家里光猫登陆js麻烦前辈大佬看看

bizgod · 发表于 2022-12-19 12:33:18

家用光猫登陆制作个快捷版
请教大神指点

=====不知道提交参数怎么获取的麻烦解密告知？
地址是局域网 192.168.1.1

账号是：CMCCAdmin
密码是：aDm8H%MdA

提交数据包是：编码后是：
Frm_Logintoken=0&Frm_Loginchecktoken=997764298110786764682579&Right=&Username=CMCCAdmin&UserRandomNum=92930665&Password=a1977152e91947f1b81bf4334bfe0969fa845f6f48e80f3ac9f8cebb160aef16&action=login

明文是：
Frm_Logintoken: 0
Frm_Loginchecktoken: 997764298110786764682579
Right:
Username: CMCCAdmin
UserRandomNum: 92930665
Password: a1977152e91947f1b81bf4334bfe0969fa845f6f48e80f3ac9f8cebb160aef16
action: login

麻烦大佬依据js看下怎么获取解密参数

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">

<head>
<META HTTP-EQUIV="pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache, must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title>ZXHN F673AV9</title>
<LINK REL="stylesheet" HREF="css/login.css" TYPE="text/css" />
<LINK REL="stylesheet" HREF="css/stylech.css" TYPE="text/css" />
<script src="js/sha256.min.js" type="text/javascript"></script>
<script>
if (top != self)
{
top.location = self.location;
}

function getObj(id)
{
return(document.getElementById(id));
}
var SetTFlag = 0;
var maxtime;
var interval;
var loginFormAttrs = {name:"fLogin",id:"fLogin",method:"post"};
var tokenInputAttrs = {type:"hidden",name:"Frm_Logintoken",id:"Frm_Logintoken"};
var checkTokenInputAttrs = {type:"hidden",name:"Frm_Loginchecktoken",id:"Frm_Loginchecktoken"};
var rightInputAttrs = {type:"hidden",name:"Right",id:"Right"};
var nameInputAttrs = {type:"hidden",name:"Username",id:"UserNM"};
var randomInputAttrs = {type:"hidden",name:"UserRandomNum",id:"UserRandomNum"};
var pwInputAttrs = {type:"hidden",name:"Password",id:"UserPW"};
var actionInputAttrs = {type:"hidden",name:"action",id:"action",value:"login"};
var allInputsAttrs = new Array(tokenInputAttrs,checkTokenInputAttrs,rightInputAttrs,nameInputAttrs,randomInputAttrs,pwInputAttrs,actionInputAttrs);
function createElement(element,attrs)
{
var newElement = document.createElement(element);
for(attrName in attrs)
{
newElement.setAttribute(attrName,attrs[attrName]);
}
return newElement;
}
function createInputsToForm(formElement,inputsAttrs)
{
for(var i = 0; i < inputsAttrs.length; i++)
{
formElement.appendChild(createElement("input",inputsAttrs));
}
}
function createFormToBody(formAttr,inputsAttrs)
{
var loginForm = createElement("form",formAttr);
createInputsToForm(loginForm,inputsAttrs)
document.body.appendChild(loginForm);
}
document.onkeydown=keyDownSearch;
function keyDownSearch(e) {

var theEvent = e || window.event;
var code = theEvent.keyCode || theEvent.which || theEvent.charCode;
if (code == 13) {
dosubmit();
return false;
}
return true;
}
function setTime()
{
if(window.name!="" && /^[0-9]*$/.test(window.name) == false)
{
if(interval)
{
clearInterval(interval);
interval = 0;
}
return;
}
if(window.name>=60 || window.name<0 || window.name=="")
{
maxtime = Math.min(60, 0 + 60 - 96320);
}
else
{
maxtime = parseInt(window.name);
}
if(maxtime>=0)
{
seconds = maxtime;
getObj("time").innerHTML=seconds+"秒";
if (maxtime == 0)
{
setDisable();
SetTFlag =0;
window.name="";
if(interval)
{
clearInterval(interval);
interval = 0;
}
}
else
{
--maxtime;
SetTFlag = 1;
window.name = maxtime;
}
}
}
function setinner(type)
{
if (SetTFlag ==0)
{
getObj("myLayer").style.visibility = type ;
}
}
function Transfer_meaning(id,value)
{
getObj(id).value=value;
}
</script>
</head>

<body>
<div id="container">
<div id="myLayer" style="position:absolute; width:185px; height:91px; z-index:9; left: 50%; margin-left: 155px; top: 35%; background: url(img/pop_up.gif) no-repeat; border: 1px none #000000; visibility: hidden;">
<div id="Layer1" style="position:absolute; width:180px; height:45px; z-index:10; left: 2px; top: 28px;">
<table width="183" border="0">
<tr>
<td width="183">  <font id="errmsg" class="notecontent" ></font><span id="time" style="color:red;display:none;"></span></td>
</tr>
</table>
</div>
<div id="Layer3" style="position:absolute; width:140px; height:10px; z-index:11; left: 34px; top: 9px; font-size: 8pt;">
<font  class="note" id="errnote"> 错误信息</font>
</div>
</div>

<div id="head" style="display:none">
<div class="type"><font id="">ZXHN F673AV9</font></div>
<div id="banner" style="background-image:url(img/banner.gif); background-repeat:no-repeat"></div>
</div>


<div id="loginArea">

<div class="login_frame">
<div id="login_title" style="display:none;">
<ul class="login_title">
<li class="login_title_left"></li>
<li class="login_title_center">请登录后继续...</li>
<li class="login_title_right"></li>
</ul>
</div>
<div class="content">
<ul class="login_blank" style="display:none;"></ul>
<ul class="login_ul_1">
<li class="login_li_1" style="display:none;"><span>用户名</span></li>
<li class="login_li_2">
<input type="text" class="username" name="Username" id="Frm_Username">
</li>
</ul>
<ul class="login_blank" style="display:none;"></ul>
<ul class="login_ul_1">
<li class="login_li_1" style="display:none;"><span>密码</span></li>
<li class="login_li_3">
<input type="password" class="password" name="Password" id="Frm_Password" autocomplete="off">
</li>
</ul>
<div class="login_button">
<ul class="login_ul_1">
<li class="login_li_4">
<input class="login" type="submit" id="LoginId" value="登录">
</li>

<li class="login_li_5">
<input class="login" type="submit" id="LoginId1" value="设备注册">
</li>

</ul>
</div>
</div>
</div>


<div class="login_QRCode"></div>

<div class="browser_info" id="browser_info" style="display:none;">
您使用的IE浏览器版本过低，为确保功能的正常使用，<span>推荐使用Google Chrome、Firefox等高级浏览器！</span>
</div>
</div>


<div style="font-family: Arial;font-size: 12px;text-align:center; display:none;"> 中兴通讯股份有限公司版权所有©2011 </div>

<div class="bottom_line" style="display:none;"></div>
<div id="bottomx" style="display:none;"></div>

</div>
</body>
</html>
<script>

window.name="";

var Version = IEVersion();
if (Version == "IE6" || Version == "IE7" || Version == "IE8" || Version == "IE9")
{
getObj("browser_info").style.display = "";
}
function IEVersion()
{
var agent = navigator.userAgent;
var isIE = agent.indexOf("compatible") > -1 && agent.indexOf("MSIE") > -1;
var isEdge = agent.indexOf("Edge") > -1 && !isIE;
var isIE11 = agent.indexOf("Trident") > -1 && agent.indexOf("rv:11.0") > -1;
if (isIE)
{
var reIE = new RegExp("MSIE (\\d+\\.\\d+);");
reIE.test(agent);
var fIEVersion = parseFloat(RegExp["$1"]);
if (fIEVersion > 6)
{
return "IE" + fIEVersion;
}
else
{
return "IE6";
}
}
else if (isEdge)
{
return "Edge";
}
else if (isIE11)
{
return "IE11";
}
else
{
return "Not IE";
}
}
function bridge_route()
{
document.location.href="bridge_route.gch";
}
function SetDisabled()
{
getObj("errmsg").innerHTML = "您的错误登录次数已经达到三次，系统将延时进行校验。";
getObj("Frm_Username").disabled = true;
getObj("Frm_Password").disabled = true;
getObj("LoginId").disabled = true;

getObj("myLayer").style.visibility = "visible" ;
getObj("time").style.display = "" ;
interval = setInterval("setTime()",1000);
}
function setDisable()
{
if (SetTFlag == 1)
{
getObj("Frm_Username").disabled = false;
getObj("Frm_Password").disabled = false;
getObj("LoginId").disabled = false;

getObj("time").style.display = "none";
getObj("myLayer").style.visibility = "hidden";
}
}
function dosubmit()
{
if (getObj("Frm_Username").value == "")
{
getObj("errmsg").innerHTML = "用户名不能为空。";
getObj("myLayer").style.visibility = "visible" ;
return;
}
else
{
getObj("LoginId").disabled = true;
if(getObj("LoginId1") != null)
{
getObj("LoginId1").disabled = true;
}
passwordSHA256();
document.getElementById("UserNM").value = document.getElementById("Frm_Username").value;
getObj("Frm_Logintoken").value = "1";
getObj("Frm_Loginchecktoken").value = "938745332066823957410661";
document.fLogin.submit();
}
}
function doregister()
{
var Status = "0";
var Result = "1";
var CurrentVersion = "423";
if(Status == "0" && Result == "1")
{
if(CurrentVersion == 404 || CurrentVersion == 401)
{
alert("该设备已注册成功（LOID：" + "NX01686804" + "），如需重新注册请恢复出厂设置");
}
else if("423" == 423)
{
alert("已注册无需注册");
}
else
{
alert("已经注册成功、业务下发成功，无需再次注册！");
}
}
else
{
top.location.href = "register.gch?fNum=1&isRegister=1";
}
}
function onFocus()
{
createFormToBody(loginFormAttrs,allInputsAttrs);
if( document.getElementById("Frm_Username").disabled == false )
{
document.getElementById("Frm_Username").focus();
}

}
function passwordSHA256()
{
var after_Password = getObj("Frm_Password").value;
var before_Password;
var pwd_random = Math.round(Math.random()*89999999)+10000000;
before_Password = sha256(after_Password + pwd_random);
getObj("UserPW").value = before_Password;
getObj("UserRandomNum").value = pwd_random;
}
</script>

xxstars · 发表于 2022-12-19 12:33:19

password=sha256(密码+UserRandomNum)

陽陽陽 · 发表于 2022-12-19 12:46:35

function passwordSHA256()
{
var after_Password = getObj("Frm_Password").value;
var before_Password;
var pwd_random = Math.round(Math.random()*89999999)+10000000;
before_Password = sha256(after_Password + pwd_random);
getObj("UserPW").value = before_Password;
getObj("UserRandomNum").value = pwd_random;
}
</script>

这个就是获取加密密匙的了

陽陽陽 · 发表于 2022-12-19 13:14:31

假如你一点JS都不会的话，先建议补个基础
function定义一个子程序
通过变量定义var我们可以看到他的思路：
afterpassword的意思是在密码之后。
经过google可以查到：
Math.random()是令系统随机选取大于等于 0.0 且小于 1.0 的伪随机 double 值，是Java语言常用代码。
也就是说他取了一个0-1的值，再乘以89999999，四舍五入之后，然后再加10000000，最后把它赋值给pwd_random

然后密码前这个变量：
https://blog.csdn.net/u011583927/article/details/80905740
用了一个加密算法，把两个值加起来再加密（看看Frm_password这个编辑框里面是什么，应该就是你的密码）
然后它又把得到的这个值付给了一个UserPW的物体，然后把随机数那个赋值给了另一个物体

补充内容 (2022-12-19 13:15):
错了错了，那个不是加密算法，是一个类似于文本特征码的东西，哈希值

[已解决] 家里光猫登陆js麻烦前辈大佬看看

最佳答案

评分

评分

		自动登录	找回密码
密码			注册