前言

　　又是一年馬上結(jié)束，今年一年研究技術(shù)的時(shí)間都非常少，除了家庭原因，還有自身的原因。2018很不順，理財(cái)各種雷，幣圈與股市跌的慘不忍睹。自身還沾染了社會(huì)三大毒瘤之一的賭，一夜回到解放前。讓我好多天精神恍惚，差點(diǎn)崩潰。好久才走出來(lái)，刪掉各類(lèi)app，打開(kāi)vs，認(rèn)真寫(xiě)點(diǎn)代碼換錢(qián)。

我有一顆想分享的心，但苦于文采不好，語(yǔ)言表達(dá)能力不行，更重要的患有嚴(yán)重懶癌，導(dǎo)致這篇文章寫(xiě)了很久都沒(méi)結(jié)束。

騰訊防水墻的介紹

官網(wǎng)：https://007.qq.com

介紹：專(zhuān)注業(yè)務(wù)安全服務(wù)，用領(lǐng)先的人工智能技術(shù)解決業(yè)務(wù)欺詐、薅羊毛、刷單、爬蟲(chóng)、撞庫(kù)等問(wèn)題，讓您的企業(yè)零投入也能有微信/QQ級(jí)別的業(yè)務(wù)安全服務(wù)

其實(shí)就是類(lèi)似極驗(yàn)的驗(yàn)證碼，相對(duì)于以前的圖形驗(yàn)證碼，多了行為等一些識(shí)別。從圖片上來(lái)說(shuō)，就是要找到缺口的位置，我想對(duì)于專(zhuān)業(yè)做識(shí)別的來(lái)說(shuō)，找這個(gè)缺口位置應(yīng)該比以前騰訊的四位圖形驗(yàn)證碼更容易。難就難在里面亂七八糟的js加密。下面讓我給大家一一講述分析過(guò)程，加密過(guò)程。

騰訊防水墻的分析

一、http協(xié)議抓包

　　在防水墻官網(wǎng)看到有一些防水墻的用戶，看到了手機(jī)廠商oppo。應(yīng)用防水墻的地方無(wú)非就是他的商城，論壇，云空間之類(lèi)的。在商城上沒(méi)發(fā)現(xiàn)，打開(kāi)云空間登錄頁(yè)面，隨便輸入賬號(hào)，錯(cuò)誤次數(shù)過(guò)多了，果然出現(xiàn)了防水墻

打開(kāi)Fiddler，刷新下頁(yè)面完成一組操作，發(fā)現(xiàn)主要請(qǐng)求有這幾個(gè)

二、數(shù)據(jù)包分析

　　去除加載的js與log上傳，真正的一組操作有三個(gè)：

cap_union_prehandle
cap_union_new_show
cap_union_new_verify

開(kāi)始詳細(xì)分析這三個(gè)請(qǐng)求數(shù)據(jù)包的組成（我根據(jù)我的分析與理解進(jìn)行講述）

1是初始化驗(yàn)證碼。詳細(xì)請(qǐng)求為

GET https://captcha.guard.qcloud.com/cap_union_prehandle?aid=1253408289&asig=Ad3GYD9Dn99U0xOPiOOhnEpB7citHdzqa98umEP2Whvl-OngFl18y4Q_bSgYFxtm6dWiT67ngBe1x7vbI9RPE-HSJh8phx2h&captype=&protocol=https&clientype=2&disturblevel=&apptype=&curenv=open&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82OS4wLjM0OTcuMTAwIFNhZmFyaS81MzcuMzY=&uid=&cap_cd=&lang=2052&callback=_aq_517127&subsid=1 HTTP/1.1
Host: captcha.guard.qcloud.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: */*
Referer: https://cloud.oppo.com/login.html
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: qcmainCSRFToken=ByB1lOw1G4; intl=; qcloud_from=qcloud.360.seo-1546778388303

參數(shù)的詳細(xì)介紹（猜想）,僅僅介紹需要變動(dòng)的參數(shù)，不介紹的固定就可以：
aid：項(xiàng)目的ID，不同網(wǎng)站的aid不同
asig：這個(gè)驗(yàn)證碼請(qǐng)求的id，每次驗(yàn)證碼不同。這個(gè)asig在前面幾個(gè)http請(qǐng)求中，網(wǎng)站都會(huì)返回
ua：瀏覽器的user-agent,進(jìn)行了base64編碼
uid：登錄賬號(hào)，在有些網(wǎng)站可能這個(gè)需要

其他參數(shù)固定就可以。

返回內(nèi)容為：
_aq_517127({"state":"1","ticket":"","capclass":"2","subcapclass":"9","src_1":"cap_union_new_show","src_2":"template/new_placeholder.html","src_3":"template/new_slide_placeholder.html","sess":"mH-vlJ-CUtT4IjZhBaXnUw1eOMnpNPKHFJwVl_yEGGkO-ZhxabjuVs9gNML4dXb8tvjP1spte6EEKlOCdxrlzhOd2oGK0w3OFw9z2odtQjOoq3OyAdIr0b1cnajkR06N3qgMqKeBWmI2zFR5CCslK-5RmrlVY2vnV-W_frBhrIWt80ALXQzi4M_V3JGsUwCaDzBKfy5bURo*","sid":"6643363502555941855"})
都是驗(yàn)證碼需要的一些參數(shù)，后面會(huì)用到

2是驗(yàn)證碼的顯示頁(yè)面，主要以iframe形式顯示驗(yàn)證碼的html頁(yè)面

GET https://captcha.guard.qcloud.com/cap_union_new_show?aid=1253408289&asig=Ad3GYD9Dn99U0xOPiOOhnEpB7citHdzqa98umEP2Whvl-OngFl18y4Q_bSgYFxtm6dWiT67ngBe1x7vbI9RPE-HSJh8phx2h&captype=&protocol=https&clientype=2&disturblevel=&apptype=&curenv=open&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82OS4wLjM0OTcuMTAwIFNhZmFyaS81MzcuMzY=&sess=mH-vlJ-CUtT4IjZhBaXnUw1eOMnpNPKHFJwVl_yEGGkO-ZhxabjuVs9gNML4dXb8tvjP1spte6EEKlOCdxrlzhOd2oGK0w3OFw9z2odtQjOoq3OyAdIr0b1cnajkR06N3qgMqKeBWmI2zFR5CCslK-5RmrlVY2vnV-W_frBhrIWt80ALXQzi4M_V3JGsUwCaDzBKfy5bURo*&theme=&sid=6643363502555941855&noBorder=noborder&fb=0&forcestyle=undefined&subsid=2&showtype=embed&uid=&cap_cd=&lang=2052&rnd=498672&TCapIframeLoadTime=10&prehandleLoadTime=101&createIframeStart=1546778599893 HTTP/1.1
Host: captcha.guard.qcloud.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://cloud.oppo.com/login.html
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: qcmainCSRFToken=ByB1lOw1G4; intl=; qcloud_from=qcloud.360.seo-1546778388303

aid：同上
asig：同上
ua：同上
sess：第一步http請(qǐng)求返回的數(shù)據(jù)
sid：第一步http請(qǐng)求返回的數(shù)據(jù)
rnd：隨機(jī)數(shù)，可以生產(chǎn)一個(gè)六位隨機(jī)數(shù)，后面的請(qǐng)求還會(huì)要用到
TCapIframeLoadTime：iframe加載的時(shí)間，隨機(jī)生產(chǎn)就可以
prehandleLoadTime：第一步請(qǐng)求的時(shí)間，隨機(jī)生產(chǎn)就可以
createIframeStart：創(chuàng)建iframe的時(shí)間，以當(dāng)前時(shí)間轉(zhuǎn)換成毫秒單位的時(shí)間戳就可以

其他的同樣固定就可以

返回內(nèi)容：
太多了，不貼了，不過(guò)里面有一些重要的參數(shù)需要用到，下面提到的參數(shù)可以自行在你測(cè)試的http數(shù)據(jù)中查找
返回的內(nèi)容就是顯示驗(yàn)證碼與一些js算法

驗(yàn)證碼圖片請(qǐng)求：
驗(yàn)證碼分為兩個(gè)，一個(gè)是有缺口的圖片，一個(gè)是缺口位置的圖片。
兩個(gè)驗(yàn)證碼請(qǐng)求基本一致，只是最后面的img_index不同，1為有缺口圖片，2為缺口位置圖片。（0為完整圖片，一般人我不告訴他）

驗(yàn)證碼請(qǐng)求：
https://captcha.guard.qcloud.com/cap_union_new_getcapbysig?aid=1253408289&asig=Ad3GYD9Dn99U0xOPiOOhnEpB7citHdzqa98umEP2Whvl-OngFl18y4Q_bSgYFxtm6dWiT67ngBe1x7vbI9RPE-HSJh8phx2h&captype=&protocol=https&clientype=2&disturblevel=&apptype=&curenv=open&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82OS4wLjM0OTcuMTAwIFNhZmFyaS81MzcuMzY=&sess=mH-vlJ-CUtT4IjZhBaXnUw1eOMnpNPKHFJwVl_yEGGkO-ZhxabjuVs9gNML4dXb8tvjP1spte6EEKlOCdxrlzhOd2oGK0w3OFw9z2odtQjOoq3OyAdIr0b1cnajkR06N3qgMqKeBWmI2zFR5CCslK-5RmrlVY2vnV-W_frBhrIWt80ALXQzi4M_V3JGsUwCaDzBKfy5bURo*&theme=&sid=6643363502555941855&noBorder=noborder&fb=0&forcestyle=undefined&subsid=3&showtype=embed&uid=&cap_cd=&lang=2052&rnd=498672&TCapIframeLoadTime=10&prehandleLoadTime=101&createIframeStart=1546778599893&rand=0.4427548655911022&vsig=b01j5Nf7g8tU487jjS2st9qjKBc_Jj_japTZmaYQoJ9Fs_HIpRZY62YWBsqKjsq17A9iNe2cfX6gtor4OFb0wZI4nA7wDjKkuu0ASDEvyJB4o1x4VMf3T-RyQ**&img_index=1

里面所有參數(shù)同上，唯一一個(gè)是vsig，在第二步的返回?cái)?shù)據(jù)中，可自行查找。上面提到的隨機(jī)生產(chǎn)的，下面所有請(qǐng)求請(qǐng)統(tǒng)一

3提交驗(yàn)證碼獲取ticket

POST https://captcha.guard.qcloud.com/cap_union_new_verify?random=1546778607362 HTTP/1.1
Host: captcha.guard.qcloud.com
Connection: keep-alive
Content-Length: 4134
Accept: application/json, text/javascript, */*; q=0.01
Origin: https://captcha.guard.qcloud.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://captcha.guard.qcloud.com/cap_union_new_show?aid=1253408289&asig=Ad3GYD9Dn99U0xOPiOOhnEpB7citHdzqa98umEP2Whvl-OngFl18y4Q_bSgYFxtm6dWiT67ngBe1x7vbI9RPE-HSJh8phx2h&captype=&protocol=https&clientype=2&disturblevel=&apptype=&curenv=open&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82OS4wLjM0OTcuMTAwIFNhZmFyaS81MzcuMzY=&sess=mH-vlJ-CUtT4IjZhBaXnUw1eOMnpNPKHFJwVl_yEGGkO-ZhxabjuVs9gNML4dXb8tvjP1spte6EEKlOCdxrlzhOd2oGK0w3OFw9z2odtQjOoq3OyAdIr0b1cnajkR06N3qgMqKeBWmI2zFR5CCslK-5RmrlVY2vnV-W_frBhrIWt80ALXQzi4M_V3JGsUwCaDzBKfy5bURo*&theme=&sid=6643363502555941855&noBorder=noborder&fb=0&forcestyle=undefined&subsid=2&showtype=embed&uid=&cap_cd=&lang=2052&rnd=498672&TCapIframeLoadTime=10&prehandleLoadTime=101&createIframeStart=1546778599893
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: qcmainCSRFToken=ByB1lOw1G4; intl=; qcloud_from=qcloud.360.seo-1546778388303

aid=1253408289&asig=Ad3GYD9Dn99U0xOPiOOhnEpB7citHdzqa98umEP2Whvl-OngFl18y4Q_bSgYFxtm6dWiT67ngBe1x7vbI9RPE-HSJh8phx2h&captype=&protocol=https&clientype=2&disturblevel=&apptype=&curenv=open&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82OS4wLjM0OTcuMTAwIFNhZmFyaS81MzcuMzY&sess=mH-vlJ-CUtT4IjZhBaXnUw1eOMnpNPKHFJwVl_yEGGkO-ZhxabjuVs9gNML4dXb8tvjP1spte6EEKlOCdxrlzhOd2oGK0w3OFw9z2odtQjOoq3OyAdIr0b1cnajkR06N3qgMqKeBWmI2zFR5CCslK-5RmrlVY2vnV-W_frBhrIWt80ALXQzi4M_V3JGsUwCaDzBKfy5bURo*&theme=&sid=6643363502555941855&noBorder=noborder&fb=0&forcestyle=undefined&subsid=6&showtype=embed&uid=&cap_cd=&lang=2052&rnd=498672&TCapIframeLoadTime=10&prehandleLoadTime=101&createIframeStart=1546778599893&subcapclass=9&vsig=b01j5Nf7g8tU487jjS2st9qjKBc_Jj_japTZmaYQoJ9Fs_HIpRZY62YWBsqKjsq17A9iNe2cfX6gtor4OFb0wZI4nA7wDjKkuu0ASDEvyJB4o1x4VMf3T-RyQ**&ans=164,19;&cdata=69&babedc=xV6XnEXCTYbfMkq3nBXtS0c%2FV5AAZtsYtOqYjNBVDwvu0DT8YIl0%2BdlKp2UjKu0nw9G%2FTRvlmFAxGhorC%2BMq4MBMdkhfEnITqxh7Bad0q7e0ffClmuKkyX15QuZqT42Ej1RCgowaxr6ltGKYPgkVX6Fx%2B9pf6brr%2FIXbyp5trWwsrVIuN%2BFhux6NpC3Zxnsy6%2ByKF5meARiu3xzCloOeMxR5nKIe4psSLIBdW8nq315CsYPnUYQqMZzEfcRwI4%2BZCerBM9InDZwlGDYm3VBBqTU8Sr9acPY2o4a%2B3Vjlckc7tQnZQzmdXR0yVRSoPVINu8pS86Ovs%2B%2BlSg2RJReqJ%2BMaqhcvXykmwWcJeDRDBTPil7t1EsgCgzpdHxAY5%2F%2FyvSHOXL8QAA34WBQqv5XAft76FkOuF9mQ0AEYgy0WVW90wtlu4G0YGVdr6kjKW1jEVqcErwDTRYCDqr01iBK0IEmTBIQZv2yZoQ1rjqonJo%2FAz0UpRYmKFTG%2BkHJoj6ym5JilETggn2WTtDeUVqk16cHzduPsNuVaDMQHAE5rqBynhwE2HTWtLF9eord5FqPEgZWUwcqclSefB%2FnLGKAz%2FYTuqPCiYbdl2zK%2B7%2Bjw7t4S%2BbKWETkZCQLoYmM1Hd7x58C4sBE04f5z50T3Wj1FmvrFBv4KQ%2FuITxeT84ggcUn%2FQmUDVW5AyE7KGMz6wsvwl3Vxv1aieT3Zggyu6NR96YaFialm6RTKe9KACcs3JLDk32Aj0oIKWIXZ4ffnljD828e0N6Wp65m0dJ%2ByWR31ziF7u9fttENgN9ewopOKz8x00qB%2FhQm%2BpqD26BLoStIlwkqcpAehqe2yH8uvEIdV7Ybyk7tWHhEUVAR8anSG4whOM9kbsGQ%2BZMdfhSRmtvqOHruHdbNHfEZ5N5UP6A9OQGYNCiA9RhluhHYRxKTCDaPUfyPNEtmxXDopjXDHdpre%2FqfsHTKlTW4UnXTi9iuZAcZW0CMFgv9c7qQ7tnirfZoFAoKV4GGudMIfV6L7b9utnLiAGgfXHnN6ip3J32j%2Fd4KfdD0UZVhEuS3Yb%2BzlBg3eKL4EA8OSEKaDVHkuh5odwP6IALOJfUNNYahxppjJondXOBe9auPDPCBnByJYUj2axNZgq2c8cuwpykYZhT2q9rm3AVBhEEAK3IaANqYB2myxwKFvyed6mHADNUPdhf3T5QkEDnc9xmqG7MmbrPtKLbDEssJupxtDQX7jusTjnVO03KC%2BK1WHmP%2B9lHU1KGlv1nlNqBEUUVKbGzzPU63%2F7K8oeauXpNdE6nwg4BPtrotYs0NlYDFLMBakGEKNe%2BBRe%2F9SueJ8WMN8N1FZiiBa2j4ZMZVe%2FzeIK6AFJ2zeIVsSYThIZl0eqMJudmMe8f%2F%2BFgQYOcT4iwXTEPQw5NuVu%2Fmd9mZdQvp2k%2FtXtdhbWTHiYMygXWvVwVRwk0SP8mRolL9U8n%2FEKqgQ0FTpkNM866%2BBb8%2FithnwOeoe5yMZQhelibtWQOxdHOykWuU95ZJ%2Fgcp7DnIjOj7Q61AQcZ2tZOecwnHYEvZy5p85aUepeYp7yuipc45dbZgrSeccLsj4peXKYJyNs6Lsu05d%2BVQkP%2BxH37yDjEs8p%2B4X%2BUAXSrwjrmZxdFLL1VoYk5gfrSpjBdJ8G6J1sQd8EwpdCPRyskS1uULi20voGvH1MjRzKXGmZk5PoSeWC2K4c2neaZfF1b7Tl%2F%2BQsPq87EioixgXEIlXsJigJLVSl2iSkUZ1L86f7qE%2FtvTfIYKni8JcRLgG9yGFeyxm05audIzWzhkdwmWfKWhLuwBf9B8BI2CDiEyCGsG%2BEKxHSP5KP%2FIp%2BYJmy9BelZUxUK%2B6LJHsqb0YhH9kUIQki5bM3d7hU7jFnERHe%2BgMDoY5NbdBZeDeXXJnN30jc6c30awXJJDCQVkZ6bo0ASG2NRa1Vjc9Em9xFMt8WfKcZSNN4Se2WogO%2FUPxH84PRa%2Bo1z%2FZEremf4XnV0L6My4xEugmmX%2B0uJZg7VrX2eu6V5BMaJxPW6FuSFpsEc9HYx5QuvT%2B12VlS9UU0wWxMLXvTRHP9qrjEFODUy%2FOqijDQOIKEeEY4WQFBwwH1VLLnYZR%2BarIdips6xiVTC4AfiB6RZs%2BCG9tVc2obk3U15GU8F53HvnPdvYc3Sn2OA6tKgpjy9zzyPpWG8TNBY1iZm2MlZTNTumAJ6K5xHPQQLgQ57VkxtTj7MOMDDs7RP32iFvkb2cFdQZ5SerKkmKHOh403rcVQEzuxUeEmfU%2FNOyZuEqMlo31RZM2zaTlWLjjlze4tFZo9QyohbDmKmSqPTSzyLLZ3lVIAIzzXEkjfBQpH26GrbVwUf8lHnAfIqz0VmfQoeF%2FycUVq%2FwnBQRhTpz6azHqg23XnuhNFpiGAnqDjRD9yrQBuzELTa4I7AvaH7DKcSqHKZHQ24f7sg9lLqE8cDyIrViCWsO6h42PqkvuXXIvpj0xHfejI2ZL1YHPhquAxzaebrhdXF6t%2FxfU7mLP%2Bl7H4Htn0otpyiFkk9yAkN4XOXenPkvot7FTL0xXfnQx0YVp9b%2FI9uAmaAD4xbjIsHA9XMTdfAh42RnPsCl4hAJLOpBOMhDRFuX6TLARDXJjg8LGhdysvv2ujoJjSxBg9OEWJwT1sWzMOTe7X1BwmTPQ3wpPOBZ9vt05T0Wzii%2F%2F%2FSfqXwgm8K3U8kYsJHrXUhqbSA6zkRlmCCderWRxwgdV6fM%2FpJo%2BnjwmPZfrsS7ZCo9OP81o5cEMFiVCegjegScZ1h7ku2STcXCk2nQkZXaBjFz%2BfJ%2Bo1G%2F4%2BVQO2BDF8aeKMP9dcXmtWH6Q%2FDl%2ByR5AgXmnfmbQrTsVDFhxHpn3aJTs8BIPmSUEJkcV3B1CO%2BLUs0mUpvm9&websig=fc60f30eb8eef18d2997d5756d13b466a69836890f80a2eed4232d7249b2675f9a8349e40867b6ecd068ad580738d503a9d89f515608eb71fc14b1454d2d7f7e&fpinfo=undefined&tlg=1


參數(shù)分析：
ans：驗(yàn)證碼最后位置的坐標(biāo)
cdata：一個(gè)驗(yàn)證數(shù)據(jù)，后面會(huì)講到
babedc：此處注意，每次可能參數(shù)名稱(chēng)不同，需要從第二步返回?cái)?shù)據(jù)中獲取參數(shù)名。此參數(shù)的值是你鼠標(biāo)，鍵盤(pán)事件的加密數(shù)據(jù)，后面會(huì)講到
websig：第二步返回?cái)?shù)據(jù)中獲取
fpinfo：此處是空，在qq登錄中，需要上傳瀏覽器ua與其他瀏覽器特性從而獲取一個(gè)數(shù)據(jù)，瀏覽器屬性不變，返回的數(shù)據(jù)不變。
其他參數(shù)參照上面或者默認(rèn)

三、驗(yàn)證碼識(shí)別

圖一圖二

懂的大神直接就可以識(shí)別缺口位置了。如果不懂識(shí)別，我教給你現(xiàn)在可以用的簡(jiǎn)單的方法。上面提到，http請(qǐng)求可以獲取上面兩個(gè)驗(yàn)證碼，但當(dāng)img_index為0時(shí)候，可以獲取

圖三

沒(méi)錯(cuò)，就是原圖。你直接對(duì)比下兩張圖就能獲取到坐標(biāo)了。（以前圖一缺口部分是白色的，看這個(gè)圖片好像改了）

四、加密分析

babedc參數(shù)：參數(shù)名稱(chēng)從第二步獲取的內(nèi)容中查找，正則表達(dá)式 ：cdata:l,"(.+?)":_

至于此參數(shù)的值就是：

{"mouseclick":[{"t":2273,"x":269,"y":148}],"keyvalue":[],"user_Agent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36","resolutionx":1920,"resolutiony":1080,"winSize":[300,232],"url":"https://captcha.guard.qcloud.com/cap_union_new_show","refer":"https://cloud.oppo.com/login.html","begintime":1546782787,"endtime":1546785066,"platform":1,"os":"other","keyboards":0,"flash":1,"pluginNum":50,"index":1,"ptcz":"","tokenid":1596750647,"a":1596750647,"btokenid":null,"tokents":1546775906,"ips":{"in":["192.168.50.125"]},"colorDepth":24,"cookieEnabled":true,"timezone":8,"wDelta":0,"mousemove":[[265,148,2273707],[-14,5,12],[-19,8,16],[-16,7,17],[-18,7,15],[-17,6,18],[-7,2,17],[-11,3,16],[-9,1,17],[-6,0,17],[-6,0,15],[-7,0,17],[-7,1,16],[-11,0,17],[-10,0,17],[-8,0,20],[-6,0,15],[-4,0,15],[-5,0,17],[-5,0,17],[-3,0,17],[-2,0,34],[-3,0,32],[-2,0,17],[-6,0,18],[-1,0,15],[-1,0,36],[-2,0,16],[-1,0,15],[-2,0,16],[-1,0,20],[-1,0,32],[-1,0,15],[-2,2,17],[-2,1,18],[-3,2,15],[-2,3,16],[-2,1,17],[-1,1,33],[4,0,217],[2,0,18],[4,0,15],[1,0,19],[3,0,16],[2,0,16],[3,0,17],[4,0,17],[2,0,16],[2,0,17],[2,0,16],[2,0,18],[3,0,15],[2,0,16],[2,0,17],[3,0,33],[3,0,37],[2,0,16],[2,0,15],[2,0,16],[2,0,17],[2,0,16],[2,0,17],[1,0,17],[2,0,17],[3,0,16],[1,0,18],[2,0,16],[1,0,50],[1,0,18],[1,0,18],[1,0,14],[1,0,19],[1,1,15],[1,0,33],[1,0,16],[1,0,18],[1,0,32],[1,0,89],[1,0,29],[1,0,15],[1,0,18],[1,0,17],[1,0,15],[-1,-1,352],[-1,0,32],[0,-1,18],[-1,0,17],[-1,0,682],[-1,0,16],[0,-1,84],[-1,0,33],[1,0,518],[1,0,16],[1,0,33],[2,0,33],[-1,-1,618]],"keyUpCnt":0,"keyUpValue":[],"mouseUpValue":[{"t":2279,"x":120,"y":195}],"mouseUpCnt":1,"mouseDownValue":[],"mouseDownCnt":0,"orientation":[],"bSimutor":0,"focusBlur":{"in":[],"out":[],"t":[]},"fVersion":31,"charSet":"UTF-8","resizeCnt":0,"errors":[],"screenInfo":"1920-1080-1040-24-*-*-*","elapsed":0,"ft":"qf_7P_n_H","coordinate":[10,9,0.5],"clientType":"2","trycnt":1,"refreshcnt":3,"slideValue":[[45,198,127],[2,0,15],[4,0,16],[1,0,19],[3,0,16],[2,0,16],[3,0,17],[4,0,17],[2,0,16],[2,0,16],[2,0,16],[2,0,18],[3,0,16],[2,0,16],[2,0,16],[3,0,34],[3,0,36],[2,0,16],[2,0,15],[2,0,16],[2,0,17],[2,0,16],[2,0,17],[1,0,18],[2,0,16],[3,0,18],[1,0,16],[2,0,17],[1,0,50],[1,0,17],[1,0,18],[1,0,15],[1,0,19],[1,1,15],[1,0,33],[1,0,16],[1,0,18],[1,0,31],[1,0,89],[1,0,29],[1,0,16],[1,0,18],[1,0,16],[1,0,16],[-1,-1,351],[-1,0,33],[0,-1,18],[-1,0,17],[-1,0,682],[-1,0,16],[0,-1,84],[-1,0,34],[1,0,517],[1,0,15],[1,0,33],[2,0,34],[-1,-1,617],[0,0,5]],"dragobj":0} 

里面是鼠標(biāo)，滑動(dòng)的坐標(biāo)。然后aes加密，模式是cbc，密鑰跟偏移都是0123456789abcdef。上面是解密后數(shù)據(jù)，里面一些東西自動(dòng)生成就行，tokenid是瀏覽器一些參數(shù)生成的，這個(gè)很重要。mousemove里面的是跟前一個(gè)坐標(biāo)的相減值

孩子哭了，奶爸要看孩子了。文筆不好，思想也比較跳躍，打字也馬虎，如有錯(cuò)別字盡量看吧，有問(wèn)題后面留言。

后面解密部分沒(méi)細(xì)說(shuō)，下次文章詳細(xì)各類(lèi)解密。

總結(jié)

以上是生活随笔為你收集整理的腾讯防水墙的分析识别与破解的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。