有空就分析了下百度的登陆协议。
大家看代码:
size_t CURLWriteDataCallbak(char *data, size_t size, size_t nmemb, string *writerData)
{
if (writerData == NULL)
return 0;
size_t len = size*nmemb;
writerData->append(data, len);
return len;
}
void MsgCookie(CURL *curl)
{
CURLcode cookieRes;
struct curl_slist *cookies;
struct curl_slist *nc;
int i;
cookieRes = curl_easy_getinfo(curl, CURLINFO_COOKIELIST, &cookies);
if (cookieRes != CURLE_OK)
{
::MessageBox(NULL,"err get cookie!","",0);
return ;
}
nc = cookies, i = 1;
CStdioFile f;
//f.Open("c:\\cookie.txt",CFile::modeCreate|
// CFile::modeNoTruncate|CFile::modeWrite);
while (nc)
{
::MessageBox(NULL,nc->data,"",0);
//f.WriteString(nc->data);
//f.WriteString("\n");
nc = nc->next;
i++;
}
//f.Close();
::MessageBox(NULL,"ok","",0);
if (i == 1)
{
::MessageBox(NULL,"read cookie err\n","",0);
}
curl_slist_free_all(cookies);
}
//主要思路是,先登陆百度首页,然后登陆百度空间,为啥不直接登陆百度空间等会大家看下面(当然大家可以登陆百度首页后可以直接访问百度其他的产品!!嘿嘿)
void CassssssssssssDlg::OnBnClickedButton1()
{
// TODO: 在此添加控件通知处理程序代码
CURL *curl;
CURLcode res;
string url="http://www.baidu.com/";
string urlRetStr;
string baiduid;
string bdu;
string token="token=";
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if (curl)
{
//第一步:获取BAIDUID get BIADUID
curl_easy_setopt(curl,CURLOPT_URL,url);
curl_easy_setopt(curl,CURLOPT_VERBOSE,1L);
curl_easy_setopt(curl,CURLOPT_COOKIEFILE,"baiducookie");//要保存cookie哦,一次保存以后libcurl会自己维护cookie的
curl_easy_setopt(curl,CURLOPT_WRITEDATA,&urlRetStr);
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,CURLWriteDataCallbak);//回调函数
res=curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get www.baidu.comfor baiduid");
}
//第二步 get token,主要通过返回cookie里面的BAIDUID来获取token
urlRetStr="";
curl_easy_setopt(curl,CURLOPT_URL,"https://passport.baidu.com/v2/ap"
"i/?getapi&class=login&tpl=mn&tangram=true");
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get token");
}
int i = urlRetStr.find("token=")+7;
int n = urlRetStr.find("';",i);
token += urlRetStr.substr(i,n-i);
//第三步在百度首页登陆时候当密码框获得焦点会进行check 验证码
curl_easy_setopt(curl,CURLOPT_URL,"https://passport.baidu.com/v2/ap"
"i/?getapi&class=login&tpl=mn&tangram=true");
//add token to cookie
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get check 验证码 status");
}
//第四步 检测账号是否正常 主要是啥异地登陆的 codestring callbak check
urlRetStr = "";
curl_easy_setopt(curl,CURLOPT_URL,"https://passport.baidu.co"
"m/v2/api/?logincheck&callback=bdPass.api.login._needCode"
"stringCheckCallback&tpl=mn&charset=utf-8&index=0&username"
"=这里是你的账号&time=1350284309109");
//add token to cookie
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get check 验证码 status");
}
//MessageBox(urlRetStr.c_str());
//第五步 进行post login
urlRetStr = "";
string fed = "ppui_logintime=507578&charset=utf-8&"
"codestring=&"+token+"&isPhone=false&index=0&u=&safeflg=0&staticpage=http%3"
"A%2F%2Fwww.baidu.com%2Fcache%2Fuser%2Fhtml%2Fjump.html&loginType=1&tpl=mn&"
"callback=parent.bdPass.api.login._postCallback&username=你的账号&password="
"你的密码&verifycode=&mem_pass=on";
curl_easy_setopt(curl,CURLOPT_URL,"https://passport.baidu.com/v2/api/?login");
curl_easy_setopt(curl,CURLOPT_POSTFIELDS,fed.c_str());//这里是post的字段
curl_easy_setopt(curl,CURLOPT_REFERER,"http://www.baidu.com/cache/user/html/login-1.2.html");
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err post login");
}
//第六步 返回的一个网页值 我们必须要替换里面的%号位%25,这里我们找到hao123Param值,这里他会访问这个其实我也不知道干啥他
i=urlRetStr.find("http://www");
n=urlRetStr.find("');",i);
urlRetStr=urlRetStr.substr(i,n-i);
i=urlRetStr.find("hao123Param=")+12;
bdu=urlRetStr.substr(i);
CString tmp=urlRetStr.c_str();
tmp.Replace("%","%25");
//MsgCookie(curl);
//jump
urlRetStr = "";
curl_easy_setopt(curl,CURLOPT_URL,tmp);
curl_easy_setopt(curl,CURLOPT_POST,0L);//因为前面的是post,这里我们改成get
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get check 验证码 status");
}
//MessageBox(urlRetStr.c_str());
//crossdomain chek
//第七步,crossdomain检测
urlRetStr = "";
url ="http://user.hao123.com/static/crossdomain.php?bdu="
+bdu+"&t=0.05889427157399846";
curl_easy_setopt(curl,CURLOPT_URL,url);
//curl_easy_setopt(curl,CURLOPT_COOKIEFILE,"newcookie");
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get check 验证码 status");
}
//最后一步,前面的所有都好了,我们可以随意访问百度的产品了,嘿嘿 all good then goto www.baidu.com
urlRetStr = "";
curl_easy_setopt(curl,CURLOPT_URL,"http://hi.baidu.com/new/guhuisec");
curl_easy_setopt(curl,CURLOPT_REFERER,"http://www.xiaoming.com");
res = curl_easy_perform(curl);
if (res!=CURLE_OK)
{
MessageBox("err get check 验证码 status");
}
//MessageBox(urlRetStr.c_str());
CStdioFile f;
f.Open("c:\\htm.txt",CFile::modeCreate|CFile::modeNoTruncate|CFile::modeWrite);
f.WriteString(urlRetStr.c_str());
f.Close();
MessageBox("ok");
curl_easy_cleanup(curl);
}
curl_global_cleanup();
}
在此我分享下我的那个百度空间登录代码,没有写完,最主要的是最后一步我不会js,最后百度空间的跨域检测!!如果有大牛知道请告诉小弟!
void CassssssssssssDlg::OnBnClickedButton1()
{
// TODO: 在此添加控件通知处理程序代码
CString baiduUid;
CString token;
CURL *curl;
CURLcode res;
string strPage;
CString callBakUrlStr;
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if(curl)
{
curl_easy_setopt(curl, CURLOPT_URL, "http://hi.baidu.com/go/login");
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
//初始化cookie引擎
curl_easy_setopt(curl, CURLOPT_COOKIEFILE,"cookiesfile");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, CURLWriteDataCallbak);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &strPage);
res = curl_easy_perform(curl);
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
//get token
strPage="";
curl_easy_setopt(curl, CURLOPT_URL, "https://passport.baidu.c"
"om/v2/api/?getapi&class=login&tpl=qing");
res = curl_easy_perform(curl);
if(res == CURLE_OK)
{
token=strPage.c_str();
int index=token.Find("login_token=")+13;
token=token.Mid(index,32);
}
strPage="";
//post login
string fed="charset=UTF-8&codestring=&token="
+token+"&isPhone=false&index=0&u=http%3A%2F%2Fhi.baidu.com%2Fgo%2Flo"
"gin%3Ffrom_page%3D101%26from_mod%3D0&safeflag=0&staticpag"
"e=http%3A%2F%2Fhi.baidu.com%2Fcom%2Fshow%2Fproxy%3Ffun%3Dcal"
"lback.login.submited&loginType=1&tpl=qing&username=账号&pas"
"sword=密码&verifycode=&mem_pass=on";
curl_easy_setopt(curl, CURLOPT_URL, "https://passport.baidu.com/v2/api/?login");
curl_easy_setopt(curl,CURLOPT_REFERER,"http://hi.baidu.com/go/login");
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, fed.c_str());
curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,1L);
res = curl_easy_perform(curl);
if(res != CURLE_OK)
{
MessageBox("err to get callbakurl");
return;
}
callBakUrlStr=strPage.c_str();
int index=callBakUrlStr.Find("http://hi.baidu.com");
int endindex=callBakUrlStr.Find("');",index);
callBakUrlStr = callBakUrlStr.Mid(index,endindex-index);
//MessageBox(callBakUrlStr);
curl_easy_setopt(curl, CURLOPT_URL, callBakUrlStr);
res = curl_easy_perform(curl);
if(res != CURLE_OK)
{
MessageBox("err to get callbakurl");
return;
}
strPage=strPage.c_str();
//CString url="http://hi.baidu.com/com/show/proxy?fun=callback.login.submited&error=0&callback=&index=0&username=guhuisec&phonenumber=电话号码&mail=邮箱@qq.com&tpl=qing&u=http%253A%252F%252Fhi.baidu.com%252Fgo%252Flogin%253Ffrom_page%253D101%2526from_mod%253D0&needToModifyPassword=0&auth=56731c258b7df9911219e221b96ab5342dca5705d3ce7edd922c03338bdd3c8f57b7fecc8da0&hao123Param=alpQVFdsT2RsQllTRzFSVFV4WExVSkRWR0V6WWtkVWMwOUJTWGx4VkdrdGVFZHNVamQ2VFRKdUxWbC1WMDVTUVZGQlFVRkJKQ1FBQUFBQUFBQUFBQW9hSmh1MUt6NGtaM1ZvZFdselpXTUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFDQVlJQXJNQUFBQU0CcXBYY0FBQUFBZUdsREFBQUFBQUF4TUM0eU15NHlOSml2ZGxDWXIzWlFk";
int a=callBakUrlStr.Replace("%","%25");
MessageBox(callBakUrlStr);
curl_easy_setopt(curl, CURLOPT_URL, callBakUrlStr);
//curl_easy_setopt(curl,CURLOPT_COOKIELIST,"domain=.hi.baidu.com");
curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,1L);
res = curl_easy_perform(curl);
//MessageBox("ok");
if(res != CURLE_OK)
{
MessageBox("err to get callbakurl");
return;
}
strPage=strPage.c_str();
MessageBox(strPage.c_str());
//go home
curl_easy_setopt(curl, CURLOPT_URL, "http://hi.baidu.com/go/login");
//curl_easy_setopt(curl,CURLOPT_COOKIELIST,"domain=.hi.baidu.com");
curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,1L);
res = curl_easy_perform(curl);
//MessageBox("ok");
if(res != CURLE_OK)
{
MessageBox("err to get callbakurl");
return;
}
strPage=strPage.c_str();
MessageBox(strPage.c_str());
curl_easy_cleanup(curl);
}
curl_global_cleanup();
}