js破解八月x 登录破解

最新推荐文章于 2024-01-19 15:05:44 发布

Test_C.

最新推荐文章于 2024-01-19 15:05:44 发布

阅读量421

点赞数

分类专栏： Python javascript

本文链接：https://blog.csdn.net/weixin_42544006/article/details/103461459

版权

本文深入探讨了JavaScript在八月X登录系统中可能存在的安全漏洞，并详细讲解了破解的技术细节，包括如何利用脚本进行攻击，以及防范此类攻击的措施。

摘要由CSDN通过智能技术生成

import execjs
import requests

def login(username,password):
    login_url = 'http://so.techhg.com/login'
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
        "Accept-Encoding": "gzip, deflate",
        "Accept-Language": "zh-CN,zh;q=0.9",
        "Cache-Control": "no-cache",
        # "Cookie": "",
        "Host": "so.techhg.com",
        "Pragma": "no-cache",
        "Proxy-Connection": "keep-alive",
        "Referer": "http://so.techhg.com/",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36",
    }

    s = requests.session()
    s.get(login_url,headers=headers)

    # RSA 加密代码 js实现
    ctx = execjs.compile(open('RSA.js', 'r').read())
    get_Ciphertext = ctx.call('get_Ciphertext', password)

    # 登录数据
    data = {
    "loginName": username,
    "redirect": "http://so.techhg.com/",
    "password": get_Ciphertext,
    }

    s.post(login_url,data=data,headers=headers)
    return s

byg_session = login(账号,密码)

// RSA, a suite of routines for performing RSA public-key computations in
// JavaScript.
//
// Requires BigInt.js and Barrett.js.
//
// Copyright 1998-2005 David Shapiro.
//
// You may use, re-use, abuse, copy, and modify this code to your liking, but
// please keep this header.
//
// Thanks!
//
// Dave Shapiro
// dave@ohdave.com

function RSAKeyPair(encryptionExponent, decryptionExponent, modulus)
{
    this.e = biFromHex(encryptionExponent);
    this.d = biFromHex(decryptionExponent);
    this.m = biFromHex(modulus);
    // We can do two bytes per digit, so
    // chunkSize = 2 * (number of digits in modulus - 1).
    // Since biHighIndex returns the high index, not the number of digits, 1 has
    // already been subtracted.
    this.chunkSize = 2 * biHighIndex(this.m);
    this.radix = 16;
    this.barrett = new BarrettMu(this.m);
}

function twoDigit(n)
{
    return (n < 10 ? "0" : "") + String(n);
}

function encryptedString(key, s)
// Altered by Rob Saunders (rob@robsaunders.net). New routine pads the
// string after it has been converted to an array. This fixes an
// incompatibility with Flash MX's ActionScript.
{
    var a = new Array();
    var sl = s.length;
    var i = 0;
    while (i < sl) {
        a[i] = s.charCodeAt(i);
        i++;
    }

    while (a.length % key.chunkSize != 0) {
        a[i++] = 0;
    }

    var al = a.length;
    var result = "";
    var j, k, block;
    for (i = 0; i < al; i += key.chunkSize) {
        block = new BigInt();
        j = 0;
        for (k = i; k < i + key.chunkSize; ++j) {
            block.digits[j] = a[k++];
            block.digits[j] += a[k++] << 8;
        }
        var crypt = key.barrett.powMod(block, key.e);
        var text = key.radix == 16 ? biToHex(crypt) : biToString(crypt, key.radix);
        result += text + " ";
    }
    return result.substring(0, result.length - 1); // Remove last space.
}


var biRadixBase = 2;
var biRadixBits = 16;
var bitsPerDigit = biRadixBits;
var biRadix = 1 << 16; // = 2^16 = 65536
var biHalfRadix = biRadix >>> 1;
var biRadixSquared = biRadix * biRadix;
var maxDigitVal = biRadix - 1;
var maxInteger = 9999999999999998;


var maxDigits;
var ZERO_ARRAY;
var bigZero, bigOne;

function setMaxDigits(value)
{
    maxDigits = value;
    ZERO_ARRAY = new Array(ma

最低0.47元/天解锁文章

Test_C.

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
js破解八月x 登录破解

import execjsimport requestsdef login(username,password): login_url = 'http://so.techhg.com/login' headers = { "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,imag...
复制链接

扫一扫