It is very troublesome to log in manually every time, and it is interrupted from time to time, so it is more convenient to create a script to monitor it regularly, disconnect and reconnect. I won’t talk about how to write this script here, just record the packet capture content when logging in.
Don't worry, let's go straight to the analysis. It's not complicated and I believe everyone can understand it at a glance.
Table of contents
Packet capture analysis
Login address of the office area network: https://172.25.31.129:9444/
For Base64 encoding, you can see here: Base64 online encoding and decoding | Base64 encryption and decryption - Base64.us
Extract main information:
请求 URL:
https://172.25.31.129:9444/byod/byodrs/login/defaultLogin
请求方法:
POST
请求头:
cookie=testcookie=yes; userip=分给你的IP,连上WiFi就会给你
请求负载:(为方便展示,实际请求时候不要有空格或者换行)
{
"username":"你的学号",
"userPassword":"登录密码并使用base64编码",
"serviceSuffixId":"-1",
"dynamicPwdAuth":false,
"code":"",
"codeTime":"",
"validateCode":"",
"licenseCode":"",
"userGroupId":0,
"validationType":0,
"guestManagerId":0,
"shopIdE":null,
"wlannasid":null
}
Postman test request
Python simulation
import requests
import socket
def get_local_ip():
ip_address = ''
try:
hostname = socket.gethostname()
ip_address = socket.gethostbyname(hostname)
except:
pass
return ip_address
url = r'https://172.25.31.129:9444/byod/byodrs/login/defaultLogin'
data = {"userName":"学号","userPassword":"密码的base64编码","serviceSuffixId":"-1","dynamicPwdAuth":False,"code":"","codeTime":"","validateCode":"","licenseCode":"","userGroupId":0,"validationType":0,"guestManagerId":0,"shopIdE":None,"wlannasid":None}
headers = {"cookie":"testcookie=yes; userip="+get_local_ip()}
res = requests.post(url, json=data, headers=headers, verify=False).text
print(res)