10148pzf
commented
10 months ago +1,困扰了好久,怎么会出现“预约下单失败”这种报错。解决了求踢踢
Open aaaaqqqyzjin opened 10 months ago
10148pzf
commented
10 months ago +1,困扰了好久,怎么会出现“预约下单失败”这种报错。解决了求踢踢
singularity-s0
commented
10 months ago 由于服务器并未返回具体的错误信息,很难确定此问题的原因所在。注意到现在小程序发送预约请求的时候会带上一个text_字段,对应于每个预约项目的rsaText字段,怀疑可能是近期添加了某种加密以针对脚本。
SyntaxSmith
commented
10 months ago 由于服务器并未返回具体的错误信息,很难确定此问题的原因所在。注意到现在小程序发送预约请求的时候会带上一个
text_字段,对应于每个预约项目的rsaText字段,怀疑可能是近期添加了某种加密以针对脚本。
crypto-js.min_v3_1.zip 加密的JS脚本好像是这个主要关注sub2有关的代码段,但是这代码加密过而且实在是太长了,vscode甚至不能正确解析。
singularity-s0
commented
10 months ago 如果是前端加密,那可以考虑采用 Selenium,但这意味着现有代码需要推倒重来。
Byounng
commented
10 months ago 在最后一步提交预定请求多了rsa_text_和text_这俩个验证字段,而这俩字段在请求:
GET https://elife.fudan.edu.cn/public/front/loadOrderForm_ordinary.htm?xxx 这个请求的response里面可以看到,如下,其中rsa_text可以看到,但是text_为空
<input type="hidden" id="rsa_text_" name="rsa_text_" value="可以看到XXX">
<input type="hidden" id="text_" name="text_" value="">
qzshi97
commented
10 months ago 有人解决RSA加密问题了吗?
SyntaxSmith
commented
6 months ago 如果是前端加密,那可以考虑采用 Selenium,但这意味着现有代码需要推倒重来。 如果只是使用selenium的话解决不算困难,现在改成了点按验证码,已经写了检测字符位置的代码,正确率在7成以上。现在想问问有没有懂前端的老哥看看字符位置的上报也是加密的吗?
SyntaxSmith
commented
6 months ago _0x2df407[_0x2143('0xf2', 'ZDky')] = function(_0x4bc16d) {
var _0x3f1c51 = {
'ZmAEr': function _0x5972fc(_0x4396e0, _0x431e14) {
return _0x4396e0 === _0x431e14;
},
'MNEUN': 'HoX',
'GPrBm': function _0x59671a(_0x576293, _0x308e0c) {
return _0x576293(_0x308e0c);
},
'GOxLP': _0x2143('0xf3', 'M@aE'),
'gTOCc': function _0x3994dd(_0x57b9d6, _0x32216e) {
return _0x57b9d6(_0x32216e);
},
'jdpGE': function _0x426046(_0x224591, _0x4e8e11) {
return _0x224591 + _0x4e8e11;
},
'xpnFf': _0x2143('0xf4', '#2ij'),
'oezxj': _0x2143('0xf5', 'U^*O'),
'fVwmT': _0x2143('0xf6', 'cOEn'),
'ojGkW': _0x2143('0xf7', '1L[]'),
'oUDND': _0x2143('0xf8', '2j*j'),
'FkGVv': function _0x404d28(_0x5d461e, _0x1ddf3a) {
return _0x5d461e !== _0x1ddf3a;
},
'EojXo': _0x2143('0xf9', 'sPad'),
'NgRUW': function _0x3497eb(_0x15b972, _0x598b45) {
return _0x15b972(_0x598b45);
},
'VvwAB': _0x2143('0xfa', 'jOoK'),
'oXOQJ': function _0x5061ef(_0x5b60b9, _0x145945) {
return _0x5b60b9 != _0x145945;
},
'fEeGB': function _0x3b1375(_0x205165, _0xd397a4) {
return _0x205165 !== _0xd397a4;
},
'zqhry': _0x2143('0xfb', 'jOoK'),
'xhTpt': function _0x2f2c3b(_0x5bbeea, _0x224986) {
return _0x5bbeea(_0x224986);
},
'bmxVt': function _0x409cf4(_0xe7d117, _0x16f595) {
return _0xe7d117 == _0x16f595;
}
};
if (_0x3f1c51[_0x2143('0xfc', 'l2)f')](_0x2143('0xfd', '(jIy'), _0x3f1c51['MNEUN'])) {
that['verify'](_0x3f1c51[_0x2143('0xfe', 'Q)Q*')](_0x506456, that['clickPoint']));
} else {
var _0x1b1176 = _0x3f1c51['GOxLP'][_0x2143('0xff', 'Mbv*')]('|')
, _0x3455ab = 0x0;
while (!![]) {
switch (_0x1b1176[_0x3455ab++]) {
case '0':
_0x4bc16d = _0x3f1c51[_0x2143('0x100', 'j2]$')](__encrypt, _0x3f1c51[_0x2143('0x101', 'vnUn')](_0x4bc16d, '_') + new Date()['getTime']());
continue;
case '1':
if (_0x2efed6['options'][_0x2143('0x102', 'M@aE')]) {
var _0x310a63 = _0x3f1c51[_0x2143('0x103', '1L[]')][_0x2143('0x104', 'U1Ta')]('|')
, _0x37a4b7 = 0x0;
while (!![]) {
switch (_0x310a63[_0x37a4b7++]) {
case '0':
_0x2395a1['find'](_0x3f1c51['oezxj'])[_0x2143('0x105', 'U1Ta')](_0x3f1c51['fVwmT']);
continue;
case '1':
var _0x5a5edb = _0x2efed6[_0x2143('0x106', '2j*j')][_0x2143('0x107', 'zr@3')];
continue;
case '2':
var _0x2c6cd7 = _0x2efed6['options']['validFiled'] || 'code';
continue;
case '3':
_0x5a5edb[_0x2c6cd7] = _0x4bc16d;
continue;
case '4':
_0x4be52a[_0x2143('0x108', 'jOoK')]({
'url': _0x2efed6[_0x2143('0x24', 'BVhT')][_0x2143('0x109', 'cyED')],
'type': _0x3f1c51[_0x2143('0x10a', 'j2]$')],
'dataType': _0x3f1c51[_0x2143('0x10b', 'XsL[')],
'data': _0x5a5edb,
'success': function(_0xeadf4d) {
var _0xe368a6 = {
'QbpRf': function _0x54abb2(_0x3ab46f, _0x5b879e) {
return _0x3ab46f === _0x5b879e;
},
'UMAQP': _0x2143('0x10c', 'Mbv*'),
'YUfOV': function _0x368333(_0x449494, _0x4bacef) {
return _0x449494 >= _0x4bacef;
},
'HszNJ': function _0x49b663(_0x550362, _0x106e6e) {
return _0x550362 + _0x106e6e;
},
'LOMWl': function _0x46aad8(_0xc7424a, _0x358b4d) {
return _0xc7424a + _0x358b4d;
},
'EYlBu': function _0x2bb018(_0x11c5d4, _0x94ea5b) {
return _0x11c5d4 + _0x94ea5b;
},
'mmGoy': 'px;\x20top:\x20',
'qfrUH': function _0xe52965(_0xdb00f1, _0x2ac117) {
return _0xdb00f1 - _0x2ac117;
},
'XMhly': _0x2143('0x10d', '2j*j'),
'MAFNp': function _0x12481e(_0x2457ca, _0x2c5cc6) {
return _0x2457ca == _0x2c5cc6;
},
'MRfuY': function _0x5096e2(_0x402d2a, _0x4338d1) {
return _0x402d2a(_0x4338d1);
}
};
if (_0xe368a6['QbpRf'](_0xe368a6[_0x2143('0x10e', 'VPfm')], 'otK')) {
if (_0xe368a6[_0x2143('0x10f', '(nrh')](_0x2efed6[_0x2143('0x110', 'XsL[')], 0x4)) {
return;
}
_0x2efed6['curIndex']++;
var _0x149f8a = _0xe368a6[_0x2143('0x111', 'zr@3')](_0xe368a6[_0x2143('0x112', ')CMW')](_0xe368a6[_0x2143('0x113', 'Mbv*')](_0xe368a6[_0x2143('0x114', 'VPfm')](_0x2143('0x115', 'VPfm'), _0x2efed6[_0x2143('0x116', 'y9Ak')]) + _0x2143('0x117', 'cyED'), event[_0x2143('0x118', '#tCT')] - 0xd), _0xe368a6['mmGoy']) + _0xe368a6[_0x2143('0x119', 'j2]$')](event[_0x2143('0x11a', '(jIy')], 0x17), _0xe368a6[_0x2143('0x11b', 'deF2')]);
_0x4be52a(this)['append'](_0x149f8a);
_0x2efed6[_0x2143('0x11c', '13Es')][_0x2143('0x11d', 'tAFr')]([event[_0x2143('0x11e', ')CMW')], event['offsetY']]);
if (_0xe368a6['MAFNp'](_0x2efed6[_0x2143('0x11f', '0DV1')], _0x2efed6['options'][_0x2143('0x120', ')CMW')])) {
_0x2efed6[_0x2143('0x121', '1L[]')](_0xe368a6[_0x2143('0x122', 'deF2')](_0x506456, _0x2efed6[_0x2143('0x123', 'sPad')]));
}
} else {
if (_0x4be52a['isFunction'](_0x2efed6['options']['onSubmit'])) {
_0x2efed6[_0x2143('0x124', 'k9)2')]['onSubmit'][_0x2143('0xbd', 'sPad')](_0x2efed6[_0x2143('0x125', 'EeW*')], _0xeadf4d, _0x2efed6);
}
}
}
});
continue;
}
break;
}
} else {
if (_0x4be52a[_0x2143('0x126', '1L[]')](_0x2efed6[_0x2143('0x127', 'fhes')][_0x2143('0x128', '*Z^)')])) {
if (_0x3f1c51[_0x2143('0x129', 'zr@3')](_0x3f1c51['EojXo'], _0x2143('0x12a', 'Mbv*'))) {
var _0x1c39ad = this;
if (_0x1c39ad[_0x2143('0x12b', 'kxWN')][_0x2143('0x12c', 'deF2')] == _0x2143('0x12d', 'kMDe')) {
_0x3f1c51[_0x2143('0x12e', 'HakO')](_0x4be52a, _0x3f1c51[_0x2143('0x12f', '(nrh')])[_0x2143('0x130', '#tCT')](_0x2143('0x131', 'deF2'))[_0x2143('0x132', 'VPfm')]();
}
} else {
_0x2efed6[_0x2143('0x133', '0DV1')][_0x2143('0x134', '13Es')][_0x2143('0x135', 'y9Ak')](_0x2efed6[_0x2143('0x136', 'U^*O')], _0x4bc16d, _0x2efed6);
}
}
}
continue;
case '2':
var _0x2efed6 = this;
continue;
case '3':
if (!_0x4bc16d || _0x3f1c51[_0x2143('0x137', 'i7c8')](_0x4bc16d['length'], 0x18)) {
if (_0x3f1c51['fEeGB'](_0x3f1c51['zqhry'], 'QDx')) {
this['$element'] = _0x3f1c51[_0x2143('0x138', 'ake^')](_0x4be52a, element);
this[_0x2143('0x139', '%mdC')] = 0x0;
this[_0x2143('0x13a', 'EeW*')] = [];
this[_0x2143('0x13b', 'HakO')] = _0x4be52a['extend']({}, _0x5b9763[_0x2143('0x13c', '1L[]')], options);
this['initDOM']();
} else {
console['error'](_0x2143('0x13d', 'U^*O'));
return;
}
}
continue;
case '4':
var _0x2395a1 = _0x3f1c51['bmxVt'](_0x2efed6[_0x2143('0x13e', 'zr@3')]['mode'], _0x2143('0x13f', 'vnUn')) ? _0x4be52a(_0x2143('0x140', 'cyED')) : _0x2efed6['$element'];
continue;
}
break;
}
}
}这应该是生成验证结果的js,本来想着直接调用看看输入点击坐标能不能直接生成post数据,我还是小看xxb的程度了,最近服务器状况非常差,早上server炸了,这么久了不修,搞这些
目前代码已经失效。卡在最后一步reserve环节(前面的所有场地信息都可以正确获取),查看服务器返回信息直接显示“预约订单失败”,不知道是哪里出了问题,很奇怪