Micro-letter QQ Two-dimensional code login principle JS Code Analysis

Micro-letter QQ Two-dimensional code login principle JS Code Analysis _javascript Skills

Last Update:2017-01-19 Source: Internet

Author: User

Tags setinterval uuid

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

In a lot of places, it's all there. Use two-dimensional code to sign in, two-dimensional code payment, two-dimensional code account applications (here's the two-dimensional code stallion, fraud is not said), two-dimensional code verification, more than terminal auxiliary authorization application began more, here first what is two-dimensional code, in fact, two-dimensional code is stored in binary data black and white pictures, When a two-dimensional code login is required, the server generates a temporary unique two-dimensional code message. Sent to the client as a two-dimensional code (picture) of the form to write to the Web page, and then you will see the unified Four square two-dimensional code, if done good this two-dimensional code information should be a prescription, here for the time being not to consider these, Just take a look at the simple micro-mail login:

First, the entire licensing process:

In the Client Web page, you will continue to send HTTPS connections to the server, and after the transfer of very little data is disconnected, below the micro-mail page in this login1c709c.js file:

(Function ($, _aowin) {_aowin.qrlogin = {};
 _aowin.loginlog = "";
 var _sbasehost = "", _ologinqrcodeimg = document.getElementById ("Loginqrcode");
 if (Document.domain = = "Qq.com") {_sbasehost = "weixin.qq.com";
 else if (Location.hostname.match (wechat\.com) $/) {_sbasehost = "wechat.com";
 }else{_sbasehost = "wechatapp.com"; var show_tip = 1, _scuruuid, _oresettimeout, _awebmmcallbacks = [], _odetactwebmminterval = setinterval (function ()
  {if (_aowin.webmm) {clearinterval (_odetactwebmminterval);
  var callback;
   while (callback = _awebmmcallbacks.shift ()) {if (typeof (callback)!= "function") continue;
  Callback ();

 }}, 1000);
 function _loginpage (_aslog) {_aowin.loginlog = Loginlog + _aslog + "\ n";
 } function _afterloadwebmmdo (callback) {if (!_aowin.webmm) {_awebmmcallbacks.push (callback);
 }else{callback ();
 } function _reportnow (text) {_loginpage (text);
  _afterloadwebmmdo (function () {Webmm.osslog ({text:text}); Webmm.flushosslog();
 });
  var reloadqrimgcount = 0, loadqrcodetime = 0, loadqrimgsucc = function () {clearinterval (Loadqrimgwatchdog); _loginpage ("Load qrcode Success, time=" + (new Date (). GetTime ()-Loadqrcodetime) + "MS, Reload Count:" + Reloadqrimgcoun
 T); }, Loadqrimgfail = function (img) {_reportnow ("Load qrcode fail! + status +", src: "+ img.src +", Time: "+" (New Dat
 E (). GetTime ()-Loadqrcodetime) + "MS");
 }, Loadqrimgwatchdog = null;
 function _loadqrimg (UUID) {_poll (UUID);
 _loginpage ("Load qrcode Start");

 Loadqrcodetime = new Date (). GetTime ();
  _ologinqrcodeimg.onload = function () {LOADQRIMGSUCC ();
 _ologinqrcodeimg.onload = null;
 };
 _ologinqrcodeimg.onerror = function () {Loadqrimgfail (this)}; _OLOGINQRCODEIMG.SRC = "Https://login."

 +_sbasehost+ "/qrcode/" +uuid+ "T=WEBWX";
  Loadqrimgwatchdog = setinterval (function () {if (Reloadqrimgcount >= 5) {_reset ();
  Return

  } reloadqrimgcount++;
  var _img = new Image (); _img.onload = function () {if (!_ologInqrcodeimg.onload) return;
  _ologinqrcodeimg.onload = null;
  _OLOGINQRCODEIMG.SRC = This.src;//replace loadqrimgsucc ();
  };
  _img.onerror = function () {Loadqrimgfail (this)};
 _IMG.SRC = _ologinqrcodeimg.src + "&r=" + New Date (). GetTime ();
 }, 5000);
 var _ssecondrequesttime = 0, _najaxtimeout = 1000, _nnewloginfuncerrcount = 0;
 function _poll (_asuuid) {var _self = Arguments.callee, _ntime = 0;

 _scuruuid = _asuuid;
 _loginpage ("_poll Request Start, Time:" + new Date (). GetTime ());
 _ntime = new Date (). GetTime (); $.ajax ({type: "Get", url: "Https://login" + _sbasehost + "/cgi-bin/mmwebwx-bin/login?uuid=" + _asuuid + "&tip=" + Show_tip, DataType: "Script", Cache:false, timeout: _najaxtimeout, success:function (data, Textstatus, JQXHR) {_lo
 Ginpage ("_poll Request Success, code:" + Window.code + ", Time:" + (New Date (). GetTime ()-_ntime) + "MS"); Switch (_aowin.code) {case: _ssecondrequesttime = new Date (). GetTime ()-_ssecondrequesttime;
 _loginpage ("Second Request Success, Time:" + _ssecondrequesttime + "MS");

  Cleartimeout (_oresettimeout); 
   var _fnewloginfunc = function () {$.ajax ({URL: _aowin.redirect_uri + "&fun=new",//new login page type: "Get",
    Success:function (msg) {_loginpage ("new Func reponse, reponsemsg:" + msg);
    var code = Msg.match (/<script> (. *) <\/script>/);
    var skey=msg.match (/<skey> (. *) <\/skey>/);
    if (code) {eval (code[1]);
    }else{$ ("#container"). Show ();
    $ ("#login_container"). Hide ();
    } if (Skey && skey[1]) {Webmm.model ("account"). Setskey (skey[1));
    }, Error:function (JQXHR, Textstatus, Errorthrown) {_nnewloginfuncerrcount++; if (_nnewloginfuncerrcount > 5) {if (Confirm ("Call new Login page func error, refresh?")
    {location.reload ()} return; } _reportnow (_aowin.redirect_uri + "New login page func error:" + Textstatus + "RetryCount:" + _nnewloginfuncerrcoun
    T); SettimeoUT (_fnewloginfunc, 500);
  }
   });
  };

  _fnewloginfunc (); _reportnow ("/cgi-bin/mmwebwx-bin/login, Second Request Success, uuid:" + _asuuid + ", Time:" + _ssecondrequesttime + "ms
 ");

 Break
 Case 201:cleartimeout (_oresettimeout);
 Show_tip = 0;
 $ ('. ErrorMsg '). Hide ();
 $ ('. Normldesc '). Hide ();
  $ ('. Successmsg '). Show ();
  _reportnow ("/cgi-bin/mmwebwx-bin/login, Success, uuid:" + _asuuid);

  _reportnow ("/cgi-bin/mmwebwx-bin/login, Second Request Start, uuid:" + _asuuid);

  _ssecondrequesttime = new Date (). GetTime ();
  _najaxtimeout = 5 * 1000;
  _self (_ASUUID);

 Break
 Case 408:settimeout (function () {_self (_ASUUID);
 }, 500);

 Break
  Case 400:case: _reset ();
 _afterloadwebmmdo (function () {_AOWIN.LOG.D (", Login Poll Svr Exception");
 });
 Break }, Error:function (JQXHR, Textstatus, Errorthrown) {if (Textstatus = ' timeout ') {settimeout (function () {_self
  (_ASUUID);
 }, 500); } else {settimeout (function () {_self) (_asuuID);

  }, 5000);
  _loginpage ("_poll Request Error:" + textstatus);
  _afterloadwebmmdo (function () {_AOWIN.LOG.E ("Login Poll Error:" + textstatus);
 });
 }
 }
 }); var getuuidcount = 0, _getuuidwatchdog, _bgetuuidsuccess = False;//ajax successִfunction _getuuid () {GetUUIDCoun
 t++; var _self = Arguments.callee, _loaderror = function (ErrorText) {_reportnow ("Load UUID error!
  ErrorText: "+ errortext +" getuuidcount= "+ getuuidcount); if (Getuuidcount > 5) {if confirm ("Load uuid error.") Refresh? "))
   {location.reload ();
  } settimeout (function () {_self ();
  }, 500);

 };
 Cleartimeout (_getuuidwatchdog);
  _getuuidwatchdog = settimeout (function () {if (!_aowin.qrlogin.code) {_loginpage ("Getuuid Timeout, watchdog Run");
  _self ();

 }, 10000); $.ajax ({type: "Get", url: "Https://login." + _sbasehost + "/jslogin?appid=wx782c26e4c19acffb&redirect_uri=" +encod Euricomponent (location.protocol+ "//" +location.host+ "/cgi-bin/mmwebwx-bin/webwxnewloGinpage ") +" &fun=new&lang= "+ Document.lang, DataType:" Script ", Cache:false, Success:function () {Cleart
  Imeout (_getuuidwatchdog);
  if (_bgetuuidsuccess) return;
   if (_aowin.qrlogin && _aowin.qrlogin.code = =) {_loginpage ("Getuuid Success, uuid=" + qrlogin.uuid);

   _bgetuuidsuccess = true;
   Cleartimeout (_oresettimeout); _oresettimeout = settimeout (function () {location.reload ();//note:don ' t run _reset ().

   If you run _reset (), there would may have many _poll request, as they get 408 return code}, 5 * *1000);//5 mins
  _loadqrimg (QRLOGIN.UUID);
   else {var Qrlogincode = (_aowin.qrlogin && _aowin.qrlogin.code)? _aowin.qrlogin.code: "None";
   _loginpage ("Getuuid Error, qrlogin.code=" + Qrlogincode);
  _loaderror ("qrlogin.code=" + Qrlogincode);
  }, Error:function (XHR, Textstatus, Errorthrown) {_loginpage ("Getuuid error, textstatus=" + textstatus);
  _loaderror (Textstatus);
 }
 }); function _reset () {LocatIon.reload ();
 } if ($ ("#login_container"). Is (": visible")) {_getuuid ();
 var _bhadlog = false;
 function _osslog () {if (_bhadlog) return;
 _bhadlog = true; var _suvid = Document.cookie.match (New RegExp ("(^|)" + "Webwxuvid" + "= ([^;]
 *)(;|$)"));
 if (!_suvid | | _suvid.length < 3) return;
 _suvid = _suvid[2]; (New Image ()). src = "/cgi-bin/mmwebwx-bin/webwxstatreport?funkey=indexdemo&uvid=" +_suvid+ "&uuid=" +_
 Scuruuid; } if ($ ("img.guide"). Length > 0) {var _ntimer = 0, _oguide$ = $ (". Guide"), _oguidetrigger$ = $ ("#guideTrigger, #t

 Iptrigger "), _omask$ = $ (". Mask "); function _back () {_ntimer = settimeout (function () {_omask$.stop (). Animate ({opacity:0}, function () {$ (". Mask"). Hide ()}
 );
 _oguide$.stop (). Animate ({marginleft: " -120px", opacity:0}, "n", "Swing", function () {_oguide$.hide ();
 });
 }, 100);
 }/*guide*/_oguide$.css ({"Left": "50%", "opacity": 0});
 _oguidetrigger$.css ({"BackgroundColor": "White", "opacity": "0"}); _oguidetrigger$.mouseover (functiOn () {cleartimeout (_ntimer);
 _omask$.show (). Stop (). Animate ({"Opacity": 0.2}); _OGUIDE$.CSS ("Display", "block"). Stop (). Animate ({marginleft: "+168px", opacity:1}, 900, "Swing", function () {_oguide$
 . Animate ({marginleft: "+153px"}, 300);
 });
 _osslog ();

 }). Mouseout (_back);
 _oguide$.mouseover (function () {cleartimeout (_ntimer);
 }). Mouseout (_back);

 }) (jQuery, window);

After reading JS, you will see from the client side of the page to request a login side, the page client every 500 milliseconds to the server to initiate SSL request, request the current two-dimensional code is another client (mobile) authorization, if the return result is 201, It means that you have obtained the same account login authorization for scanning two-dimensional code terminals, and if it is the other case, then recycle the request again 500 milliseconds. This process lasts until the two-dimensional code is scanned or the two-dimensional code timeout expires.
The tools used include: Grab tool Fidller, Chrome F12 Developer tool, Notice accidental discovery, micro-letter client has a min-webmm1cba21.js, which clearly visible XSS filter specification, It's a hope for those pigeons who like the white box test XSS.!!!

This article has been organized into the "JavaScript micro-Credit Development Skills Summary", welcome to learn to read.

For everyone to recommend now more attention than the micro-letter Program Tutorial: "Micro-letter Small Program Development tutorial" Small series for everyone carefully organized, hope like.

The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More