Below I will share with you an example explanation of how to implement automatic login on the campus network using Python. It has a good reference value and I hope it will be helpful to everyone. Let’s come and take a look
Because I recently wanted to use a Raspberry Pi to build a remote monitoring system, and because the school network requires logging in from the web page and it is inconvenient to bring a monitor with the Raspberry Pi, I thought about it. A script program that can automatically log in to the campus network, eliminating the trouble of opening the browser and entering the account and password every time.
1. Tool
Firefox browser firedebug plug-in, debug plug-in can be added to the browser add-on, other browsers can also be used as long as they can monitor the browser's network behavior.
python requests package
2. Steps
1) First open the login interface, and then press f12 to open the firedebug plug-in. At this time, there is no debug function. Record the behavior, then click the refresh button, then click the login button, call up debug again and click the console tab. At this time, you will find many get methods plus the final POST method generated by login, as shown in the figure
2) Click on the small arrow of the POST method and you will find the browser's request header information, which we need to save (not the response header),
3) View the content in the POST tab. The variables and parameters need to be saved. You can see that the password is encrypted. .If you just log in with your own account and password, the program can end here. Replace the data with the data you captured and use the following code to log in to the campus network.
import requests
#登录地址
post_addr="http://a.nuist.edu.cn/index.php/index/login"
#构造头部信息
post_header={
'Host': 'a.nuist.edu.cn',
'User-Agent':'Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0',
'Accept': 'application/json, text/javascript, */*; q=0.01',
'Accept-Language':'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Accept-Encoding': 'gzip, deflate',
'Content-Type': 'application/x-www-form-urlencoded',
'X-Requested-With':'XMLHttpRequest',
'Referer':'http://a.nuist.edu.cn/index.php?url=aHR0cDovL2RldGVjdHBvcnRhbC5maXJlZm94LmNvbS9zdWNjZXNzLnR4dA==',
'Content-Length': '67',
'Cookie':'_gscu_1147341576=059821653286gq10; sunriseUsername=123441534;\
sunriseDomain=NUIST;sunriseRememberPassword=true; sunrisePassword=123456;\
PHPSESSID=hb0o9bkct2f6ge164oj3vj0me5;think_language=zh-CN',
'Connection':'keep-alive',
}
#构造登录数据
post_data={'domain':'NUIST',
'enablemacauth':'0',
'password':'MTgzMzEw',
'username':'xxxxxxx'
}
#发送post请求登录网页
z=requests.post(post_addr,data=post_data,headers=post_header)
4) But I found a problem is that the above program can only be used by yourself. If you change the account and password to log in, you have to use the browser to capture the data packets. , annoying... After carefully reviewing the above steps, I found that the difficulty in writing a program that allows other accounts to log in without packet capture is that the password in the post_data program is encrypted. If you can know its encryption method, write a general one (in this article On-campus) program is very easy.
In fact, if you know more about the commonly used encryption methods in this step, then it is easier to check the source code (js) of the web page to figure out its encryption method. Unfortunately, I don’t understand. , I only know one md5 encryption, so I tried to use the hashlib package in python to encrypt the password and then see if it is the same as the captured data. Unfortunately, not even one character is the same..., then I thought since the data is The encryption process that is sent from the local server to the server must be completed on the client side, most likely through a js script (I don’t know much about web page programming, I only know that js can be executed on the client side, so I guess it is the js script that completes the passward encoding). Then check the captured js code through debug.
Open the debugger and you can see a row of js code on the left. You can roughly guess the role of js through the js file name.
5) Looking at the file name on the left, you can directly guess that the functions include login.js, md5.js, client.js, usercss.js. Since md5 is not a password encryption method, check it out Other js codes. Fortunately, I clicked on the first base64 code and found out that this code is an encoding method. I hurried to Baidu and found that base64 is indeed an encoding method. I struck while the iron was hot by using Baidu python's base64 encoding implementation and found that python had already Integrate the base64 package and use this package to encode the password again... It is found that the result is exactly the same as the captured postdata. At this point, writing a general program is just around the corner!!
The complete code is as follows (Rough version):
#!/usr/bin/python3
# -*- coding: utf-8 -*-
'''
FileName:conNet.py
Author:shenhuixiang
Copyright(c)2017,shenhuixiang
'''
import base64
import requests
'''
输入账号密码和登录的网络
网络参数为如果是移动的则填写CMCC
如果是学号则填NUIST
'''
USER_ACCOUNT='110'
DOMAIN_SELECTION='CMCC'
USER_PASSWATD='123456'
#登录地址
post_addr="http://a.nuist.edu.cn/index.php/index/login"
#构造头部信息
post_header={
'Host': 'a.nuist.edu.cn',
'User-Agent':'Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0',
'Accept': 'application/json, text/javascript, */*; q=0.01',
'Accept-Language':'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Accept-Encoding': 'gzip, deflate',
'Content-Type': 'application/x-www-form-urlencoded',
'X-Requested-With':'XMLHttpRequest',
'Referer':'http://a.nuist.edu.cn/index.php?url=aHR0cDovL2RldGVjdHBvcnRhbC5maXJlZm94LmNvbS9zdWNjZXNzLnR4dA==',
'Content-Length': '67',
'Cookie':'_gscu_1147341576=059821653286gq10; sunriseUsername='+USER_ACCOUNT+';\
sunriseDomain='+DOMAIN_SELECTION+';sunriseRememberPassword=true; sunrisePassword='+USER_PASSWATD+';\
PHPSESSID=hb0o9bkct2f6ge164oj3vj0me5;think_language=zh-CN',
'Connection':'keep-alive',
}
'''
password在post的参数中经过base64编码,
为了查找password加密方式...吐血三升.
'''
post_data={'domain':DOMAIN_SELECTION,
'enablemacauth':'0',
'password':base64.b64encode(USER_PASSWATD.encode()),
'username':USER_ACCOUNT
}
#发送post请求登录网页
z=requests.post(post_addr,data=post_data,headers=post_header)
#z.text为str类型的json数据因此先编码成byte类型在解码成unicode型这样就可以正常输出中文
s=z.text.encode('utf-8').decode('unicode-escape')
print(s)
Related recommendations:
Python implements a random call Open the webpage in the browser
The above is the detailed content of Python realizes automatic login to campus network. For more information, please follow other related articles on the PHP Chinese website!
Is Tuple Comprehension possible in Python? If yes, how and if not why?Apr 28, 2025 pm 04:34 PMArticle discusses impossibility of tuple comprehension in Python due to syntax ambiguity. Alternatives like using tuple() with generator expressions are suggested for creating tuples efficiently.(159 characters)
What are Modules and Packages in Python?Apr 28, 2025 pm 04:33 PMThe article explains modules and packages in Python, their differences, and usage. Modules are single files, while packages are directories with an __init__.py file, organizing related modules hierarchically.
What is docstring in Python?Apr 28, 2025 pm 04:30 PMArticle discusses docstrings in Python, their usage, and benefits. Main issue: importance of docstrings for code documentation and accessibility.
What is a lambda function?Apr 28, 2025 pm 04:28 PMArticle discusses lambda functions, their differences from regular functions, and their utility in programming scenarios. Not all languages support them.
What is a break, continue and pass in Python?Apr 28, 2025 pm 04:26 PMArticle discusses break, continue, and pass in Python, explaining their roles in controlling loop execution and program flow.
What is a pass in Python?Apr 28, 2025 pm 04:25 PMThe article discusses the 'pass' statement in Python, a null operation used as a placeholder in code structures like functions and classes, allowing for future implementation without syntax errors.
Can we Pass a function as an argument in Python?Apr 28, 2025 pm 04:23 PMArticle discusses passing functions as arguments in Python, highlighting benefits like modularity and use cases such as sorting and decorators.
What is the difference between / and // in Python?Apr 28, 2025 pm 04:21 PMArticle discusses / and // operators in Python: / for true division, // for floor division. Main issue is understanding their differences and use cases.Character count: 158
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
SublimeText3 Chinese version
Chinese version, very easy to use
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
