前言

哈哈,首先写自动签到脚本的初衷还是因为签到有金币可以拿。一开始想法是用卷积神经网络训练模型,然后识别登录页面的验证码,但是当我爬取了1000张验证码后,在标记上面花了我整整一个早上和一个下午的时间

然后结果是训练出来的模型对于训练集识别百分百,但对于测试集识别率不尽人意,猜想可能是数字加大小写字母的组合需要更多的训练集,但是一想到又要花费大量时间标记,就感觉整个人都不好了😭,正好有人说采取github登录的思路,就想着先用github来实现吧惨惨

正文

思路很简单,就是通过github的cookie去请求登录,登录成功后,通过requests保持session会话去请求打卡地址
使用步骤如下:
首先需要github的cookie(有效时间长得让你难以置信,现在是用了一个月还没失效的博主回来更新这篇文章),这边去抓包一下拿到user_session__Host-user_session_same_site这两个值是一样的

然后去注册一下server酱,绑定你的微信。然后通过调用server酱,把打卡结果发送到微信上
地址:https://sc.ftqq.com/3.version

源码如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# coding: utf-8
# Author:dota_st
# Date :2021/1/21 17:43
# Tool :PyCharm
import urllib3
import re
import requests
from urllib import request as RR
import json
from retrying import retry
from bs4 import BeautifulSoup
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
#定义通用的请求头
headers = {"user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36",
           "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
           }

#读取txt配置
def load_txt():
    user_list = []
    server_list = []
    git_list = []
    f = open(r'配置.txt', 'r', encoding='utf-8')
    data = f.readlines()
    for i in range(len(data)):
        if data[i] != r'******author:dota_st******':
            user_line = data[i].split(r"user=")[1].split("#")[0]
            server_line = data[i].split(r"server_key=")[1].split("#")[0]
            git_line = data[i].split(r"git_cookie=")[1].split("#")[0]
            user_list.append(user_line)
            server_list.append(server_line)
            git_list.append(git_line)
        else:
            break
    return user_list, server_list, git_list


#使用server酱发送消息
def server_send(user_line, server_line, message):
    data = {'desp': message}
    server_key = server_line
    requests.post("https://sc.ftqq.com/"+server_key+".send?text=尊贵的"+user_line+"用户bugku自动签到脚本结果", data=data)

#获取签到结果返回信息
def login_result(user_line, server_line, bug_cookie):
    global headers
    headers['X-Requested-With'] = "XMLHttpRequest"
    headers['cookie'] = bug_cookie
    req = RR.Request(url='https://ctf.bugku.com/user/checkin', headers=headers)  # 这样就能把参数带过去了
    # 下面是获得响应
    with RR.urlopen(req) as f:
        Data = f.read()
        data = json.loads(Data)
        print(data['msg'])
        server_send(user_line, server_line, data['msg'])
#登录判断
def login_status(user_line, server_line,res):
    if ("登录成功" in res.text):
        print("cookie提取成功!")
        for i in res.headers['Set-Cookie'].split(','):
            if ('PHPSESSID' in i):
                login_result(user_line, server_line, i.strip())
                break

#主函数
@retry(stop_max_attempt_number=3)
def main_fun(user_line, server_line, git_line):
    headers = {
        "user-agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36",
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
        }
    keep = requests.Session()
    div = BeautifulSoup(keep.get("https://ctf.bugku.com/login".rstrip(), headers=headers, verify=False).text, 'lxml')
    git_url = div.find('a', class_='btn btn-floating btn-github')['href']
    git_cookie = 'user_session={git_line1}; __Host-user_session_same_site={git_line2};'.format(git_line1=git_line, git_line2=git_line )
    headers['cookie'] = git_cookie
    flag = keep.get("https://github.com/settings/profile", headers=headers, verify=False, allow_redirects=False)
    if(flag.status_code!= 200):
        server_send(user_line, server_line, "github的cookie失效了噢!")
    res = keep.get(git_url, headers=headers, verify=False)
    login_status(user_line,server_line, res)
    if("github.githubassets.com" in res.text):
        print(res.text)
        choose = res.text.split('<form action="')[1].split('<input type="hidden" name="scope"')[0]
        rule = re.compile('name="(.*?)".*?value="(.*?)"')
        form_data = rule.findall(choose)
        Data = {}
        for i in form_data:
            Data[i[0]] = i[1]
        Data['authorize'] = 1
        formurl = "https://github.com" + choose.split('"')[0]
        headers = {
            "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36",
            "cookie": git_url
        }
        res = keep.post(formurl, data=Data, headers=headers, verify=False)
        login_status(user_line,server_line, res)
    elif("登录成功" not in res.text):
        server_send(user_line, server_line, "超时错误")
    keep.cookies.clear()
    keep.close()

def main():
    user_list, server_list, git_list = load_txt()
    for i in range(len(user_list)):
        main_fun(user_list[i], server_list[i], git_list[i])

if __name__ == '__main__':
    main()

在脚本同一个目录下,创建一个配置文件:配置.txt,然后按下面格式分别写入(支持写入多个用户)

1
2
user=你的用户名# server_key=填写你的server酱# git_cookie=填写抓包获得的githubcookie#
******author:dota_st******


最后我打包成exe文件,发到我的服务器上(没有服务器的也可以找一下提供云函数的在线平台),设置计划任务,每天固定时间启动,最好设置启动两次,虽然脚本已经尽可能在错误时重试,但因为github这边通道不是很稳定,有可能会出现失败的情况(虽然概率极小)