极验4 语序验证码 分析 极验4 w

声明
本文章中所有内容仅供学习交流使用，不用于其他任何目的，抓包内容、敏感网址、数据接口等均已做脱敏处理，严禁用于商业用途和非法用途，否则由此产生的一切后果均与作者无关！

逆向过程

def url_to_base64(url):
    # 将 URL 编码为 base64 字符串
    base64_encoded_data = base64.b64encode(url.encode('utf-8'))
    base64_message = base64_encoded_data.decode('utf-8')
    return base64_message
headers = {
    "Accept": "*/*",
    "Accept-Language": "zh-CN,zh;q=0.9",
    "Cache-Control": "no-cache",
    "Connection": "keep-alive",
    "Sec-Fetch-Dest": "script",
    "Sec-Fetch-Mode": "no-cors",
    "Sec-Fetch-Site": "cross-site",
    "Sec-Fetch-Storage-Access": "active",
}
url = "load"
captcha_id = "cf1850663be9b904bbe2d01cff0ce0eb"
params = {
    "callback": f"geetest_1744941101247",
    "captcha_id": captcha_id,
    "challenge": "",
    "client_type": "web",
    "risk_type": "",
    "lang": "zho"
}
response = requests.get(url, headers=headers, cookies=cookies, params=params)

data = json.loads(re.findall('{.*}', response.text)[0])
print(data['data'])
lot_number = data["data"]["lot_number"]
captcha_type = data["data"]["captcha_type"]
if captcha_type != 'phrase':
    sys.exit(0)

imgs = data["data"]["imgs"]
with open('../bg.png', 'wb') as fp:
    fp.write(requests.get(f"{imgs}").content)


captcha_mode = data["data"]["captcha_mode"]
pow_detail = data["data"]["pow_detail"]
payload = data["data"]["payload"]
process_token = data["data"]["process_token"]
print(imgs)

with open('../bg.png', 'rb') as f:
    a = base64.b64encode(f.read()).decode()  ## 图片二进制流base64字符串
dictdata = verify(a).split("|")
print(dictdata)
userresponse = []
for i in dictdata:
    x, y = i.split(',')
    userresponse.append([x,y])
print(userresponse)
cp = execjs.compile(open('run.js', 'r', encoding='utf-8').read())
print(data['data'])
w = cp.call('getEncrypt', captcha_id, data["data"], userresponse)
print(w)

url = "/verify"
params = {
    "callback": "geetest",
    "captcha_id": captcha_id,
    "client_type": "web",
    "lot_number": lot_number,
    "risk_type": "",
    "payload": payload,
    "process_token": process_token,
    "payload_protocol": "1",
    "pt": "1",
    "w": w
}
response = requests.get(url, headers=headers, cookies=cookies, params=params)

print(response.text)
print(response)

结果

总结

    1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。