preface

Let’s add a simulated login QQ space example ~, let’s start happily ~

The development tools

Python version: 3.6.4

Related modules:

Requests module;

Pycryptodome module;

And some modules that come with Python.

Environment set up

Install Python and add it to the environment variables. PIP installs the required modules.

Introduction of the principle

Here, we briefly introduce the principle of simulating login QQ space. Generally, QQ space can be scanned by mobile QQ code login and account password login. However, verification code is sometimes required for account and password login. In order to ensure the success rate of login, we choose the scan code login method.

First, go to the login screen:

'https://xui.ptlogin2.qq.com/cgi-bin/xlogin?proxy_url=https://qzs.qq.com/qzone/v6/portal/proxy.html&daid=5&&hide_title_b ar=1&low_login=0&qlogin_auto_login=1&no_verifyimg=1&link_target=blank&appid=549000912&style=22&target=self&s_url=https:/ / qzs.qq.com/qzone/v5/loginsucc.html?para=izone&pt_qr_app= mobile phone QQ space & pt_qr_link=https://z.qzone.com/download.html&self_regurl =https://qzs.qq.com/qzone/v6/reg/index.html&pt_qr_help_link=https://z.qzone.com/download.html&pt_no_auth=0'Copy the code

A simple packet capture shows that the INTERFACE for QR code login is likely to be this (PTQrlogin looks like qr code login) :

Take a look at the parameters required to request this link:

When tested, most of the parameters are fixed, namely:

u1：https://qzs.qq.com/qzone/v5/loginsucc.html?para=izone
ptredirect: 0
h: 1
t: 1
g: 1
from_ui: 1
ptlang: 2052
js_ver: 19112817
js_type: 1
pt_uistyle: 40
aid: 549000912
daid: 5
ptdrvs: AnyQUpMB2syC5zV6V4JDelrCvoAMh-HP6Xy5jvKJzHBIplMBK37jV1o3JjBWmY7j*U1eD8quewY_
has_onekey: 1
Copy the code

All we need to know is the following parameters:

action
login_sig
ptqrtoken
Copy the code

Obviously, an action should be constructed like this:

'0-0 -' + timestampCopy the code

As for the login_sig parameter, you can easily find it by requesting the following link:

Then get the login_sig parameter in the cookies returned:

But a request:

https://xui.ptlogin2.qq.com/cgi-bin/xlogin?
Copy the code

The parameters to be carried are:

Tests show that these parameters are fixed. Ptqrtoken is computed in a js file:

The js code for hash33 is:

function hash33(t) {
    for (var e = 0, i = 0, n = t.length; i < n; ++i)
        e += (e << 5) + t.charCodeAt(i);
    return 2147483647 & e
}
Copy the code

To convert to Python code:

def decryptQrsig(qrsig):
    e = 0
    for c in qrsig:
      e += (e << 5) + ord(c)
    return 2147483647 & e
Copy the code

So, the question now is how to obtain the parameter QRSIG? Similar to the login_sig parameter, it is easy to see that the following link is requested:

The value of the qrsig parameter can be obtained in the cookies returned:

But a request:

https://ssl.ptlogin2.qq.com/ptqrshow
Copy the code

The parameters to be carried are shown in the figure below:

All other parameters are unchanged except t, which feels like a random number (because it doesn’t matter if t stays the same all the time). Since it doesn’t matter much, I won’t bother to analyze what t is, just consider it a random number (it’s 16 bits anyway).

Login_sig = login_sig = login_sig = login_sig = login_sig

params = { 'proxy_url': 'https://qzs.qq.com/qzone/v6/portal/proxy.html', 'daid': '5', 'hide_title_bar': '1', 'low_login': '0', 'qlogin_auto_login': '1', 'no_verifyimg': '1', 'link_target': 'blank', 'appid': '549000912', 'style': '22', 'target': 'self', 's_url': 'https://qzs.qq.com/qzone/v5/loginsucc.html?para=izone', 'pt_qr_app' : 'mobile phone QQ space', 'pt_qr_link' : 'https://z.qzone.com/download.html', 'self_regurl': 'https://qzs.qq.com/qzone/v6/reg/index.html', 'pt_qr_help_link': 'https://z.qzone.com/download.html', 'pt_no_auth': '0' } res = self.session.get(self.xlogin_url, headers=self.headers, verify=False, params=params) all_cookies.update(requests.utils.dict_from_cookiejar(res.cookies)) pt_login_sig = all_cookies['pt_login_sig']Copy the code

Then get the PTQrToken parameter:

params = {
      'appid': '549000912',
      'e': '2',
      'l': 'M',
      's': '3',
      'd': '72',
      'v': '4',
      't': str(random.random()),
      'daid': '5',
      'pt_3rd_aid': '0'
    }
res = self.session.get(self.qrshow_url, headers=self.headers, verify=False, params=params)
all_cookies.update(requests.utils.dict_from_cookiejar(res.cookies))
ptqrtoken = self.__decryptQrsig(all_cookies['qrsig'])
Copy the code

Also, in the process of requesting the above link, i.e. :

https://ssl.ptlogin2.qq.com/ptqrshow
Copy the code

We can also take the image of the QR code (i.e. Res.content is actually the image data of the QR code) and display it:

saveImage(res.content, 'qrcode.jpg')
showImage('qrcode.jpg')
Copy the code

Then we kept asking for the QR code login link we found at the beginning, namely:

https://ssl.ptlogin2.qq.com/ptqrlogin
Copy the code

To detect the current state of the QR code:

while True: params = { 'u1': 'https://qzs.qq.com/qzone/v5/loginsucc.html?para=izone', 'ptqrtoken': ptqrtoken, 'ptredirect': '0', 'h': '1', 't': '1', 'g': '1', 'from_ui': '1', 'ptlang': '2052', 'action': '0-0-' + str(int(time.time())), 'js_ver': '19112817', 'js_type': '1', 'login_sig': pt_login_sig, 'pt_uistyle': '40', 'aid': '549000912', 'daid': '5', 'ptdrvs': 'AnyQUpMB2syC5zV6V4JDelrCvoAMh-HP6Xy5jvKJzHBIplMBK37jV1o3JjBWmY7j*U1eD8quewY_', 'has_onekey': '1' } res = self.session.get(self.qrlogin_url, headers=self.headers, verify=False, Params =params) if 'login succeeded' in res.text: break elif 'IN res.text: break elif' in res.text: raise RuntimeError('Fail to login, qrcode has expired... ') time.sleep(2)Copy the code

If the login is successful, use the link returned by the request to update the session cookies to obtain the final Qzone login session object:

all_cookies.update(requests.utils.dict_from_cookiejar(res.cookies)) qq_number = re.findall(r'&uin=(.+?) &service', res.text)[0] print('[INFO]: Account -> %s, login successfully... ' % qq_number) url_refresh = res.text[res.text.find('http'): res.text.find('pt_3rd_aid=0')] + 'pt_3rd_aid=0' self.session.cookies.update(all_cookies) res = self.session.get(url_refresh, allow_redirects=False, verify=False) all_cookies.update(requests.utils.dict_from_cookiejar(res.cookies)) self.session.cookies.update(all_cookies)Copy the code

After reading the article like friends point a like support, follow me every day to share Python simulation login series, the next article to share the generation of QQ personal exclusive report

All done~ complete source code see profile or private message to obtain related files.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Python series of simulated login QQ space simulation login

preface

The development tools

Python version: 3.6.4

Related modules:

Environment set up

Introduction of the principle

Python series of simulated login QQ space simulation login

preface

The development tools

Python version: 3.6.4

Related modules:

Environment set up

Introduction of the principle

Related Posts

Java programmers must learn internal work mind method! (The second level of internal Training)

IDEA Shortcut (MAC)

Read the summary of Understanding the Java Virtual Machine in Depth