【求回答】关于校园网http请求连接

我们校园网使用的是drcom的网页认证,以前是明文传输,一个http post就连上了,现在各种加密,两层的aes。这都不要紧,最关键的是他登录需要好几次的http get请求,我不会用python操作了,总是会提醒我网页超时已过期。

当我刷新网页他会请求

请求 URL:
http://10.255.224.4/a79.htm
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:80
引用者策略:
strict-origin-when-cross-origin

请求 URL:
http://10.255.224.4:801/eportal/portal/page/loadConfig?callback=dr1001&program_index=&wlan_vlan_id=3298&wlan_user_ip=MTAuMjAzLjEzMC4yMjM%3D&wlan_user_ipv6=&wlan_user_ssid=&wlan_user_areaid=&wlan_ac_ip=&wlan_ap_mac=000000000000&gw_id=000000000000&jsVersion=4.X&v=2221&lang=zh
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:801
引用者策略:
strict-origin-when-cross-origin
请求 URL:
http://10.255.224.4/drcom/chkstatus?callback=dr1002&jsVersion=4.X&v=4892&lang=zh
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:80
引用者策略:
strict-origin-when-cross-origin
请求 URL:
http://10.255.224.4:801/eportal/portal/duodian/get_active_conf?callback=dr1003&params=DQB0ZzSMMUuzTALIEKLfE%2FN9y5bCc%2BSpNPYICw1YKrbrLwSzGtjNM9rCUqC45XJh&jsVersion=4.X&v=4088&lang=zh
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:801
引用者策略:
strict-origin-when-cross-origin

然后就会打开这个网页

当我点击登录的时候就会请求下面的这两个

请求 URL:
http://10.255.224.4:801/eportal/portal/duodian/queryPageSet?callback=dr1004&params=afatUdcOQ5kRXdIAus7rezAClk9ZCh9gdGVWpB4GroIfCe4oFjhNhqfH77l0%2BtYPBhQ1tq%2Fw5r9pLC8ueK1JhGxs4OlBZvM9pN3cRd7y4AOR%2BgpToppLc9XLtag0DpApEVIK9hFB3avL6Ucu1GlbqUw2qOM3At6Ut%2BTqWIl9d8V3rcTmu8RdGRKgGxrdel8vITfh%2BXffSTCyzzixLx2g3GPPwVvEa0DlWA2Rez9lSSK9f%2FNV4W82VfHg%2Bka4CpeUl6ufBZvCBd7zAYMAqJ8buzHzEhvQFWhbOCQWQ1Mr8%2FElpPU3tI1aQZQh%2BJIFp6kWqtzXZnv8c66HdndJktYhfyTn%2BJQgSCj%2FNs8%2Fm7CI6ArNhTj8YFI2H5BEE3zPMU%2Fy%2FK%2BoiekXSD37TFXBJs4tIeS6XJAIB5mBFq1b66lHzZ0dyALaEHXHVHGEziM8YHb1oLMOQIgh7piyUlaTk%2BMD3O5WzAGy4HsB%2FuN0BYQTVtTfFjztCrEogMzThdsR%2Bll%2F&jsVersion=4.2.1&v=4086&lang=zh
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:801
引用者策略:
strict-origin-when-cross-origin
请求 URL:
http://10.255.224.4:801/eportal/portal/login?callback=dr1005&params=mqwFvJwrZkq%2F7Flx%2BPkDRKvB%2FBt593dBtyQsk5ZjIx4BZ6UfgeOi09lM205a%2Fj5QY4MIJYEnQxidOs3bTjImyWKRHRmsOLfmzFAkJu0%2BGTIKUiEl32iPKSeRtmnu6PlYSFF%2FQcj17Ohu%2FKS9bt6DdO4ZHHg2uhy%2F6hmH9b1NHJsza30FGeA9TudQW7Xm%2F5VZb0eAmY9VE%2BJ3lEHorUOMayZ28yAi4kA8K99cFHD9RpbcEUtJhbxmo%2Fv2ygqdKz%2B3cEH5QeIsryTMQjnosRMa8ILhNcHc8xyOMT6Ab6M7J1YHWmWDK7DhRYVhCghKYNH323ubOPpHJIKZxRAMzGr9hmVWaiI6u6nBPnwag1vyTnEV6JtzwWViDv%2BNVetDc%2B0bhHsXg%2BZ3JVVFnj7lmNp7cfyS6w32RcHoxnpqJpOoba1UyiiYPD%2BHCTMHZ1i7V%2FAV&jsVersion=4.2.1&v=4567&lang=zh
请求方法:
GET
状态代码:
200 OK
远程地址:
10.255.224.4:801
引用者策略:
strict-origin-when-cross-origin

这些请求所有的params=的值都是通过aes加密模式ecb 填充pkcs7 密钥5c1d5ad4dea0e8dd)
这是第5个请求的解密之后的

{"account":"v7mwSf/NwPygtmYdqLE5JhgUfFWj3poLuaWfVspS8Ug=","wlan_user_ip":"DvgtHuoVbold5iPEGKqBSQ==","wlan_user_mac":"AY6H9Y7+smaaQhxExyquuw==","user_agent":"9koWxumnv3jfkBuN1TvJKsTfLk8BgP7midZnA7DiLy/CC2xTtyYe2S1hHHLuF3lw2IVPSSmzDad7xHNIRLvvLcpQW4nzS+kenPuKvA5jYpM6wgw7Hji74IE1tHYCoD3IeniVNtSXQ1oJFx6e2LvMfbxjZbdB4gXjUxlD82P6idY=","login_t":"775S4lvuSJoOMQjKw92ZKA=="}

这是第六个请求解密之后的

{"login_method":1,"user_account":",0,19359872047@telecom","user_password":"190359","wlan_user_ip":"10.203.130.223","wlan_user_ipv6":"","wlan_user_mac":"e8808858f89d","wlan_ac_ip":"","wlan_ac_name":"","jsVersion":"4.2.1","login_t":"0","js_status":"0","is_page":"1","is_page_new":2963,"terminal_type":1,"lang":"zh-cn","rcn":"0jQH43rV"}

我每次传递的参数应该都没错,但就是最后一个请求会提示

dr1005({"result":0,"msg":"当前页面已超时,请重新刷新页面","ret_code":"1","data":[]});

下面是我的python代码

(我为什么放不上代码,一粘上就显示离线编辑)

有没有懂的佬友看看我代码哪里有问题 或者有没有热心佬友可以远程帮我解决一下吗? 这是我的qq邮箱: [email protected] 这是我通过插件扒下来的源码,但是不知道为什么我这边加载不出来
10.255.224.4.zip (797.5 KB)

8 Likes

最简单的就是买一个gsWiFi做认证,这些东西没必要花心思研究,也就100来块,6个人a一下也不多

随便买个二手的就行,可以认证的千兆网口的,要无线的话,再接一个WiFi6的二手路由器,三四十就搞定了,全寝室高速上网

我喜欢在github上找现成的,你尝试下这个是否能用。

电话号码要码一下吗?

不一样,我的还要更复杂,谢谢佬