chengying-6.0登入接口逆向
版本更新
首先是登入的加密
url:http://172.16.121.70/login
参数
1. username:
2. password:
614bb9438210c6972fbe5fa1875d56bebe28fd3d86ea76830afc4e79cfc7159c328285c19db0f4789db01ea644989f6fce5aae5304dc04b332743d2967808fcfae0a0ef35c7435b81423b90a425d1fba36ea2b04584e9440d030e7ca56fe0cc7e14819b562a5edd38d96527514f65a8cff9c388303f9fd12463fdf184ea8e95c
对应加密位置
后面改成了
(e.password, i)
由于t中的数据是一个请求过来的 所以可以直接搜索
关于public_key可以直接搜索
BEGIN public key
可以看出"sm2" === i为false 所以可以配置
也可以看出是rsa加密
比较简单直接上代码吧
def getPwd(t):
n = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
r = "0123456789abcdefghijklmnopqrstuvwxyz" # 这里需要替换为实际的函数或方法
i = ""
s = 0
o = 0
for e in range(len(t)):
if t[e] == "=":
break
h = n.index(t[e])
if h >= 0:
if s == 0:
i += r[h >> 2]
o = 3 & h
s = 1
elif s == 1:
i += r[o << 2 | h >> 4]
o = 15 & h
s = 2
elif s == 2:
i += r[o]
i += r[h >> 2]
o = 3 & h
s = 3
else:
i += r[o << 2 | h >> 4]
i += r[15 & h]
s = 0
return i
def encrypt_password(publicKey, password):
rsakey = RSA.importKey(publicKey)
cipher = PKCS1_v1_5.new(rsakey)
cipher_text = base64.b64encode(cipher.encrypt(password.encode('utf-8')))
pwd = getPwd(cipher_text.decode('utf-8'))
return pwd
