Java实现QQ登录

最新推荐文章于 2024-05-15 04:17:26 发布

爱技术的小马哥

最新推荐文章于 2024-05-15 04:17:26 发布

阅读量3.9k

点赞数 3

分类专栏： java

本文链接：https://blog.csdn.net/majixiang1996/article/details/112651478

版权

java 专栏收录该内容

7 篇文章 1 订阅

订阅专栏

前言

本文内容仅供学习参考，禁止商业用途

QQ登录分为两种，一种是当在一天前登录过，那么登录环境会被认为是安全的，但是偶尔还会判定，此时的登录方式是无验证。当某QQ号是在这个环境中第一次登录，那么就会被判定为风险环境。本文以登录https://lol.qq.com为例

如何判定是否为风险环境？

在浏览器中输入一下url：

"http://check.ptlogin2.qq.com/check?regmaster=&pt_tea=2&pt_vcode=1&uin=123456789&appid=21000501&js_ver=21010623&js_type=1&r=0.7541288831736455&u1=https://lol.qq.com/space/index.shtmlpt_uistyle=40"

上述中uin为QQ号码，需要更改为自己的，其他参数都可以不动

如下图：
mark
可以看到返回的参数中，第一个参数为1，代表有验证码，如果是0，那么代表无验证码方式。返回的其他参数会在下面具体阐述。
mark

ptui_checkVC('0','!THZ','\x00\x00\x4c\x31','6cd8994e55c4f3ee0f67bbf711c9f2cd9d080f30bb5edef603fa4c9481c48d81b4557e1f6e9e50e4d8711daa3b0869cbb6fd37acb34dfd87','2','2YVUo9hXmeAxYGxYmltQ9ZXKLN9e-0IXMMMPeWq7dRKI5sMk5p6-IX0X5dFQBseO','2464081704931812219')

过程分析

无验证方式

我们先来分析下如何去登录，如何在浏览器中对登录流程抓包

首先访问登录页

https://lol.qq.com/act/a20210108lplspring/index.shtml?e_code=507042

会弹出登录框
输入qq号

接着输入一个qq号，这个QQ号为曾经在这台电脑上登录过的。在fiddler里就会找到这个check
输入密码

随便输入密码，就会直接登录

有验证方式

同样的方式

随便输入一个账号

mark

输入密码

但是登录后就和无验证不一样了

会多出三个http请求，来获取滑动验证吗
鼠标拖动滑块，过验证码

可以看到已经向后台请求登录。

本文只描述无验证码的方式

无验证码登录，本人目前找到了两种方式，本文先讲述一种比较笨拙的方法，下篇文章中，讲述自动化登录方式。

无验证的登录比较简单。

check

首先分析下从check里得到的参数

ptui_checkVC('0','!THZ','\x00\x00\x4c\x31','6cd8994e55c4f3ee0f67bbf711c9f2cd9d080f30bb5edef603fa4c9481c48d81b4557e1f6e9e50e4d8711daa3b0869cbb6fd37acb34dfd87','2','2YVUo9hXmeAxYGxYmltQ9ZXKLN9e-0IXMMMPeWq7dRKI5sMk5p6-IX0X5dFQBseO','2464081704931812219')

第一个参数是验证方式，叫ptVcodeV1
第二个参数是验证码verifyCode
第三个参数是uin，其实就是输入的QQ号的十六进制编码
第四个参数是ptVerifysessionV1，也是用来验证的
第五个参数是密码加密的盐ptRandSalt
第六个参数是ptdrvs
第七个参数是sid

这几个参数在后面登录过程中都要用到。

获取check的返回值，只需要改uin，如果是登录https://lol.qq.com的话，其他都不需要改动，但是登录其他腾讯网站的话，需要把appid和ul改成自己的，获取方式，可以使用第二段中，在浏览器中直接打开登录网址，在流量包中会有。

login

上面check结束，接下来就需要登录，登录的参数较多，我们来分析下。
完整的http request如下：

GET https://ssl.ptlogin2.qq.com/login?u=6841&verifycode=!YUO&pt_vcode_v1=0&pt_verifysession_v1=28ac9b4561ab5d55bb78a483a0e46cabea7dc0cb49588ccd849e2971250613a541cb7af6da2b334fc13eafd99212644fd65d9ca01ed14c09&p=pgTEmrkXfCRTU4iby7FTrggdP0xXe24V8uSz-Wczk6Y4eBq2B77YTwjnK-dixyxw9zZRhW9625AGiHJSvU2hKeNXorux5-RKGpe89oZvW9-tJBLHnBse7dwK9pHuhwKGRQa5hiaic1tc*3yaO*dpEh6cU1qndGaCTHlzadj7V2x6TN2GWsi8Gpa0uXoH5*QzKXHShmf3QhMfMaaPcOdAID0vFLx2tontAthY4md7fzf0IvKkLu*7iRfu5tcuxHJv9z9A38K3vAH4sSRHmk5XJl0AdijEbJrPfrm6f-Kh4Gr8d5s7Icy8qyNJitFoObRVAUiY4q9qMZdJEvRVpn5bJQ__&pt_randsalt=2&u1=https%3A%2F%2Flol.qq.com%2Fact%2Fa20210108lplspring%2Findex.shtml%3Fe_code%3D507042&ptredirect=1&h=1&t=1&g=1&from_ui=1&ptlang=2052&action=16-76-1610607654069&js_ver=21010623&js_type=1&login_sig=TMWrAHkwl31J1N8tqZymtZ0yZQit7fzZdc*RQ6fOBZ7vfaT17OMgeuYAhn5b1Hrp&pt_uistyle=40&aid=21000501&daid=8&ptdrvs=qeGf69KWo5Mnu1tkjloHWSAQxXmT6WSdHDax-G86Ut*B3UT2-bocrRdiQtNdYPlD&sid=9206717267688025401& HTTP/1.1
Host: ssl.ptlogin2.qq.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="87", " Not;A Brand";v="99", "Chromium";v="87"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://xui.ptlogin2.qq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: confirmuin=0; eas_sid=61b6A140H69025c7E0a6v997g5; pgv_info=ssid=s3482602812; pgv_pvid=6799123180; lolqqcomrouteLine=index-tool_index-page; tokenParams=%3Fe_code%3D507042; pt_login_sig=TMWrAHkwl31J1N8tqZymtZ0yZQit7fzZdc*RQ6fOBZ7vfaT17OMgeuYAhn5b1Hrp; pt_clientip=b1cc75590dec974c; pt_serverip=77bc099540b88bdd; pt_local_token=-1994774815; uikey=e8a6e13a9d2349bd781574ba9f671aeeae2087d7cf00dc3fbfe754fda2477e19; pt_guid_sig=52ac31053e4abcf2ca53f3085077f6125c55277e1872bb7bc8ed401e6a9060ef; _qpsvr_localtk=0.32492866650343877; qrsig=wSb7Kmn2-DWcgd0afBUq9rPP-CwqJxhHfRjb4oItB0RkgQZOtz5-jJVT4tIgIWhB; ETK=-l1m98VqNfkPH1DisTIqoGfKJmPIDBQ1Ggn8QoG1RWMIRZggHtHifOwFJAxlCDlN3k6abuF2TcBCzUnwjn8fQw__; ptdrvs=qeGf69KWo5Mnu1tkjloHWSAQxXmT6WSdHDax-G86Ut*B3UT2-bocrRdiQtNdYPlD; ptvfsession=28ac9b4561ab5d55bb78a483a0e46cabea7dc0cb49588ccd849e2971250613a541cb7af6da2b334fc13eafd99212644fd65d9ca01ed14c09; ptui_loginuin=6841

是一个GET请求，只讲有用的参数。

u: 登陆的QQ号，和前面check的uin一致
verifycode: 前面check返回的参数
pt_verifysession_v1: 前面check返回的参数
pt_randsalt: 前面返回的参数
ptdrvs: 前面返回的参数
sid：前面返回的参数
login_sig 一个加密后的数据，统一环境是固定的，可以不需要
action 拼接的字符串，16-76是固定的，后面是事件戳
p: 加密后的密码

可以看到这些参数里，除了加密的密码，其他都是check返回的，所以，想要模仿登录，只需要得到加密后的密码即可。

测试了几次，加密算法中，也是用check返回的某些参数来加密，所以只要用check的数据，那么得到的密码就是一样的，但实际上并不是这样，猜测里面加了时间参数或者随机数。

加密后的密码是通过一个js文件生成的，这个加密算法经常会变，有可能今天能用，明天就不能用了，tx最新的加密算法更新是在1月上旬，以前的都不能用了。
js文件地址
https://qq-web.cdn-go.cn/any.ptlogin2.qq.com/4c3a7c36/ptlogin/js/c_login_2.js

可能格式化方式不同，代码位置会不同，但应该在附近。也可以直接搜索函数名。
在3440行有submit函数，通过分析，是监听在登录按钮上的事件，接着在3460行，有个getSubmitUrl的调用，我们找到这个函数

mark

在3400行，获得o.p，即加密后的登录密码

好了，找到加密函数了，我们在浏览器中打断点调试下

mark
mark

在点击登录按钮后，js代码停止在断点处，来看下这个函数传入的参数值：

输入的密码

mark

S.salt
是个乱码

mark
恢复之后是%L1
mark

o.verifyCode
前面check返回的数据，!开头的那个。
S.armSafeEdit.isSafe，传入的是个undefined

至此，完整的加密步骤就已经得知了，所以只需要把这个加密函数搞出来即可完成加密。
奈何js水平不是特别高，这段加密js代码转换搞了好几个晚上，现分享给大家。

加密函数如下

function h1(){return Math.round(4294967295*Math.random())}function g1(t,e,i){(!i||4<i)&&(i=4);for(var n=0,o=e;o<e+i;o++){n<<=8,n|=t[o]}return(4294967295&n)>>>0}function _1(t,e,i){t[e+3]=i>>0&255,t[e+2]=i>>8&255,t[e+1]=i>>16&255,t[e+0]=i>>24&255}function m1(t){if(!t){return""}for(var e="",i=0;i<t.length;i++){var n=Number(t[i]).toString(16);1==n.length&&(n="0"+n),e+=n}return e}function y1(t){o=new Array(8),l=new Array(8),s=c=0,p=!0,r=0;var e=t.length,i=0;0!=(r=(e+10)%8)&&(r=8-r),d=new Array(e+r+10),o[0]=255&(248&h1()|r);for(var n=1;n<=r;n++){o[n]=255&h1()}r++;for(n=0;n<8;n++){l[n]=0}for(i=1;i<=2;){r<8&&(o[r++]=255&h1(),i++),8==r&&v1()}for(n=0;0<e;){r<8&&(o[r++]=t[n++],e--),8==r&&v1()}for(i=1;i<=7;){r<8&&(o[r++]=0,i++),8==r&&v1()}return d}function v1(){for(var t=0;t<8;t++){o[t]^=p?l[t]:d[c+t]}for(var e=function(t){var e=16,i=g1(t,0,4),n=g1(t,4,4),o=g1(u,0,4),a=g1(u,4,4),r=g1(u,8,4),l=g1(u,12,4),s=0;for(;0<e--;){n=(4294967295&(n+=((i=(4294967295&(i+=(n<<4)+o^n+(s=(4294967295&(s+=2654435769))>>>0)^(n>>>5)+a))>>>0)<<4)+r^i+s^(i>>>5)+l))>>>0}t=new Array(8);return _1(t,0,i),_1(t,4,n),t}(o),t=0;t<8;t++){d[s+t]=e[t]^l[t],l[t]=o[t]}c=s,s+=8,r=0,p=!1}function w1(t){for(var e=16,i=g1(t,0,4),n=g1(t,4,4),o=g1(u,0,4),a=g1(u,4,4),r=g1(u,8,4),l=g1(u,12,4),s=3816266640;0<e--;){i=(4294967295&(i-=((n=(4294967295&(n-=(i<<4)+r^i+s^(i>>>5)+l))>>>0)<<4)+o^n+s^(n>>>5)+a))>>>0,s=(4294967295&(s-=2654435769))>>>0}t=new Array(8);return _1(t,0,i),_(t,4,n),t}function b1(){f.length;for(var t=0;t<8;t++){l[t]^=f[s+t]}return l=w1(l),s+=8,r=0,1}function k1(t,e){var i=[];if(e){for(var n=0;n<t.length;n++){i[n]=255&t.charCodeAt(n)}}else{for(var o=0,n=0;n<t.length;n+=2){i[o++]=parseInt(t.substr(n,2),16)}}return i}var q={"encrypt":function(t,e){return m1(y1(k1(t,e)))},"enAsBase64":function(t,e){for(var i=y1(k1(t,e)),n="",o=0;o<i.length;o++){n+=String.fromCharCode(i[o])}return a["default"].encode(n)},"decrypt":function(t){return m1(function(t){var e=0,i=new Array(8),n=t.length;if(f=t,n%8!=0||n<16){return null}if(l=w1(t),(e=n-(r=7&l[0])-10)<0){return null}for(var o=0;o<i.length;o++){i[o]=0}d=new Array(e),c=0,s=8,r++;for(var a=1;a<=2;){if(r<8&&(r++,a++),8==r&&(i=t,!b1())){return null}}for(o=0;0!=e;){if(r<8&&(d[o]=255&(i[c+r]^l[r]),o++,e--,r++),8==r&&(i=t,c=s-8,!b1())){return null}}for(a=1;a<8;a++){if(r<8){if(0!=(i[c+r]^l[r])){return null}r++}if(8==r&&(i=t,c=s,!b1())){return null}}return d}(k1(t,!1)))},"initkey":function(t,e){u=k1(t,e)},"bytesToStr":function(t){for(var e="",i=0;i<t.length;i+=2){e+=String.fromCharCode(parseInt(t.substr(i,2),16))}return e},"strToBytes":function(t,e){if(!t){return""}e&&(t=function(t){var e,i,n=[],o=t.length;for(e=0;e<o;e++){0<(i=t.charCodeAt(e))&&i<=127?n.push(t.charAt(e)):128<=i&&i<=2047?n.push(String.fromCharCode(192|i>>6&31),String.fromCharCode(128|63&i)):2048<=i&&i<=65535&&n.push(String.fromCharCode(224|i>>12&15),String.fromCharCode(128|i>>6&63),String.fromCharCode(128|63&i))}return n.join("")}(t));for(var i=[],n=0;n<t.length;n++){i[n]=t.charCodeAt(n)}return m1(i)},"bytesInStr":m1,"dataFromStr":k1};var n_entry=function(){function o(){this.n=null,this.e=0,this.d=null,this.p=null,this.q=null,this.dmp1=null,this.dmq1=null,this.coeff=null}o.prototype.doPublic=function(t){return t.modPowInt(this.e,this.n)},o.prototype.setPublic=function(t,e){null!=t&&null!=e&&0<t.length&&0<e.length?(this.n=new m(t,16),this.e=parseInt(e,16)):uv_alert("Invalid RSA public key")},o.prototype.encrypt=function(t){return null==(t=function(t,e){if(e<t.length+11){return uv_alert("Message too long for RSA"),null}for(var i=new Array,n=t.length-1;0<=n&&0<e;){var o=t.charCodeAt(n--);i[--e]=o}i[--e]=0;for(var a=new w,r=new Array;2<e;){for(r[0]=0;0==r[0];){a.nextBytes(r)}i[--e]=r[0]}return i[--e]=2,i[--e]=0,new m(i)}(t,this.n.bitLength()+7>>3))||null==(t=this.doPublic(t))?null:0==(1&(t=t.toString(16)).length)?t:"0"+t};function m(t,e,i){null!=t&&("number"==typeof t?this.fromNumber(t,e,i):null==e&&"string"!=typeof t?this.fromString(t,256):this.fromString(t,e))}function y(){return new m(null)}t=(m.prototype.am=function(t,e,i,n,o,a){for(var r=16383&e,l=e>>14;0<=--a;){var s=16383&this[t],u=this[t++]>>14,c=l*s+u*r;o=((s=r*s+((16383&c)<<14)+i[n]+o)>>28)+(c>>14)+l*u,i[n++]=268435455&s}return o},28),m.prototype.DB=t,m.prototype.DM=(1<<t)-1,m.prototype.DV=1<<t;m.prototype.FV=Math.pow(2,52),m.prototype.F1=52-t,m.prototype.F2=2*t-52;for(var e,i="0123456789abcdefghijklmnopqrstuvwxyz",l=new Array,n="0".charCodeAt(0),a=0;a<=9;++a){l[n++]=a}for(n="a".charCodeAt(0),a=10;a<36;++a){l[n++]=a}for(n="A".charCodeAt(0),a=10;a<36;++a){l[n++]=a}function s(t){return i.charAt(t)}function r(t){var e=y();return e.fromInt(t),e}function v(t){var e,i=1;return 0!=(e=t>>>16)&&(t=e,i+=16),0!=(e=t>>8)&&(t=e,i+=8),0!=(e=t>>4)&&(t=e,i+=4),0!=(e=t>>2)&&(t=e,i+=2),0!=(e=t>>1)&&(t=e,i+=1),i}function u(t){this.m=t}function c(t){this.m=t,this.mp=t.invDigit(),this.mpl=32767&this.mp,this.mph=this.mp>>15,this.um=(1<<t.DB-15)-1,this.mt2=2*t.t}function d(){var t;t=(new Date).getTime(),f[p++]^=255&t,f[p++]^=t>>8&255,f[p++]^=t>>16&255,f[p++]^=t>>24&255,k<=p&&(p-=k)
}if(u.prototype.convert=function(t){return t.s<0||0<=t.compareTo(this.m)?t.mod(this.m):t},u.prototype.revert=function(t){return t},u.prototype.reduce=function(t){t.divRemTo(this.m,null,t)},u.prototype.mulTo=function(t,e,i){t.multiplyTo(e,i),this.reduce(i)},u.prototype.sqrTo=function(t,e){t.squareTo(e),this.reduce(e)},c.prototype.convert=function(t){var e=y();return t.abs().dlShiftTo(this.m.t,e),e.divRemTo(this.m,null,e),t.s<0&&0<e.compareTo(m.ZERO)&&this.m.subTo(e,e),e},c.prototype.revert=function(t){var e=y();return t.copyTo(e),this.reduce(e),e},c.prototype.reduce=function(t){for(;t.t<=this.mt2;){t[t.t++]=0}for(var e=0;e<this.m.t;++e){var i=32767&t[e],n=i*this.mpl+((i*this.mph+(t[e]>>15)*this.mpl&this.um)<<15)&t.DM;for(t[i=e+this.m.t]+=this.m.am(0,n,t,e,0,this.m.t);t[i]>=t.DV;){t[i]-=t.DV,t[++i]++}}t.clamp(),t.drShiftTo(this.m.t,t),0<=t.compareTo(this.m)&&t.subTo(this.m,t)},c.prototype.mulTo=function(t,e,i){t.multiplyTo(e,i),this.reduce(i)},c.prototype.sqrTo=function(t,e){t.squareTo(e),this.reduce(e)},m.prototype.copyTo=function(t){for(var e=this.t-1;0<=e;--e){t[e]=this[e]}t.t=this.t,t.s=this.s},m.prototype.fromInt=function(t){this.t=1,this.s=t<0?-1:0,0<t?this[0]=t:t<-1?this[0]=t+DV:this.t=0},m.prototype.fromString=function(t,e){var i;if(16==e){i=4}else{if(8==e){i=3}else{if(256==e){i=8}else{if(2==e){i=1}else{if(32==e){i=5}else{if(4!=e){return void this.fromRadix(t,e)}i=2}}}}}this.t=0,this.s=0;for(var n=t.length,o=!1,a=0;0<=--n;){var r=8==i?255&t[n]:(r=n,null==(r=l[t.charCodeAt(r)])?-1:r);r<0?"-"==t.charAt(n)&&(o=!0):(o=!1,0==a?this[this.t++]=r:a+i>this.DB?(this[this.t-1]|=(r&(1<<this.DB-a)-1)<<a,this[this.t++]=r>>this.DB-a):this[this.t-1]|=r<<a,(a+=i)>=this.DB&&(a-=this.DB))}8==i&&0!=(128&t[0])&&(this.s=-1,0<a&&(this[this.t-1]|=(1<<this.DB-a)-1<<a)),this.clamp(),o&&m.ZERO.subTo(this,this)},m.prototype.clamp=function(){for(var t=this.s&this.DM;0<this.t&&this[this.t-1]==t;){--this.t}},m.prototype.dlShiftTo=function(t,e){for(var i=this.t-1;0<=i;--i){e[i+t]=this[i]}for(i=t-1;0<=i;--i){e[i]=0}e.t=this.t+t,e.s=this.s},m.prototype.drShiftTo=function(t,e){for(var i=t;i<this.t;++i){e[i-t]=this[i]}e.t=Math.max(this.t-t,0),e.s=this.s},m.prototype.lShiftTo=function(t,e){for(var i=t%this.DB,n=this.DB-i,o=(1<<n)-1,a=Math.floor(t/this.DB),r=this.s<<i&this.DM,l=this.t-1;0<=l;--l){e[l+a+1]=this[l]>>n|r,r=(this[l]&o)<<i}for(l=a-1;0<=l;--l){e[l]=0}e[a]=r,e.t=this.t+a+1,e.s=this.s,e.clamp()},m.prototype.rShiftTo=function(t,e){e.s=this.s;var i=Math.floor(t/this.DB);if(i>=this.t){e.t=0}else{var n=t%this.DB,o=this.DB-n,a=(1<<n)-1;e[0]=this[i]>>n;for(var r=i+1;r<this.t;++r){e[r-i-1]|=(this[r]&a)<<o,e[r-i]=this[r]>>n}0<n&&(e[this.t-i-1]|=(this.s&a)<<o),e.t=this.t-i,e.clamp()}},m.prototype.subTo=function(t,e){for(var i=0,n=0,o=Math.min(t.t,this.t);i<o;){n+=this[i]-t[i],e[i++]=n&this.DM,n>>=this.DB}if(t.t<this.t){for(n-=t.s;i<this.t;){n+=this[i],e[i++]=n&this.DM,n>>=this.DB}n+=this.s}else{for(n+=this.s;i<t.t;){n-=t[i],e[i++]=n&this.DM,n>>=this.DB}n-=t.s}e.s=n<0?-1:0,n<-1?e[i++]=this.DV+n:0<n&&(e[i++]=n),e.t=i,e.clamp()},m.prototype.multiplyTo=function(t,e){var i=this.abs(),n=t.abs(),o=i.t;for(e.t=o+n.t;0<=--o;){e[o]=0}for(o=0;o<n.t;++o){e[o+i.t]=i.am(0,n[o],e,o,0,i.t)}e.s=0,e.clamp(),this.s!=t.s&&m.ZERO.subTo(e,e)},m.prototype.squareTo=function(t){for(var e=this.abs(),i=t.t=2*e.t;0<=--i;){t[i]=0}for(i=0;i<e.t-1;++i){var n=e.am(i,e[i],t,2*i,0,1);(t[i+e.t]+=e.am(i+1,2*e[i],t,2*i+1,n,e.t-i-1))>=e.DV&&(t[i+e.t]-=e.DV,t[i+e.t+1]=1)}0<t.t&&(t[t.t-1]+=e.am(i,e[i],t,2*i,0,1)),t.s=0,t.clamp()},m.prototype.divRemTo=function(t,e,i){var n=t.abs();if(!(n.t<=0)){var o=this.abs();if(o.t<n.t){return null!=e&&e.fromInt(0),void (null!=i&&this.copyTo(i))}null==i&&(i=y());var a=y(),r=this.s,l=t.s,t=this.DB-v(n[n.t-1]);0<t?(n.lShiftTo(t,a),o.lShiftTo(t,i)):(n.copyTo(a),o.copyTo(i));var s=a.t,u=a[s-1];if(0!=u){var o=u*(1<<this.F1)+(1<s?a[s-2]>>this.F2:0),c=this.FV/o,d=(1<<this.F1)/o,f=1<<this.F2,p=i.t,h=p-s,g=null==e?y():e;for(a.dlShiftTo(h,g),0<=i.compareTo(g)&&(i[i.t++]=1,i.subTo(g,i)),m.ONE.dlShiftTo(s,g),g.subTo(a,a);a.t<s;){a[a.t++]=0}for(;0<=--h;){var _=i[--p]==u?this.DM:Math.floor(i[p]*c+(i[p-1]+f)*d);if((i[p]+=a.am(0,_,i,h,0,s))<_){for(a.dlShiftTo(h,g),i.subTo(g,i);i[p]<--_;){i.subTo(g,i)}}}null!=e&&(i.drShiftTo(s,e),r!=l&&m.ZERO.subTo(e,e)),i.t=s,i.clamp(),0<t&&i.rShiftTo(t,i),r<0&&m.ZERO.subTo(i,i)}}},m.prototype.invDigit=function(){if(this.t<1){return 0}var t=this[0];if(0==(1&t)){return 0}var e=3&t;return 0<(e=(e=(e=(e=e*(2-(15&t)*e)&15)*(2-(255&t)*e)&255)*(2-((65535&t)*e&65535))&65535)*(2-t*e%this.DV)%this.DV)?this.DV-e:-e},m.prototype.isEven=function(){return 0==(0<this.t?1&this[0]:this.s)},m.prototype.exp=function(t,e){if(4294967295<t||t<1){return m.ONE}var i,n=y(),o=y(),a=e.convert(this),r=v(t)-1;for(a.copyTo(n);0<=--r;){e.sqrTo(n,o),0<(t&1<<r)?e.mulTo(o,a,n):(i=n,n=o,o=i)}return e.revert(n)},m.prototype.toString=function(t){if(this.s<0){return"-"+this.negate().toString(t)}var e;if(16==t){e=4}else{if(8==t){e=3}else{if(2==t){e=1}else{if(32==t){e=5
}else{if(4!=t){return this.toRadix(t)}e=2}}}}var i,n=(1<<e)-1,o=!1,a="",r=this.t,l=this.DB-r*this.DB%e;if(0<r--){for(l<this.DB&&0<(i=this[r]>>l)&&(o=!0,a=s(i));0<=r;){l<e?(i=(this[r]&(1<<l)-1)<<e-l,i|=this[--r]>>(l+=this.DB-e)):(i=this[r]>>(l-=e)&n,l<=0&&(l+=this.DB,--r)),0<i&&(o=!0),o&&(a+=s(i))}}return o?a:"0"},m.prototype.negate=function(){var t=y();return m.ZERO.subTo(this,t),t},m.prototype.abs=function(){return this.s<0?this.negate():this},m.prototype.compareTo=function(t){var e=this.s-t.s;if(0!=e){return e}var i=this.t;if(0!=(e=i-t.t)){return e}for(;0<=--i;){if(0!=(e=this[i]-t[i])){return e}}return 0},m.prototype.bitLength=function(){return this.t<=0?0:this.DB*(this.t-1)+v(this[this.t-1]^this.s&this.DM)},m.prototype.mod=function(t){var e=y();return this.abs().divRemTo(t,null,e),this.s<0&&0<e.compareTo(m.ZERO)&&t.subTo(e,e),e},m.prototype.modPowInt=function(t,e){return e=new (t<256||e.isEven()?u:c)(e),this.exp(t,e)},m.ZERO=r(0),m.ONE=r(1),null==f){var f=new Array,p=0;for(;p<k;){g=Math.floor(65536*Math.random()),f[p++]=g>>>8,f[p++]=255&g}p=0,d()}function _(){if(null==e){for(d(),(e=new b).init(f),p=0;p<f.length;++p){f[p]=0}p=0}return e.next()}function w(){}function b(){this.i=0,this.j=0,this.S=new Array}w.prototype.nextBytes=function(t){for(var e=0;e<t.length;++e){t[e]=_()}},b.prototype.init=function(t){for(var e,i,n=0;n<256;++n){this.S[n]=n}for(n=e=0;n<256;++n){e=e+this.S[n]+t[n%t.length]&255,i=this.S[n],this.S[n]=this.S[e],this.S[e]=i}this.i=0,this.j=0},b.prototype.next=function(){var t;return this.i=this.i+1&255,this.j=this.j+this.S[this.i]&255,t=this.S[this.i],this.S[this.i]=this.S[this.j],this.S[this.j]=t,this.S[t+this.S[this.i]&255]};var k=256;return{"rsa_encrypt":function(t,e,i){var n=new o;return n.setPublic("e9a815ab9d6e86abbf33a4ac64e9196d5be44a09bd0ed6ae052914e1a865ac8331fed863de8ea697e9a7f63329e5e23cda09c72570f46775b7e39ea9670086f847d3c9c51963b131409b1e04265d9747419c635404ca651bbcbc87f99b8008f7f5824653e3658be4ba73e4480156b390bb73bc1f8b33578e7a4e12440e9396f2552c1aff1c92e797ebacdc37c109ab7bce2367a19c56a033ee04534723cc2558cb27368f5b9d32c04d12dbd86bbd68b1d99b7c349a8453ea75d1b2e94491ab30acf6c46a36a75b721b312bedf4e7aad21e54e9bcbcf8144c79b6e3c05eb4a1547750d224c0085d80e6da3907c3d945051c13c7c1dcefd6520ee8379c4f5231ed","10001"),n.encrypt(t)}}}();function a_encode(t,e){e=t.charCodeAt(e);if(255<e){throw"INVALID_CHARACTER_ERR: DOM Exception 5"}return e}var s_encode={"PADCHAR":"=","ALPHA":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/","getbyte":function(t,e){e=t.charCodeAt(e);if(255<e){throw"INVALID_CHARACTER_ERR: DOM Exception 5"}return e},"encode":function(t){if(1!=arguments.length){throw"SyntaxError: Not enough arguments"}var e,i,n=s_encode.PADCHAR,o=s_encode.ALPHA,a=s_encode.getbyte,r=[],l=(t=""+t).length-t.length%3;if(0==t.length){return t}for(e=0;e<l;e+=3){i=a_encode(t,e)<<16|a_encode(t,e+1)<<8|a_encode(t,e+2),r.push(o.charAt(i>>18)),r.push(o.charAt(i>>12&63)),r.push(o.charAt(i>>6&63)),r.push(o.charAt(63&i))}switch(t.length-l){case 1:i=a_encode(t,e)<<16,r.push(o.charAt(i>>18)+o.charAt(i>>12&63)+n+n);break;case 2:i=a_encode(t,e)<<16|a_encode(t,e+1)<<8,r.push(o.charAt(i>>18)+o.charAt(i>>12&63)+o.charAt(i>>6&63)+n)}return r.join("")}};var o,a,d,i=(o=1,a=8,d=32,{"getEncryption":function(t,e,i,n){i=i||"",t=t||"";for(var n=n?t:u(t),t=u(w(n)+e),i=q.strToBytes(i.toUpperCase(),!0),o=Number(i.length/2).toString(16);o.length<4;){o="0"+o}q.initkey(t),i=q.encrypt(n+q.strToBytes(e)+o+i),q.initkey("");for(var a=Number(i.length/2).toString(16);a.length<4;){a="0"+a}return i=n_entry.rsa_encrypt(w(a+i)),setTimeout(function(){!function(t,e){if(!(Math.random()>(e||1))){try{var i=location.protocol+"//ui.ptlogin2.qq.com/cgi-bin/report?id="+t;document.createElement("img").src=i}catch(n){}}}(488358,1)},0),s_encode.encode(w(i)).replace(/[\/\+=]/g,function(t){return{"/":"-","+":"*","=":"_"}[t]})},"getRSAEncryption":function(t,e,i){return e=(i?t:u(t))+e.toUpperCase(),n_entry.rsa_encrypt(e)},"md5":u});function u(t){return v(c(y(t=t),t.length*a))}function c(t,e){t[e>>5]|=128<<e%32,t[14+(e+64>>>9<<4)]=e;for(var i=1732584193,n=-271733879,o=-1732584194,a=271733878,r=0;r<t.length;r+=16){var l=i,s=n,u=o,c=a,i=p(i,n,o,a,t[r+0],7,-680876936),a=p(a,i,n,o,t[r+1],12,-389564586),o=p(o,a,i,n,t[r+2],17,606105819),n=p(n,o,a,i,t[r+3],22,-1044525330);i=p(i,n,o,a,t[r+4],7,-176418897),a=p(a,i,n,o,t[r+5],12,1200080426),o=p(o,a,i,n,t[r+6],17,-1473231341),n=p(n,o,a,i,t[r+7],22,-45705983),i=p(i,n,o,a,t[r+8],7,1770035416),a=p(a,i,n,o,t[r+9],12,-1958414417),o=p(o,a,i,n,t[r+10],17,-42063),n=p(n,o,a,i,t[r+11],22,-1990404162),i=p(i,n,o,a,t[r+12],7,1804603682),a=p(a,i,n,o,t[r+13],12,-40341101),o=p(o,a,i,n,t[r+14],17,-1502002290),i=h(i,n=p(n,o,a,i,t[r+15],22,1236535329),o,a,t[r+1],5,-165796510),a=h(a,i,n,o,t[r+6],9,-1069501632),o=h(o,a,i,n,t[r+11],14,643717713),n=h(n,o,a,i,t[r+0],20,-373897302),i=h(i,n,o,a,t[r+5],5,-701558691),a=h(a,i,n,o,t[r+10],9,38016083),o=h(o,a,i,n,t[r+15],14,-660478335),n=h(n,o,a,i,t[r+4],20,-405537848),i=h(i,n,o,a,t[r+9],5,568446438),a=h(a,i,n,o,t[r+14],9,-1019803690),o=h(o,a,i,n,t[r+3],14,-187363961),n=h(n,o,a,i,t[r+8],20,1163531501),i=h(i,n,o,a,t[r+13],5,-1444681467),a=h(a,i,n,o,t[r+2],9,-51403784),o=h(o,a,i,n,t[r+7],14,1735328473),i=g(i,n=h(n,o,a,i,t[r+12],20,-1926607734),o,a,t[r+5],4,-378558),a=g(a,i,n,o,t[r+8],11,-2022574463),o=g(o,a,i,n,t[r+11],16,1839030562),n=g(n,o,a,i,t[r+14],23,-35309556),i=g(i,n,o,a,t[r+1],4,-1530992060),a=g(a,i,n,o,t[r+4],11,1272893353),o=g(o,a,i,n,t[r+7],16,-155497632),n=g(n,o,a,i,t[r+10],23,-1094730640),i=g(i,n,o,a,t[r+13],4,681279174),a=g(a,i,n,o,t[r+0],11,-358537222),o=g(o,a,i,n,t[r+3],16,-722521979),n=g(n,o,a,i,t[r+6],23,76029189),i=g(i,n,o,a,t[r+9],4,-640364487),a=g(a,i,n,o,t[r+12],11,-421815835),o=g(o,a,i,n,t[r+15],16,530742520),i=_(i,n=g(n,o,a,i,t[r+2],23,-995338651),o,a,t[r+0],6,-198630844),a=_(a,i,n,o,t[r+7],10,1126891415),o=_(o,a,i,n,t[r+14],15,-1416354905),n=_(n,o,a,i,t[r+5],21,-57434055),i=_(i,n,o,a,t[r+12],6,1700485571),a=_(a,i,n,o,t[r+3],10,-1894986606),o=_(o,a,i,n,t[r+10],15,-1051523),n=_(n,o,a,i,t[r+1],21,-2054922799),i=_(i,n,o,a,t[r+8],6,1873313359),a=_(a,i,n,o,t[r+15],10,-30611744),o=_(o,a,i,n,t[r+6],15,-1560198380),n=_(n,o,a,i,t[r+13],21,1309151649),i=_(i,n,o,a,t[r+4],6,-145523070),a=_(a,i,n,o,t[r+11],10,-1120210379),o=_(o,a,i,n,t[r+2],15,718787259),n=_(n,o,a,i,t[r+9],21,-343485551),i=m(i,l),n=m(n,s),o=m(o,u),a=m(a,c)
}return 16==d?Array(n,o):Array(i,n,o,a)}function f(t,e,i,n,o,a){return m((a=m(m(e,t),m(n,a)))<<(o=o)|a>>>32-o,i)}function p(t,e,i,n,o,a,r){return f(e&i|~e&n,t,e,o,a,r)}function h(t,e,i,n,o,a,r){return f(e&n|i&~n,t,e,o,a,r)}function g(t,e,i,n,o,a,r){return f(e^i^n,t,e,o,a,r)}function _(t,e,i,n,o,a,r){return f(i^(e|~n),t,e,o,a,r)}function m(t,e){var i=(65535&t)+(65535&e);return(t>>16)+(e>>16)+(i>>16)<<16|65535&i}function y(t){for(var e=Array(),i=(1<<a)-1,n=0;n<t.length*a;n+=a){e[n>>5]|=(t.charCodeAt(n/a)&i)<<n%32}return e}function v(t){for(var e=o?"0123456789ABCDEF":"0123456789abcdef",i="",n=0;n<4*t.length;n++){i+=e.charAt(t[n>>2]>>n%4*8+4&15)+e.charAt(t[n>>2]>>n%4*8&15)}return i}function w(t){for(var e=[],i=0;i<t.length;i+=2){e.push(String.fromCharCode(parseInt(t.substr(i,2),16)))}return e.join("")};
return i.getEncryption(arguments[0], arguments[1], arguments[2], undefined)

这段js代码是无法直接执行的，因为这个是为了在selenium中执行的，只要把最后一行的return去掉，然后调用i.getEncryption("", “”, “”, undefined);即可

至此，无验证码的登录已经完成。

要是提示密码不正确，可能加密算法又改动了，需要去重新把c_login_2.js文件拿下来，做改动。

完整登录的java代码如下：


import com.alibaba.fastjson.JSONObject;
import org.apache.commons.io.FileUtils;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import javax.imageio.ImageIO;
import java.awt.image.BufferedImage;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;

/**
 * @auther jixiang.ma
 * @date 2021/1/12
 **/
public class QqLogin {

    private static String ptVcodeV1;
    private static String verifyCode;
    private static String sid ;
    private static String ptdrvs;
    private static String ptRandSalt;
    private static String capCd;
    private static String ptUin;
    private static String ptVerifysessionV1;

    private static HttpClient httpClient = HttpClientBuilder.create().build();

    public static void main(String[] args) throws Exception {

        check();
        login(JsTest.getP("your password", "%L1", verifyCode));
    }

    public static void check() throws IOException {
        String checkUrl = "http://check.ptlogin2.qq.com/check" +
                "?regmaster=" +
                "&pt_tea=2" +
                "&pt_vcode=1" +
                "&uin=your qq number" +
                "&appid=21000501" +
                "&js_ver=21010623" +
                "&js_type=1" +
                "&r=0.7541288831736455" +
                "u1=https://lol.qq.com/space/index.shtml" +
                "pt_uistyle=40";

        HttpGet httpGet = new HttpGet(checkUrl);
        httpGet.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36");
        HttpResponse response = httpClient.execute(httpGet);
        HttpEntity httpEntity = response.getEntity();
        String responseBody = EntityUtils.toString(httpEntity, Charset.forName("UTF-8"));

        String[] data =  responseBody.substring(12).split(",");
        ptVcodeV1 = data[0].substring(2,3);
        if("0".equals(ptVcodeV1)) {
            verifyCode = data[1].substring(1,5);
            ptUin = data[2].substring(1, data[2].length() - 1);
            ptVerifysessionV1 = data[3].replace("'", "");
            ptRandSalt = data[4].replace("'", "");
            ptdrvs = data[5].replace("'", "");
            String tmpSid = data[6].replace("'", "");
            sid = tmpSid.substring(0, tmpSid.length() - 1);
        }
        System.out.println(ptVcodeV1);
        System.out.println(verifyCode);
        System.out.println(ptUin);
        System.out.println(ptVerifysessionV1);
        System.out.println(ptRandSalt);
        System.out.println(ptdrvs);
        System.out.println(sid);
        System.out.println(responseBody);
    }


    public static void login(String p) throws IOException {
        String loginUrl = "https://ssl.ptlogin2.qq.com/login?u=your qq number" +
                "&verifycode="+ verifyCode +
                "&pt_vcode_v1=0" +
                "&pt_verifysession_v1=" + ptVerifysessionV1 +
                "&p=" + p +
                "&pt_randsalt="+ ptRandSalt +
                "&u1=https%3A%2F%2Flol.qq.com%2Fact%2Fa20210108lplspring%2Findex.shtml%3Fe_code%3D507042" +
                "&ptredirect=1&h=1&t=1&g=1&from_ui=1&ptlang=2052&action=2-26-" + System.currentTimeMillis() +
                "&js_ver=21010623&js_type=1" +
                "&pt_uistyle=40&aid=21000501&daid=8" +
                "&ptdrvs=" + ptdrvs +
                "&sid="+ sid +"&";

        HttpGet httpGet = new HttpGet(loginUrl);
        httpGet.setHeader("Accept-Language", "zh-CN,zh;q=0.9");
        httpGet.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36");
        HttpResponse response = httpClient.execute(httpGet);
        for (Header header : response.getAllHeaders()) {
            System.out.println(header.getName() + "\t" + header.getValue());
        }
        String str = EntityUtils.toString(response.getEntity());
        String a = new String(str.getBytes(StandardCharsets.ISO_8859_1), Charset.forName("UTF-8"));
        System.out.println(a);
        System.out.println("-------------");
    }
}

getP()是调用了selenium执行了js代码,使用方法见https://blog.csdn.net/majixiang1996/article/details/112484449

   public static String getP(String password, String uin, String verifyCode) throws Exception {
        System.setProperty("webdriver.chrome.driver", "C:\\Program Files\\Google\\Chrome\\Application\\chromedriver.exe");
        ChromeOptions chromeOptions = new ChromeOptions();
        chromeOptions.setHeadless(true);
        WebDriver driver = new ChromeDriver(chromeOptions);
        JavascriptExecutor executor = (JavascriptExecutor) driver;
        String result = executor.executeScript(readJsFile(), password, uin, verifyCode).toString();
        driver.quit();
        System.out.println(result);
        return result;
    }

    private static String readJsFile() throws Exception {
        StringBuffer script = new StringBuffer();
        File file = new File("D:\\qq_login.js");
        FileReader filereader = new FileReader(file);
        BufferedReader bufferedReader = new BufferedReader(filereader);
        String tempString = null;
        while ((tempString = bufferedReader.readLine()) != null) {
            script.append(tempString).append("\n");
        }
        bufferedReader.close();
        filereader.close();
        return script.toString();
    }

如果登录正常的话，response body里是没有返回的，可以在response header的"Set-Cookie"中找到一个叫pskey的参数，代表登录成功。

爱技术的小马哥

关注

3
点赞
踩
7

收藏

觉得还不错? 一键收藏
7
评论
Java实现QQ登录

前言本文内容仅供学习参考，禁止商业用途QQ登录分为两种，一种是当在一天前登录过，那么登录环境会被认为是安全的，但是偶尔还会判定，此时的登录方式是无验证。当某QQ号是在这个环境中第一次登录，那么就会被判定为风险环境。本文以登录https://lol.qq.com为例如何判定是否为风险环境？在浏览器中输入一下url："http://check.ptlogin2.qq.com/check?regmaster=&pt_tea=2&pt_vcode=1&uin=123456789&a
复制链接

扫一扫

专栏目录