七月五号的时候ayit更新了dr.com的认证方式,更换了Portal认证的方式,原来的脚本没有办法使用了。又抓了下包分析了一波,还好是网页认证比较好搞。以前的时候是直接发post包就可以了,现在需要1.1.1.1重定向给你分配wlanuserip地址然后向这个指定地址进行发送数据,发送的参数也进行了改变。新版的需要携带cookie信息进行校验

其实跟原来的差不多只不过多了一次重定向

python脚本

填写xuehao,passwd,IP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import requests

import re

xuehao = "" # 你的学号
passwd = "" # 密码
ip = "172.19.75.100" # 你要申请的ip

url = "http://1.1.1.1/"
headers = {
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,tr;q=0.7,ee;q=0.6",
"Cache-Control": "no-cache",
"Connection": "keep-alive",
"DNT": "1",
"Pragma": "no-cache",
"Referer": "http://172.168.254.4/",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
}

response = requests.get(url, headers=headers, verify=False)

pattern = r'wlanuserip=(.*?)&'

match = re.search(pattern, str(response.url))

wlanuserip = match.group(1)

print("wlanuserip 的值是:", wlanuserip)

session = requests.Session()

session.headers.update({
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
})

# Add cookies to the session
cookies = {
"program": "aygxy1807",
"vlan": "0",
"ssid": "null",
"areaID": "null",
"ISP_select": "",
"md5_login2": f"%2C0%2C{xuehao}%7C{passwd}",
"ip": f"{ip}"
}
session.cookies.update(cookies)

# Set headers
headers = {
"Accept": "*/*",
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,tr;q=0.7,ee;q=0.6",
"Cache-Control": "no-cache",
"DNT": "1",
"Pragma": "no-cache",
"Referer": "http://172.168.254.4/"
}

url = "http://172.168.254.4:801/eportal/portal/login?callback=dr1003&login_method=1&user_account=%2C0%2C"+str(xuehao)+"&user_password="+str(passwd)+"&wlan_user_ip="+str(wlanuserip)+"&wlan_user_ipv6=&wlan_user_mac=000000000000&wlan_ac_ip=172.168.254.100&wlan_ac_name=&jsVersion=4.2.1&terminal_type=1&lang=zh-cn&v=1540&lang=zh"

response = session.get(url, headers=headers)

print(response.text)

Liunx环境shell脚本

如果你想要在linux环境下进行使用可以使用以下脚本

正则部分可能部分Linux不支持请查看帮助替换指定的参数 如:我在路由器中使用 ‘-oE’

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/bin/bash

# 定义变量
XUEHAO="" # 你的学号
PASSWD="" # 密码
IP="172.19.75.100" # 你要申请的ip
URL="http://1.1.1.1/"
REFERER="http://172.168.254.4/"
USER_AGENT="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"

# 发起第一次请求并获取响应的 URL
RESPONSE_URL=$(curl -s -L -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" \
-H "Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,tr;q=0.7,ee;q=0.6" \
-H "Cache-Control: no-cache" \
-H "Connection: keep-alive" \
-H "DNT: 1" \
-H "Pragma: no-cache" \
-H "Referer: $REFERER" \
-H "Upgrade-Insecure-Requests: 1" \
-H "User-Agent: $USER_AGENT" \
$URL)

# 提取 wlanuserip 值
WLANUSERIP=$(echo $RESPONSE_URL | grep -oP 'wlanuserip=\K[^&]+' -q)

# 使用会话 Cookie 和头信息发起第二次请求
SECOND_URL="http://172.168.254.4:801/eportal/portal/login?callback=dr1003&login_method=1&user_account=%2C0%2C${XUEHAO}&user_password=${PASSWD}&wlan_user_ip=${WLANUSERIP}&wlan_user_ipv6=&wlan_user_mac=000000000000&wlan_ac_ip=172.168.254.100&wlan_ac_name=&jsVersion=4.2.1&terminal_type=1&lang=zh-cn&v=1540&lang=zh"

RESPONSE=$(curl -s -L -H "Accept: */*" \
-H "Accept-Encoding: gzip, deflate" \
-H "Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,tr;q=0.7,ee;q=0.6" \
-H "Cache-Control: no-cache" \
-H "DNT: 1" \
-H "Pragma: no-cache" \
-H "Referer: $REFERER" \
-H "User-Agent: $USER_AGENT" \
--cookie "program=aygxy1807; vlan=0; ssid=null; areaID=null; ISP_select=; md5_login2=%2C0%2C${XUEHAO}%7C${PASSWD}; ip=${IP}" \
$SECOND_URL)

# 打印响应
echo $RESPONSE

自动化脚本自动执行

思路: 如果已经登陆则http://172.168.254.4的响应title为注销页 其余情况则为 上网登录页 可以定时进行判断进行申请

我是用了NID进行判断 服务器编码为GBK格式转换复杂

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
#!/bin/bash

# 指定的网址
URL="http://172.168.254.4"

# 发送GET请求并获取响应的HTML内容
RESPONSE=$(curl -s "$URL")

# 搜索网页内容是否包含 "NID"
if echo "$RESPONSE" | grep -q "NID"; then
echo "login OK!"
else
bash login.sh
fi