Statement
1. This Demo is relatively simple. It does not verify the correct or wrong password and verification code, but is just a login demonstration.
2. QQ is a relatively private thing, so please use the test code to log on to the software, first the villain and then the gentleman.
This site and the latest WebQQ login protocol related articles
WebQQ second login failed {"retcode": 103, "errmsg ":""}
Solution
I grabbed the package again and found that WebQQ now adds the login to the SSL layer, that is, Https. The data returned during the first login is as follows:
The code is as follows: |
Copy code |
PtuiCB ('0', '0', 'http: // ptlogin4.web2.qq.com/check_sig? %% 3flogin2qq % 3d1% 26 webqq % 5 ftype % 3d10 & f_url = & ptlang = 2052 & ptredirect = 100 & aid = 1003903 & daid = 164 & j_later = 0 & low_login_hour = 0 & amp; regmaster = 0 ', '0', 'logon successful! ',' I '); |
The preceding data contains a callback address:
The code is as follows: |
Copy code |
<A href = "http://ptlogin4.web2.qq.com/check_sig? Pttype = 1 & uin "> http://ptlogin4.web2.qq.com/check_sig? Pttype = 1 & uin </a> %3flogin2qq % 3d1% 26 webqq % 5 ftype % 3d10 & f_url = & ptlang = 2052 & ptredirect = 100 & aid = 1003903 & daid = 164 & j_later = 0 & low_login_hour = 0 & regmaster = 0 |
Access the above address (302 jump, pay attention to the acquisition of the Cookie), get a Cookie named p_skey, the Cookie in the second login, add to the Cookie to achieve secondary login.
Latest WebQQ login protocol
1. Obtain the verification code
Method: Get
Address:
The code is as follows: |
Copy code |
Https://ssl.ptlogin2.qq.com: 443/check? Uin = 958736715 & appid = 1003903 & js_ver = 10041 & js_type = 0 & login_sig = Mge3PexTk00li3ipMUlHCzouT0xU * 8mu6ykzsiuo8 * cursor & r = 0.9403657828909222 |
Cookie: submitted. Returns ptvfsession or verifysession.
2. First login
Method: Get
Address:
The code is as follows: |
Copy code |
Https://ssl.ptlogin2.qq.com: 443/login? %%3flogin2qq % 3D1% 26webqq_type % 3D40 & h = 1 & ptredirect = 0 & ptlang = 2052 & daid = 164 & from_ui = 1 & pttype = 1 & dumy = & fp = loginerroralert & action = 3-12-12775 & mibao_css = m_webqq & t = 1 & g = 1 & js_type = 0 & js_ver = 10041 & login_sig = running * 8MU6YkkZsIUo8 * worker |
Cookie: submit ptvfsession or verifysession, and return pt2gguin, uin, skey, ETK, superuin, superkey, supertoken, ptisp, RK, ptuserinfo, ptcz, ptcz, airkey, and ptwebqq.
3. Return the callback address after the first successful login
Method: Get
Address:
The code is as follows: |
Copy code |
Http://ptlogin4.web2.qq.com/check_sig? %%3flogin2qq % 3D1% 26webqq_type % 3D40 & f_url = & ptlang = 2052 & ptredirect = 100 & aid = 1003903 & daid = 164 & j_later = 0 & low_login_hour = 0 & regmaster = 0 |
Cookie: submit ptvfsession, verifysession, skey, ptcz:, ptwebqq, RK, superkey, and supertoken. Pt2gguin, uin, skey, p_uin, p_skey, and pt4_token are returned.
4. Second login
Method: Post
Address: http://d.web2.qq.com/channel/login2
Cookie: submit ptvfsession, verifysession, skey, ptcz:, ptwebqq, RK, superkey, supertoken, p_skey, pt4_token, uin, p_uin, ptui_loginuin.
Other details are not described in this article. If you have other questions, please use the packet capture software to capture packets for WebQQ login. This is not too technical.
If you still cannot solve your problem by referring to the above two articles, check for other reasons.