去年做的MSN(HOTMAIL), gmail, yahoo三个模拟登录,现在MSN已经失效了
在CSDN论坛关注的朋友比较多,工作上也需要这个,所以再次拿起HTTP分析工具一窥究竟
这次分析发现,MSN让人哭笑不得,他们在最后一步登录时,对COOKIE有检测,检测COOKIE是在正常不过的
只是他这次检测多余的COOKIE,如果有多余的COOKIE就直接将俺请出,无奈之下,只能在最后一步按他们的要求来筛选他们需要的COOKIE
好了,上代码了(基本上跟上次是差不多的,只是中间多了一个COOKIE的筛选)
我的博客:www.onlypo.com
- PHP code
<?php define( "COOKIEJAR", tempnam( ini_get( "upload_tmp_dir" ), "cookie" ) ); //定义COOKIES存放的路径,要有操作的权限 define( "TIMEOUT", 1000 ); //超时设定 error_reporting(E_ALL); class MSN { function getAddressList($username, $password) { //第一步:模拟抓取登入页面的数据,并记下cookies $cookies = array(); $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_URL, "http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=".time()."&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=2052&id=64855&mkt=zh-cn&cbcxt=mail&snsc=1"); curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIEJAR); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $str = curl_exec($ch); curl_close($ch); //数据文件 模拟JS生成的cookie $CkTst = 'G'.time() * 1000; $wlidperf = "throughput=3&latency=948&FR=L&ST=".(time() * 1000 + 1254); $fp = fopen(COOKIEJAR, "a+"); $str_new = "login.live.com\tTRUE\t/\tFALSE\t0\tCkTst\t$CkTst\r\n"; $str_new .= "login.live.com\tTRUE\t/\tFALSE\t0\twlidperf\t$wlidperf\r\n"; fwrite($fp,$str_new); fclose($fp); //参数的分析 $matches = array(); preg_match('/<input\s*type="hidden"\s*name="PPFT"\s*id="(.*?)"\s*value="(.*?)"\s*\/>/i', $str, $matches); $PPFT = $matches[2]; $type = 11; $LoginOptions = 3; $Newuser = 1; $idsbho = 1; $i2 = 1; $i12 = 1; $i3 = '562390'; $i14 = '868'; $i15 = '1338'; $PPSX = 'Pa'; //合并参数 $postfiles = "login=".$username."&passwd=".$password."&type=".$type."&LoginOptions=".$LoginOptions."&Newuser=".$Newuser."&idsbho=".$idsbho."&i2=".$i2."&i3=".$i3."&PPFT=".$PPFT."&PPSX=".$PPSX."&i12=1&i14=$i14&i15=$i15"; //第二步:开始登入 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIEJAR); curl_setopt($ch, CURLOPT_URL, 'https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct='.(time()+5).'&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=2052&id=64855&mkt=zh-cn&cbcxt=mail&snsc=1&bk='.(time()+715)); //此处的两个time()是为了模拟随机的时间 curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postfiles); curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIEJAR); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content = curl_exec($ch); curl_close($ch); if( stripos($content,'WLWorkflow') !== FALSE ) { //WLWorkflow登入页面JS return false; //登入失败 } //获取location链接 $matches = array(); preg_match('/window.location.replace\(\"(.*?)\"\)/i', $content, $matches); $url_contiune_1 = $matches[1]; //接下来的链接 if(!$url_contiune_1) { return false; } //除去多余的COOKIE $arr_new = file(COOKIEJAR); $str_new = ''; $need_arr = array(0,1,2,3,7,9,13,15,16,17,18,21,22); foreach($arr_new as $k => $v) { if(in_array($k, $need_arr)) $str_new .= "$v"; } $fp = fopen(COOKIEJAR, "w+"); fwrite($fp,$str_new); fclose($fp); //第三步: 进入引导页面 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIEJAR); curl_setopt($ch, CURLOPT_URL, $url_contiune_1); curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIEJAR); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content_2 = curl_exec($ch); //echo $postfiles; curl_close($ch); //获取redicturl链接 $matches = array(); preg_match('/<a\s*href=\"(.*?)\"\s*>/i', $content_2, $matches); $url_contiune_2 = $matches[1]; //接下来的链接 if(!$url_contiune_2) { return false; } //获取邮箱请求基址 读取host $matches = array(); preg_match('/(.*?)\/\/(.*?)\/(.*?)/i', $url_contiune_2, $matches); $url_contiune_3 = trim($matches[1]).'//'.trim($matches[2]); //首页定义的站点基址 $url_4 = $url_contiune_3.'/mail/ContactMainLight.aspx?n=435707983'; //n后面的数字是随机数 if(!$url_contiune_3) { return false; } //第四步: 开始获取邮箱联系人 //base $url_4 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIEJAR); curl_setopt($ch, CURLOPT_URL, $url_4); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $str = curl_exec($ch); curl_close($ch); //分析数据 (此处的数据因为hotmail的JS处理机制,所以在页面上看不出来,源码上可以看到数据) return $this->hanlde_date($str); } function hanlde_date($data) { $new_str = array(); if(!empty($data)) { $ops_start = stripos($data,'ic_control_data'); $ops_end = stripos($data,';',$ops_start); $new_str = substr($data, $ops_start + strlen('ic_control_data = '), $ops_end - $ops_start - strlen('ic_control_data = ') ); return $new_str; //返回JSON对象 } else { return array(); } } } $msn = new MSN(); $res = $msn->getAddressList('usrname@hotmail.com','111111'); ?>