8P3K/deN6vWlpdq/7+d3Wt2CXy0/1Eb0pc6A4ltPuYH/AHsEj/7tMaKffu8iSvRIJm2f8ekdLHPL8/7iOj2rLOW037MsL/aYJHndy27b/DSzw3NzcpHLHsgi/wBTHGtdbHdbX/ewRor1N9usV/1t3GmyolNsDj5Uggskt4NNkSd/9ZN/s1HaaYrTfLJOn+8tde2q6ev3ruN99MbVrHZ/r46nmkByjaUywzSfflT/AJ6fL8tY8r/Zn3NJHK3+y1dX4l12xbSntraTdO/92uDxWkIt7hylt76d/l37F/2aFt1YbvM/hqvF8jozfdp8syt92PZVFcoCNfu/PU3kxMm7zPmqort96nrKy/7tHLIRYS0kb7vz/wB7bVuOLy0eT+JKWxl8tPm+9ViBvn8v7lZylIUiozyt96P5Xq5Gu2z3eX8v+1VWe7bf5dWvtbNCkf8ACn9aJElZfK2/L0oq5A67D+4k6/3aKnmAZJaSb0ktoPK/vVaW3nj+a58zb/00X+tbtsssUO1pJJVfH8PpU2oSteom2P7n96o5ipSiZcUUU6JHP5nlI+5qorZSyTPHFJs/urt+WtqOFl/2Kljh+fc0HzJ/FU8xHOZGm2jLe7b75Nifwr8rU/ULS2jufMg8zynT5v4trVsyOzQuv+qb/ZrMiiiXfI3mS/3V/wBqnzDM65lgjdNtMjuNz+Ytbls+iRzPJPBIk7p+7+XctW77VdNbT0hWCP50+ZdtWWYNtqsVpDtWPzfn3Va/tpZP+WeyqUlpBsSS2g2Nv/ipJbdpH86eD5n/AIVWlyxFLlJ5dSlZEaKmJLfTom2CTc9QR2/z/wCokT/drSW6a2ttv7zzf/HqCSOOx1SWHcsEf+7u+aiLT9Sl3r5cabPveY1TT61LH/yzkRahudWlb/Y3oKfLEv3Sz9h8t9rSfc+8v8NaWnw6bZI8nl72/vN71zq6qsjpG0cfyfLurU+zzsnlxSbF+9R7sQ5oxLdtpmm3eoeZ/ql/u/w1bnhtI3doINn8K1hxaZKr7vPkdaurZeX8zTyf99VPNEOeJoapaQR6ZbL5ce5MfLu+ZvWuZnt1j85VkjeKVNse771bSxRbE3SUxbK0jfdF97+GjmI5yhbSyxJtn8t2T5a1/wDRP4fvf3WqH7PafOrR/f8Ampdi/wAP+781VGrYUpJjpUg+79yqsllFJ/y3qVol/wCelIsUTbP3lX7byILlnFYxfM0/zVe82x/5+6xvKiZN2/7lH7pdn7z+Cj20gOgje0/5+46nkltFTd58e1K5j5W+ZfMf/dp8TN/zzn/75p+3n2Gbkm1k3RSb1qjJLtqKN7uRP9RJUv2G7lTa0kaf8CraNeb+yLlQ1pVp0a7v+WdTR6T5abrmSN/92pYoVg/1UddEZSe6EUZf3f3o6qSTL/zzrWu18xKyJUrUkiaZf+edRSzMqfuoN7U9k/6Z1A121lc7v3j/APoNZVfdiVHULa6lZ9ssf+z/AHdtbH2JtnmVTbU4mfc0cfz/AHqf/aq7IVXy/nzXBGrNGnIWVsv71PW0iX70lM+3LJCn+r3bKlW4Vn2/u6PbzHygtpF97+GnNbwN8q1G1wsfy07eqvuWl7WYco1re2/74pVt7Zfm8vfTVmikuXVvu0xruKNKn2kw5SwqQLvXy46Vdq/N5EfyUkksTO6rJ9xBVeS6WN0/j+f5qXNIOUsb/wC7H9+mt5TfM0dRecvnIv8Af/2qhW43JtqPeDUmkW2k+Xy/mSqUtjYyJu8uSp1m3I7L/AlO3+Ym1f8Adp+8L3jIudFgk+ZfMqrJoKzpti+RkSt+faqJukqHezIknl1XNIPeMZvDit8tZ7eHJ/ur/wCPV032to3/APHaJLiVk3f+y0/aSDmOZl8PXMabdifcrL/se+V/9RXcLNKuzd5fz/dVqkl+X5vI+Wn7WQc5xMmnMqIqp/31VeW1lWbyf4k+au2kiVvm8v5qwtQsZ571/wCBauNUIyM+zeS0heRvL+dP7u6pbbU1i3/aYPN+T5V+6q1Tkmlj/d/3KpSMzferT4iy8vl3M3meX/8AE1qabpn2m52r/wDY1zyTyx/df7tWrbUbnzvln8rf95qUogdR/aFlbfumZpGH3jL94H0ornEuF+Y4WTJzubqaKjlGd+vzf7FM+Var/am2blqKS6ZU/e/JXLymHLIvNTl3NWfHexSPtWT5qt6NqUtteOzfJE6bW3VcafMHKPXa3zU5lij+78++rmqy6fPp+6D57nf937tZdtZXNy77fLTZ/elVacqUkVykzLHSKsC/N5dZ63ttvmjaf96n8NOnliihSbz4/wC81LkkPkNHeuz5fk2U1XVa5xde3fKv9+mS6s2/y/M/75o9nIOQ6hV/i8uhv+2dc62pS/ZkbzPm/ip66nFJ8s8lHLIOU2pFVn+aSsXVPIn2f6X9xNv3d1P+1wSfMsmyqfm2kjvtk+5VxiOMSrZvtmTdHv8Anrcivpdn/LP5KzZLhV2LF/B/FU9nd2Mu9Z/k305RuVy8xofbWb92se9qe1xL5O5veshdaW2vd1tH8qfxVJLq0VzM7LHsWWlyRDlia8/7izSZbuN9/wDDt+7WbPqbRvtX59n3qoXOtSz2UNr/AAp/FUVpDBIn71/v/e/3afs4hyxOj0+3vtQT7RbQb4H/ANW1dVbaJbLCnmpI7bPmpdDVYNGtoYvuolXvN211wox5TGUisuj6fH8vkb/96nrpliv3bSOpWmprTfxVtGiRzCLZW0f3YI6f9ni/ijjpqzVG1xT9mHMXI9sf3UpkjLVT7VVeW7qvZhzF5nWoGaLfWc101RfaGar5eUOY0pZlX5Vqq09VJJWamK9BJZll3VTkXdUm6jbQUVmWoZ4Vk+9VxlpjJUSjzAUY7SJn+arH2WD5P3dTbKNtZRpRL5pEf2eDZ/q6X7PF/wA86ftop+yiHNIZ9nib/lnTvJi2bVpaKXs4hzSI/s8W/wD1dNa3ib/lnUu6m7qr2UQ5pB5S/P8A7dMaGL/nnTt1N3UeyiTzSE8mPfu2U37LB/cp+6jdR7KPYOaQkdrBH8qx0LbxKm1fk/4FT91N3Ueyj2HzSGSWsTJtaST/AL6pscKxw+Wskm3/AHqk3UbqPZQ7C5pEElosj7mkk+/TJLT5/lnkq1uqNmo9hDsHMyqyTx/8tN+ymyXtzGm3zPuVbb5qqTpU/VoBzsrS6xc76rSatds77fL21JJD89ItvU/Volc5hy288jvJ/fqtLFLsRWSuma3qnLbrT9lyjjUMDY39yk2NW01rTPsq0ezK5zI20VsfZFoo9kHtBkmpy7PLik+/96ntfSy221pN9ZCru+VamVdqba5eWJZox3CyvtifYy/NQzyrM/7yoIImVPlonfy0+Wj0AVdQnV9sslXtN1ue0uf9RBLv+X95WM37z5mrT0OFZ9QSNvu1QGxL4clu7JL20kj813O6P/Ci08G30v8Ax8z+UtdZaRNFCi/cq1u211xpRMOaRhReCtPi+aWSR/8AdqZvDWmsiNBHsrRllZqsQfcrSNOBEpSMv/hF7FkRW+7v+aoZPCWnyO+7zE/u7a299MkZqPZR7C5pHO/8Ilp8f/LSSp4PCunqm5o97VrqlL82yl7OHYrmkczqHhyVfmsfnX+7WLPp93Ej+bBIlehRNtonXcnzR1EsNGQe0lE8ya1ZU8xo6ZEjTzeX9yvR1tYpPlaP5agufD9pP8yx7G/2aiWFKjVPPWhaOby609LsZ/7QSOWP9077a228KfPuWetnS9Pa0+aWTf8AJURw0ubUv2sTWj2wIka/dSop7jalV57jbVOSVpK7eXlOf4ixJe0Nd/JWczM1NZmqgND7X8lRNdVU+aj5qnmDlLDXFMaVmpirUipS5iuUYrU5VqRUp2ylzDIdtPVaeyVYii3JS5gK6pT1WrHlVFJ+7pFDGWmbaaz0nm0Ekmyk2U1p6j8+qAmZKa0VQ/aKd9ooAkWKnNDUUU3z1a+0LQBVaJqhZGq20y1D5qs9ADPKaoWWtJtuyqcq0ySvupy03bU0dADNtDVY+WmMtHKPmK9FS7akWKkIgamVa8qj7PTAp1DLWk1vVO5i20wKG2lVKtrbs1PjtWpgUWSq0iVsSWjbKoSQsr0gKLJSeVVqSJlpPKakBW2UVP5TUVQHJxs1SfMvzVvz6fb7BsQJ5fXaPvVSaJ4VxlWXf6V5XNc65FBZm/4DUcm5fl/hrTvbOCG4jABIPXNOksrT7Oh/e5quUXMUrG1kvrxLeL+Oux0PQvsjvuk+WsrSNPld99vP5HuASa6m2tXXZ59y7f7oFb04ozqSZr/Kvy01qZlvWjLetdsYo5+Zj9q05flqLLetGW9aqMUTKTJKKhyfWjJ9afKBOtDMtQZPrTst60uVD5mSUVHlvWjLetIB/wB2jdTMt603J9aBE++mM9Q5b1pjE+tAEc/zPUarTmJ9aRSfWpkWIqUxk3PVqMD0p3lp6VnKTK5SusVHlVawPSpfLTZ0qeYsppFU8cW6pY409KkTj7tTzDIfJp/lVPHT2Rdj0cwGayfPWnbRKsNUm+/UsTPs60CLEsW35qw7uXc/y1s3kx8mPgcpzWHJ9xvfrVRFIiZqRqfQv36Yhm1qGiqZP/Z6WSgCtsoValpyRZTljQBF92ms9SSxY6MahZFqgEZ6ZvpWA9KGA9KAJftXybahabdTcD0pVi/2jTATdTt7VIioOgpWA87pSAZvan7moUDf0qWWNA/Ao5iRq1MtIoHpUi0FD1WpVXbRHUjfcoAhaq7J5j1MxPrUa04ki7dtItIxPrTo6uQg+9UMsKtVPXNWOlRBli8x/XOP6Vy934j1SVceZHEP+ma4rKU+XoXGJ1Nz9mj+WWSNP96pI4YmTcvzq/8AFXETwtcAXAkYZ6qScUthrd9bRFIJMoOocA4+lRGs+qK9n5nbfZVorFhv0aJWmkufMIy21hjNFL6zHsRy+Z//2Q=="
with open('bigImage.jpg','wb') as f:
f.write(base64.b64decode(base64str))
代码将解码后的文本写入’bigImage.jpg’,执行成功会生成该文件,打开即为滑块的背景图
图片获取之后,只需要计算下缺口的位置就可以了,将计算出来的位置值赋值给value进行请求即可。这里并不打算讲图片缺口位置的计算,网上有很多方法,可以参考下,我们的重点是调试和分析该滑块验证码的破解。
6. 总结
通过上述分析,该网站验证码的破解过程大致为:
- 使用md5加密字符串 “testtest”+timeStamp(当前时间戳),获取authKey
- post方式请求链接https://hlwicpfwc.miit.gov.cn/icpproject_query/api/auth,参数为 {“authKey” : authKey,“timeStamp”: timeStamp}, 从结果中提取键 bussiness 的值,作为token,该token用以后续请求的请求头中
- post请求https://hlwicpfwc.miit.gov.cn/icpproject_query/api/image/getCheckImage ,获取验证码配置信息,请求头中需添加token
- 从第3步的配置信息中,拿到验证码的uuid,以及对应的验证码图片并计算缺口位置,作为value的值
- post请求https://hlwicpfwc.miit.gov.cn/icpproject_query/api/image/checkImage,用以验证滑动结果,参数{“key”: uuid,“value”: 缺口位置},这两个参数值在第4步已获取。验证成功后,返回结果的取出键”params“的值,作为第6步请求头中的sign值,请求头中需添加token
- post请求https://hlwicpfwc.miit.gov.cn/icpproject_query/api/icpAbbreviateInfo/queryByCondition ,用于获取域名的icp备案信息,参数 {“pageNum”:"",“pageSize”:"",“unitName”:“baidu.com”},该请求头中除了token之外,还需要添加第5步拿到的sign值,以及第3步拿到的uuid
至此,完成了数据的获取,根据自己的需求,解析并保存即可。