Reptile knows how to land

Introduction to reptile

Function:
It's a friendly website for reptiles, but!
Now the login verification code is disgusting. You need to click the inverted text in the figure! This makes us a person who is not literate at all. So we use the method of replacing url parameter to login with a login verification code, which needs to be entered manually.

#coding=utf-8
import urllib2
import re
from bs4 import BeautifulSoup
import requests
import time

url = "https://www.zhihu.com/#signin"
requests.adapters.DEFAULT_RETRIES = 511
###
//Define function, output verification code
###

def captcha(captcha_data):
    with open("captcha.jpg","wb")as f:
        f.write(captcha_data)
    text = raw_input("Please enter the verification code:")
    return text

###
//Through packet capturing, we can find that the verification code image is generated by unix timestamp, so we can grab the four digit alphanumeric verification code when we log in
###
def zhihulogin():
    while True:
        try:
            sess = requests.Session()
            sess.keep_alive = False
            headers = {"User-Agent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36"}

            html = sess.get(url,headers = headers).text
            bs = BeautifulSoup(html,"lxml")

            _xsrf = bs.find("input",attrs={"name":"_xsrf"}).get("value")

            captcha_url = "https://www.zhihu.com/captcha.gif?r=%d&type=login" %(time.time() * 1000)

            captcha_data = sess.get(captcha_url,headers =headers).content
            text = captcha(captcha_data)
            data = {
                "_xsrf":_xsrf,
                "email":email,
                "password":pwd,
                "captcha":text
            }

            response = sess.post("https://www.zhihu.com/login/email",data = data,headers = headers)
            print response.text
            print captcha_url

            print _xsrf
            break
        except:
###
//If sleep is not added here, it seems that an error will be reported about the maximum number of ssl connections. The specific error log is forgotten (lll ¬¬¬)
###
            time.sleep(5)


if __name__ == "__main__":
    zhihulogin()

Conclusion

When executing, you need to change the user name and password in the script to be valid, then execute the script, open the captured image, enter the verification code, and you can log in to Zhihu

Tags: Unix Session Windows SSL

Posted on Fri, 01 May 2020 09:36:52 -0700 by KyleVA