一些日常

甲铁城2与暗杀15

2016年4月19日 esterTion 留下评论

仅供参考

比♂利比♂利

登录系统更新的后话

2016年4月6日 esterTion 留下评论

昨天因为一些事情，又关注到了b的登录系统

从各种意义上来说，现在的登录管理算是很安全了

去年的时候看到的那些帖子，比如借给别人号，没法注销，改密码也能用。

现在这些问题已经没了

改密码后，所有与该账号对应的accesskey全部删除

至于cookie，改后只有passport底下失效，member倒是可以正常打开，应该是验证系统没有改进吧

脚本之家

B站上传Shell

2016年4月2日 esterTion 留下评论

写起来也不算很复杂就是了~

-user <用户名> 登录
-getnew 获取地址
-file <filename> 指定文件上传
按步骤进行，登陆过可直接获取，cookie可能会过期

#!/bin/sh

while [[ $1 != "" ]]; do
  case $1 in
    -user)
      user=$2
      shift 2
    ;;
    -file)
      file=$2
      shift 2
    ;;
    -silent)
      silent=" -s"
      shift 1
    ;;
    -getnew)
      getnew="true"
      shift 1
    ;;
    -h|--help)
      echo "BiliBili Uploader in shell
  by lcz970

-h --help
  输出本帮助信息

-user <userid> 
  登录模式，指定用户名，密码将在执行时询问，用于获取cookie

-getnew
  获取地址，获取后写入文件方可开始上传，需要cookie正常获取

-file <path/to/file>
  上传模式，读取给定的文件并上传，需要存在可用的上传地址
-silent
  静默上传，不输出curl信息，只显示切片字节"
      exit
    ;;
    *)
      echo "未知参数 $1"
      exit
    ;;
  esac
done

if [[ $user != "" ]]; then
  echo "登陆用户 $user"
  read -s -p "输入密码 " pwd
  if [[ $pwd == "" ]]; then echo "密码为空"; exit; fi
  echo -e "\n登陆中..."
  return=$(curl -s --data "userid=$user&pwd=$pwd" "https://passport.bilibili.com/ajax/miniLogin/login" -c /tmp/bili_cookie)
  if [[ $return != ${return#*status\"\:true} ]]; then echo "登陆成功"; else echo "登陆失败"; echo $return; fi
  exit
fi

if [[ $getnew == "true" ]]; then
  echo "获取新上传地址"
  return=$(curl -s "http://member.bilibili.com/get_vupload_url" -b /tmp/bili_cookie)
  if [[ $return == ${return#*url\"\:} ]]; then echo "获取失败"; echo $return; else
    url=${return#*url\"\:\"}
    until [[ "$url" == "${url%\"*}" ]]; do url="${url%\"*}"; done
    filename=${return#*file_name\"\:\"}
    until [[ "$filename" == "${filename%\"*}" ]]; do filename="${filename%\"*}"; done
    echo -e "上传服务器：${url:7:5}\n上传文件名 $filename\n地址已保存"
    echo -n $url >/tmp/bili_upload_url
  fi
  exit
fi

if [[ $file == "" ]]; then
  echo "上传必需参数不足，-h查看帮助"
  exit
fi

if [[ ! -f $file ]]; then
  echo "文件不存在"
  exit
fi

if [[ ! -f /tmp/bili_upload_url ]]; then
  echo "上传地址不存在，请使用-getnew获取"
  exit
fi

url=$(</tmp/bili_upload_url)
filename=${url#*filename=}; until [[ "$filename" == "${filename%&*}" ]]; do filename="${filename%&*}"; done
hash=${url#*hash=}; until [[ "$hash" == "${hash%&*}" ]]; do hash="${hash%&*}"; done
uploadFile=$file; until [[ "$uploadFile" == "${uploadFile#*/}" ]]; do uploadFile="${uploadFile#*/}"; done

echo "上传服务器：${url:7:5}
上传vid： $filename
上传文件：$uploadFile"

size=$(ls -l "$file")
size=${size#* * * * }
until [[ "$size" == "${size% *}" ]]; do size="${size% *}"; done
let start=0 sizeR=size-1
let M=size/1024/1024 "K=(size-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; sizeh=$M.$K

while (( $start < $size )); do
  let block=512*1024 end=start+block-1
  if (( $end >= $sizeR )); then
    let end=sizeR block=end-start+1
  fi
  let M=start/1024/1024 "K=(start-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; starth=$M.$K
  let M=end/1024/1024 "K=(end-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; endh=$M.$K
  let "percent=start/(size/10000)" percentI=percent/100 "percentD=percent-(percentI*100)"
  if (( $percentI < 10 )); then percentI=0$percentI; fi
  if (( $percentD < 10 )); then percentD=0$percentD; fi
  echo "上传分片 ${starth}M-${endh}M/${sizeh}M($start-$end/$size) $percentI.$percentD%"
  dd "if=$file" of=/tmp/part.flv skip=$start bs=$block count=1 iflag=skip_bytes status=none
  return=
  return=$(curl "$url" -A "Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101 Firefox/43.0.4" -H "Content-Range: bytes $start-$end/$size" -H "Content-Disposition: attachment" -F "files[]=@/tmp/part.flv;type=video/x-flv;filename=\"$uploadFile\""$silent)
  if [[ $silent == "" ]]; then echo; fi
  if [[ $return == "-1" ]]; then echo "无效地址"; exit; fi
  if [[ "$return" == "${return#*size\"\:}" ]]; then
    echo "上传出错，重新尝试"
  else
    current=${return#*size\"\:}
    until [[ "$current" == "${current%,*}" ]]; do current="${current%,*}"; done
    start=$current
  fi
  rm -rf /tmp/part.flv
done

echo "完成
投稿代码：
[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#"
echo -e "[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#\r" >>~/bili_upload_history.txt

脚本之家

历物语 – Shell

2016年4月1日 esterTion 留下评论

丢在这里了
所有文件保存在/tmp/koyomi
运行时需要密钥，可通过抓包客户端保存

https://lambda.ap-northeast-1.amazonaws.com/2015-03-31/functions/koyomimonogatari_app_auth_get/invocations

请求，保存json为/tmp/koyomi/key，并在脚本中指定HTTPS代理 $proxy ，即可正常运作
koyomi为批量下载一整集视频，自动选择最高清晰度
koyomi-raw为下载单个文件

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){
	keydata=$(cat /tmp/koyomi/key)
	k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done
	p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done
	s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done
	cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"
  s=; if [[ $2 == "s" ]]; then s="-s "; fi
  if [[ $2 == "c" ]]; then s="-C - "; fi
  mkdir -p /tmp/koyomi/${1%/*}
  done=no
  while [[ $done == no ]]; do
    curl --connect-timeout 30 -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s
    errno=$?
    if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi
    if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else if [[ $errno != 18 ]]; then done=done; fi; fi
  done
  if [[ -e /tmp/koyomi/$1 ]]; then
  if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then
    echo "密钥已失效"
    rm -f /tmp/koyomi/key
    exit
  fi; fi
}


if [[ $1 == "" ]]; then
  echo "请输入集数"
  exit
fi

if [[ ! -e /tmp/koyomi/key ]]; then
  echo "密钥文件缺失"
  exit
fi



basepath=movie/koyomi_$1
#basepath=movie/$1
echo -n "获取信息..."
downitem "$basepath/index.m3u8" s
if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$basepath/index.m3u8) != "" ]]; then
  echo "该集不存在"
  exit
fi
echo "完成"
info=$(cat /tmp/koyomi/$basepath/index.m3u8)
br=0k
bw=0
until [[ "$info" == "${info%.m3u8*}" ]];do
  info=${info%.m3u8*}
  curbw=$(echo -n "$info" | tail -n 2)
  curbr=$(echo -n "$curbw" | tail -n 1)
  curbw=${curbw#*BANDWIDTH=}; until [[ "$curbw" == "${curbw%,*}" ]];do curbw=${curbw%,*}; done
  curbr=${curbr%bps/*}
  echo "$br $bw $curbr $curbw"
  if (( $curbw > $bw )); then bw=$curbw; br=$curbr; fi
done
filepath=$basepath/${br}bps
echo -n "${br}bps 获取分段..."
downitem "$filepath/movie_.m3u8" s
seginfo=$(cat /tmp/koyomi/$filepath/movie_.m3u8)
segs=${seginfo%.ts*}
until [[ "$segs" == "${segs#*movie_}" ]];do segs=${segs#*movie_}; done
until [[ "$segs" == "${segs#0}" ]];do segs=${segs#0}; done
let segs++
echo "共$segs分段"

downitem $filepath/vdata
cur=0
while (( $cur < $segs )); do
  if (( $cur < 1000 )); then file="movie_00$cur.ts"; fi
  if (( $cur < 100 )); then file="movie_000$cur.ts"; fi
  if (( $cur < 10 )); then file="movie_0000$cur.ts"; fi
  echo -e "\r\n\r-----------------------\n$file"
  downitem $filepath/$file c
  if [[ ! -e /tmp/koyomi/$filepath/$file ]]; then let cur--; fi
  let cur++
done

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){
	keydata=$(cat /tmp/koyomi/key)
	k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done
	p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done
	s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done
	cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"
  s=; if [[ $2 == "s" ]]; then s="-s "; fi
  if [[ $2 == "c" ]]; then s="-C - "; fi
  mkdir -p /tmp/koyomi/${1%/*}
  done=no
  while [[ $done == no ]]; do
    curl -v -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s
    errno=$?
    if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi
    if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else done=done; fi
  done
  if [[ -e /tmp/koyomi/$1 ]]; then
  if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then
    echo "密钥已失效"
    rm -f /tmp/koyomi/key
    exit
  fi; fi
}


if [[ $1 == "" ]]; then
  echo "请输入集数"
  exit
fi

if [[ ! -e /tmp/koyomi/key ]]; then
  echo "密钥文件缺失"
  exit
fi

downitem $1

if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$1) != "" ]]; then
  echo "文件不存在"
  rm /tmp/koyomi/$1
  exit
fi

作死笔录

扫描收藏夹那些事~

2016年3月29日 esterTion 2条评论

本来想在微博发的，想想算了，给自己惹事

和群里几个人密谋了一个计划，进行了两周，结束了
整理整理自己的作死经历

很久以前就注意到B的收藏夹了，大概是上次换API的时候。收藏夹这个东西，首先是视个人隐私设定如无物，只要有mid随便看别人的收藏夹。其次就是，除了投稿的list信息，收藏夹有剩下的所有信息。
于是来灵感了，全扫一遍怎么样
于是谋划了这个计划

其中一开头就遇到了问题

这里得出了B站收藏夹的一个奇怪的特性
收藏夹号称无上限，实际上是有上限的，上限30000个。但是这个上限和平时的上限不太一样，在加满30000个的状态下，添加第30001个视频的时候，收藏夹里是找不到这个视频的，但是它并不是没有添加上，而是处于一个“溢出”的状态。如果删除前30000个里的一个，则第30001个进入收藏列表，收藏夹总数依旧显示30000。

历时两周，扫下了4100000前的数据