易盾逆向分析(滑块、点选、无感知)

易盾破解过两个版本,2.19.1和2.21.3,都是之前整过的,现在升级了,由于工作也不需要,就没有再整过了。2.19.1版本,无感知、滑块、点选都整了一遍,写成公共提供调用。

先看下JAVA代码

package com.xxxx.cccc.web;

import lombok.extern.log4j.Log4j;
import lombok.extern.log4j.Log4j2;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;

import org.apache.http.HttpException;
import org.jsoup.helper.StringUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.xxxx.cccc.model.CommonRequest;
import com.xxxx.cccc.model.ResultModel;
import com.xxxx.cccc.service.ProxyService;
import com.xxxx.cccc.util.ExceptionUtil;
import com.xxxx.cccc.util.YidunCheckRpcUtil;
import com.xxxx.cccc.util.YidunCheckUtil;
import com.xxxx.cccc.util.YidunCheckUtil2;
import com.xxxx.cccc.util.YidunCheckUtil_2_19_1;
import com.xxxx.cccc.util.YidunCheckUtil_2_21_3;
//公共服务
@RestController
@RequestMapping("/common")
@Log4j
public class CommonController {
	
	@Autowired
	ProxyService proxyService;
	

	/**
     * 易盾-获取滑块验证后的数据-点选
     * 
     * @param papercheckRequest
	 * @return
     */
    @RequestMapping(value ="/yidun/getCheckData" , method = RequestMethod.POST)
    public ResultModel getCheckData(@RequestBody CommonRequest commonRequest){
    	
    	ResultModel resultModel = null;
    	
        try {
            log.info("易盾-获取滑块验证后的数据-点选,请求入参:"+commonRequest);
            if(!commonRequest.checkParam()){
            	 return new ResultModel("-1","输入参数不完整");
            }
            
            int len = 1;//循环次数
            for(int i=0;i

import java.io.FileOutputStream;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;

import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.eclipse.jetty.util.StringUtil;
import org.springframework.util.StringUtils;

import com.alibaba.fastjson.JSONObject;
import com.baidu.aip.util.Base64Util;

import lombok.extern.log4j.Log4j;

/**
 * version 2.17.4
 * 易盾-获取滑块验证后的数据
 * 1.获取图片的fp指纹参数存在浏览器环境校验,校验不过也会正常返回图片,但是会降低通过率,不到10%
 */
@Log4j
public class YidunCheckUtil {
	
	public static String userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36";
	
	public static String ipAddress = JsFrontConstants.nodejsUrl;
	
	public static String fpUrl = ipAddress+"/yidun/yzm/fp";
	public static String cbUrl = ipAddress+"/yidun/yzm/cb";
	
	
	
	public static String callbackUrl = ipAddress+"/yidun/yzm/callback";
	public static String getAcTokenUrl = ipAddress+"/yidun/yzm/getAcToken";
	public static String getMUrl = ipAddress+"/yidun/yzm/getM";
	public static String getPUrl = ipAddress+"/yidun/yzm/getP";
	public static String getExtUrl = ipAddress+"/yidun/yzm/getExt";
	public static String getDataUrl = ipAddress+"/yidun/yzm/getData";
	public static String getDataForWgzUrl = ipAddress+"/yidun/yzm/getDataForWgz";
	public static String getTraceUrl = ipAddress+"/yidun/yzm/getTrace";
	public static String getTraceForWgzUrl = ipAddress+"/yidun/yzm/getTraceForWgz";
	public static String getCn31StrUrl = ipAddress+"/yidun/yzm/getCn31Str";
	
	public static String getDataForHuaKuaiUrl = ipAddress+"/yidun/yzm/getDataForHuakuai";
	
	public static String getTraceForHuakuaiUrl = ipAddress+"/yidun/yzm/getTraceForHuakuai?zuobiao=";
	
	public static IOcr iOcr = new MachineOcr(); 
				
    /**
     * 获取滑块验证后的数据-点选
     * @author xxx
     * @param 
     * @return
     */
	public static ResultModel getCheckData(ProxyService proxyService,List proxyList) throws Exception{
		ResultModel resultModel = new ResultModel("0","处理成功");
				
		HttpClientWrapper hw = null;
		HttpGet httpGet = null;
		CloseableHttpResponse execute = null;
		Header[] headers = null;
		HttpEntity entity = null;
		byte[] bytes = null;
		String result = null;
		//hw = new HttpClientWrapper(5000,5000, 5000);
		if(proxyService == null){
			//hw = new HttpClientWrapper(5000,5000, 5000);
		}else{
			log.info("YidunCheckUtil linshi shiong daili...");
	
			//hw = proxyService.getClientWithProxy(15000,15000,15000,proxyList);
		}
		
		hw = new HttpClientWrapper(50000,50000, 50000,"127.0.0.1",8888);
		
		
		CloseableHttpClient client = hw.getClient();
		
		//1.获取滑块图片地址
		String fp = JiangsuTaxbureauUtil.getData(fpUrl);
		
		//fp = "R/9JR4ti/ydmwA6UEJ41QqUdudp/aeDHkOl44riYGdbc56uundMeNHaleXSyME7P0qAzlLc8IARE+pTmovebBp4hW2lPDq\\\\6olZp0QQx9kzO0wdzYD9214KL\\\\Dc+/KYtCSSvS0eMBqzZiAYONRBq0i09nxtXDf\\\\mDdh2U/ReM3ZZZKt+:1655391775324";
		//fp = URLEncoder.encode(fp);
		
		
		String cb = JiangsuTaxbureauUtil.getData(cbUrl);
		String callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		String url = "https://c.dun.163.com/api/v2/get?referer=https%3A%2F%2Fetax.jiangsu.chinatax.gov.cn%2Fsso%2Flogin&zoneId=CN31&id=1a623022803d4cbc86fa157ec267bb36&fp="+fp+"&https=true&type=undefined&version=2.17.4&dpr=1&dev=1&cb="+cb+"&ipv6=false&runEnv=10&group=&scene=&lang=zh-CN&width=0&audio=false&token=&callback="+callback;
				
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://etax.jiangsu.chinatax.gov.cn/");
	    httpGet.setHeader("User-Agent",userAgent);
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("Cache-Control","no-cache");
	    httpGet.setHeader("Connection","keep-alive");
	    httpGet.setHeader("Pragma","no-cache");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","script");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","cross-site");
	    
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
	
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		if(StringUtils.isEmpty(result)){
			return new ResultModel("-1","获取滑块失败");
		}
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		log.info("YidunCheckUtil getCheckData getYzm result:"+result);
		
		JSONObject objJSon = JSONObject.parseObject(result);
		
		JSONObject dataJSon = objJSon.getJSONObject("data");
		String bg = (String)dataJSon.getJSONArray("bg").get(0);//滑块图片
		String front = dataJSon.getString("front");//点选文本
		String token = dataJSon.getString("token");
		String type = dataJSon.getString("type");
		String zoneId = dataJSon.getString("zoneId");
				
		log.info("YidunCheckUtil getCheckData bg:"+bg);
		log.info("YidunCheckUtil getCheckData front:"+front);
		log.info("YidunCheckUtil getCheckData token:"+token);
		
		if(StringUtils.isEmpty(front)){
			return new ResultModel("-1","获取滑块失败");
		}
		
		//2.获取图片数据
		httpGet = new HttpGet(bg);
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		entity = execute.getEntity();	
	    bytes = EntityUtils.toByteArray(entity);

		String zuobiao = "";
		String guiji = "";
        
		String baseImage = Base64Util.encode(bytes);
		
		if(StringUtils.isEmpty(baseImage)){
			return new ResultModel("-1","获取滑块图片失败");
		}
		
		//3.识别图片
		String orcData = iOcr.getCodeNormal(baseImage, front);
		
		if(StringUtil.isBlank(orcData) || orcData.indexOf("500 Internal Server") >= 0) {
			return new ResultModel("-1","识别滑块失败");
		}
		
		JSONObject ocrJson = JSONObject.parseObject(orcData);
		zuobiao = ocrJson.getString("points");
		guiji = ocrJson.getString("track");
	        
	    log.info("YidunCheckUtil getCheckData zuobiao:"+zuobiao);
	    log.info("YidunCheckUtil getCheckData guiji:"+guiji);
	     
	     
	    //
	    //调用自己的轨迹算法 测试发现自己的轨迹算法通过率高些
	    guiji = JiangsuTaxbureauUtil.getData(getTraceUrl+"?urlKey="+zuobiao);
	        
	    //System.out.println("my guiji:"+guiji);
	    
	     
	    if(StringUtils.isEmpty(zuobiao) || StringUtils.isEmpty(guiji)){
			return new ResultModel("-1","识别滑块失败");
		}
	    
	    
	    url = "https://c.dun.163.com/api/v2/check?referer=https%3A%2F%2Fetax.jiangsu.chinatax.gov.cn%2Fsso%2Flogin&zoneId=CN31&id=1a623022803d4cbc86fa157ec267bb36&width=310&type=3&version=2.17.4&extraData=&bf=0&runEnv=10";

	    httpGet = new HttpGet(url);
	    
	    Thread.sleep(100);//故意让程序慢些,避免反爬
			
	    //5.校验滑块
	    url = url +"&token="+token;
		url = url +"&callback="+JiangsuTaxbureauUtil.getData(callbackUrl);
		url = url +"&acToken="+JiangsuTaxbureauUtil.getData(getAcTokenUrl);
		url = url +"&cb="+JiangsuTaxbureauUtil.getData(cbUrl);
		    
		String data = JiangsuTaxbureauUtil.getData(getDataUrl+"?guiji="+guiji+"&token="+token+"&zuobiao="+zuobiao);
		   		    
		url = url +"&data="+data;
		log.info("YidunCheckUtil getCheckData url:"+url);
		    
		httpGet = new HttpGet(url);
		httpGet.setHeader("Accept","*/*");
		httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
		httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("Cache-Control","no-cache");
	    httpGet.setHeader("Connection","keep-alive");
	    httpGet.setHeader("Pragma","no-cache");
	    httpGet.setHeader("Referer","https://etax.jiangsu.chinatax.gov.cn/");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","script");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","cross-site");
		httpGet.setHeader("Host","c.dun.163.com");
		httpGet.setHeader("User-Agent",userAgent);
    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
	    bytes = EntityUtils.toByteArray(entity);
	    result = new String(bytes,"UTF-8");
			
	    log.info("YidunCheckUtil getCheckData validate result:"+result);
	    
	    if(StringUtils.isEmpty(result)){
			return new ResultModel("-1","校验点选返回为空");
		}
	    
	    result = result.substring(result.indexOf("(")+1, result.indexOf(")"));
	    JSONObject objJson = JSONObject.parseObject(result);
	    JSONObject dataJson = objJson.getJSONObject("data");
	    String validate = dataJson.getString("validate");
	    if(StringUtils.isEmpty(validate)){
	    	return new ResultModel("-1","校验点选失败");
	    }
	    
		//3.获取CN31加密串	
    	Map map = new HashMap();
    	map.put("validate", validate);
    	map.put("fp", URLDecoder.decode(fp));
    	ResponseContent response = HttpHelper.postJsonEntity(getCn31StrUrl, JSONObject.toJSONString(map));
    	String cn31Str = response.getContent();
    	log.info("YidunCheckUtil getCheckData cn31Str:"+cn31Str);
		resultModel.setData(cn31Str);
		
		if(StringUtils.isEmpty(cn31Str)){
	    	return new ResultModel("-1","获取CN31失败");
	    }
	    
		return resultModel;
	}
	
    /**
     * 获取滑块验证后的数据-无感知
     * @author bree
     * @param 
     * @return
     */
	public static ResultModel getWgzData(ProxyService proxyService) throws Exception{
		
		ResultModel resultModel = new ResultModel("0","处理成功");
		Map dataMap = new HashMap();
		
		HttpClientWrapper hw = null;
		HttpGet httpGet = null;
		CloseableHttpResponse execute = null;
		Header[] headers = null;
		HttpEntity entity = null;
		byte[] bytes = null;
		String res = null;
		String result = null;
		hw = new HttpClientWrapper(5000,5000, 5000);
		
		
		CloseableHttpClient client = hw.getClient();
		
		//1.获取验证码
		String url = "https://c.dun.163.com/api/v2/get?referer=%s&zoneId=CN31&id=cf15aac06ccf490181f29b72fe13c3d4&fp=%s&https=true&type=undefined&width=0&version=2.16.0&dpr=1.25&dev=1&cb=%s&ipv6=false&runEnv=10&group=&scene=&callback=%s";
		String fp = JiangsuTaxbureauUtil.getData(fpUrl);
		String cb = JiangsuTaxbureauUtil.getData(cbUrl);
		String callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		String referer = "https%3A%2F%2Fetax.hunan.chinatax.gov.cn%2Fwsbs%2FtoLogin.do";
		url = String.format(url, referer,fp,cb,callback);
		
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://etax.hunan.chinatax.gov.cn/");
	    httpGet.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36");
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","*/*");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","cross-site");
	    
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		log.info("yidun wuganzhi get yzm code:"+result);
		
		if(StringUtils.isEmpty(result)){
			return new ResultModel("-1","获取滑块失败");
		}
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		JSONObject objJSon = JSONObject.parseObject(result);
		JSONObject dataJSon = objJSon.getJSONObject("data");
		String error = objJSon.getString("error");
		String message = objJSon.getString("msg");
		String token = dataJSon.getString("token");
		
		if(!"0".equals(error)){
			return new ResultModel("-1",message);
		}
		
		Thread.sleep(1000);
		
		//2.校验
		url = "https://c.dun.163.com/api/v2/check?referer=%s&zoneId=CN31&id=cf15aac06ccf490181f29b72fe13c3d4&version=2.16.0&cb=%s&extraData=&bf=0&runEnv=10&token=%s&acToken=%s&type=5&width=438&data=%s&callback=%s";
		cb = JiangsuTaxbureauUtil.getData(cbUrl);
		callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		String acToken = JiangsuTaxbureauUtil.getData(getAcTokenUrl);
		
/*		List list = new TraceUtil().getPAndTrace();
		String zuobiao = list.get(0);
		String guiji = list.get(1);*/
		
		
		String str  = JiangsuTaxbureauUtil.getData(getTraceForWgzUrl);
		JSONObject traceJson = JSONObject.parseObject(str);
		String zuobiao = traceJson.getString("zuobiao");
		String guiji = traceJson.getString("guiji");;
		
		
	    String data = JiangsuTaxbureauUtil.getData(getDataForWgzUrl+"?guiji="+guiji+"&token="+token+"&zuobiao="+zuobiao);

		url = String.format(url, referer,cb,token,acToken,data,callback);
		
		log.info("yidun wuganzhi zuobiao:"+zuobiao);
		log.info("yidun wuganzhi guiji:"+guiji);
		log.info("yidun wuganzhi url:"+url);
		
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://etax.hunan.chinatax.gov.cn/");
	    httpGet.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36");
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","*/*");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","cross-site");
	    httpGet.setHeader("Pragma","no-cache");
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		log.info("yidun wuganzhi check result:"+result);
		
		dataMap.put("checkResult", result);
		
		//3.获取CN31加密串			
		objJSon = JSONObject.parseObject(result);
		dataJSon = objJSon.getJSONObject("data");
		boolean resultFlag = dataJSon.getBooleanValue("result");
		if(resultFlag){
			String validate = dataJSon.getString("validate");
	    	Map map = new HashMap();
	    	map.put("validate", validate);
	    	map.put("fp", URLDecoder.decode(fp));
	    	ResponseContent response = HttpHelper.postJsonEntity(getCn31StrUrl, JSONObject.toJSONString(map));
	    	String cn31Str = response.getContent();
	    	log.info("cn31Str:"+cn31Str);
	    	dataMap.put("cn31Str", cn31Str);
		}else{
			return new ResultModel("-1","校验失败");
		}
		
		resultModel.setData(dataMap);
		
		return resultModel;
	}
	
    /**
     * 获取滑块验证后的数据-滑块
     * @author bree
     * @param 
     * @return
     */
	public static ResultModel getHuaKuaiData(ProxyService proxyService) throws Exception{
		
		ResultModel resultModel = new ResultModel("0","处理成功");
		
		HttpClientWrapper hw = null;
		HttpGet httpGet = null;
		CloseableHttpResponse execute = null;
		Header[] headers = null;
		HttpEntity entity = null;
		byte[] bytes = null;
		String res = null;
		String result = null;
		hw = new HttpClientWrapper(5000,5000, 5000);
		
		CloseableHttpClient client = hw.getClient();
		
		//1.获取验证码
		String url = "https://c.dun.163.com/api/v2/get?referer=%s&zoneId=CN31&id=07e2387ab53a4d6f930b8d9a9be71bdf&fp=%s&https=true&type=2&version=2.16.0&dpr=1.25&dev=1&cb=%s&ipv6=false&runEnv=10&group=&scene=&lang=zh-CN&width=320&audio=false&token=&callback=%s";
		String fp = JiangsuTaxbureauUtil.getData(fpUrl);
		String cb = JiangsuTaxbureauUtil.getData(cbUrl);
		String callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		String referer = "https%3A%2F%2Fdun.163.com%2Ftrial%2Fjigsaw";//如果网站应用了易盾,这里可能需要更改,这里是从官网测试的
		url = String.format(url, referer,fp,cb,callback);
		
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://dun.163.com/");//如果网站应用了易盾,这里可能需要更改
	    httpGet.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36");
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","script");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","same-site");
	    
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		if(StringUtils.isEmpty(result)){
			return new ResultModel("-1","获取滑块失败");
		}
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		log.info("yidun huakuai get yzm code:"+result);
		
		JSONObject objJSon = JSONObject.parseObject(result);
		
		JSONObject dataJSon = objJSon.getJSONObject("data");
		String bg = (String)dataJSon.getJSONArray("bg").get(0);//滑块背景图片
		String front = (String)dataJSon.getJSONArray("front").get(0);//缺口图片
		String token = dataJSon.getString("token");
		String type = dataJSon.getString("type");
		String zoneId = dataJSon.getString("zoneId");
		
		if(StringUtils.isEmpty(token)){
			return new ResultModel("-1","获取滑块失败");
		}
		
		log.info("yidun huakuai bg:"+bg);		
		log.info("yidun huakuai front:"+front);	
		log.info("yidun huakuai token:"+token);
		
		
		//2.获取配置
		url = "https://c.dun.163.com/api/v2/getconf?referer=%s&zoneId=&id=07e2387ab53a4d6f930b8d9a9be71bdf&ipv6=false&runEnv=10&type=2&loadVersion=2.2.3&callback=%s";
		callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		url = String.format(url,referer,callback);
		
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://dun.163.com/");//如果网站应用了易盾,这里可能需要更改
	    httpGet.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36");
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","*/*");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","same-site");
	    
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		if(StringUtils.isEmpty(token)){
			return new ResultModel("-1","获取配置失败");
		}
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		log.info("yidun huakuai get config:"+result);		
		
		objJSon = JSONObject.parseObject(result);
		
		dataJSon = objJSon.getJSONObject("data");
		JSONObject acJSon = dataJSon.getJSONObject("ac");
		String acToken = acJSon.getString("token");
		log.info("yidun huakuai acToken:"+acToken);		
		
		//3.获取图片数据
		httpGet = new HttpGet(bg);
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		entity = execute.getEntity();	
	    bytes = EntityUtils.toByteArray(entity);
        
		String backImage = Base64Util.encode(bytes);
		
		httpGet = new HttpGet(front);
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		entity = execute.getEntity();	
	    bytes = EntityUtils.toByteArray(entity);
        
		String frontImage = Base64Util.encode(bytes);
		
		//4.识别图片
		String zuobiao = "";
		String guiji = "";
		
		zuobiao = iOcr.getX(backImage, frontImage);
		
		if(StringUtils.isEmpty(zuobiao)){
			return new ResultModel("-1","识别坐标失败");
		}
		
		log.info("yidun huakuai zuobiao:"+zuobiao);		
		
		//5.获取轨迹
		String str  = JiangsuTaxbureauUtil.getData(getTraceForHuakuaiUrl+zuobiao);
		JSONObject traceJson = JSONObject.parseObject(str);
		guiji = traceJson.getString("guiji");
		String zhZuobiao = traceJson.getString("zhZuobiao");//转换坐标
		
		log.info("yidun huakuai zhuanhuanhou zuobiao:"+zhZuobiao);		
		log.info("yidun huakuai guiji:"+guiji);		
		
		Thread.sleep(1000);
		
		//6.校验
		url = "https://c.dun.163.com/api/v2/check?referer=%s&zoneId=CN31&id=07e2387ab53a4d6f930b8d9a9be71bdf&token=%s&acToken=%s&data=%s&width=320&type=2&version=2.16.0&cb=%s&extraData=&bf=0&runEnv=10&callback=%s";
		cb = JiangsuTaxbureauUtil.getData(cbUrl);
		callback = JiangsuTaxbureauUtil.getData(callbackUrl);
		//String acToken = JiangsuTaxbureauUtil.getData("http://127.0.0.1:7002/yidun/yzm/getAcToken");
			
	    String data = JiangsuTaxbureauUtil.getData(getDataForHuaKuaiUrl+"?guiji="+guiji+"&token="+token+"&zuobiao="+zuobiao);

		url = String.format(url, referer,token,acToken,data,cb,callback);
		
		log.info("yidun huakuai request url:"+url);		
		
		httpGet = new HttpGet(url);
		
	    httpGet.setHeader("Host","c.dun.163.com");
	    httpGet.setHeader("Referer","https://dun.163.com/trial/jigsaw");
	    httpGet.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36");
	    httpGet.setHeader("Accept","*/*");
	    httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
	    httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
	    httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\"");
	    httpGet.setHeader("sec-ch-ua-mobile","?0");
	    httpGet.setHeader("Sec-Fetch-Dest","*/*");
	    httpGet.setHeader("Sec-Fetch-Mode","no-cors");
	    httpGet.setHeader("Sec-Fetch-Site","cross-site");
	    httpGet.setHeader("Pragma","no-cache");
	    
		httpGet.setConfig(hw.getRequestConfig());
		execute = client.execute(httpGet);
		
		entity = execute.getEntity();	
		bytes = EntityUtils.toByteArray(entity);
		result = new String(bytes,"UTF-8");
		
		log.info("yidun huakuai check result:"+result);		
		
		result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
		
		resultModel.setData(result);

		return resultModel;
	}
	
	public static String setCookie(String cookieStr,Header[] headers){
		
		for(Header header: headers){
		    if("set-cookie".equals(header.getName().toLowerCase())){
		    	 cookieStr += header.getValue() + "; ";
		    }
		}
		
		return cookieStr;
	}
}


import java.io.FileOutputStream;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;

import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.eclipse.jetty.util.StringUtil;
import org.springframework.util.StringUtils;

import com.alibaba.fastjson.JSONObject;
import com.baidu.aip.util.Base64Util;

import lombok.extern.log4j.Log4j;

/**
 * version 2.19.1
 * 易盾-获取滑块验证后的数据
 * 1.获取图片的fp指纹参数存在浏览器环境校验,校验不过也会正常返回图片,但是会降低通过率,不到10%
 *  这点经过测试,初步判断是请求易盾携带头信息不全导致
 */
@Log4j
public class YidunCheckUtil_2_21_3 {

	public static String userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36";

	public static IOcr iOcr = new MachineOcr(); 
	
	
	public static String getTrace(String zuobiao) throws Exception{
		//获取acToken
		zuobiao = URLEncoder.encode(zuobiao);
		String signUrl = "http://127.0.0.1:5620/business-demo/invoke?action=getTrace&group=yidun&zuobiao="+zuobiao;
		ResponseContent response = HttpHelper.getUrlRespContent(signUrl);
    	String content = response.getContent();
    	JSONObject contentObj = JSONObject.parseObject(content);
		
		String trace = contentObj.getString("data");
		
		return trace;
	}
	
	public static String getAcToken() throws Exception{
		//获取acToken
		String signUrl = "http://127.0.0.1:5620/business-demo/invoke?action=getAcToken&group=yidun";
		ResponseContent response = HttpHelper.getUrlRespContent(signUrl);
    	String content = response.getContent();
    	JSONObject contentObj = JSONObject.parseObject(content);
		
		String acToken = contentObj.getString("data");
		
		return acToken;
	}
	
	
	public static JSONObject getYzmParam() throws Exception{
		String signUrl = "http://127.0.0.1:5620/business-demo/invoke?action=getYzmParam&group=yidun";
		ResponseContent response = HttpHelper.getUrlRespContent(signUrl);
    	String content = response.getContent();
    	JSONObject contentObj = JSONObject.parseObject(content);
    	return contentObj;
	}
	
	public static String getData(String zuobiao,String guiji,String token) throws Exception{
		String mgetDataUrl = "http://127.0.0.1:5620/business-demo/invoke?action=getData&guiji=%s&token=%s&zuobiao=%s&group=yidun";
		mgetDataUrl = mgetDataUrl.format(mgetDataUrl, URLEncoder.encode(guiji),token,URLEncoder.encode(zuobiao));
		
		ResponseContent response = HttpHelper.getUrlRespContent(mgetDataUrl);
		String data = response.getContent();
		JSONObject objJson = JSONObject.parseObject(data);
		JSONObject mObj = new JSONObject();
		mObj.put("d", objJson.get("d"));
		mObj.put("ext", objJson.get("ext"));
		mObj.put("m", objJson.get("m"));
		mObj.put("p", objJson.get("p"));
		
		data = URLEncoder.encode(mObj.toJSONString());
		return data;
	}
	
	
    /**
     * 获取滑块验证后的数据-点选
     * @author bree
     * @param 
     * @return
     */
	public static ResultModel getCheckData(ProxyService proxyService,List proxyList) throws Exception{
		ResultModel resultModel = new ResultModel("0","处理成功");
		boolean flag = false;
		TaxBureauContext context = new TaxBureauContext();
		byte[] bytes = null;
		context.hw = new HttpClientWrapper(5000,5000, 5000,"127.0.0.1",8888);
	    
		
		CloseableHttpClient client = context.hw.getClient();
		context.httpClient = client;
		
		
		//1.获取验证码
    	JSONObject contentObj = getYzmParam();
    	
    	String referer = "https%3A%2F%2Fetax.jiangsu.chinatax.gov.cn%2Fsso%2Flogin";
    	String fp = URLEncoder.encode(contentObj.getString("fp"));
		String cb = URLEncoder.encode(contentObj.getString("cb"));
		String callback = contentObj.getString("callback");
		
		String acToken = getAcToken();
		String url = "https://c.dun.163.com/api/v3/get?referer=%s&zoneId=CN31&acToken=%s&id=1a623022803d4cbc86fa157ec267bb36&fp=%s&https=true&type=undefined&version=2.21.2&dpr=1&dev=1&cb=%s&ipv6=false&runEnv=10&group=&scene=&lang=zh-CN&sdkVersion=undefined&width=0&audio=false&sizeType=10&smsVersion=v2&token=%s&callback=%s";
		
		url = String.format(url, referer,acToken,fp,cb,"",callback);
		
		context.httpGet = new HttpGet(url);
		context.httpGet.setHeader("Host","c.dun.163.com");
		context.httpGet.setHeader("Referer","https://etax.jiangsu.chinatax.gov.cn/");
		context.httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"110\", \"Not A(Brand\";v=\"24\", \"Google Chrome\";v=\"110\"");
		context.httpGet.setHeader("sec-ch-ua-mobile","?0");
		context.httpGet.setHeader("sec-ch-ua-platform","\"Windows\"");
		context.httpGet.setHeader("Sec-Fetch-Dest","script");
		context.httpGet.setHeader("Sec-Fetch-Mode","no-cors");
		context.httpGet.setHeader("Sec-Fetch-Site","cross-site");
		context.httpGet.setHeader("User-Agent",userAgent);		
		context.httpGet.setConfig(context.hw.getRequestConfig());
		context.execute = context.httpClient.execute(context.httpGet);
		
		Header[] headers = context.execute.getAllHeaders();
				
		context.httpEntity = context.execute.getEntity();
		
		context.byteArr = EntityUtils.toByteArray(context.httpEntity);
		
		String result =  new String(context.byteArr,"utf-8");
		System.out.println("result:"+result);
		
        result = result.substring(result.indexOf("(")+1,result.indexOf(")"));
        
        JSONObject objJSon = JSONObject.parseObject(result);
        
        String msg = objJSon.getString("msg");
		
		if(!"ok".equals(msg)) {
			resultModel.setCode("-1");
			resultModel.setMessage("获取验证码失败");
			return resultModel;
		}
        
		JSONObject dataJSon = objJSon.getJSONObject("data");
		String bg = (String)dataJSon.getJSONArray("bg").get(0);//滑块图片
		String front = dataJSon.getString("front");//点选文本
		String token = dataJSon.getString("token");
		String type = dataJSon.getString("type");
		String zoneId = dataJSon.getString("zoneId");
		
		
		//2.获取图片数据
		context.httpGet = new HttpGet(bg);
		context.httpGet.setConfig(context.hw.getRequestConfig());
		context.execute = client.execute(context.httpGet);
		context.httpEntity = context.execute.getEntity();	
	    bytes = EntityUtils.toByteArray(context.httpEntity);

		String zuobiao = "";
		String guiji = "";
        
		String baseImage = Base64Util.encode(bytes);
		
		if(StringUtils.isEmpty(baseImage)){
			resultModel.setCode("-1");
			resultModel.setMessage("获取验证码失败");
			return resultModel;
		}
		
		//3.识别图片
		TaxbureauConstants.setOcrUrl("http://monitor.taxservices.cn/");
	    IOcr iOcr = new MachineOcr(); 
		String orcData = iOcr.getCodeNormal(baseImage, front);
		
		if(StringUtil.isBlank(orcData) || orcData.indexOf("500 Internal Server") >= 0) {
			resultModel.setCode("-1");
			resultModel.setMessage("识别验证码失败");
			return resultModel;
		}
		
		JSONObject ocrJson = JSONObject.parseObject(orcData);
		zuobiao = ocrJson.getString("points");
		//guiji = ocrJson.getString("track");
	        
	    //
	    //调用自己的轨迹算法 测试发现自己的轨迹算法通过率高些
	    guiji = getTrace(zuobiao);
	        
	    System.out.println("my guiji:"+guiji);
	    
	     
	    if(StringUtils.isEmpty(zuobiao) || StringUtils.isEmpty(guiji)){
	    	resultModel.setCode("-1");
			resultModel.setMessage("识别验证码失败");
			return resultModel;
		}
	    
	     //4.校验滑块
	    url = "https://c.dun.163.com/api/v3/check?referer=%s&zoneId=CN31&id=1a623022803d4cbc86fa157ec267bb36&token=%s&acToken=undefined&width=310&type=3&version=2.21.2&cb=%s&extraData=&bf=0&runEnv=10&sdkVersion=undefined&callback=%s";
	    
	    Thread.sleep(500);//故意让程序慢些,避免反爬
    	contentObj = getYzmParam();
    	
		cb = URLEncoder.encode(contentObj.getString("cb"));
		callback = contentObj.getString("callback");
		
		url = String.format(url, referer,token,cb,callback);
	
		String data = getData(zuobiao,guiji,token);
		
		log.info("YidunCheckUtil data:"+data);
		
		url = url +"&data="+data;
		log.info("YidunCheckUtil getCheckData url:"+url);
		    
		context.httpGet = new HttpGet(url);
		context.httpGet.setHeader("Accept","*/*");
		context.httpGet.setHeader("Accept-Encoding","gzip, deflate, br");
		context.httpGet.setHeader("Accept-Language","zh-CN,zh;q=0.9");
		context.httpGet.setHeader("Cache-Control","no-cache");
		context.httpGet.setHeader("Connection","keep-alive");
		context.httpGet.setHeader("Pragma","no-cache");
		context.httpGet.setHeader("Host","c.dun.163.com");
		context.httpGet.setHeader("Referer","https://etax.jiangsu.chinatax.gov.cn/");
		context.httpGet.setHeader("sec-ch-ua","\"Chromium\";v=\"110\", \"Not A(Brand\";v=\"24\", \"Google Chrome\";v=\"110\"");
		context.httpGet.setHeader("sec-ch-ua-mobile","?0");
		context.httpGet.setHeader("sec-ch-ua-platform","\"Windows\"");
		context.httpGet.setHeader("Sec-Fetch-Dest","script");
		context.httpGet.setHeader("Sec-Fetch-Mode","no-cors");
		context.httpGet.setHeader("Sec-Fetch-Site","cross-site");
		context.httpGet.setHeader("Host","c.dun.163.com");
		context.httpGet.setHeader("User-Agent",userAgent);
    
		context.httpGet.setConfig(context.hw.getRequestConfig());
		context.execute = client.execute(context.httpGet);
		
		context.httpEntity = context.execute.getEntity();	
	    bytes = EntityUtils.toByteArray(context.httpEntity);
	    result = new String(bytes,"UTF-8");
			
	    log.info("YidunCheckUtil getCheckData validate result:"+result);
	    
	    if(StringUtils.isEmpty(result)){
	    	resultModel.setCode("-1");
			resultModel.setMessage("校验验证码失败");
			return resultModel;
		}
	    
	    result = result.substring(result.indexOf("(")+1, result.indexOf(")"));
	    JSONObject objJson = JSONObject.parseObject(result);
	    JSONObject dataJson = objJson.getJSONObject("data");
	    String validate = dataJson.getString("validate");
	    if(StringUtils.isEmpty(validate)){
	    	resultModel.setCode("-1");
			resultModel.setMessage("校验验证码失败");
			return resultModel;
	    }else {
	    	return resultModel;
	    }
	    
	}
	
}

签名破解使用了补环境方式,采用VM2执行


var express = require('express');
var router = express.Router();

var http = require('http');
var url = require('url'); 

var traceUtil =  require('../tools/traceUtil'); 

var yidunUtil =  require('../tools/yidunUtil'); 
var yidunWatchUtil =  require('../tools/yidunWatchUtil'); 

var fs = require('fs');
const {VM,VMScript} = require('vm2');//npm install vm2

const file = `${__dirname}/../src/runcode/yidun_huakuai-2.19.1.js`;//需要vm2执行的JS代码
const vm = new VM();
//使用VMScript可以调试,在调试代码中增加debugger即可
const script = new VMScript(fs.readFileSync(file),`${__dirname}.mycode.js`);

router.get('/yzm/cb', function(request, response, next) {
    var rdata  =  
    url.parse(request.url,true).query;   //获取参数
    var urlKey = rdata['urlKey'];

    vm.setGlobal('myfunType','cb');//入参传值
    vm.run(script);
    
    var cb = vm.getGlobal('myresult');//获取返回值

   // console.log('返回结果 cb:\n');
   // console.log(cb);

    cb = encodeURIComponent(cb);

    response.writeHead(200, {'Content-Type': 'application/json'});
    response.end(cb);
});

router.get('/yzm/fp', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];

  vm.setGlobal('myfunType','fp');//入参传值
  vm.run(script);
  
  var fp = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 fp:\n');
 // console.log(fp);

  fp = encodeURIComponent(fp);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(fp);
});

router.get('/yzm/callback', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];

  vm.setGlobal('myfunType','callback');//入参传值
  vm.run(script);
  
  var callb = vm.getGlobal('myresult');//获取返回值

//  console.log('返回结果 callb:\n');
  //console.log(callb);

  callb = encodeURIComponent(callb);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(callb);
});

router.get('/yzm/getM', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];//轨迹值
  var token = rdata['token'];

  vm.setGlobal('myfunType','getM');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myguiji',urlKey);
  vm.run(script);
  
  var mOut = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 mOut:\n');
  //console.log(mOut);

  mOut = encodeURIComponent(mOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(mOut);
});


router.get('/yzm/getP', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];//3个坐标值
  var token = rdata['token'];

  vm.setGlobal('myfunType','getP');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myzuobiao',urlKey);
  vm.run(script);
  
  var pOut = vm.getGlobal('myresult');//获取返回值


 // console.log('返回结果 pOut:\n');
 // console.log(pOut);

  pOut = encodeURIComponent(pOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(pOut);
});

router.get('/yzm/getExt', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];//轨迹值
  var token = rdata['token'];

 
  vm.setGlobal('myfunType','getExt');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myguiji',urlKey);
  vm.run(script);
  
  var extOut = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 extOut:\n');
//  console.log(extOut);

  extOut = encodeURIComponent(extOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(extOut);
});

router.get('/yzm/getAcToken', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];//轨迹值
  var token = rdata['token'];

  
 
  vm.setGlobal('myfunType','getAcToken');//入参传值
  vm.run(script);
  
  var acToken = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 acToken:\n');
 // console.log(acToken);

  acToken = encodeURIComponent(acToken);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(acToken);
});

router.get('/yzm/getTrace', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var urlKey = rdata['urlKey'];//3个坐标值

  var trace = traceUtil.getTrace(urlKey);//获取返回值


//  console.log('返回结果 trace:\n');
 // console.log(trace);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(trace);
});

router.get('/yzm/getTraceForWgz', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  //var urlKey = rdata['urlKey'];//1个坐标值

  var trace = traceUtil.getTraceForWgz();//获取返回值


 // console.log('返回结果 trace:\n');
 // console.log(trace);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(trace));
});


//获取滑块轨迹
router.get('/yzm/getTraceForHuakuai', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var zuobiao = rdata['zuobiao'];//1个坐标值

  var trace = traceUtil.getTraceForHuakuai(zuobiao);//获取返回值

 // console.log('返回结果 trace:\n');
 // console.log(trace);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(trace));
});


router.get('/yzm/getData', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var guiji = rdata['guiji'];//轨迹值
  var token = rdata['token'];
  var zuobiao = rdata['zuobiao'];

 
  vm.setGlobal('myfunType','getData');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myguiji',guiji);
  vm.setGlobal('myzuobiao',zuobiao);
  vm.run(script);
  
  var dataOut = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 dataOut:\n');
 // console.log(dataOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(dataOut);
});
//无感知调用这个,只有ext参数中传输的坐标点数量不同,传1,点选传3
router.get('/yzm/getDataForWgz', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var guiji = rdata['guiji'];//轨迹值
  var token = rdata['token'];
  var zuobiao = rdata['zuobiao'];

 
  vm.setGlobal('myfunType','getDataForWgz');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myguiji',guiji);
  vm.setGlobal('myzuobiao',zuobiao);
  vm.run(script);
  
  var dataOut = vm.getGlobal('myresult');//获取返回值

  //console.log('返回结果 dataOut:\n');
 // console.log(dataOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(dataOut);
});

//滑块调用这个,只有ext参数中传输的坐标点数量不同,传1,点选传3
router.get('/yzm/getDataForHuakuai', function(request, response, next) {
  var rdata  =  url.parse(request.url,true).query;   //获取参数
  var guiji = rdata['guiji'];//轨迹值
  var token = rdata['token'];
  var zuobiao = rdata['zuobiao'];

 
  vm.setGlobal('myfunType','getDataForHuakuai');//入参传值
  vm.setGlobal('mytoken',token);
  vm.setGlobal('myguiji',guiji);
  vm.setGlobal('myzuobiao',zuobiao);
  vm.run(script);
  
  var dataOut = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 dataOut:\n');
 // console.log(dataOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(dataOut);
});

//无感知获取CN31加密串
router.post('/yzm/getCn31Str', function(request, response, next) {

  var validate = request.body.validate;
  var fp = request.body.fp;

  vm.setGlobal('myfunType','getCn31Str');//入参传值
  vm.setGlobal('wgz_validate',validate);
  vm.setGlobal('wgz_fp',fp);
  vm.run(script);
  
  var dataOut = vm.getGlobal('myresult');//获取返回值

 // console.log('返回结果 dataOut:\n');
 // console.log(dataOut);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(dataOut);
 
});


router.post('/yzm/getYzmParam', function(request, response, next) {

  //var validate = request.body.validate;
  var WM_DID = request.body.WM_DID;

  var result = {};

  result = yidunUtil.getYzmParam(WM_DID);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(result));
 
});

router.post('/yzm/getCbByV3D', function(request, response, next) {

  //var validate = request.body.validate;
  //var fp = request.body.fp;

  var result = {};

  result = yidunWatchUtil.getCbByV3D();

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(result));
 
});

router.post('/yzm/getDByV3D', function(request, response, next) {

  var objJson = request.body.objJson;

  var result = {};

  result = yidunWatchUtil.getDByV3D(objJson);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(result));
 
});


router.post('/yzm/getData/new', function(request, response, next) {
  var guiji = request.body.guiji;
  var token = request.body.token;
  var zuobiao = request.body.zuobiao;
 
  var data = yidunUtil.getData(token,zuobiao,guiji);
  var res = JSON.stringify(data);
  res = encodeURIComponent(res);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(res);
});


router.post('/yzm/getAcTokenWatch', function(request, response, next) {

  //var validate = request.body.validate;
  var WM_DID = request.body.WM_DID;

  var result = {};

  result = yidunWatchUtil.getAcToken(WM_DID);

  response.writeHead(200, {'Content-Type': 'application/json'});
  response.end(JSON.stringify(result));
 
});

module.exports = router;

易盾逆向分析(滑块、点选、无感知)_第1张图片

补环境是在志远框架上进行了补充编写的。调用的服务层是自己编写。

如有问题,或者需要补环境改进版,请私信!

xObP8s/gudi/zrPMoaJKU7K5u7e+s7/Os8yhokpBVkHP4LnYv86zzMjn0OjSqtKyv8nS1MGqz7VRUaGjDQoNCtf31d8gUVEgNDA0NTQwMjI5

纯技术交流,请勿用于非法用途,如有权益问题可以发私信联系我删除.

你可能感兴趣的:(逆向,爬虫)