Skip to content

P
px3
Commit 0ef7a796 authored by wang's avatar wang
Browse files
Options

11

parent c8047a25
Hide whitespace changes
Inline Side-by-side
Showing with 5742 additions and 235 deletions
index.html
View file @ 0ef7a796
{"errors":null,"messages":null,"data":{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkb3RSZXpXZWIiLCJqdGkiOiJiOGRjOGQ1NC05YjIyLWZkNDAtMzFjZS1iMDg4ZTViOWE0MTkiLCJpc3MiOiJkb3RSRVogQVBJIn0.xtEGJwPyAlAorCWKX1WQRaJRd5j8ZTiRPhxdna4hBnA","idleTimeoutInMinutes":15},"metadata":null}
\ No newline at end of file
<!DOCTYPE html><html lang="en" translate="no"><head>
<script type="text/javascript"> (function(){
window.PXkp4CLSb5_asyncInit = function(px) {
px.Events.on('score', function (score) {
try {
window.dataLayer = window.dataLayer || [];
window.dataLayer.push({ event: 'px.score', trigger: { dimension117: score }});
} catch (err) {
console.error("px score ga send failed" + err);
}
});
};
var p = document.getElementsByTagName('script')[0], s = document.createElement('script'); s.async = 1; s.src = '/kp4CLSb5/init.js';
window._pxMonitorAbr = true; p.parentNode.insertBefore(s,p);}());
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-VKEG2ZBNZ5');
window['GoogleAnalyticsObject'] = 'ga';
window['ga'] = window['ga'] || function() {
(window['ga'].q = window['ga'].q || []).push(arguments)
};
function OptanonWrapper() { }
function getCookie(name) {
const v = `; ${document.cookie}`;
const a = v.split(`; ${name}=`);
if (a.length === 2) return a.pop().split(';').shift();
}
var OneTrust = {
geolocationResponse: {
stateCode: getCookie('userProvinceLocation'),
countryCode: getCookie('userCountryLocation'),
}
};
</script>
<link rel="preconnect" href="https://service.maxymiser.net">
<link rel="preload" href="https://d.oracleinfinity.io/infy/acs/account/heul299ijy/js/main/odc.js?_ora.config=analytics:production;maxymiser:production" as="script">
<script type="text/javascript" src="https://d.oracleinfinity.io/infy/acs/account/heul299ijy/js/main/odc.js?_ora.config=analytics:production;maxymiser:production"></script>
<script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="0390835f-17d4-4720-a875-08b2c2eeac36"></script>
<meta charset="utf-8">
<meta name="google" content="notranslate">
<meta name="google-site-verification" content="_f3fFuGwOQMzwZ_2R71sZBMz8zpKYkp0cmzcZyXb_X4">
<meta name="viewport" content="initial-scale=1.0, width=device-width, height=device-height, user-scalable=yes">
<meta name="description" content="Spirit Airlines is the leading Ultra Low Cost Carrier in the United States, the Caribbean and Latin America. Spirit Airlines fly to 60+ destinations with 500+ daily flights with Ultra Low Fare.">
<title>Spirit Airlines</title>
<link rel="preconnect" href="https://content.spirit.com">
<link rel="preload" href="/assets/font/source-sans-pro/WOFF2/TTF/SourceSansPro-Regular.ttf.woff2" as="font" type="font/woff2" crossorigin="anonymous">
<link rel="preload" href="/assets/font/source-sans-pro/WOFF2/TTF/SourceSansPro-Black.ttf.woff2" as="font" type="font/woff2" crossorigin="anonymous">
<link rel="preload" href="/assets/font/icomoon/icomoon.woff2?bfh1w1" as="font" type="font/woff2" crossorigin="anonymous">
<link rel="preload" media="(max-width: 766px)" href="https://content.spirit.com/a/2129" as="image">
<link rel="preload" media="(min-width: 767px) and (max-width: 992px)" href="https://content.spirit.com/a/2888" as="image">
<link rel="preload" media="(min-width: 993px)" href="https://content.spirit.com/a/2151" as="image">
<base href="/"><script type="text/javascript" src="https://js-cdn.dynatrace.com/jstag/16dcf18d41e/bf04820crc/73bede5a20cee83c_complete.js" crossorigin="anonymous"></script>
<link rel="icon" type="image/x-icon" href="favicon.ico?v=2">
<style>:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,:after,:before{box-sizing:border-box}html{font-family:sans-serif;line-height:1.15;-webkit-text-size-adjust:100%;-webkit-tap-highlight-color:transparent}body{margin:0;font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,"Apple Color Emoji","Segoe UI Emoji",Segoe UI Symbol,"Noto Color Emoji";font-size:1rem;font-weight:400;line-height:1.5;color:#212529;text-align:left;background-color:#fff}@media print{*,:after,:before{text-shadow:none!important;box-shadow:none!important}@page{size:a3}body{min-width:992px!important}}html{scroll-behavior:smooth}html{font-size:100%;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-smoothing:antialiased;font-weight:400}@-moz-document url-prefix(){body{font-weight:lighter!important}}body{margin:0;font-family:Source Sans Pro,Verdana,sans-serif;font-size:1rem;color:#000;overflow-y:scroll;overflow-x:hidden}@media print{@page{size:auto;margin:10mm}}@font-face{font-family:Source Sans Pro;font-weight:400;font-style:normal;font-stretch:normal;font-display:swap;src:local("Source Sans Pro Regular"),local("SourceSansPro-Regular"),url(/assets/font/source-sans-pro/WOFF2/TTF/SourceSansPro-Regular.ttf.woff2) format("woff2"),url(/assets/font/source-sans-pro/WOFF/OTF/SourceSansPro-Regular.otf.woff) format("woff")}</style><link rel="stylesheet" href="styles.ff1211a965bc84a3.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.ff1211a965bc84a3.css"></noscript><script >bazadebezolkohpepadr="1403929567"</script><script type="text/javascript" src="https://www.spirit.com/akam/13/53ae43bf" defer></script></head>
<body>
<noscript>
<iframe
src="https://www.googletagmanager.com/ns.html?id=GTM-TRK4LPZ&gtm_auth=cVHzS7BYqjxUbMatudai8Q&gtm_preview=env-2&gtm_cookies_win=x"
height="0" width="0" style="display:none;visibility:hidden"></iframe>
</noscript>
<app-root></app-root>
<script src="runtime.e74ff49be5c695ee.js" type="module"></script><script src="polyfills.d4877e4ac0179a87.js" type="module"></script><script src="vendor.a23753ef92c43297.js" type="module"></script><script src="main.5b33fc9706a07e60.js" type="module"></script>
<noscript><img src="https://www.spirit.com/akam/13/pixel_53ae43bf?a=dD1mNWRhZTU4NGI3NzhlMWNjNzZhOTMyZGIzNTFkMDA0MGNlNGM0YTEwJmpzPW9mZg==" style="visibility: hidden; position: absolute; left: -999px; top: -999px;" /></noscript><script type="text/javascript" src="/gOon7q/TEMLwe/d/tUd/x5-KSZBF/iNXiwQkYti/XAIeck4jRgo/eFw2/HXw7clUB"></script></body></html>
main.py
View file @ 0ef7a796
......@@ -3,6 +3,7 @@ import ctypes
import json
import random
import time
from urllib.parse import quote
import execjs
import tls_client
......@@ -11,8 +12,8 @@ from loguru import logger
with open('js/encodepayload.js', 'r', encoding='utf-8') as f:
jsCode = f.read()
ctx = execjs.compile(jsCode)
ctxPC = execjs.compile(open('pc.js', 'r').read())
ctxStep2 = execjs.compile(open('step2.js', 'r').read())
ctxPC = execjs.compile(open('pc.js').read())
ctxStep2 = execjs.compile(open('step2.js').read())
def get_timestamp():
......@@ -25,126 +26,174 @@ def unsinged_right_shift(x, y):
class PxBypass():
session = tls_client.Session(client_identifier='chrome_112')
# PX11431 o111ooo1
ts: str = ''
# PX15454 o111oooo
num1: int = ''
# PX11701 111o1o
num2: str = ''
# PX11701 111o1o
str1: str = ''
session = tls_client.Session(client_identifier='chrome_117')
# print(session.get('https://tls.peet.ws/api/all').json())
# session = requests.Session()
session.proxies = {
'http': 'http://127.0.0.1:8890',
'https': 'http://127.0.0.1:8890',
'http': 'http://127.0.0.1:7890',
'https': 'http://127.0.0.1:7890',
}
session.proxies = {
'http': "http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:9000",
'https': "http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:9000",
}
# session.proxies = {
# 'http': "http://user-unifflcc-region-us:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600",
# 'https': "http://user-unifflcc-region-us:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600",
# 'http': 'http://user-uni001-region-us-sessid-1111-sesstime-5-keep-true:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600',
# 'https': 'http://user-uni001-region-us-sessid-1111-sesstime-5-keep-true:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600',
# }
prox = 'http://b6b6b6b6-zone-custom-region-us-session-130oj36t4-sessTime-5:bpoMDFG5oD@na.ipidea.io:2333'
prox = 'http://user-uni001-region-us-sessid-1111-sesstime-5-keep-true:q39CEBTs5A5YQXor@pr.roxlabs.cn:4600'
prox = 'http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:9000'
# prox = f'http://unfflcc:76cc14-47b8dd-1f8ace-827836-0c740e@usa.rotating.proxyrack.net:{random.randint(10000, 13500)}'
# prox = 'http://127.0.0.1:7890'
session.proxies = {
'http': prox,
'https': prox,
}
tag = "v8.7.2"
ft = "317"
def __init__(self, target_url):
self.target_url = target_url
self.log = logger.bind(module_name='px')
def inc(self):
self.seq += 1
self.rsc += 1
self.log.info(f'seq: {self.seq} rsc:{self.rsc}')
def run(self):
self._init()
self.seq = 0
self.rsc = 1
self._step_1()
self._step_2()
cks = self.session.cookies.get_dict()
res = []
for k, v in cks.items():
res.append(f'{k}={v}')
print('cks = append(cks, &http.Cookie{Name: "' + k + '", Value: "' + v + '"})')
# print('; '.join(res))
self.inc()
self.seq += 1
self._step_11()
self.inc()
time.sleep(1.5)
self._step_2(True)
# time.sleep(2)
# self._step_2(False)
# time.sleep(2)
self.inc()
# if self.session.cookies.get_dict().get('_px2', None) == None:
self._step_3()
# time.sleep(3)
self.inc()
time.sleep(2)
self.__token()
def _init(self):
# headers = {
# "authority": "www.spriti.com",
# "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
# "accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7,ru;q=0.6",
# "cache-control": "no-cache",
# "pragma": "no-cache",
# "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
# }
# res = self.session.get(self.target_url, headers=headers, allow_redirects=True)
# self.log.info(f"初始化请求 res {res.status_code}")
res = self.session.get(
self.target_url,
headers={
"authority": "www.spirit.com",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7,ru;q=0.6",
"cache-control": "no-cache",
"pragma": "no-cache",
"sec-ch-ua": "\"Not/A)Brand\";v=\"99\", \"Google Chrome\";v=\"115\", \"Chromium\";v=\"115\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"macOS\"",
"sec-fetch-dest": "document",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"sec-fetch-user": "?1",
"upgrade-insecure-requests": "1",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
}, allow_redirects=True)
self.log.info(f"初始化请求 res {res.status_code}")
self.params = {}
self.session.cookies.update(
{
"_abck": "458AC263C1AF432E5C21C1B18E5CFEB4~0~YAAQLC0tF3O+BmGLAQAAPBuXZQqz7ojPmAs/5w92Jec/vQPtvAN4o646kbz0ZCoR9rCXsKNDRcZnAzR6pzrVTNmiqWdNyLGrLa1wZr63NscBHyDfsN4qN9k8esESjlcN3oImy3tDmbhqSdShpeIzs3ci4wWEx7YeQMkSyGETLcHy/KQR7T+sJbcEGJtsIZwIYMCkWES5XfaRDFPeLnFgIDFeRyMOujFAPKtbqeYF9/fkVRfXRm2qVBrH3odw1Ahn96U2pSW0R6oVpyI2FJH5Z+YHpkQeJRHim0KtnPFt3K3Sc3Jwpq+72WxW80Kgxs57fDEBh3Gbqfd4QagSku7XxfdDF93vyhUNlkVMsZhlIXwkdvluqcrzUQaY2iNj2sLDtCHhHoWnLLWjLPs0g5rrrO0Opar2TDKlrg==~-1~-1~1698219999",
"_pxhd": "3a00a3b04e381da0411bdccfeffcc207f08031e05bafeaf5504acace04788e78:70ff3591-7302-11ee-adc0-89185d2fb9d0",
"ak_bmsc": "C72E104CC8715DEF1805E70E27AE398C~000000000000000000000000000000~YAAQLC0tF3S+BmGLAQAAPBuXZRX8kjOyO7jCD4VXOHLBay3qXUgaXMnvEAVt3jxP2KG96BJcm4UjhqLG3deo1K8EJvrkY3kClpcI2fVgDDpm81Enq9qipxnJNGFTZQNvEZFuTsqoxPHd1uetFwVo0m9spGI6OY4NkTQdf2iBt3JdfMjKoHLDivjNl85soityCkZ1VRvHCgyGmJE/dZWlc3ht7a1fLMHILYhzBRbLe36wWSmk4bP0WF2q8Qx1u22orGe3cIEukCeGE4OgFF63txAAJcMh/wUXBUgKj1PKvm6hFPx0YYGbcTir7X0ZnTb0XHDh2FwU9/3NUaYI/nXM8ZZmxEfrRiMoxBHxWfcRqvMGpJUCXU/5y2DC9+E7s7RR02jCxxRNfhl3hsRvp0Op0lulP7XD",
"bm_sv": "CC1EC8F7B758F71ABE009B6CB45AA47E~YAAQLC0tF3W+BmGLAQAAPBuXZRVNDHugg12neZvQxV+6RKsIVkqhOiFIPODHm/UZBPtO0w++P1kLUbZCgnAZe6mFC9yM6CRhKH24SvlypxxEu6n336x5DwKE1U4/lJjcBpXvNlqTayCcKwKEgRyptbkr7KjdTGkYhqeOAzr45914qTlH8Iq9YLitS5CfMcbDQ/idHrYx0Jw1ok0JNx1lf6yvYCqOZRjuYeYZxVkZbQmR25l1pjNN1BALh0gJ/GME~1",
"bm_sz": "B28FB8D80950D150659C06C31B9F45FB~YAAQLC0tFzO+BmGLAQAAvxSXZRWaQKqVvyyxH8QA1zpxO9Uiq9ePiKzeUlIOGg8grvmUbM2AISNS/QE9g47/kycpJYulxjMq3Q4dgZyUwPt2y3w9aiuIMEbWzN/6wr7xGEg5fXB6M5Q2In6LnQWQL2kyTqNI/lh06+gYSFm/VzRy9aLpVSGx4rd7XEo/pOmvAacn5miPCxJgse2XFMbF0ldA1PfWjc5/dzjKYsepF6rt1BAMCd4nk5B4vrh654t5865csLIbKVQXQat1aPydJxX1hpz0VqpaDMSZqJ45LXTUH30=~3228209~4538931",
"userCountryLocation": "US", "userGeolocation": "-118.2487, 33.9733"}
)
for k, v in self.session.cookies.items():
self.params[k] = v
self.log.info(f"init cookie {self.params}")
# with open('index.html','w') as f:
# f.write(res.text)
with open('index.html', 'w') as f:
f.write(res.text)
def __uuid(self):
r = ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "0a", "0b", "0c", "0d", "0e", "0f", "10", "11",
"12", "13", "14", "15", "16", "17", "18", "19", "1a", "1b", "1c", "1d", "1e", "1f", "20", "21", "22", "23",
"24", "25", "26", "27", "28", "29", "2a", "2b", "2c", "2d", "2e", "2f", "30", "31", "32", "33", "34", "35",
"36", "37", "38", "39", "3a", "3b", "3c", "3d", "3e", "3f", "40", "41", "42", "43", "44", "45", "46", "47",
"48", "49", "4a", "4b", "4c", "4d", "4e", "4f", "50", "51", "52", "53", "54", "55", "56", "57", "58", "59",
"5a", "5b", "5c", "5d", "5e", "5f", "60", "61", "62", "63", "64", "65", "66", "67", "68", "69", "6a", "6b",
"6c", "6d", "6e", "6f", "70", "71", "72", "73", "74", "75", "76", "77", "78", "79", "7a", "7b", "7c", "7d",
"7e", "7f", "80", "81", "82", "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f",
"90", "91", "92", "93", "94", "95", "96", "97", "98", "99", "9a", "9b", "9c", "9d", "9e", "9f", "a0", "a1",
"a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "aa", "ab", "ac", "ad", "ae", "af", "b0", "b1", "b2", "b3",
"b4", "b5", "b6", "b7", "b8", "b9", "ba", "bb", "bc", "bd", "be", "bf", "c0", "c1", "c2", "c3", "c4", "c5",
"c6", "c7", "c8", "c9", "ca", "cb", "cc", "cd", "ce", "cf", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7",
"d8", "d9", "da", "db", "dc", "dd", "de", "df", "e0", "e1", "e2", "e3", "e4", "e5", "e6", "e7", "e8", "e9",
"ea", "eb", "ec", "ed", "ee", "ef", "f0", "f1", "f2", "f3", "f4", "f5", "f6", "f7", "f8", "f9", "fa", "fb",
"fc", "fd", "fe", "ff"]
bs = 0
ys = [random.randint(10, 255) for _ in range(6)]
# random.shuffle(ys)
Gs = random.randint(1100, 9999)
Ws = 0
s = Gs
h = get_timestamp()
d = bs + 1
m = int(h - Ws + (d - bs) / 1e4)
Ws = h
bs = d
Gs = s
h += 122192928e5
h = int(h)
f = []
u = 0
p = (1000 * (268435455 & h) + d) % 4294967296
# p = 4180087664
f[:3] = int(p).to_bytes(4, byteorder='big')
Q = int(h / 4294967296) * 1000 & 268435455
# Q = 32386116
f.append(unsinged_right_shift(Q, 8) & 255)
f.append(255 & Q)
f.append(unsinged_right_shift(Q, 24) & 15 | 16)
f.append(unsinged_right_shift(Q, 16) & 255)
# s = 6488
f.append(unsinged_right_shift(s, 8) | 128)
f.append(255 & s)
for i in ys:
f.append(i)
print(f)
res = [r[f[0]], r[f[1]], r[f[2]], r[f[3]], '-', r[f[4]], r[f[5]], '-', r[f[6]], r[f[7]], '-', r[f[8]], r[f[9]],
'-',
r[f[10]], r[f[11]], r[f[12]], r[f[13]], r[f[14]], r[f[15]]]
return ''.join(res)
# return "b8a39670-7866-11ee-9655-63a4f05cd5d1"
return ctxStep2.call('genUuid')
# r = ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "0a", "0b", "0c", "0d", "0e", "0f", "10", "11",
# "12", "13", "14", "15", "16", "17", "18", "19", "1a", "1b", "1c", "1d", "1e", "1f", "20", "21", "22", "23",
# "24", "25", "26", "27", "28", "29", "2a", "2b", "2c", "2d", "2e", "2f", "30", "31", "32", "33", "34", "35",
# "36", "37", "38", "39", "3a", "3b", "3c", "3d", "3e", "3f", "40", "41", "42", "43", "44", "45", "46", "47",
# "48", "49", "4a", "4b", "4c", "4d", "4e", "4f", "50", "51", "52", "53", "54", "55", "56", "57", "58", "59",
# "5a", "5b", "5c", "5d", "5e", "5f", "60", "61", "62", "63", "64", "65", "66", "67", "68", "69", "6a", "6b",
# "6c", "6d", "6e", "6f", "70", "71", "72", "73", "74", "75", "76", "77", "78", "79", "7a", "7b", "7c", "7d",
# "7e", "7f", "80", "81", "82", "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f",
# "90", "91", "92", "93", "94", "95", "96", "97", "98", "99", "9a", "9b", "9c", "9d", "9e", "9f", "a0", "a1",
# "a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "aa", "ab", "ac", "ad", "ae", "af", "b0", "b1", "b2", "b3",
# "b4", "b5", "b6", "b7", "b8", "b9", "ba", "bb", "bc", "bd", "be", "bf", "c0", "c1", "c2", "c3", "c4", "c5",
# "c6", "c7", "c8", "c9", "ca", "cb", "cc", "cd", "ce", "cf", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7",
# "d8", "d9", "da", "db", "dc", "dd", "de", "df", "e0", "e1", "e2", "e3", "e4", "e5", "e6", "e7", "e8", "e9",
# "ea", "eb", "ec", "ed", "ee", "ef", "f0", "f1", "f2", "f3", "f4", "f5", "f6", "f7", "f8", "f9", "fa", "fb",
# "fc", "fd", "fe", "ff"]
# bs = 0
# ys = [random.randint(10, 255) for _ in range(6)]
# # random.shuffle(ys)
# Gs = random.randint(1100, 9999)
# Ws = 0
# s = Gs
# h = get_timestamp()
# d = bs + 1
# m = int(h - Ws + (d - bs) / 1e4)
#
# Ws = h
# bs = d
# Gs = s
# h += 122192928e5
# h = int(h)
# f = []
# u = 0
# p = (1000 * (268435455 & h) + d) % 4294967296
# # p = 4180087664
# f[:3] = int(p).to_bytes(4, byteorder='big')
# Q = int(h / 4294967296) * 1000 & 268435455
# # Q = 32386116
# f.append(unsinged_right_shift(Q, 8) & 255)
# f.append(255 & Q)
# f.append(unsinged_right_shift(Q, 24) & 15 | 16)
# f.append(unsinged_right_shift(Q, 16) & 255)
# # s = 6488
# f.append(unsinged_right_shift(s, 8) | 128)
# f.append(255 & s)
# for i in ys:
# f.append(i)
# print(f)
# res = [r[f[0]], r[f[1]], r[f[2]], r[f[3]], '-', r[f[4]], r[f[5]], '-', r[f[6]], r[f[7]], '-', r[f[8]], r[f[9]],
# '-',
# r[f[10]], r[f[11]], r[f[12]], r[f[13]], r[f[14]], r[f[15]]]
# return ''.join(res)
def _step_1(self):
t1 = int(time.time() * 1000)
t2 = t1 + random.randint(3, 12)
self.startTs = t1
self.startTs2 = t2
_uuid = self.__uuid()
self.uuid = _uuid
# "[{"t":"PX12095","d":{"PX11645":self.target_url,"PX12207":0,"PX12458":"MacIntel","PX11902":0,"PX11560":3781,"PX12248":3600,
# "PX11385":1698649702900,"PX12280":1698649702913,"PX11496":"1ce53d20-76f3-11ee-8971-a3e00c89b2ff","PX12564":null,"PX12565":-1,"PX11379":false}}]"
data = [{"t": "PX12095",
"d": {"PX11645": "https://www.spirit.com/", "PX12207": 0, "PX12458": "MacIntel", "PX11902": 0,
"PX11560": random.randint(8549, 8549 * 3), "PX12248": 3600, "PX11385": t1, "PX12280": t2,
"d": {"PX11645": self.target_url, "PX12207": 0, "PX12458": "MacIntel", "PX11902": 0,
"PX11560": random.randint(24846, 24846 * 2), "PX12248": 3600, "PX11385": t1, "PX12280": t2,
"PX11496": _uuid, "PX12564": None, "PX12565": -1,
"PX11379": False}}]
data_str = json.dumps(data, separators=(',', ':'))
......@@ -153,51 +202,76 @@ class PxBypass():
payload = ctx.call('encodePayload', data_str, _uuid, '')
self.log.info(f'payload {payload}')
tag = "v8.6.6"
ft = "316"
pc = self.__gen_pc(data_str, f'{_uuid}:{tag}:{ft}')
pc = self.__gen_pc(data_str, f'{_uuid}:{self.tag}:{self.ft}')
print(pc)
body = {
"payload": payload,
"appId": "PXkp4CLSb5",
"tag": tag,
"tag": self.tag,
"uuid": _uuid,
"ft": ft,
"seq": "0",
"ft": self.ft,
"seq": self.seq,
"en": "NTA",
"pc": pc,
"pxhd": self.params['_pxhd'],
"rsc": "1"
# "pxhd": self.params['_pxhd'],
"rsc": self.rsc
}
print(body)
url = "https://collector-PXVb73hTEg.px-cloud.net/api/v2/collector"
url = "https://collector-PXkp4CLSb5.px-cloud.net/b/s"
headers = {
"authority": "collector-PXVb73hTEg.px-cloud.net",
"authority": "collector-PXkp4CLSb5.px-cloud.net",
"accept": "*/*",
"accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7",
"cache-control": "no-cache",
"content-type": "application/x-www-form-urlencoded",
"origin": "https://www.spirit.com",
"origin": self.target_url,
"pragma": "no-cache",
"referer": "https://www.spirit.com/",
"referer": self.target_url,
"sec-ch-ua": "\"Not/A)Brand\";v=\"99\", \"Google Chrome\";v=\"115\", \"Chromium\";v=\"115\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
}
response = self.session.post(url, headers=headers, data=body)
self.log.info(f'collector1 {response.text}')
resp = response.json()
m = {}
if 'ob' in resp:
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), 866 % 128).decode()
print(cookies.split('~~~~'))
for i in cookies.split('~~~~'):
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), self._decode_resp()).decode()
cks = cookies.split('~~~~')
self.log.info(len(cks))
self.log.info(json.dumps(cks, indent=True))
print()
for i in cks:
tmp = i.split('|')
m[tmp[0]] = tmp[1]
if tmp[0] == 'o111ooo1':
self.ts = tmp[1]
if tmp[0] == 'o111oooo':
self.num1 = int(tmp[1])
if tmp[0] == '111o1o':
self.num2 = tmp[1]
if tmp[0] == '1oooo1':
self.str1 = tmp[1]
if tmp[0] == 'o1oo1o':
self.vid = tmp[1]
self.session.cookies.update({
'_pxvid': self.vid
})
if tmp[0] == 'o11o11':
self.sid = tmp[1]
if tmp[0] == '11o111':
self.cs = tmp[1]
if tmp[0] == 'o11o11oo':
self.cts = tmp[1]
self.session.cookies.update({
'pxcts': self.cts
})
if 'pxde' in i:
self.session.cookies.update({
'_pxde': tmp[3]
......@@ -225,7 +299,6 @@ class PxBypass():
})
self.log.info(f'cookies1 {self.session.cookies.keys()}')
self.m = m
self.log.info(self.m)
def encrypt(self, data, param):
n = bytearray()
......@@ -240,7 +313,7 @@ class PxBypass():
def __gen_pc(self, data_str, param):
# self.log.info(f'genpc {data_str} {param}')
# ctx = execjs.compile(jsCode)
return ctxPC.call('genPc', param, data_str)
return ctxPC.call('genPc', data_str, param)
def __token(self):
......@@ -273,59 +346,61 @@ class PxBypass():
print(response)
print(response.status_code)
def _step_2(self):
self.log.info(self.m)
self.log.info(self.uuid)
data_str = ctxStep2.call('genPayload2', self.m, self.uuid)
def _step_2(self, nn):
self.log.info(self.uuid)
# sid, vid,ts, num1 ,num2,str1, uuid
data_str = ctxStep2.call('genPayload2', self.target_url, self.sid, self.vid, self.ts, self.num1, self.num2, self.str1, self.uuid,
self.startTs, self.startTs2, nn)
self.log.info(f'data_str2 {data_str}')
payload = ctx.call('encodePayload', data_str, self.uuid, '')
payload = ctx.call('encodePayload', data_str, self.uuid, self.ts)
self.log.info(f'payload {payload}')
tag = "v8.6.6"
ft = "316"
pc = self.__gen_pc(data_str, f'{self.uuid}:{tag}:{ft}')
pc = self.__gen_pc(data_str, f'{self.uuid}:{self.tag}:{self.ft}')
body = {
"payload": payload,
"appId": "PXkp4CLSb5",
"tag": tag,
"tag": self.tag,
"uuid": self.uuid,
"ft": ft,
"seq": "1",
"ft": self.ft,
"seq": self.seq,
"en": "NTA",
"cs": self.m['00III0'],
"cs": self.cs,
"pc": pc,
"sid": self.m['I0I0II'],
"vid": self.m['I000I0'],
"cts": self.m['0III00I0'],
"rsc": "1"
# "sid": self.sid,
# "vid": self.vid,
# "cts": self.cts,
"rsc": self.rsc
}
url = "https://collector-PXVb73hTEg.px-cloud.net/api/v2/collector"
body = self.update_sid_vid(body)
url = "https://collector-PXkp4CLSb5.px-cloud.net/b/s"
headers = {
"authority": "collector-PXVb73hTEg.px-cloud.net",
"authority": "collector-PXkp4CLSb5.px-cloud.net",
"accept": "*/*",
"accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7",
"cache-control": "no-cache",
"content-type": "application/x-www-form-urlencoded",
"origin": "https://www.spirit.com",
"origin": self.target_url,
"pragma": "no-cache",
"referer": "https://www.spirit.com/",
"referer": self.target_url,
"sec-ch-ua": "\"Not/A)Brand\";v=\"99\", \"Google Chrome\";v=\"115\", \"Chromium\";v=\"115\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
}
response = self.session.post(url, headers=headers, data=body)
self.log.info(f'collector2 {response.text}')
resp = response.json()
m = {}
if 'ob' in resp:
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), 866 % 128).decode()
print(cookies.split('~~~~'))
for i in cookies.split('~~~~'):
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), self._decode_resp()).decode()
cks = cookies.split('~~~~')
self.log.info(json.dumps(cks, indent=True))
for i in cks:
tmp = i.split('|')
m[tmp[0]] = tmp[1]
if 'pxde' in i:
......@@ -353,13 +428,219 @@ class PxBypass():
self.session.cookies.update({
tmp[0]: tmp[1]
})
self.log.info(f'cookies2 {self.session.cookies.keys()}')
self.log.info(f'cookies2 {self.session.cookies.get_dict()}')
# self.m = m
def _decode_resp(self):
a = int(self.tag.replace('v', '').replace('.', ''))
return a % 128
def _step_11(self):
data = [{"t": "PX12167", "d": {"PX11648": True, "PX11379": False, "PX11645": self.target_url}}]
data_str = json.dumps(data, separators=(',', ':'))
self.log.info(f'data_str {data_str}')
payload = ctx.call('encodePayload', data_str, self.uuid, self.ts)
self.log.info(f'payload {payload}')
pc = self.__gen_pc(data_str, f'{self.uuid}:{self.tag}:{self.ft}')
print(pc)
body = {
"payload": payload,
"appId": "PXkp4CLSb5",
"tag": self.tag,
"uuid": self.uuid,
"ft": self.ft,
"seq": self.seq,
"en": "NTA",
"pc": pc,
# "pxhd": self.params['_pxhd'],
"rsc": self.rsc
}
body = self.update_sid_vid(body)
print(body)
url = "https://collector-PXkp4CLSb5.px-cloud.net/b/s"
headers = {
"authority": "collector-PXkp4CLSb5.px-cloud.net",
"accept": "*/*",
"accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7",
"cache-control": "no-cache",
"content-type": "application/x-www-form-urlencoded",
"origin": self.target_url,
"pragma": "no-cache",
"referer": self.target_url,
"sec-ch-ua": "\"Not/A)Brand\";v=\"99\", \"Google Chrome\";v=\"115\", \"Chromium\";v=\"115\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
}
response = self.session.post(url, headers=headers, data=body)
self.log.info(f'collector1 {response.text}')
resp = response.json()
m = {}
if 'ob' in resp:
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), self._decode_resp()).decode()
cks = cookies.split('~~~~')
self.log.info(json.dumps(cks, indent=True))
for i in cks:
tmp = i.split('|')
m[tmp[0]] = tmp[1]
if tmp[0] == 'o111ooo1':
self.ts = tmp[1]
if tmp[0] == 'o111oooo':
self.num1 = int(tmp[1])
if tmp[0] == '111o1o':
self.num2 = tmp[1]
if tmp[0] == '1oooo1':
self.str1 = tmp[1]
if tmp[0] == 'o1oo1o':
self.vid = tmp[1]
self.session.cookies.update({
'_pxvid': self.vid
})
if tmp[0] == 'o11o11':
self.sid = tmp[1]
if tmp[0] == '11o111':
self.cs = tmp[1]
if tmp[0] == 'o11o11oo':
self.cts = tmp[1]
self.session.cookies.update({
'pxcts': self.cts
})
if 'pxde' in i:
self.session.cookies.update({
'_pxde': tmp[3]
})
elif '_px2' in i:
self.session.cookies.update({
'_px2': tmp[3]
})
elif '31536000' in i:
self.session.cookies.update({
'_pxvid': tmp[1]
})
else:
for i in resp['do']:
tmp = i.split('|')
print(len(tmp), tmp)
if len(tmp) == 6 and tmp[1] in ['_px', '_px3', '_pxde']:
self.session.cookies.update({
tmp[1]: tmp[3]
})
elif len(tmp) in [3, 4] and tmp[1] in ['cts', 'vid']:
self.session.cookies.update({
tmp[0]: tmp[1]
})
self.log.info(f'cookies1 {self.session.cookies.keys()}')
self.m = m
self.log.info(self.m)
def update_sid_vid(self, data: dict):
if self.vid != "":
data.update({
'vid': self.vid
})
if self.cts != "":
data.update({
'cts': self.cts
})
if self.sid != "":
data.update({
'sid': self.sid
})
return data
def _step_3(self):
self.log.info(self.uuid)
# sid, vid,ts, num1 ,num2,str1, uuid
data_str = ctxStep2.call('genPayload3', self.target_url,self.sid, self.vid, self.ts, self.num1, self.num2, self.str1, self.uuid)
self.log.info(f'data_str3 {data_str}')
payload = ctx.call('encodePayload', data_str, self.uuid, self.ts)
self.log.info(f'payload3 {payload}')
pc = self.__gen_pc(data_str, f'{self.uuid}:{self.tag}:{self.ft}')
body = {
"payload": payload,
"appId": "PXkp4CLSb5",
"tag": self.tag,
"uuid": self.uuid,
"ft": self.ft,
"seq": self.seq,
"en": "NTA",
"cs": self.cs,
"pc": pc,
# "sid": self.sid,
# "vid": self.vid,
# "cts": self.cts,
"rsc": self.rsc
}
body = self.update_sid_vid(body)
print(json.dumps(body, separators=(',', ':')))
url = "https://collector-PXkp4CLSb5.px-cloud.net/b/s"
headers = {
"authority": "collector-PXkp4CLSb5.px-cloud.net",
"accept": "*/*",
"accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7",
"cache-control": "no-cache",
"content-type": "application/x-www-form-urlencoded",
"origin": self.target_url,
"pragma": "no-cache",
"referer": self.target_url,
"sec-ch-ua": "\"Not/A)Brand\";v=\"99\", \"Google Chrome\";v=\"115\", \"Chromium\";v=\"115\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "cross-site",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
}
self.log.info(f'data3 {body}')
response = self.session.post(url, headers=headers, data=body)
self.log.info(f'collector3 {response.text}')
resp = response.json()
m = {}
if 'ob' in resp:
cookies = self.encrypt(base64.b64decode(resp['ob'].encode()), self._decode_resp()).decode()
cks = cookies.split('~~~~')
self.log.info(json.dumps(cks, indent=True))
for i in cks:
tmp = i.split('|')
m[tmp[0]] = tmp[1]
if 'pxde' in i:
self.session.cookies.update({
'_pxde': tmp[3]
})
elif '_px2' in i:
self.session.cookies.update({
'_px2': tmp[3]
})
elif '31536000' in i:
self.session.cookies.update({
'_pxvid': tmp[1]
})
else:
for i in resp['do']:
tmp = i.split('|')
# print(len(tmp), tmp)
if len(tmp) == 6 and tmp[1] in ['_px2', '_px3', '_pxde']:
self.session.cookies.update({
tmp[1]: tmp[3]
})
elif len(tmp) in [3, 4] and tmp[1] in ['cts', 'vid']:
self.session.cookies.update({
tmp[0]: tmp[1]
})
self.log.info(f'cookies2 {self.session.cookies.get_dict()}')
# self.m = m
if __name__ == '__main__':
url = "https://www.spirit.com/"
px = PxBypass(url)
px.run()
print(unsinged_right_shift(275404960, 24) & 255)
step2.js
View file @ 0ef7a796
This source diff could not be displayed because it is too large. You can view the blob instead.
test.py
View file @ 0ef7a796
......@@ -60,12 +60,12 @@ a2 = "KysrKytSHj0SGlAeUVFSHgcbKFMrCA0LLBg3GjgmLxUvJTcWLCY7UiwbUhovNTQOLjUnFSw1Mx
a2 = "UisrUitSHhEBDRAHHlIeAAsMAxAbHBwcHCsrKysrUh49EhpQHlFRUh4HGyhTKwgNCzsINA8sJjsYLA87FiwmO1IsG1IaLzU0Di41J1MsJSsWLBgjUiwYM1csJglSOwgBGysLFQsGCytUKw8zFS01M1ctNjNTLjYzUCwmARYvNiQOODFTCiw2MAsuNjMYLyYGCi9QJxg4NScaOCErESsMMwstCDcYLzYzUiwIMxUvIRULAyErVCsICg4tJiQPLwgnGi8lJxosJg4POxg3FTg2MA4tNTtTLAg3Vzg1Oxo7UDAJOCYzVzsYOA4vGCtRO1AnGDgIN1MsJicYLTUnGDsPM1IvGDgPO1A7Gi8YAQsEM19fHhYQFwceUVJSHBwcHFIrK1IrUh4RAQ0QBx5SHgALDAMQGxwcHBxSKysrK1JSUh49EhoGBx5RUVIeUVRRU1JRBlEAVFJUA1pQV1QEB1VXBgFXVAcHUQQHVVVUBFFRV1paV1VSAVYHVgRUAVdXAAFQAFoAWgdbUFEGBlgHGyhSAzVTDgFRMAoAOiMLLQgnUC02LxstNgVTLBg3ViwIMFseFhAXBx5RUlIcHBwcUisrK1IrUlIeUhwcHBxSUitSK1IeARc="
a2 ="UlIrUitSHgEXHBwcHFIrKytSK1JSHlIcHBwcKysrKytSHj0SGlAeUVFSHgcbKFMrCA0LLDUnUC02O1E4Ni8WLCYBFSwxUhovNTQOLjYOCDtQKxYsGAFSOxg3UywICVEsJjdTKwsVCwYLK1QrCDQKLAgJUDs1N1cuNjNRLyY3Fi82JA44MVJXO1AsCy42BVYvGDcbLwgvUi82Ixs7MSsRKwwzCy0IJ1AtNi8YLSYjGC8IK1IsNicRKw8FCy0LKAkvGAoILDUwDzgmCg47UDgPLSYgCSw1NAk4NTgLLBg4Cjs1K1AsNglWOxgKDzsIIAo4CCMYLDUoCDsPJxgsJisaLCYvUSw2J1MtJTdXOw8vUy82JA8rDFJfHhYQFwceUVJS"
a2 ="B1lZWQcHWQcUNxgQDA0UW1tYFFgKW1pRXQtaCVFfUQkMDV0MC1gNDApdW10MUAlYCVAKDl5YC14NClpaDVEMWlpcWVpbW1xdCgpYDgkKX19cXllSDREiWAk/WQQLWzoACjApAScCLVonPANdJjwxWCU8PVomLDpRFBwaHQ0UW1hYFhYWFllZBwcHWRQ3GBBaFFtbWBQNESJZIQIHAScsA1gxAjIAJjwpHCcsIgMmO1gQJT8+BCQ/IgUlBT0cMiw+ADIsMgQyPzERJyw+BCEBHwEMASFeIQIPWzI/LgImBSFbJDwPETIsPRwlPC4EMjtYXCc/JgUkPAsQMQUiATESDx8yLAwFMgEhGyEGOQEnAi1aJzwDXSY8MVslPD1aJiw5GyEFDwEnASFYMTw9WDI8PRAnLy0fMQIPEDECBAAmAg9dJy8mAic/PgUmBSFcMVotWiU8KVsxPyUSMQItEjIvLgImPC4BJQUuBCUsAAQmAgNdMRI9HzICLgUnLAQCIQZYVRQcGh0NFFtYWBYWFhYHWQdZWVkUCx0WFhYWB1kHWQdZFBsLBxoNFFgUCgEGCRoR"
# 0III0I00 判断是否通过
b2 = base64.b64decode(a2.encode())
for i in bytes(encrypt(b2, 98)).decode().split('~~~~'):
for i in bytes(encrypt(b2, 872%128)).decode().split('~~~~'):
print('0III0I00'in i, i)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment