12306滑块验证登录分析

1.检测登录验证
请求 URL: https://kyfw.12306.cn/passport/web/checkLoginVerify
请求方法: POST
状态代码: 200 OK

请求表单
username: 111111111111
appid: otn

返回数据

{"result_message":"","login_check_code":"1","result_code":0}

请求标头
Cookie: _passport_session=d9dc024a268c4cd49a7cfe2f0b1c5e2a2430; RAIL_EXPIRATION=1639732995967; RAIL_DEVICEID=pKcK2Fwc5Vl5oQGWP9v0WOLHNnIv0h4xCtXu0M27pI9juaBkQTQUg98qd1Uv_ANUmWjBcTeKVzlaaf2r_RX3FIANMqTYSZ5dykvFkp6N2QnRNA4Tx7SDaG3Z4mIZ3eWBvz31heRclK8Ortzul7T8gEyG3ZfCtDUx; guidesStatus=off; highContrastMode=defaltMode; cursorStatus=off; BIGipServerotn=2597781770.64545.0000; BIGipServerpassport=770179338.50215.0000; route=c5c62a339e7744272a54643b3be5bf64; _jc_save_fromStation=%u6DF1%u5733%2CSZQ; _jc_save_toStation=%u8944%u9633%2CXFN; _jc_save_toDate=2021-12-15; _jc_save_wfdc_flag=dc; _jc_save_fromDate=2021-12-16; BIGipServerpool_passport=266600970.50215.0000

2.获取滑块验证码
请求 URL: https://kyfw.12306.cn/passport/web/slide-passcode
请求方法: POST
状态代码: 200 OK

请求表单
slideMode: 1
appid: otn
username: 111111111111

返回数据

{"result_message":"获取验证码","if_check_slide_passcode_token":"FFFF0N000000000085DE:1639634961186:0.73347383328803121","result_code":"0"}

请求标头
Cookie: _passport_session=d9dc024a268c4cd49a7cfe2f0b1c5e2a2430; RAIL_EXPIRATION=1639732995967; RAIL_DEVICEID=pKcK2Fwc5Vl5oQGWP9v0WOLHNnIv0h4xCtXu0M27pI9juaBkQTQUg98qd1Uv_ANUmWjBcTeKVzlaaf2r_RX3FIANMqTYSZ5dykvFkp6N2QnRNA4Tx7SDaG3Z4mIZ3eWBvz31heRclK8Ortzul7T8gEyG3ZfCtDUx; guidesStatus=off; highContrastMode=defaltMode; cursorStatus=off; BIGipServerotn=2597781770.64545.0000; BIGipServerpassport=770179338.50215.0000; route=c5c62a339e7744272a54643b3be5bf64; _jc_save_fromStation=%u6DF1%u5733%2CSZQ; _jc_save_toStation=%u8944%u9633%2CXFN; _jc_save_toDate=2021-12-15; _jc_save_wfdc_flag=dc; _jc_save_fromDate=2021-12-16; BIGipServerpool_passport=266600970.50215.0000

3.模拟登录方法
请求 URL: https://kyfw.12306.cn/passport/web/login
请求方法: POST

请求表单
sessionId: 01meJRDQhjKvuhvkU5cu47-MA1JC181YIpayrzyyxM2OqSRZY9sEZAH2xcgR6esKVry32sUFCCsblx22CpDykQxP0gAr0O8tIId3dMSMVprRhgj08S1T5hVVoDayX289iJ_7X2tuuX39E0dMRPKXS5fuBVuMTM3V1DuhCXbzMjIQ-lehD7zlij9iiy9r7NuNNrVCcgR9rW9P1ZVJqv_U-Gzw
sig: 05XqrtZ0EaFgmmqIQes-s-CD5xveNanmm239mWUZV4vLzZ0RzQHp9Mg-4H16Un1w57sJDAKRap7ugTDmhVdCmxhLctVwPHJqgdX3O5HA9VRURg7wEoevct_fcCivXMzeYLEsBbrBTp-F0dZY9f_JI6NWvd2wz6BER914c1FS3JnW5yWuyvMhiu-YTXCYSsJNQ0Q-_0X78sQYL9YwjYgh6oeyxMroLfKEB2PlBWbxQ-wE6PuqhHIKg-Xq1epdkhFh7mExhygtd82qIZTMnCDt79Ia36x7w8MXI96V3Shdt1rx5I890OU865QSYfDwiF5Bow3h568F-qMJElOEru2zRjpr3BVcV67u9qmBtOiLMH7yn4dKlho9vQIF3DkF6WxukRWX9lY7lnPRN6Ylbso8-M3h7lj5PMEC7aMIdwlPReGampZfN2GNfmUVTq8Vbsufd8ROoLEHrnoH_EI8TvIBBnTCnsLwDE27nzemV3M1wJDXI
if_check_slide_passcode_token: FFFF0N000000000085DE:1639634961186:0.73347383328803121
scene: nc_login
username: 111111111111
password: @CaU7M1Z3TjifNeQVxBFkhA==
tk: 
checkMode: 1
appid: otn

返回数据

{"result_message":"用户名或密码错误。","result_code":1}

请求标头
Cookie: _passport_session=d9dc024a268c4cd49a7cfe2f0b1c5e2a2430; RAIL_EXPIRATION=1639732995967; RAIL_DEVICEID=pKcK2Fwc5Vl5oQGWP9v0WOLHNnIv0h4xCtXu0M27pI9juaBkQTQUg98qd1Uv_ANUmWjBcTeKVzlaaf2r_RX3FIANMqTYSZ5dykvFkp6N2QnRNA4Tx7SDaG3Z4mIZ3eWBvz31heRclK8Ortzul7T8gEyG3ZfCtDUx; guidesStatus=off; highContrastMode=defaltMode; cursorStatus=off; BIGipServerotn=2597781770.64545.0000; BIGipServerpassport=770179338.50215.0000; route=c5c62a339e7744272a54643b3be5bf64; _jc_save_fromStation=%u6DF1%u5733%2CSZQ; _jc_save_toStation=%u8944%u9633%2CXFN; _jc_save_toDate=2021-12-15; _jc_save_wfdc_flag=dc; _jc_save_fromDate=2021-12-16; BIGipServerpool_passport=266600970.50215.0000

请求必须cookie参数（第一次访问主页会获取所有参数）
RAIL_EXPIRATION
RAIL_DEVICEID
BIGipServerotn
BIGipServerpassport
BIGipServerpool_passport
route

请求必须表单参数
sessionId 验证完滑块取得
sig 验证完滑块取得
if_check_slide_passcode_token 获取验证码返回
username=111111111111 用户名
password=@CaU7M1Z3TjifNeQVxBFkhA==
checkMode=1
appid=otn

5.阿里云滑块sessionId、sig参数获得方法：

https://cf.aliyun.com/nocaptcha/initialize.jsonp?【GET1】
https://cf.aliyun.com/nocaptcha/analyze.jsonp?【GET2】

jsonp_06857854341307419({"success":true,"result":{"csessionid":"01meJRDQhjKvuhvkU5cu47-MA1JC181YIpayrzyyxM2OqSRZY9sEZAH2xcgR6esKVry32sUFCCsblx22CpDykQxP0gAr0O8tIId3dMSMVprRhgj08S1T5hVVoDayX289iJ_7X2tuuX39E0dMRPKXS5fuBVuMTM3V1DuhCXbzMjIQ-lehD7zlij9iiy9r7NuNNrVCcgR9rW9P1ZVJqv_U-Gzw","code":0,"value":"05XqrtZ0EaFgmmqIQes-s-CD5xveNanmm239mWUZV4vLzZ0RzQHp9Mg-4H16Un1w57sJDAKRap7ugTDmhVdCmxhLctVwPHJqgdX3O5HA9VRURg7wEoevct_fcCivXMzeYLEsBbrBTp-F0dZY9f_JI6NWvd2wz6BER914c1FS3JnW5yWuyvMhiu-YTXCYSsJNQ0Q-_0X78sQYL9YwjYgh6oeyxMroLfKEB2PlBWbxQ-wE6PuqhHIKg-Xq1epdkhFh7mExhygtd82qIZTMnCDt79Ia36x7w8MXI96V3Shdt1rx5I890OU865QSYfDwiF5Bow3h568F-qMJElOEru2zRjpr3BVcV67u9qmBtOiLMH7yn4dKlho9vQIF3DkF6WxukRWX9lY7lnPRN6Ylbso8-M3h7lj5PMEC7aMIdwlPReGampZfN2GNfmUVTq8Vbsufd8ROoLEHrnoH_EI8TvIBBnTCnsLwDE27nzemV3M1wJDXI"}});

sig=value
sessionId=csessionid