ChallengeResponseTest

1. #!/usr/bin/env python
2. # -*- coding: utf-8 -*-
3.  
4. import re, urllib2, requests
5. from pyquery import PyQuery as pq
6. from ctypes import c_int32
7.  
8. def decode_string(in_str):
9.     return urllib2.unquote(in_str)
10.  
11. def decode_action(d):
12.     f = d("form").eq(0)
13.     action = d(f).attr('action')
14.     d(f).attr('action', decode_string(action))
15.  
16. def submit_form(d):
17.     e = d("input")
18.     for i in [1,2,5,7]:
19.         d(e[i]).attr("value", decode_string(d(e[i]).attr("value")))
20.     ">>>"
21.     form_elements = {}
22.     for el in e:
23.         form_elements[d(el).attr("name")] = d(el).attr("value")
24.     return (d("form").attr("action"), form_elements)
25.     "<<<"
26.  
27. def challenge(html):
28.     d = pq(html)
29.     table = re.search(r'var table = "([^"]+)"', html).groups()[0]
30.     c = int(re.search(r'var c = (.*)\n', html).groups()[0])
31.     slt = re.search(r'var slt = "([^"]+)"', html).groups()[0]
32.     s1 = re.search(r"var s1 = '([^']+)'", html).groups()[0]
33.     s2 = re.search(r"var s2 = '([^']+)'", html).groups()[0]
34.     n = int(re.search(r'var n = (.*)\n', html).groups()[0])
35.     something = re.search(r'.value="([^"]+):" \+ chlg', html).groups()[0]
36.    
37.     " DEBUG OUTPUT FOLLOWS "
38.     print "########################################################################"
39.     #print("var table = \"%s\";" % table)
40.     print("var c = %d" % c)
41.     print("var slt = \"%s\"" % slt)
42.     print("var s1 = '%s'" % s1)
43.     print("var s2 = '%s'" % s2)
44.     print("var n = %d" % n)
45.     print("something=%s" % something)
46.    
47.     start = ord(s1[0])
48.     end = ord(s2[0])
49.     arr = [None]*n
50.     m = ((end - start) + 1)**n
51.     chlg = u""
52.     for i in range(n):
53.         arr[i] = s1
54.     for i in range(m - 1):
55.         j = n - 1
56.         while j >= 0:
57.             t = ord(arr[j][0])
58.             t += 1
59.             arr[j] = unichr(t)
60.             if ord(arr[j][0]) <= end:
61.                 break
62.             else:
63.                 arr[j] = s1
64.             j -= 1
65.         chlg = u"".join(arr)
66.         js_str = chlg + slt
67.         crc = 0
68.         crc = c_int32(crc).value ^ (-1)
69.         for k in js_str:
70.             table_offset = ((c_int32(crc).value ^ c_int32(ord(k)).value) & 0x000000FF) * 9
71.             table_data = int(table[table_offset:table_offset + 8],16)
72.             crc = (c_int32(crc).value >> 8) ^ c_int32(table_data).value
73.         crc = crc ^ (-1)
74.         crc = abs(crc)
75.         if crc == c:
76.             break
77.     d(d("input").eq(1)).attr("value", u"%s:%s:%s:%d" % (something, chlg, slt, crc))
78.     decode_action(d)
79.     return submit_form(d)
80.  
81. url = "http://lema.rae.es/drae/srv/search?val=hacer"
82. headers = {
83.     "Host" : "lema.rae.es",
84.     "User-Agent" : "Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0",
85.     "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
86.     "Accept-Language": "de,en-US;q=0.7,en;q=0.3",
87.     "Accept-Encoding": "gzip, deflate",
88.     "DNT": "1"
89. }
90. s = requests.Session()
91. s.headers.update(headers)
92. r1 = s.get(url=url)
93. html = r1.content.decode("utf-8")
94. _, formdata = challenge(html)
95. req = requests.Request('POST',  url, data=formdata, headers={ "Referer": url })
96. prepped = s.prepare_request(req)
97. r2 = s.send(prepped)
98.  
99. " DEBUG OUTPUT FOLLOWS "
100. print "########################################################################"
101. print r1.headers
102. """
103. {'content-length': '5484', 'content-type': 'text/html', 'pragma': 'no-cache', 'cache-control': 'no-cache'}
104. """
105. print r1.request.headers
106. """
107. {'Accept-Language': 'de,en-US;q=0.7,en;q=0.3',
108. 'Accept-Encoding': 'gzip, deflate', 'Connection': 'keep-alive',
109. 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
110. 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0',
111. 'DNT': '1', 'Host': 'lema.rae.es'}
112. """
113. print "########################################################################"
114. print formdata
115. print "########################################################################"
116. print r2.headers
117. """
118. This is not what I expected!
119. {'content-length': '5799', 'content-type': 'text/html', 'pragma': 'no-cache', 'cache-control': 'no-cache'}
120. """
121. print r2.request.headers
122. """
123. {'Content-Length': '189',
124. 'Accept-Language': 'de,en-US;q=0.7,en;q=0.3',
125. 'Accept-Encoding': 'gzip, deflate', 'Connection': 'keep-alive',
126. 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
127. 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0',
128. 'DNT': '1', 'Host': 'lema.rae.es', 'Referer': 'http://lema.rae.es/drae/srv/search?val=hacer',
129. 'Content-Type': 'application/x-www-form-urlencoded'}
130. """
131. print "########################################################################"