Implementation of the Java simulated login QQ mailbox of azcat to obtain the friend list

Source: Internet
Author: User

 

Reference

Implementation of the Java simulated login QQ mailbox of azcat to obtain the friend list

In this article, I have been sleeping from to in the past few days. I am a good boy. I usually get into bed at, so I can steal food at night. hoho

In fact, it's boring. In fact, it's very Bt. The SNS website seems to offer the function of inviting friends overnight.

However, even happy users do not provide QQ reading, because QQ is abnormal, it is better to use it.

A while ago, I was studying verification code recognition, and made some simple registration machines and Water Filling Machines until I found that TMD was more abnormal. The water was too deep and I had no trouble. I just needed to recognize simple ones.

Similar to QQ is unlikely to be identified. Only by enabling human identification, can we see it with the naked eye?

Preparations:
1. jdk1. 6. Why 1. 6. Let's talk about it later.
2. A web environment supporting JSP, such as resin and tomcat
3. There should be simple simulated login ideas. For example, I started with a simulated login of kaixin.com plug-in.
Of course, I am a very boring person. Generally, I am bored to do the simulation login of "163" and "126" mailbox first. I also want to get a user list, which is not fresh.
Simulate login I use org. Apache. http to implement a client that can simulate Login
Public WebClient (){
Currenturl = NULL;
Client = new defaulthttpclient ();
Client. setcookiestore (New updateablecookiestore ());
Client. setredirecthandler (New memorizingredirecthandler ());
Client. getparams (). setparameter ("HTTP. Protocol. Cookie-Policy ",
"Compatibility ");
List headers = new arraylist ();
Headers
. Add (New basicheader (
"User-Agent ",
"Mozilla/5.0 (windows; U; Windows NT 5.1; NL; RV: 1.8.1.13) Gecko/20080311 Firefox/2.0.0.13 "));
Client. getparams (). setparameter ("HTTP. Default-headers", headers );
}
4. Have some common knowledge about regular expressions.
Because, after all, we need to extract the required content from HTML, such as Sid or something, so we don't need regular expressions ~

Okay, start training.
Go to http://mail.qq.com/and check it out.CodeThere are some boring forms and verification codes.
Make these contents a simple HTML login, and you can't log on to it. Tell me the verification code is incorrect and assure me that there is no problem with my eyes.
Using httpwatch to analyze and analyze the Verification Code separately, the generated image still carries a cookie, $ % ^ & cursing for half an hour
No way. I can only forward this image.
The general idea is to first request an image from the server and then response. setcontenttype ("image/JPEG ");
This is why a web environment supporting JSP is needed.
Put the cookie object in the session before forwarding the image, and submit the QQ number for a while. Set the cookie object to the virtual WebClient when the passwords are junk.

After the verification code is solved, the form is processed. I will operate again... What are these messy JavaScript codes on the page? Actually, the QQ password still performs an RSA encryption on the JS end. What do Sun Tzu think? It's so abnormal.

I first thought about how to rewrite these JavaScript codes into Java. After writing two lines, I gave up. This is not a human task.

Fortunately, jdk1.6 has an extension package that supports Java to read Js. I have never tried it again. It just happened to start a foreign program. Unexpectedly, it's so easy to use. This version is really convincing that such complicated JavaScript code can be converted. Haha

The JS Code on the page needs to be slightly adjusted. Some functions need to be rewritten to remove the parameters that identify the browser version and form object.

Javax. Script .*

Scriptenginemanager factory = new scriptenginemanager ();
Scriptengine engine = factory. getenginebyname ("JavaScript ");
Engine. eval (New filereader ("/home/html/QQ. js "));
Engine. eval ("Var T = checkinput ('" + PP + "', '" + TS + "');");
String P = engine. Get ("T"). tostring ();

It must be 1.6. I used 1.5 all the time to replace JDK in the machine with 1.6. Haha

All front-end problems have been solved, and time is spent in the future.
Obtain the uin, password, and verifycode to submit.
After parsing the encrypted passwd, post to the http://mail.qq.com/cgi-bin/loginpage, remember to set the cookie object of the verification code in the past
String RegEx = "SID = (.*?) \";";
Get the most desired Sid, followed by the connection in the request. If you want to do what you want, do what you want. If you want to eat what you want, do what you want.
I was so excited at the time that I still couldn't get Sid and told me that the session time was out. I was depressed for one night. Shouldn't I?
I finally found out that I just printed the SID out and forgot to set, day ....

It's so easy to get a list of friends. The following question is how to cheat a user into entering the QQ number and password. By the way, I would like to remind you that you should never trust SNS websites on campus, no record of your password !! Haha

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.