|
|
目标网站:Baes64_Decrypt('aHR0cHM6Ly9wYXNzcG9ydC5jdHJpcC5jb20vSDVMb2dpbi9QQ1Jlc2V0UGFzc3dvcmQ/cGxhdGZvcm09UEM=')
近来无事做,大致分析了下携程的(jigsawCaptcha),参数算法包含如下:
extend_param = 获取验证码初始化
dimensions = 设备指纹效验
sign = 签名验证
dimensions = {"rt":"fp=UPP247-95F8B6-827962&vid=1774436154094.16d4kozGrKTi&pageId=10320670275&r=undefined&ip=undefined&rg=undefined&kpData=0_0_0&kpControl=0_0_0-0_0_0&kpEmp=0_0_0_0_0_0_0_0_0_0-0_0_0_0_0_0_0_0_0_0-0_0_0_0_0_0_0_0_0_0&screen=1920x1080&tz=+8&blang=zh-CN&oslang=zh-CN&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F132.0.0.0%20Safari%2F537.36&d=passport.ctrip.com&v=25&kpg=0_1_0_4_290_15_0_1_0_0&adblock=F&cck=F&ftoken=","ua":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36","p":"pc","fp":"UPP247-95F8B6-827962","vid":"1774436154094.16d4kozGrKTi","identify":"aUPP247-95F8B6-827962","guid":"09031032217642970208","h5_duid":null,"pc_duid":null,"hb_uid":null,"pc_uid":null,"h5_uid":null,"infosec_openid":null,"device_id":"2f0f0a8000d643fa3171e69ad7f19b97","client_id":"qLIjsQDlES4y4vCoJLF4rjkoGrzmuvAd","pid":"2348106950726222","sid":"LRWjYiqIWdqrbECH","login_uid":"8438342497"}
完整的参数:["extend_param","appid","business_site","version","dimensions","sign"]
目前只是分析了获取验证码的包,后面待分析。。。
获取验证码的url:/captcha/v4/risk_inspect
最后大家期待算法开源吗?需要的话可以投个票(7天),我看下有多少。
|
|
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2026-3-26 20:23:34
主题置顶卡
沉默卡
变色卡
扫一扫,关注易界动态