def loadBody(self, msgname, packet):
"""转换一个二进制流为消息体"""
# 找到解包的方法
method = getattr(self.parent, "unpack_%s" % (msgname), None)
#除了申请令牌包外,其他所有包解密
if msgname != 'qq_pre_login':
msg = tea.decrypt(packet, self.qq.session)
if msg == None:
msg = tea.decrypt(packet, self.qq.md5pwd)
if msg == None:
msg = tea.decrypt(packet, self.qq.initkey)
packet = msg
method(packet)
self.conversionString()
def loadBody(self, msgname, packet):
"""转换一个二进制流为消息体"""
# 找到解包的方法
method = getattr(self.parent , "unpack_%s" %(msgname), None)
#除了申请令牌包外,其他所有包解密
if msgname!='qq_pre_login':
msg=tea.decrypt(packet,self.qq.session)
if msg == None:
msg=tea.decrypt(packet,self.qq.md5pwd)
if msg == None:
msg=tea.decrypt(packet,self.qq.initkey)
packet=msg
method(packet)
self.conversionString()
def decrypt_id(id, exception_to_raise):
try:
if not isinstance(id, long):
id = long(id)
return tea.decrypt(id, settings.KEY)
except ValueError:
raise exception_to_raise
def login(self):
login_packet = self.pack_login()
self.con.send( login_packet )
print 'login packet sent'
data = self.con.recv(1024)
print 'login packet response received'
remain=self.un_pack(data)
print bytearray_to_hex_string(remain)
#TODO decrypt failed
decrypt_data=tea.decrypt(remain, self.sharekey)
print bytearray_to_hex_string(decrypt_data)
def login0825(self):
key0825 = '7792394f1afd3bbfa9006bc807bcf23b'
data = '0235550825' # head
data += self.getSequence(2)
data += '00000000' # QQ Hex
data += '030000000101010000674200000000'
data += key0825
txt = '001800160001'
txt += self.fixedData
txt += '0000000000000000'
txt += '0004000f0000000b'
txt += self.str2hex(self.num)
txt += '0309'
txt += '0008'
txt += '0001000000000004'
txt += '00360012'
txt += '000200010000000000000000000000000000'
txt += '0114001d01020019'
txt += self.hdKey
data += b2a_hex(tea.encrypt(bytes.fromhex(txt),
bytes.fromhex(key0825))).decode()
data += '03'
data = a2b_hex(data)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(data, self.address)
recvPack = sock.recv(1024)
sock.close()
recvData = b2a_hex(tea.decrypt(recvPack[14:-1],
bytes.fromhex(key0825))).decode()
if (recvData[:2] != '00'):
recvData = recvData[16:]
if (recvData[:2] == '00'):
self.token0825 = recvData[10:122]
self.serverTime = recvData[134:142]
self.serverIP = recvData[166:174]
return self.login0826()
else:
print('0825 error!')
return False
def login0825(self):
key0825 = '7792394f1afd3bbfa9006bc807bcf23b'
data = '0235550825' # head
data += self.getSequence(2)
data += '00000000' # QQ Hex
data += '030000000101010000674200000000'
data += key0825
txt = '001800160001'
txt += self.fixedData
txt += '0000000000000000'
txt += '0004000f0000000b'
txt += self.str2hex(self.num)
txt += '0309'
txt += '0008'
txt += '0001000000000004'
txt += '00360012'
txt += '000200010000000000000000000000000000'
txt += '0114001d01020019'
txt += self.hdKey
data += b2a_hex(tea.encrypt(bytes.fromhex(txt), bytes.fromhex(key0825))).decode()
data += '03'
data = a2b_hex(data)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(data, self.address)
recvPack = sock.recv(1024)
sock.close()
recvData = b2a_hex(tea.decrypt(recvPack[14:-1], bytes.fromhex(key0825))).decode()
if(recvData[:2]!='00'):
recvData = recvData[16:]
if(recvData[:2]=='00'):
self.token0825 = recvData[10:122]
self.serverTime = recvData[134:142]
self.serverIP = recvData[166:174]
return self.login0826()
else:
print('0825 error!')
return False
def recv(self):
data = self.con.recv(1024)
data = bytearray(data)
print 'data before unpack:',
print bytearray_to_hex_string(data)
print '-' * 45
data = self.un_pack(data)
print 'data after unpack:',
print bytearray_to_hex_string(data)
print '-' * 45
print 'data after decrypt:'
data = tea.decrypt(data, self.key)
print bytearray_to_hex_string(data)
print '-' * 45
print str(data)
print '-' * 45
return data
def recv(self):
data = self.con.recv(1024)
data = bytearray(data)
print 'data before unpack:',
print bytearray_to_hex_string(data)
print '-'*45
data = self.un_pack( data )
print 'data after unpack:',
print bytearray_to_hex_string(data)
print '-'*45
print 'data after decrypt:'
data = tea.decrypt( data, self.key )
print bytearray_to_hex_string(data)
print '-'*45
print str(data)
print '-'*45
return data
# -*- coding: utf-8 -*-
from binascii import b2a_hex, a2b_hex
import tea ,struct
import md5
key = md5.new(md5.new("python").digest()).digest()
key1='E87B1ED5BF02A8169FBABB701311D8F2'
key2='Kr9kxuztjSgWxNcx'
print b2a_hex(key)
data='66BBA5CF7FFA17A96536C30ED4F24A671A6C17807413B8E83E7B3297C984FB87'
data2=a2b_hex('1097099d1c69f1f5000bb9a7db8526ea1f4000090d511097099d1c69f1f5fe050ba13d89e33b26348aa00a9a5c42000b268c42df69fe0048000000010100f9000174657366736466200009000000008602cbcecce50d')
print struct.unpack('>IIII',data2[:16])
test=(tea.decrypt(a2b_hex(data),key2))
print b2a_hex(test)
def login(self):
print 'Logining...'
self.s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.s.connect((ip_adress3, 14000))
m = hashlib.md5()
m.update(self.paw)
paw_md5 = m.hexdigest()
self.paw_a = "00090001000000003434413741423843414235383746463210{}00".format(
paw_md5)
pac_get_key = '020033060800491f27{}0034344137414238434142353837464632010100105643514a4a385739364b3645455a445003'.format(
self.qq_num)
self.s.send(a2b_hex(pac_get_key))
key_0 = self.s.recv(2048)
key_1 = b2a_hex(key_0)[28:60]
print key_1
self.key = a2b_hex(key_1)
paw_tea = encrypt(a2b_hex(self.paw_a), self.key)
paw_tea = b2a_hex(paw_tea)
pac_login_a = "020047060800500002{0}00{1}03".format(
self.qq_num, paw_tea)
print pac_login_a
pac_login_b = a2b_hex(pac_login_a)
self.s.send(pac_login_b)
re_login_a = self.s.recv(2048)
re_login = b2a_hex(re_login_a)
print re_login
while len(re_login) > 600:
print 'Need Verification Code!'
img = re_login[28:]
img = img[:-2]
img_b = decrypt(a2b_hex(img), self.key)
img_a = b2a_hex(img_b)
img_a = re.search(r'8950\w+', img_a)
img = a2b_hex(img_a.group(0))
#Maybe use 'with' is better
f = open('test.jpg', 'wb')
f.write(img)
f.close()
im = Image.open(
os.path.abspath('.').replace('\\', '/') + '/test.jpg')
im.show()
ver = raw_input('Verification Code: ')
vercode = "020008003{0}003{1}003{2}003{3}".format(
ver[0], ver[1], ver[2], ver[3])
ver_b = encrypt(a2b_hex(vercode), self.key)
ver_tea = "020027060800771f2a{}00{}03".format(
self.qq_num, b2a_hex(ver_b))
self.s.send(a2b_hex(ver_tea))
re_login = b2a_hex(self.s.recv(2048))
print 'Verification Code error,retry again.'
if len(re_login) == 206:
print 'Login scuess!'
else:
print 'Login fail'
def login0826(self):
key0826 = '6d47535a5a573d4872772c2d36717a76'
keyCode = '13d924ca5e0469d284effea87a5a5f1c'
data = '02355508366848' # head
data += '00000000'
data += '0300000001010100006742'
data += '00000000'
data += '000101020019'
data += self.hdKey
data += '00000010'
data += self.getSequence(16)
txt = '01120038'
txt += self.token0825
txt += '030f0008000657494e444f57' # WINDOWS
txt += '0004000f0000000b'
txt += self.str2hex(self.num)
txt += '00060078'
md5p = md5('123456')
# 密码加密
pwd = md5p
pwd += '00000000'
pwd += '00000000' # QQ Hex
# 密匙加密
key = 'F36251810002'
key += '00000000' # QQ Hex
key += self.fixedData
key += '000001'
key += md5p
key += self.serverTime
key += '00000000000000000000000000'
key += self.serverIP
key += '000000000000000600101ba49e165fe954251eb9619f7b1bdf31'
key += key0826
txt += b2a_hex(tea.encrypt(bytes.fromhex(key),
bytes.fromhex(pwd))).decode()
# region CRC
txt += '001500300000'
txt += '01'
txt += '1c26e960'
txt += '0010'
txt += '028d5f75cbcf4c898ca43a3410b85788'
txt += '02'
txt += 'b3e8163c'
txt += '0010'
txt += '1ba49e165fe954251eb9619f7b1bdf31'
txt += '001a'
txt += '0040'
mcrc = '001500300000'
mcrc += '01'
mcrc += '1c26e960'
mcrc += '0010'
mcrc += '028d5f75cbcf4c898ca43a3410b85788'
mcrc += '02'
mcrc += 'b3e8163c'
mcrc += '0010'
mcrc += '1ba49e165fe954251eb9619f7b1bdf31'
txt += b2a_hex(tea.encrypt(bytes.fromhex(mcrc),
bytes.fromhex(key0826))).decode()
txt += '001800160001'
txt += self.fixedData
txt += '00000000' # QQ Hex
txt += '00010000010300140001'
txt += '0010'
txt += 'bd41fd502a59f4863ccde044bb41f728'
txt += '0312000501000000'
txt += '00' # 是否记住密码
txt += '010200620001'
txt += '1169a81f699f52de71ef65e9b42d2d8a'
txt += '0038'
txt += '78b94e76767efdab4dd3b2b0144063f48b57ee27aef152a28aba1f03'
txt += '50f02b17a86787fe47d1b189c43c0be7a7dc8c81c40bb622c78ec85b'
txt += '0014'
txt += '62e172e61421fe8c850c62891efcf7f93a19b892'
data += b2a_hex(tea.encrypt(bytes.fromhex(txt),
bytes.fromhex(keyCode))).decode()
data += '03'
data = a2b_hex(data)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(data, self.address)
recvPack = sock.recv(1024)
sock.close()
recvData = b2a_hex(tea.decrypt(recvPack[14:-1],
bytes.fromhex(keyCode))).decode()
if recvData[:2] == '06':
qq = str(int(recvData[6:14], 16))
else:
recvData = recvData[8:]
if recvData[:2].lower() == 'fc':
qq = str(int(recvData[14:22], 16))
else:
qq = False
return qq
def login0826(self):
key0826 = '6d47535a5a573d4872772c2d36717a76'
keyCode = '13d924ca5e0469d284effea87a5a5f1c'
data = '02355508366848' # head
data += '00000000'
data += '0300000001010100006742'
data += '00000000'
data += '000101020019'
data += self.hdKey
data += '00000010'
data += self.getSequence(16)
txt = '01120038'
txt += self.token0825
txt += '030f0008000657494e444f57' # WINDOWS
txt += '0004000f0000000b'
txt += self.str2hex(self.num)
txt += '00060078'
md5p = md5('123456')
# 密码加密
pwd = md5p
pwd += '00000000'
pwd += '00000000' # QQ Hex
# 密匙加密
key = 'F36251810002'
key += '00000000' # QQ Hex
key += self.fixedData
key += '000001'
key += md5p
key += self.serverTime
key += '00000000000000000000000000'
key += self.serverIP
key += '000000000000000600101ba49e165fe954251eb9619f7b1bdf31'
key += key0826
txt += b2a_hex(tea.encrypt(bytes.fromhex(key), bytes.fromhex(pwd))).decode()
# region CRC
txt += '001500300000'
txt += '01'
txt += '1c26e960'
txt += '0010'
txt += '028d5f75cbcf4c898ca43a3410b85788'
txt += '02'
txt += 'b3e8163c'
txt += '0010'
txt += '1ba49e165fe954251eb9619f7b1bdf31'
txt += '001a'
txt += '0040'
mcrc = '001500300000'
mcrc += '01'
mcrc += '1c26e960'
mcrc += '0010'
mcrc += '028d5f75cbcf4c898ca43a3410b85788'
mcrc += '02'
mcrc += 'b3e8163c'
mcrc += '0010'
mcrc += '1ba49e165fe954251eb9619f7b1bdf31'
txt += b2a_hex(tea.encrypt(bytes.fromhex(mcrc), bytes.fromhex(key0826))).decode()
txt += '001800160001'
txt += self.fixedData
txt += '00000000' # QQ Hex
txt += '00010000010300140001'
txt += '0010'
txt += 'bd41fd502a59f4863ccde044bb41f728'
txt += '0312000501000000'
txt += '00' # 是否记住密码
txt += '010200620001'
txt += '1169a81f699f52de71ef65e9b42d2d8a'
txt += '0038'
txt += '78b94e76767efdab4dd3b2b0144063f48b57ee27aef152a28aba1f03'
txt += '50f02b17a86787fe47d1b189c43c0be7a7dc8c81c40bb622c78ec85b'
txt += '0014'
txt += '62e172e61421fe8c850c62891efcf7f93a19b892'
data += b2a_hex(tea.encrypt(bytes.fromhex(txt), bytes.fromhex(keyCode))).decode()
data += '03'
data = a2b_hex(data)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(data, self.address)
recvPack = sock.recv(1024)
sock.close()
recvData = b2a_hex(tea.decrypt(recvPack[14:-1],bytes.fromhex(keyCode))).decode()
if recvData[:2]=='06':
qq = str(int(recvData[6:14], 16))
else:
recvData = recvData[8:]
if recvData[:2].lower()=='fc':
qq = str(int(recvData[14:22], 16))
else:
qq = False
return qq