GeeTest 极验验证
前台Html页面
<script src="http://libs.baidu.com/jquery/1.9.0/jquery.js"></script>
<script src="http://static.geetest.com/static/tools/gt.js"></script>
<div style="margin:300px;" >
<div id="yzm"></div>
<button type="submit" id="login">Login</button>
</div> <script type="text/javascript"> $(function () { var handler = function (captchaObj) {
captchaObj.appendTo("#yzm");
}; $.ajax({ url: "GeetestCaptcha.aspx?action=Create",
type: "get",
dataType: "json",
success: function (data) {
initGeetest({
gt: data.gt,
challenge: data.challenge,
product: "embed'",
offline: !data.success
}, handler);
}
}); $("#login").click(function () { $.ajax({
url: "GeetestCaptcha.aspx?action=Check",
type: "post",
data:{
geetest_challenge: $(".geetest_challenge").val(),
geetest_validate: $(".geetest_validate").val(),
geetest_seccode: $(".geetest_seccode").val()
},
success: function (data) {
if (data == "ok") {
alert("ok");
}
} });
}); }); </script>
后台验证码处理
if (Request["action"]==GeeTestHelper.Create)
{
Response.ContentType = "application/json";
GeeTestHelper geetest = new GeeTestHelper("846e30599eb209b6aad0b8c2477fccb5", "f5a7e9d5bbc6b79bb1812dbfb5898215");
String userID = "test";
Byte gtServerStatus = geetest.preProcess(userID);
Session[GeeTestHelper.gtServerStatusSessionKey] = gtServerStatus;
Session["GeetestUserTest"] = userID;
string s = geetest.getResponseStr();
Response.Write(s);
Response.End();
} if (Request["action"]==GeeTestHelper.Check)
{
GeeTestHelper geetest = new GeeTestHelper("846e30599eb209b6aad0b8c2477fccb5", "f5a7e9d5bbc6b79bb1812dbfb5898215");
Byte gt_server_status_code = (Byte)Session[GeeTestHelper.gtServerStatusSessionKey];
String userID = (String)Session["GeetestUserTest"];
int result = ;
String challenge = Request[GeeTestHelper.fnGeetestChallenge];
String validate = Request[GeeTestHelper.fnGeetestValidate];
String seccode = Request[GeeTestHelper.fnGeetestSeccode];
if (gt_server_status_code == )
{
result = geetest.enhencedValidateRequest(challenge, validate, seccode, userID);
}
else result = geetest.failbackValidateRequest(challenge, validate, seccode);
if (result == ) Response.Write("ok");
else Response.Write("error");
}
GeeTestHelper
using System;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography;
using System.Text;
using System.Web; public class GeeTestHelper
{
/// <summary>
/// SDK版本号
/// </summary>
public const String version = "3.2.0"; public const string Create = "Create";
public const string Check = "Check";
/// <summary>
/// SDK开发语言
/// </summary>
public const String sdkLang = "csharp";
/// <summary>
/// 极验验证API URL
/// </summary>
protected const String apiUrl = "http://api.geetest.com";
/// <summary>
/// register url
/// </summary>
protected const String registerUrl = "/register.php";
/// <summary>
/// validate url
/// </summary>
protected const String validateUrl = "/validate.php";
/// <summary>
/// 极验验证API服务状态Session Key
/// </summary>
public const String gtServerStatusSessionKey = "gt_server_status";
/// <summary>
/// 极验验证二次验证表单数据 Chllenge
/// </summary>
public const String fnGeetestChallenge = "geetest_challenge";
/// <summary>
/// 极验验证二次验证表单数据 Validate
/// </summary>
public const String fnGeetestValidate = "geetest_validate";
/// <summary>
/// 极验验证二次验证表单数据 Seccode
/// </summary>
public const String fnGeetestSeccode = "geetest_seccode";
private String userID = "";
private String responseStr = "";
private String captchaID = "";
private String privateKey = ""; /// <summary>
/// 验证成功结果字符串
/// </summary>
public const int successResult = ;
/// <summary>
/// 证结失败验果字符串
/// </summary>
public const int failResult = ;
/// <summary>
/// 判定为机器人结果字符串
/// </summary>
public const String forbiddenResult = "forbidden"; /// <summary>
/// GeetestLib构造函数
/// </summary>
/// <param name="publicKey">极验验证公钥</param>
/// <param name="privateKey">极验验证私钥</param>
public GeeTestHelper(String publicKey, String privateKey)
{
this.privateKey = privateKey;
this.captchaID = publicKey;
}
private int getRandomNum()
{
Random rand = new Random();
int randRes = rand.Next();
return randRes;
} /// <summary>
/// 验证初始化预处理
/// </summary>
/// <returns>初始化结果</returns>
public Byte preProcess()
{
if (this.captchaID == null)
{
Console.WriteLine("publicKey is null!");
}
else
{
String challenge = this.registerChallenge();
if (challenge.Length == )
{
this.getSuccessPreProcessRes(challenge);
return ;
}
else
{
this.getFailPreProcessRes();
Console.WriteLine("Server regist challenge failed!");
}
} return ; }
public Byte preProcess(String userID)
{
if (this.captchaID == null)
{
Console.WriteLine("publicKey is null!");
}
else
{
this.userID = userID;
String challenge = this.registerChallenge();
if (challenge.Length == )
{
this.getSuccessPreProcessRes(challenge);
return ;
}
else
{
this.getFailPreProcessRes();
Console.WriteLine("Server regist challenge failed!");
}
} return ; }
public String getResponseStr()
{
return this.responseStr;
}
/// <summary>
/// 预处理失败后的返回格式串
/// </summary>
private void getFailPreProcessRes()
{
int rand1 = this.getRandomNum();
int rand2 = this.getRandomNum();
String md5Str1 = this.md5Encode(rand1 + "");
String md5Str2 = this.md5Encode(rand2 + "");
String challenge = md5Str1 + md5Str2.Substring(, );
this.responseStr = "{" + string.Format(
"\"success\":{0},\"gt\":\"{1}\",\"challenge\":\"{2}\"", ,
this.captchaID, challenge) + "}";
}
/// <summary>
/// 预处理成功后的标准串
/// </summary>
private void getSuccessPreProcessRes(String challenge)
{
challenge = this.md5Encode(challenge + this.privateKey);
this.responseStr = "{" + string.Format(
"\"success\":{0},\"gt\":\"{1}\",\"challenge\":\"{2}\"", ,
this.captchaID, challenge) + "}";
}
/// <summary>
/// failback模式的验证方式
/// </summary>
/// <param name="challenge">failback模式下用于与validate一起解码答案, 判断验证是否正确</param>
/// <param name="validate">failback模式下用于与challenge一起解码答案, 判断验证是否正确</param>
/// <param name="seccode">failback模式下,其实是个没用的参数</param>
/// <returns>验证结果</returns>
public int failbackValidateRequest(String challenge, String validate, String seccode)
{
if (!this.requestIsLegal(challenge, validate, seccode)) return GeeTestHelper.failResult;
String[] validateStr = validate.Split('_');
String encodeAns = validateStr[];
String encodeFullBgImgIndex = validateStr[];
String encodeImgGrpIndex = validateStr[];
int decodeAns = this.decodeResponse(challenge, encodeAns);
int decodeFullBgImgIndex = this.decodeResponse(challenge, encodeFullBgImgIndex);
int decodeImgGrpIndex = this.decodeResponse(challenge, encodeImgGrpIndex);
int validateResult = this.validateFailImage(decodeAns, decodeFullBgImgIndex, decodeImgGrpIndex);
return validateResult;
}
private int validateFailImage(int ans, int full_bg_index, int img_grp_index)
{
const int thread = ;
String full_bg_name = this.md5Encode(full_bg_index + "").Substring(, );
String bg_name = md5Encode(img_grp_index + "").Substring(, );
String answer_decode = "";
for (int i = ; i < ; i++)
{
if (i % == ) answer_decode += full_bg_name.ElementAt(i);
else if (i % == ) answer_decode += bg_name.ElementAt(i);
}
String x_decode = answer_decode.Substring();
int x_int = Convert.ToInt32(x_decode, );
int result = x_int % ;
if (result < ) result = ;
if (Math.Abs(ans - result) < thread) return GeeTestHelper.successResult;
else return GeeTestHelper.failResult;
}
private Boolean requestIsLegal(String challenge, String validate, String seccode)
{
if (challenge.Equals(string.Empty) || validate.Equals(string.Empty) || seccode.Equals(string.Empty)) return false;
return true;
} /// <summary>
/// 向gt-server进行二次验证
/// </summary>
/// <param name="challenge">本次验证会话的唯一标识</param>
/// <param name="validate">拖动完成后server端返回的验证结果标识字符串</param>
/// <param name="seccode">验证结果的校验码,如果gt-server返回的不与这个值相等则表明验证失败</param>
/// <returns>二次验证结果</returns>
public int enhencedValidateRequest(String challenge, String validate, String seccode)
{
if (!this.requestIsLegal(challenge, validate, seccode)) return GeeTestHelper.failResult;
if (validate.Length > && checkResultByPrivate(challenge, validate))
{
String query = "seccode=" + seccode + "&sdk=csharp_" + GeeTestHelper.version;
String response = "";
try
{
response = postValidate(query);
}
catch (Exception e)
{
Console.WriteLine(e);
}
if (response.Equals(md5Encode(seccode)))
{
return GeeTestHelper.successResult;
}
}
return GeeTestHelper.failResult;
}
public int enhencedValidateRequest(String challenge, String validate, String seccode, String userID)
{
if (!this.requestIsLegal(challenge, validate, seccode)) return GeeTestHelper.failResult;
if (validate.Length > && checkResultByPrivate(challenge, validate))
{
String query = "seccode=" + seccode + "&user_id=" + userID + "&sdk=csharp_" + GeeTestHelper.version;
String response = "";
try
{
response = postValidate(query);
}
catch (Exception e)
{
Console.WriteLine(e);
}
if (response.Equals(md5Encode(seccode)))
{
return GeeTestHelper.successResult;
}
}
return GeeTestHelper.failResult;
}
private String readContentFromGet(String url)
{
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Timeout = ;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream myResponseStream = response.GetResponseStream();
StreamReader myStreamReader = new StreamReader(myResponseStream, Encoding.GetEncoding("utf-8"));
String retString = myStreamReader.ReadToEnd();
myStreamReader.Close();
myResponseStream.Close();
return retString;
}
catch
{
return "";
} }
private String registerChallenge()
{
String url = "";
if (string.Empty.Equals(this.userID))
{
url = string.Format("{0}{1}?gt={2}", GeeTestHelper.apiUrl, GeeTestHelper.registerUrl, this.captchaID);
}
else
{
url = string.Format("{0}{1}?gt={2}&user_id={3}", GeeTestHelper.apiUrl, GeeTestHelper.registerUrl, this.captchaID, this.userID);
}
string retString = this.readContentFromGet(url);
return retString;
}
private Boolean checkResultByPrivate(String origin, String validate)
{
String encodeStr = md5Encode(privateKey + "geetest" + origin);
return validate.Equals(encodeStr);
}
private String postValidate(String data)
{
String url = string.Format("{0}{1}", GeeTestHelper.apiUrl, GeeTestHelper.validateUrl);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = Encoding.UTF8.GetByteCount(data);
// 发送数据
Stream myRequestStream = request.GetRequestStream();
byte[] requestBytes = System.Text.Encoding.ASCII.GetBytes(data);
myRequestStream.Write(requestBytes, , requestBytes.Length);
myRequestStream.Close(); HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// 读取返回信息
Stream myResponseStream = response.GetResponseStream();
StreamReader myStreamReader = new StreamReader(myResponseStream, Encoding.GetEncoding("utf-8"));
string retString = myStreamReader.ReadToEnd();
myStreamReader.Close();
myResponseStream.Close(); return retString; }
private int decodeRandBase(String challenge)
{
String baseStr = challenge.Substring(, );
List<int> tempList = new List<int>();
for (int i = ; i < baseStr.Length; i++)
{
int tempAscii = (int)baseStr[i];
tempList.Add((tempAscii > ) ? (tempAscii - )
: (tempAscii - ));
}
int result = tempList.ElementAt() * + tempList.ElementAt();
return result;
}
private int decodeResponse(String challenge, String str)
{
if (str.Length > ) return ;
int[] shuzi = new int[] { , , , , };
String chongfu = "";
Hashtable key = new Hashtable();
int count = ;
for (int i = ; i < challenge.Length; i++)
{
String item = challenge.ElementAt(i) + "";
if (chongfu.Contains(item)) continue;
else
{
int value = shuzi[count % ];
chongfu += item;
count++;
key.Add(item, value);
}
}
int res = ;
for (int i = ; i < str.Length; i++) res += (int)key[str[i] + ""];
res = res - this.decodeRandBase(challenge);
return res;
}
private String md5Encode(String plainText)
{
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
string t2 = BitConverter.ToString(md5.ComputeHash(UTF8Encoding.Default.GetBytes(plainText)));
t2 = t2.Replace("-", "");
t2 = t2.ToLower();
return t2;
} }
GeeTest 极验验证的更多相关文章
- Geetest 极验验证 验证图片拼图
今天要求做一个跟魅族官网登陆的一个验证效果一样的界面 是一个拖动滑动图片进行拼图 那个效果看着很好,刚开始拿到不知道好不好做 从网上搜资料发现这是一种“极验验证码” 让用户通过滑动拼图来进行验证. 网 ...
- 在ASP.NET MVC项目中使用极验验证(geetest)
时间 2016-03-02 18:22:37 smallerpig 原文 http://www.smallerpig.com/979.html 主题 ASP.NET MVC geetest开发体 ...
- 极验验证使用-滑动&选字验证码
准备 SDK下载 首先在极验官网下载好SDK,附上官网链接,点此可直接下载python版zip包. 模块安装 使用该SDK时发现它依赖两个模块,分别是geetest和requests. pip ins ...
- python+selenium破解极验验证登录
1.前言: 目前很多网站会在正常的账号密码认证之外加一些验证码,以此来明确区分人/机行为,最典型的就是极验滑动验证.(如下图) 这里我们以简单实例说明如何实现自动校验类似验证. 2.步骤: 1)点击验 ...
- GEETEST极验召集互联网大佬齐聚光谷,共同探讨交互安全问题
全球互联网技术在飞速发展的同时,网络安全事件也随之频发.除了直接带来经济损失的网络恶意攻击之外,企业在多个方面也遭受着不同程度的网络恶意攻击,包括品牌形象.管理时间.企业竞争力.客户成交量.用户行为等 ...
- Django中使用极验Geetest滑动验证码
一,环境部署 1.创建一个django测试项目 此处省略... 二,文档部署 1.下载安装python对应的SDK 使用命令从Github导入完整项目:git clone https://github ...
- 【原创】Python 极验滑块验证
本文仅供学习交流使用,如侵立删! 记一次 极验滑块验证分析并通过 操作环境 win10 . mac Python3.9 selenium.seleniumwire 分析 最近在做的一个项目登录时会触发 ...
- 极客验证官方demo构建使用及代码分析
#什么是极客验证? 官方定义:极验验证是一种在计算机领域用于区分自然人和机器人的,通过简单集成的方式,为开发者提供安全.便捷的云端验证服务. #使用命令从github上获取: git clone ht ...
- luffy之多条件登录与极验滑动验证码
多条件登录 JWT扩展的登录视图,在收到用户名与密码时,也是调用Django的认证系统中提供的authenticate()来检查用户名与密码是否正确. 我们可以通过修改Django认证系统的认证后端( ...
随机推荐
- hdu 3085
Nightmare Ⅱ Time Limit: 2000/1000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others)Total ...
- 了解RabbitMQ
消息队列可以实现流量削峰.降低系统耦合度.提高系统性能等. RabbitMQ是一个实现了AMQP协议(Advanced Message Queue Protocol)的消息队列. RabbitMQ中的 ...
- jQuery基础(工具函数,浏览器信息,检测节点,字符串,$.extend())
1.获取浏览器的名称与版本信息 在jQuery中,通过$.browser对象可以获取浏览器的名称和版本信息 如$.browser.chrome为true,表示当前为Chrome浏览器, $.bro ...
- Arcengine编辑代码
using System; using System.Drawing; using System.Collections; using System.ComponentModel; using Sys ...
- 网络 私有IP和子网掩码设置
私有IP不需要花钱 节约使用公网IP有两个方法,一个方法是动态IP(关机回收IP),一个方法是私有IP,尤其是私有IP作用巨大. 私有IP不具有唯一性,不能直接访问公网.比如,我以私有IP192.16 ...
- linux rpm命令之查询包安装与否、包详细信息、包安装位置、文件属于哪个包、包依赖
查询这个包是否已安装rpm -q 包名rpm -qa-q 查询-a all 查询已安装软件包和未安装软件包详细信息 rpm -qi 包名rpm -qip 包全名-i 查询软件信息-p package, ...
- mybatis 一对一 映射实体类、嵌套查询
一对一 在SysUser 类中增加SysRole字段.1.sql语句将role.role_name映射到role.roleName上. 2.还可以在XML 映射文件中配置结果映射.<result ...
- apache ftp server的简单入门(properties验证)
Apache FTPServer:(开源) Apache FTPServer是一个100%纯Java的FTP服务器. 它的设计是基于现有的开放式协议的完整和便携式FTP服务器引擎解决方案.FTPSer ...
- JavaScript Web 应用最佳实践分析
[编者按]本文作者为 Mathias Schäfer,旨在回顾在客户端大量使用JavaScript 的最佳 Web应用实践.文章系国内 ITOM 管理平台 OneAPM 编译呈现. 对笔者来说,Jav ...
- win7下使用手动安装composer
假设我们的php放置在D:\php 目录下, 1.添加环境变量,桌面--> 我的电脑右键---->属性 2.点击高级系统设置 3.点击环境变量 4.选择path,在变量值里面追加内容: ...