Icon是一种以表达式求值和字符串处理为主要特性的编程语言,适合快速开发和测试任务。本文将展示如何使用Icon来破解数美滑块验证码,包括下载验证码图片、计算滑动距离、生成滑动轨迹,并模拟验证请求。
1. 下载验证码图片
在Icon中,可以通过调用外部程序(如curl)来下载验证码图片。
icon
procedure download_images()
system("curl -o fg.png https://captcha-url/fg")
system("curl -o bg.png https://captcha-url/bg")
end
此代码使用curl下载验证码的前景图和背景图,分别保存为fg.png和bg.png。
2. 计算滑动距离
Icon并没有图像处理的内置功能,因此我们可以调用外部的Python脚本来处理图像,并返回滑动距离。
icon
procedure calculate_distance()
local distance
distance := system("python3 calculate_distance.py fg.png bg.png")
return integer(strip(distance))
end
calculate_distance.py的Python脚本如下:
python
import cv2
import numpy as np
def get_distance(fg_path, bg_path):
fg = cv2.imread(fg_path, 0)
bg = cv2.imread(bg_path, 0)
result = cv2.matchTemplate(fg, bg, cv2.TM_CCORR_NORMED)
_, distance = np.unravel_index(np.argmax(result), result.shape)
return distance
if __name__ == "__main__":
import sys
fg_path = sys.argv[1]
bg_path = sys.argv[2]
print(get_distance(fg_path, bg_path))
此脚本计算验证码前景和背景图的匹配位置,并返回滑动距离。
3. 生成滑动轨迹
Icon支持列表操作和随机数生成,因此可以模拟用户的滑动轨迹,并在滑动过程中引入抖动。
icon
procedure generate_track(distance)
local track, x, y, t, i, jitter
track := []
x := 0
y := 0
t := 0
jitter := 2
every i := 1 to 10 do {
x := x + (distance / 10)
y := y + (-jitter + ?(2 * jitter))
t := t + 100 + ?10
put(track, [x, y, t])
}
return track
end
此代码生成10个滑动点,每个点的X坐标逐渐增加,Y坐标随机抖动,T表示时间间隔。
4. 加密滑动轨迹
同样,我们可以通过调用外部Python脚本来加密滑动轨迹。Icon的system函数可以直接传递滑动轨迹并获取加密结果。
icon
procedure encrypt_track(track)
local track_str, encrypted_track
track_str := format_track(track)
encrypted_track := system("python3 encrypt_track.py " || track_str)
return strip(encrypted_track)
end
procedure format_track(track)
local result, point
result := ""
every point := !track do {
result ||:= integer(point[1]) || "," || integer(point[2]) || "," || integer(point[3]) || ";"
}
return result
end
加密的Python脚本encrypt_track.py如下:
python
from Crypto.Cipher import AES
import base64
def pad(text):
return text + (16 - len(text) % 16) * chr(16 - len(text) % 16)
def encrypt(message, key):
cipher = AES.new(key.encode(), AES.MODE_ECB)
encrypted = cipher.encrypt(pad(message).encode())
return base64.b64encode(encrypted).decode()
if __name__ == "__main__":
import sys
message = sys.argv[1]
key = "your_secret_key"
print(encrypt(message, key))
此脚本将滑动轨迹数据进行AES加密,返回加密后的数据。
5. 发送验证请求
最后,通过curl命令发送加密后的滑动轨迹进行验证。
icon
procedure send_verification(encrypted_track)
system("curl -d 'track=" || encrypted_track || "' https://captcha-url/verify")
end
此代码将加密的滑动轨迹通过POST请求发送给验证码验证接口。
6. 完整Icon代码
icon
procedure main()
download_images()
distance := calculate_distance()
track := generate_track(distance)
encrypted_track := encrypt_track(track)
send_verification(encrypted_track)
end
procedure download_images()
system("curl -o fg.png https://captcha-url/fg")
system("curl -o bg.png https://captcha-url/bg")
end
procedure calculate_distance()
local distance
distance := system("python3 calculate_distance.py fg.png bg.png")
return integer(strip(distance))
end
procedure generate_track(distance)
local track, x, y, t, i, jitter
track := []
x := 0
y := 0
t := 0
jitter := 2
every i := 1 to 10 do {
x := x + (distance / 10)
y := y + (-jitter + ?(2 * jitter))
t := t + 100 + ?10
put(track, [x, y, t])
}
return track
end
procedure encrypt_track(track)
local track_str, encrypted_track
track_str := format_track(track)
encrypted_track := system("python3 encrypt_track.py " || track_str)
return strip(encrypted_track)
end
procedure format_track(track)
local result, point
result := ""
every point := !track do {
result ||:= integer(point[1]) || "," || integer(point[2]) || "," || integer(point[3]) || ";"
}
return result
end
procedure send_verification(encrypted_track)
system("curl -d 'track=" || encrypted_track || "' https://captcha-url/verify")
end