YukariChiba · September 13, 2022 06:04
diff --git a/login.py b/login.py
 #!/usr/bin/python3

 import requests
 import json
 import hmac
 import hashlib
 import base64
 import math
 import sys

 username = sys.argv[1]
 password = sys.argv[2]
 met = "dx"
 if len(sys.argv) > 3:
    met = sys.argv[3]

 # Login part, thanks plusls
 def ordat(msg, idx):
    if len(msg) > idx:
        return ord(msg[idx])
    return 0


 def sencode(msg, key):
    l = len(msg)
    pwd = []
    for i in range(0, l, 4):
        pwd.append(
            ordat(msg, i) | ordat(msg, i + 1) << 8 | ordat(msg, i + 2) << 16
            | ordat(msg, i + 3) << 24)
    if key:
        pwd.append(l)
    return pwd


 def lencode(msg, key):
    l = len(msg)
    ll = (l - 1) << 2
    if key:
        m = msg[l - 1]
        if m < ll - 3 or m > ll:
            return
        ll = m
    for i in range(0, l):
        msg[i] = chr(msg[i] & 0xff) + chr(msg[i] >> 8 & 0xff) + chr(
            msg[i] >> 16 & 0xff) + chr(msg[i] >> 24 & 0xff)
    if key:
        return "".join(msg)[0:ll]
    return "".join(msg)


 def xencode(msg, key):
    if msg == "":
        return ""
    pwd = sencode(msg, True)
    pwdk = sencode(key, False)
    if len(pwdk) < 4:
        pwdk = pwdk + [0] * (4 - len(pwdk))
    n = len(pwd) - 1
    z = pwd[n]
    y = pwd[0]
    c = 0x86014019 | 0x183639A0
    m = 0
    e = 0
    p = 0
    q = math.floor(6 + 52 / (n + 1))
    d = 0
    while 0 < q:
        d = d + c & (0x8CE0D9BF | 0x731F2640)
        e = d >> 2 & 3
        p = 0
        while p < n:
            y = pwd[p + 1]
            m = z >> 5 ^ y << 2
            m = m + ((y >> 3 ^ z << 4) ^ (d ^ y))
            m = m + (pwdk[(p & 3) ^ e] ^ z)
            pwd[p] = pwd[p] + m & (0xEFB8D130 | 0x10472ECF)
            z = pwd[p]
            p = p + 1
        y = pwd[0]
        m = z >> 5 ^ y << 2
        m = m + ((y >> 3 ^ z << 4) ^ (d ^ y))
        m = m + (pwdk[(p & 3) ^ e] ^ z)
        pwd[n] = pwd[n] + m & (0xBB390742 | 0x44C6F8BD)
        z = pwd[n]
        q = q - 1
    return lencode(pwd, False)

 def get_challenge(username):
    res = requests.get('http://10.253.0.237/cgi-bin/get_challenge', params={'callback':'fuck', 'username': username})
    res = json.loads(res.text[5:-1])
    return res

 def hmac_md5(data, key):
    return hmac.new(key, data, hashlib.md5).hexdigest()

 def force(msg):
    ret = []
    for w in msg:
        ret.append(ord(w))
    return bytes(ret)

 def mybase64(s):
    new = 'LVoJPiCN2R8G90yg+hmFHuacZ1OWMnrsSTXkYpUq/3dlbfKwv6xztjI7DeBE45QA'
    old = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
    tmp = base64.b64encode(s).decode()
    ret = ''
    for ch in tmp:
        if ch == '=':
            ret += ch
            continue
        ret += new[old.index(ch)]
    return ret.encode()


 def login(username, passwd, method='dx-uestc'):
    # method: dx-uestc
    # method: dx
    username = '{}@{}'.format(username, method)
    challenge_res = get_challenge(username)
    ip = challenge_res['client_ip']
    challenge = challenge_res['challenge']
    hmd5 = hmac_md5(passwd.encode(), challenge.encode())
    ac_id = '1'
    n = '200'
    t = '1'
    token = challenge
    msg = json.dumps({
        'username': username,
        'password': passwd,
        'ip': ip,
        'acid': '1',
        'enc_ver': 'srun_bx1'
    })
    i = "{SRBX1}" + mybase64(force(xencode(msg, token))).decode()
    chkstr = ''
    chkstr += '{}{}'.format(token, username)
    chkstr += '{}{}'.format(token, hmd5)
    chkstr += '{}{}'.format(token, ac_id)
    chkstr += '{}{}'.format(token, ip)
    chkstr += '{}{}'.format(token, n)
    chkstr += '{}{}'.format(token, t)
    chkstr += '{}{}'.format(token, i)
    chkstr = hashlib.sha1(chkstr.encode()).hexdigest()
    params = {
        'callback': 'fuck',
        'action': 'login',
        'username': username,
        'password': '{{MD5}}{}'.format(hmd5),
        'ac_id': ac_id,
        'ip': ip,
        'chksum': chkstr,
        'info': i,
        'n': n,
        'type': t,
        'double_stack': '0'
    }
    res = requests.get('http://10.253.0.237/cgi-bin/srun_portal', params=params, timeout=2)
    res = json.loads(res.text[5:-1])
    return res


 s = requests.session()

 # Test network
 def test_network(times):
    if times > 10:
        print("Try login at the maximum times")
        return
    try:
        s.get('https://www.uestc.edu.cn',timeout=2)
    except Exception as e:
        print(e)
        login(username, password)
        test_network(times + 1)

 #test_network(0)
 login(username, password, met)
	#!/usr/bin/python3

	import requests
	import json
	import hmac
	import hashlib
	import base64
	import math
	import sys

	username = sys.argv[1]
	password = sys.argv[2]
	met = "dx"
	if len(sys.argv) > 3:
	met = sys.argv[3]

	# Login part, thanks plusls
	def ordat(msg, idx):
	if len(msg) > idx:
	return ord(msg[idx])
	return 0


	def sencode(msg, key):
	l = len(msg)
	pwd = []
	for i in range(0, l, 4):
	pwd.append(
	ordat(msg, i) \| ordat(msg, i + 1) << 8 \| ordat(msg, i + 2) << 16
	\| ordat(msg, i + 3) << 24)
	if key:
	pwd.append(l)
	return pwd


	def lencode(msg, key):
	l = len(msg)
	ll = (l - 1) << 2
	if key:
	m = msg[l - 1]
	if m < ll - 3 or m > ll:
	return
	ll = m
	for i in range(0, l):
	msg[i] = chr(msg[i] & 0xff) + chr(msg[i] >> 8 & 0xff) + chr(
	msg[i] >> 16 & 0xff) + chr(msg[i] >> 24 & 0xff)
	if key:
	return "".join(msg)[0:ll]
	return "".join(msg)


	def xencode(msg, key):
	if msg == "":
	return ""
	pwd = sencode(msg, True)
	pwdk = sencode(key, False)
	if len(pwdk) < 4:
	pwdk = pwdk + [0] * (4 - len(pwdk))
	n = len(pwd) - 1
	z = pwd[n]
	y = pwd[0]
	c = 0x86014019 \| 0x183639A0
	m = 0
	e = 0
	p = 0
	q = math.floor(6 + 52 / (n + 1))
	d = 0
	while 0 < q:
	d = d + c & (0x8CE0D9BF \| 0x731F2640)
	e = d >> 2 & 3
	p = 0
	while p < n:
	y = pwd[p + 1]
	m = z >> 5 ^ y << 2
	m = m + ((y >> 3 ^ z << 4) ^ (d ^ y))
	m = m + (pwdk[(p & 3) ^ e] ^ z)
	pwd[p] = pwd[p] + m & (0xEFB8D130 \| 0x10472ECF)
	z = pwd[p]
	p = p + 1
	y = pwd[0]
	m = z >> 5 ^ y << 2
	m = m + ((y >> 3 ^ z << 4) ^ (d ^ y))
	m = m + (pwdk[(p & 3) ^ e] ^ z)
	pwd[n] = pwd[n] + m & (0xBB390742 \| 0x44C6F8BD)
	z = pwd[n]
	q = q - 1
	return lencode(pwd, False)

	def get_challenge(username):
	res = requests.get('http://10.253.0.237/cgi-bin/get_challenge', params={'callback':'fuck', 'username': username})
	res = json.loads(res.text[5:-1])
	return res

	def hmac_md5(data, key):
	return hmac.new(key, data, hashlib.md5).hexdigest()

	def force(msg):
	ret = []
	for w in msg:
	ret.append(ord(w))
	return bytes(ret)

	def mybase64(s):
	new = 'LVoJPiCN2R8G90yg+hmFHuacZ1OWMnrsSTXkYpUq/3dlbfKwv6xztjI7DeBE45QA'
	old = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
	tmp = base64.b64encode(s).decode()
	ret = ''
	for ch in tmp:
	if ch == '=':
	ret += ch
	continue
	ret += new[old.index(ch)]
	return ret.encode()


	def login(username, passwd, method='dx-uestc'):
	# method: dx-uestc
	# method: dx
	username = '{}@{}'.format(username, method)
	challenge_res = get_challenge(username)
	ip = challenge_res['client_ip']
	challenge = challenge_res['challenge']
	hmd5 = hmac_md5(passwd.encode(), challenge.encode())
	ac_id = '1'
	n = '200'
	t = '1'
	token = challenge
	msg = json.dumps({
	'username': username,
	'password': passwd,
	'ip': ip,
	'acid': '1',
	'enc_ver': 'srun_bx1'
	})
	i = "{SRBX1}" + mybase64(force(xencode(msg, token))).decode()
	chkstr = ''
	chkstr += '{}{}'.format(token, username)
	chkstr += '{}{}'.format(token, hmd5)
	chkstr += '{}{}'.format(token, ac_id)
	chkstr += '{}{}'.format(token, ip)
	chkstr += '{}{}'.format(token, n)
	chkstr += '{}{}'.format(token, t)
	chkstr += '{}{}'.format(token, i)
	chkstr = hashlib.sha1(chkstr.encode()).hexdigest()
	params = {
	'callback': 'fuck',
	'action': 'login',
	'username': username,
	'password': '{{MD5}}{}'.format(hmd5),
	'ac_id': ac_id,
	'ip': ip,
	'chksum': chkstr,
	'info': i,
	'n': n,
	'type': t,
	'double_stack': '0'
	}
	res = requests.get('http://10.253.0.237/cgi-bin/srun_portal', params=params, timeout=2)
	res = json.loads(res.text[5:-1])
	return res


	s = requests.session()

	# Test network
	def test_network(times):
	if times > 10:
	print("Try login at the maximum times")
	return
	try:
	s.get('https://www.uestc.edu.cn',timeout=2)
	except Exception as e:
	print(e)
	login(username, password)
	test_network(times + 1)

	#test_network(0)
	login(username, password, met)
No results found