阿里v2 无感验证码分析

声明
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
wx a15018601872 q 2766958292
部分python代码
data = cp.call('wuganverify',a,b)
print(data)
url = "captcha-open.aliyuncs.com/"

response = requests.post(url, headers=headers, data=data)

data = response.json()
print(data)
securityToken = data['Result']["securityToken"]
certifyId = data['Result']["certifyId"]
url = "/data/userLoginV2"
if securityToken:
captchaVerifyParam = cp.call('getCaptchaVerifyParam', securityToken, certifyId)
headers = {
"Accept": "application/json, text/plain, /",
"Accept-Language": "zh-CN,zh;q=0.9",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Edg/137.0.0.0",
"sec-ch-ua": ""Microsoft Edge";v="137", "Chromium";v="137", "Not/A)Brand";v="24"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": ""Windows""
}
data = {
"type": 1,
"userName": "",
"password": "",
"webPageSource": 1,
"captchaVerifyParam": captchaVerifyParam,
"sceneId": ""
}
cookies = {}
data = json.dumps(data, separators=(',', '😂)
response = requests.post(url, headers=headers, cookies=cookies, data=data)

print(response.text)
print(response)

结果
捕获

总结
1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。

posted @ 2025-07-02 16:38  kuangqilin  阅读(41)  评论(0)    收藏  举报