数美滑块验证码是一种常见的安全验证方式,用于防止自动化脚本和机器人进行恶意操作。本文将详细介绍如何通过抓包获取滑块图片信息、分析加密参数、生成滑动轨迹等步骤,成功破解数美滑块验证码。以下是我们要实现的主要步骤:
抓取滑块图片信息并计算滑动距离
分析加密参数
生成滑动轨迹并进行DES加密
验证破解结果
1. 抓取滑块图片信息并计算滑动距离
首先,进入数美滑块验证码的演示页面,进行抓包操作以获取滑块验证码的前景和背景图片。我们通过requests从网站获取图片:
python
import requests
from io import BytesIO
import cv2
import numpy as np
def get_images(register_url):
response = requests.post(register_url, json={})
response_data = response.json()
fg_url = response_data['fg'] # 假设返回的JSON包含前景和背景图片URL
bg_url = response_data['bg']
fg_image = download_image(fg_url)
bg_image = download_image(bg_url)
return fg_image, bg_image
def download_image(image_url):
response = requests.get(image_url)
image = BytesIO(response.content)
return cv2.imdecode(np.frombuffer(image.read(), np.uint8), cv2.IMREAD_COLOR)
def get_distance(fg_image, bg_image):
result = cv2.matchTemplate(fg_image, bg_image, cv2.TM_CCOEFF_NORMED)
_, _, _, max_loc = cv2.minMaxLoc(result)
return max_loc[0]
register_url = 'https://www.ishumei.com/trial/captcha.html'
fg_image, bg_image = get_images(register_url)
distance = get_distance(fg_image, bg_image)
print('Calculated distance:', distance)
2. 分析加密参数
在滑动滑块的过程中,我们需要分析加密参数。抓包查看请求信息,可以看到有一个fverify的验证信息。如果正确的话,riskLevel返回值为PASS,失败为REJECT。
通过在浏览器中设置断点,我们可以找到参数aw等的生成函数,并确定这些参数的加密方式。使用断点调试后,发现是通过DES加密。
以下是通过pyDes库实现DES加密的示例代码:
python
import base64
from pyDes import des, ECB
def pad(data):
block_size = 8
padding_size = block_size - (len(data) % block_size)
return data + (b'\0' * padding_size)
def encrypt_content(message, key, flag):
des_obj = des(key.encode(), ECB)
if flag:
content = pad(message.replace(' ', '').encode())
return base64.b64encode(des_obj.encrypt(content)).decode('utf-8')
else:
return des_obj.decrypt(base64.b64decode(message)).decode('utf-8')
message = 'Hello, World!'
key = 'your_key_here'
flag = True
encrypted_message = encrypt_content(message, key, flag)
print('Encrypted message:', encrypted_message)
3. 生成滑动轨迹并进行DES加密
滑动轨迹可以通过模拟人的滑动行为来生成,包括一些随机的抖动和速度变化。以下是生成滑动轨迹的示例代码:
python
import random
def get_random(distance):
track = [[0, 0, 0]]
for i in range(10):
x = 0
y = random.randint(-1, 1)
t = 100 * (i + 1) + random.randint(0, 2)
track.append([x, y, t])
for items in track[1:-5]:
items[0] = distance // 2
for items in track[-5:-1]:
items[0] = distance + random.randint(1, 4)
track[-1][0] = distance
return track
distance = 100 # 假设滑动距离为100
track = get_random(distance)
print('Slide track:', track)
4. 验证破解结果 更多内容联系1436423940
最后,结合前面的步骤,实现滑块破解。以下是完整的示例代码:
python
import requests
import cv2
import numpy as np
from io import BytesIO
import base64
from pyDes import des, ECB
import random
import json
def get_images(register_url):
response = requests.post(register_url, json={})
response_data = response.json()
fg_url = response_data['fg'] # 假设返回的JSON包含前景和背景图片URL
bg_url = response_data['bg']
fg_image = download_image(fg_url)
bg_image = download_image(bg_url)
return fg_image, bg_image
def download_image(image_url):
response = requests.get(image_url)
image = BytesIO(response.content)
return cv2.imdecode(np.frombuffer(image.read(), np.uint8), cv2.IMREAD_COLOR)
def get_distance(fg_image, bg_image):
result = cv2.matchTemplate(fg_image, bg_image, cv2.TM_CCOEFF_NORMED)
_, _, _, max_loc = cv2.minMaxLoc(result)
return max_loc[0]
def pad(data):
block_size = 8
padding_size = block_size - (len(data) % block_size)
return data + (b'\0' * padding_size)
def encrypt_content(message, key, flag):
des_obj = des(key.encode(), ECB)
if flag:
content = pad(message.replace(' ', '').encode())
return base64.b64encode(des_obj.encrypt(content)).decode('utf-8')
else:
return des_obj.decrypt(base64.b64decode(message)).decode('utf-8')
def get_random(distance):
track = [[0, 0, 0]]
for i in range(10):
x = 0
y = random.randint(-1, 1)
t = 100 * (i + 1) + random.randint(0, 2)
track.append([x, y, t])
for items in track[1:-5]:
items[0] = distance // 2
for items in track[-5:-1]:
items[0] = distance + random.randint(1, 4)
track[-1][0] = distance
return track
register_url = 'https://www.ishumei.com/trial/captcha.html'
fg_image, bg_image = get_images(register_url)
distance = get_distance(fg_image, bg_image)
track = get_random(distance)
nm = json.dumps(track)
dy = track[-1][2]
key = 'your_key_here'
flag = True
encrypted_nm = encrypt_content(nm, key, flag)
encrypted_dy = encrypt_content(str(dy), key, flag)
verify_data = {
'nm': encrypted_nm,
'dy': encrypted_dy,
'rid': 'register_id_here',
'dl': str(distance)
}
response = requests.post('https://www.ishumei.com/trial/fverify', json=verify_data)
result = response.json()
if result['riskLevel'] == 'PASS':
print('验证成功')
else:
print('验证失败')