经过测试,cookie需要携带gid和timestamp2。参数排列有点乱,仅供参考。xhsFingerprintV3,VERSION:'2.1.2'流程概述首次访问无cookie,fe_api/burdock/v2/shield/registerCanvas?p=cc接口返回timestamp2。gid和gid.sign参数由/fe_api/burdock/v2/shield/profile接口返回。此时的gid还没有验证,不能使用。然后通过/ca/v1/register接口注册验证码。返回rid和验证码信息。然后通过/ca/v2/fverify接口提交验证信息。验证后携带cookie和deviceId信息,/fe_api/burdock/v2/shield/captcha?c=pp接口对设备和cookie信息进行认证。验证成功后,用gid和timestamp2就可以正常访问了。或者可以先注册验证码,完成/v2/fverify的验证;然后注册gid,然后根据gid生成timestamp2。最后完成/v2/shield/captcha验证。timestamp2timestamp2与上一版相同,不再赘述。xhr定位就够了。sign=l("G89CfW4k",t,base64_t);id=md5(sign+"RRq9y03tuV")滑块验证参数Params_0x225e91,_0xffa132为DES加密使用的字符串和密钥,可以复制到在线加密工具中进行测试。字符串为0.05,密钥为8bf2ae7b,加密后的结果与浏览器返回的结果相同。DES加密算法,模式ECB,填充ZeroPadding,无iv。轨迹FN移动距离253。轨迹参数用Des解密后,可以发现最后一组数字是拖动距离。验证码deviceIddeviceId是最后需要shield/captcha?c=pp验证。SMSdk.getDeviceId()getDeviceId()方法显示_0x622d0e还没有加密,执行完_0x645c91_0x36bd7e(0x1c0);后,在注册gid时使用加密后的deviceIdProfileDatashield/profile。配置文件数据。定位调试。'{"x1":"Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/104.0.0.0Safari/537.36","x2":false,"x3":"zh-CN","x4":24,"x5":8,"x6":1,"x8":20,"x9":"1920;1080","x10":"1920;1040","x11":-480,"x12":"亚洲/上海","x13":true,"x14":true,"x15":true,"x16":false,"x17":true,"x18":"unknown","x19":"Win32","x20":"unknown","x21":"PDFViewer,PortableDocumentFormat,application/pdf,pdf,text/pdf,pdf;ChromePDFViewer,PortableDocumentFormat,application/pdf,pdf,text/pdf,pdf;ChromiumPDF查看器,便携文档格式,application/pdf,pdf,text/pdf,pdf;MicrosoftEdgePDF查看器,便携文档格式,application/pdf,pdf,text/pdf,pdf;内置WebKitPDF,便携文档格式,application/pdf,pdf,text/pdf,pdf","x22":"10cfbbb02b2606dbc2ccb15a3cd2b558","x23":false,"x24":false,"x25":false,"x26":false"x27":false,"x28":"0;false;false","x29":"4;7;8","x30":"未加载swf对象","x31":"124.04347527516074","x32":"id=;gid=a0034395f52573a18eca1fa7063d8fdcfc49bdd8deeb6a38a3db74db970fb504;audioinput;;id=;gid=a0034395f52573a18eca1fa7063d8fdcfc49bdd8deeb6a38a3db74db970fb504;audiooutput;","x33":0,"x34":0,"x35":0,"x36":1,“x37”:“0|0|0|0|0|0|0|0|0”,“x38”:“0|0|0|0|1|0|0|0|0|0”}'代码比较简单,扣出来调用就可以了,但是要注意提交的参数,x22是canvas,必须和注册的timestamp2保持一致,x32是一个动态值,x32的gid是指groupIdwebRTC中的本地媒体MediaDevice,和cookie中的gid不同。检查chrome的enumerateDevices:navigator.mediaDevices.enumerateDevices().then((list)=>{console.log(list);});这个Id每次访问都会变,可以自己生成一个随机字符串。当设备被限制时,可以替换canvasId和enumerateDevices的Id。x-s-commonx-s-common用的比较多,需要注册和验证。x-s-通用定位。其他参数如下。x5:Dt.a.get("a1"),x8:localStorage.getItem("b1"),x9:fn(P()(t=P()(n="".concat(r)).call(n,o)).call(t,localStorage.getItem("b1")))x5生成x5依cookie的a1参数document={}document.cookie='smidV2=202210181839545813c4484407e8fd7dec32a81165dfce00c99e85ffa19023ff0;a1=1843b69be841gkjrtg498n4cr8tw29sxm8l4mk2cs00000809560;gid=yY4qDKjDSq68yY4qDKjDdYTJY4ykTVF9k4jY1SMI4SFY9488EJjMC6888Y8j2K88JfjSJK2y'n={读:函数(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},写:function(e){returnencodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}}functionx5_get(e){if("undefined"!=typeofdocument&&(!arguments.length||e)){for(vart=document.cookie?document.cookie.split(";"):[],r={},o=0;o
