12306 新版验证码

17 Mar 2015 - evi1m0

近段时间 12306 订票网站验证码升级为用户识别图像内容,然后选取符合条件的图片为验证码:

http://ww1.sinaimg.cn/large/c334041bgw1eq8ijbaf75j209806xaaj.jpg

验证码接口:https://kyfw.12306.cn/otn/passcodeNew/getPassCodeNew?module=login&rand=sjrand&0.12528680684044957

第一步首先取整张图片的 Md5 ,不断遍历查看是否有重复,这里直接记录下用 Golang 编写的代码:

// Script: 12306 Captcha Md5
// Author: Evi1m0@2015
    package main

    import (
        "crypto/md5"
        "crypto/tls"
        "encoding/hex"
        "errors"
        "fmt"
        "io/ioutil"

        "net"
        "net/http"
        "time"
    )

    func HttpGet() ([]byte, error) {
        // SSL
        tr := &http.Transport{
            TLSClientConfig:    &tls.Config{InsecureSkipVerify: true},
            DisableCompression: true,
            Dial: func(netw, addr string) (net.Conn, error) {
                c, err := net.DialTimeout(netw, addr, time.Second*8)
                if err != nil {
                    return nil, err
                }
                c.SetDeadline(time.Now().Add(8 * time.Second))
                return c, nil
            },
        }

        client := &http.Client{Transport: tr}
        var captchaApi string = ("http://kyfw.12306.cn/otn/passcodeNew/" +
            "getPassCodeNew?module=login&rand=sjrand")
        resp, err := client.Get(captchaApi)
        if err != nil {
            return nil, errors.New("Error")
        } else {
            body, err := ioutil.ReadAll(resp.Body)
            if err != nil {
                return nil, errors.New("IO Error!")
            } else {
                md5 := md5.New()
                md5.Write([]byte(body))
                bodyMd5 := hex.EncodeToString(md5.Sum(nil))
                fmt.Printf("Md5: %s\n", bodyMd5)
                return body, nil
            }
            return nil, errors.New("IO Error!")
        }
    }

    func main() {
        for i := 0; i < 10000; i++ {
            _, err := HttpGet()
            if err != nil {
                continue
            }
        }
    }

go build 12306PicMd5.go

➜  12306  ./12306PicMd5
Md5: 79a63dbc2c21e0f0608de905b2283012
Md5: 9fc50fecd924d126824f687d5cc6d2b6
Md5: babd2b8cc1d42291d0f56198bacab87f
Md5: e90e8bce732cd7f1b3d7d69197121026
Md5: c0da5d243b4a93fb9f37dc6cbc9473e9
Md5: 480ac04fabc0cb484c488197e9466fe1
Md5: 08078c472e3c0a3dac3682d02fd74010
Md5: 73b8b643decb065793fcc47afdd539de

放到服务器上 RUN 了起来,这次的主要目的是对比图像是否为整张图片的图片库,还是服务器后端生成的小图拼接。

实践与单纯的猜测意义完全不同,经过确认发现验证码是后端不断的生成的,难怪验证码访问时会那么慢:)

评论插件使用 Disqus ,需翻墙才能查看及留言。