1. 技术文章
  2. How CURL Login with Captcha and Session

How CURL Login with Captcha and Session

不打扰是莪最后的温柔 提交于 2019-12-31 09:49:04

问题


define('COOKIE', './cookie.txt');
define('MYURL', 'https://register.pandi.or.id/main');

function getUrl($url, $method='', $vars='', $open=false) {
    $agents = 'Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16';
    $header_array = array(
        "Via: 1.1 register.pandi.or.id",
        "Keep-Alive: timeout=15,max=100",
    );
    static $cookie = false;
    if (!$cookie) {
        $cookie = session_name() . '=' . time();
    }
    $referer = 'https://register.pandi.or.id/main';
    $ch = curl_init();
    if ($method == 'post') {
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, "$vars");
    }
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header_array);
    curl_setopt($ch, CURLOPT_USERAGENT, $agents);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 5);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_REFERER, $referer);
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIE);
    curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);

    $buffer = curl_exec($ch);
    if (curl_errno($ch)) {
        echo "error " . curl_error($ch);
        die;
    }
    curl_close($ch);
    return $buffer;
}

function save_captcha($ch) {
    $agents = 'Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16';
    $url = "https://register.pandi.or.id/jcaptcha";
    static $cookie = false;
    if (!$cookie) {
        $cookie = session_name() . '=' . time();
    }
    $ch = curl_init();    // Initialize a CURL session.
    curl_setopt($ch, CURLOPT_URL, $url);  // Pass URL as parameter.
    curl_setopt($ch, CURLOPT_USERAGENT, $agents);
    curl_setopt($ch, CURLOPT_COOKIESESSION, true);
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIE);
    curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIE);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);  // Return stream contents.
    curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1); // We'll be returning this
    $data = curl_exec($ch);  // // Grab the jpg and save the contents in the
    curl_close($ch);  // close curl resource, and free up system resources.
    $captcha_tmpfile = './captcha/captcha-' . rand(1000, 10000) . '.jpg';
    $fp = fopen($tmpdir . $captcha_tmpfile, 'w');
    fwrite($fp, $data);
    fclose($fp);
    return $captcha_tmpfile;
}

if (isset($_POST['captcha'])) {
    $id = "yudohartono";
    $pw = "mypassword";
    $postfields = "navigation=authenticate&login-type=registrant&username=" . $id . "&password=" . $pw . "&captcha_response=" . $_POST['captcha'] . "press=login";
    $url = "https://register.pandi.or.id/main";
    $result = getUrl($url, 'post', $postfields);
    echo $result;
} else {

    $open = getUrl('https://register.pandi.or.id/main', '', '', true);
    $captcha = save_captcha($ch);
    $fp = fopen($tmpdir . "/cookie12.txt", 'r');
    $a = fread($fp, filesize($tmpdir . "/cookie12.txt"));
    fclose($fp);

 <form action='' method='POST'>
        <img src='<?php echo $captcha ?>' />
        <input type='text' name='captcha' value=''>
        <input type='submit' value='proses'>
    </form>";

    if (!is_readable('cookie.txt') && !is_writable('cookie.txt')) {
        echo "cookie fail to read";
        chmod('../pandi/', '777');
    }
}

this cookie.txt 

# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

register.pandi.or.id    FALSE   /   FALSE   0   JSESSIONID  05CA8241C5B76F70F364CA244E4D1DF4

after i submit form just display 

HTTP/1.1 200 OK Date: Wed, 27 Apr 2011 07:38:08 GMT Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; Tomcat-5.0.28/JBoss-4.0.0 (build: CVSTag=JBoss_4_0_0 date=200409200418) Content-Length: 0 Via: 1.1 register.pandi.or.id Content-Type: text/plain X-Pad: avoid browser bug

if not error "Captcha invalid" always failed login to pandi what wrong in my script?
I'm not want to Break Captcha but i want display captcha and user input captcha from my web page, so user can registrar domain dotID from my web automaticaly


回答1:


A captcha is intended to differentiate between humans and robots (programs). Seems like you are trying to log in with a program. The captcha seems to do its job :).

I don't see a legal way around.




回答2:


It happens because,
You took your captcha image from first getURL (ie first curl_exec) and processed the captcha but to submit your captcha you are requested getURL (ie again curl_exec) which means to a new page with a new captcha again.

So you are placing the old captcha and putting it in the new captcha. I'm having the same problem & resolved it.




回答3:


Captcha is a dynamic image created by the server when you hit the page. It will keep changing, you must extract the captcha from the page and then parse it and then submit your page for a login. Captcha will keep changing as and when the page is triggered to load!




回答4:


Using a headless browsing solution this is possible. ie: zombie.js coffee.js on Node.. Also it may be possible to extract the "image" from the captcha and, using image recognition, "read" the image and convert it to text, which is then posted with the form.

As of today, the only surefire method to "trick" a captcha is to use headless browsing.




回答5:


Yes, Andro Selva is right. On the second request it gives new captcha. Once it loads captcha with getUrl function and the second load is from the save_captcha function, so this are 2 different images.

It must do something like this: Download the captcha image before close the curl and before post and tell the script to wait untill you provide captcha answer - I will use preg_match. It will require some javascript as well.

If the captcha image is generated from javascript, you need to execute this javascript with the same cookie or token. In this situation, the easier solution is to record the headers with e.g. livehttpheaders addon for mozila ffox.




回答6:


With PHP I do not know how to do it, you have to get the captcha and find a way to solve it. It has a lot of algorithms to do it for you, but if you want to use java, I already hacked the source code from this link to get the code to solve the captcha and it works very well for a lot of captcha systems.

So, you could try to implement your own captcha solver, that will take a lot of time, try to find an existing implementation for PHP, or, IMHO, the best option, to use the JDownloader code base.



来源:https://stackoverflow.com/questions/5800918/how-curl-login-with-captcha-and-session

标签
php
cookies
curl
captcha
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!