天翼云登录

目标url

aHR0cHM6Ly9tLmN0eXVuLmNuL3dhcC9tYWluL2F1dGgvbG9naW4/cmVkaXJlY3Q9JTJGbXk=

接口分析

先切换到手机模式

抓个包看看

参数分析

先是

comParam_curTime: 1692880895067
comParam_seqCode: 169A25F48BF7A07E4364BA7CBBC7B8C4
comParam_signature: 0c9338a3d42b8149cec0c247ed07055a

直接搜索就一处匹配到

很简单， 跟进去就行了。
然后是password

换一种方式， 下个xhr断点，然后跟栈，具体操作为：

重新点击登录，跟栈就行

是个webpack, 然后跟了一会，也可以知道是tripledes

模拟登录

直接python还原，或者py调用js都可以

# -*- coding: utf-8 -*-
# @Time    : 2023-08-24 下午 8:17
# @Author  : 明月清风我
# @File    : main.py
# @Software: PyCharm
import requests
import execjs
with open("comParam.js", 'r') as f:
    js_code = f.read()
comParam_curTime, comParam_seqCode, comParam_signature = execjs.compile(js_code).call("get_param")

with open("wbpk.js", 'r', encoding="utf-8") as f:
    js_code = f.read()
pwd = execjs.compile(js_code).call("get_pwd")


headers = {
    "Accept": "application/json, text/plain, */*",
    "Accept-Language": "zh-CN,zh;q=0.9",
    "Cache-Control": "no-cache",
    "Connection": "keep-alive",
    "Content-Type": "application/x-www-form-urlencoded",
    "Origin": "https://m.ctyun.cn",
    "Pragma": "no-cache",
    "Referer": "https://m.ctyun.cn/wap/main/auth/login?redirect=^%^2Fmy",
    "Sec-Fetch-Dest": "empty",
    "Sec-Fetch-Mode": "cors",
    "Sec-Fetch-Site": "same-origin",
    "User-Agent": "Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36",
    "sec-ch-ua": "^\\^Chromium^^;v=^\\^112^^, ^\\^Google",
    "sec-ch-ua-mobile": "?1",
    "sec-ch-ua-platform": "^\\^Android^^",
    "x-riskdevicesign": "eb4186f9f97776f8c7f6caf10e62d73b"
}

url = "https://m.ctyun.cn/account/login"
params = {
    "referrer": "wap",
    "mainVersion": "300031500",
    "comParam_curTime": comParam_curTime,
    "comParam_seqCode": comParam_seqCode,
    "comParam_signature": comParam_signature,
    "isCheck": "true",
    "locale": "zh-cn"
}
data = {
    "userName": "[email protected]",
    "password": pwd
}
response = requests.post(url, headers=headers, params=params, data=data)

print(response.text)
print(response)