比♂利比♂利

登录系统更新的后话

2016年4月6日 esterTion 留下评论

昨天因为一些事情，又关注到了b的登录系统

从各种意义上来说，现在的登录管理算是很安全了

去年的时候看到的那些帖子，比如借给别人号，没法注销，改密码也能用。

现在这些问题已经没了

改密码后，所有与该账号对应的accesskey全部删除

至于cookie，改后只有passport底下失效，member倒是可以正常打开，应该是验证系统没有改进吧

脚本之家

B站上传Shell

2016年4月2日 esterTion 留下评论

写起来也不算很复杂就是了~

-user <用户名> 登录
-getnew 获取地址
-file <filename> 指定文件上传
按步骤进行，登陆过可直接获取，cookie可能会过期

#!/bin/sh

while [[ $1 != "" ]]; do
  case $1 in
    -user)
      user=$2
      shift 2
    ;;
    -file)
      file=$2
      shift 2
    ;;
    -silent)
      silent=" -s"
      shift 1
    ;;
    -getnew)
      getnew="true"
      shift 1
    ;;
    -h|--help)
      echo "BiliBili Uploader in shell
  by lcz970

-h --help
  输出本帮助信息

-user <userid> 
  登录模式，指定用户名，密码将在执行时询问，用于获取cookie

-getnew
  获取地址，获取后写入文件方可开始上传，需要cookie正常获取

-file <path/to/file>
  上传模式，读取给定的文件并上传，需要存在可用的上传地址
-silent
  静默上传，不输出curl信息，只显示切片字节"
      exit
    ;;
    *)
      echo "未知参数 $1"
      exit
    ;;
  esac
done

if [[ $user != "" ]]; then
  echo "登陆用户 $user"
  read -s -p "输入密码 " pwd
  if [[ $pwd == "" ]]; then echo "密码为空"; exit; fi
  echo -e "\n登陆中..."
  return=$(curl -s --data "userid=$user&pwd=$pwd" "https://passport.bilibili.com/ajax/miniLogin/login" -c /tmp/bili_cookie)
  if [[ $return != ${return#*status\"\:true} ]]; then echo "登陆成功"; else echo "登陆失败"; echo $return; fi
  exit
fi

if [[ $getnew == "true" ]]; then
  echo "获取新上传地址"
  return=$(curl -s "http://member.bilibili.com/get_vupload_url" -b /tmp/bili_cookie)
  if [[ $return == ${return#*url\"\:} ]]; then echo "获取失败"; echo $return; else
    url=${return#*url\"\:\"}
    until [[ "$url" == "${url%\"*}" ]]; do url="${url%\"*}"; done
    filename=${return#*file_name\"\:\"}
    until [[ "$filename" == "${filename%\"*}" ]]; do filename="${filename%\"*}"; done
    echo -e "上传服务器：${url:7:5}\n上传文件名 $filename\n地址已保存"
    echo -n $url >/tmp/bili_upload_url
  fi
  exit
fi

if [[ $file == "" ]]; then
  echo "上传必需参数不足，-h查看帮助"
  exit
fi

if [[ ! -f $file ]]; then
  echo "文件不存在"
  exit
fi

if [[ ! -f /tmp/bili_upload_url ]]; then
  echo "上传地址不存在，请使用-getnew获取"
  exit
fi

url=$(</tmp/bili_upload_url)
filename=${url#*filename=}; until [[ "$filename" == "${filename%&*}" ]]; do filename="${filename%&*}"; done
hash=${url#*hash=}; until [[ "$hash" == "${hash%&*}" ]]; do hash="${hash%&*}"; done
uploadFile=$file; until [[ "$uploadFile" == "${uploadFile#*/}" ]]; do uploadFile="${uploadFile#*/}"; done

echo "上传服务器：${url:7:5}
上传vid： $filename
上传文件：$uploadFile"

size=$(ls -l "$file")
size=${size#* * * * }
until [[ "$size" == "${size% *}" ]]; do size="${size% *}"; done
let start=0 sizeR=size-1
let M=size/1024/1024 "K=(size-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; sizeh=$M.$K

while (( $start < $size )); do
  let block=512*1024 end=start+block-1
  if (( $end >= $sizeR )); then
    let end=sizeR block=end-start+1
  fi
  let M=start/1024/1024 "K=(start-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; starth=$M.$K
  let M=end/1024/1024 "K=(end-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; endh=$M.$K
  let "percent=start/(size/10000)" percentI=percent/100 "percentD=percent-(percentI*100)"
  if (( $percentI < 10 )); then percentI=0$percentI; fi
  if (( $percentD < 10 )); then percentD=0$percentD; fi
  echo "上传分片 ${starth}M-${endh}M/${sizeh}M($start-$end/$size) $percentI.$percentD%"
  dd "if=$file" of=/tmp/part.flv skip=$start bs=$block count=1 iflag=skip_bytes status=none
  return=
  return=$(curl "$url" -A "Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101 Firefox/43.0.4" -H "Content-Range: bytes $start-$end/$size" -H "Content-Disposition: attachment" -F "files[]=@/tmp/part.flv;type=video/x-flv;filename=\"$uploadFile\""$silent)
  if [[ $silent == "" ]]; then echo; fi
  if [[ $return == "-1" ]]; then echo "无效地址"; exit; fi
  if [[ "$return" == "${return#*size\"\:}" ]]; then
    echo "上传出错，重新尝试"
  else
    current=${return#*size\"\:}
    until [[ "$current" == "${current%,*}" ]]; do current="${current%,*}"; done
    start=$current
  fi
  rm -rf /tmp/part.flv
done

echo "完成
投稿代码：
[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#"
echo -e "[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#\r" >>~/bili_upload_history.txt

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

#!/bin/sh

while [[ $1 != "" ]]; do

case $1 in

-user)

user=$2

shift 2

;;

-file)

file=$2

shift 2

;;

-silent)

silent=" -s"

shift 1

;;

-getnew)

getnew="true"

shift 1

;;

-h|--help)

echo "BiliBili Uploader in shell

by lcz970

-h --help

输出本帮助信息

-user <userid>

登录模式，指定用户名，密码将在执行时询问，用于获取cookie

-getnew

获取地址，获取后写入文件方可开始上传，需要cookie正常获取

-file <path/to/file>

上传模式，读取给定的文件并上传，需要存在可用的上传地址

-silent

静默上传，不输出curl信息，只显示切片字节"

exit

;;

echo "未知参数 $1"

exit

;;

esac

done

if [[ $user != "" ]]; then

echo "登陆用户 $user"

read -s -p "输入密码 " pwd

if [[ $pwd == "" ]]; then echo "密码为空"; exit; fi

echo -e "\n登陆中..."

return=$(curl -s --data "userid=$user&pwd=$pwd" "https://passport.bilibili.com/ajax/miniLogin/login" -c /tmp/bili_cookie)

if [[ $return != ${return#*status\"\:true} ]]; then echo "登陆成功"; else echo "登陆失败"; echo $return; fi

exit

if [[ $getnew == "true" ]]; then

echo "获取新上传地址"

return=$(curl -s "http://member.bilibili.com/get_vupload_url" -b /tmp/bili_cookie)

if [[ $return == ${return#*url\"\:} ]]; then echo "获取失败"; echo $return; else

url=${return#*url\"\:\"}

until [[ "$url" == "${url%\"*}" ]]; do url="${url%\"*}"; done

filename=${return#*file_name\"\:\"}

until [[ "$filename" == "${filename%\"*}" ]]; do filename="${filename%\"*}"; done

echo -e "上传服务器：${url:7:5}\n上传文件名 $filename\n地址已保存"

echo -n $url >/tmp/bili_upload_url

exit

if [[ $file == "" ]]; then

echo "上传必需参数不足，-h查看帮助"

exit

if [[ ! -f $file ]]; then

echo "文件不存在"

exit

if [[ ! -f /tmp/bili_upload_url ]]; then

echo "上传地址不存在，请使用-getnew获取"

exit

url=$(</tmp/bili_upload_url)

filename=${url#*filename=}; until [[ "$filename" == "${filename%&*}" ]]; do filename="${filename%&*}"; done

hash=${url#*hash=}; until [[ "$hash" == "${hash%&*}" ]]; do hash="${hash%&*}"; done

uploadFile=$file; until [[ "$uploadFile" == "${uploadFile#*/}" ]]; do uploadFile="${uploadFile#*/}"; done

echo "上传服务器：${url:7:5}

上传vid： $filename

上传文件：$uploadFile"

size=$(ls -l "$file")

size=${size#* * * * }

until [[ "$size" == "${size% *}" ]]; do size="${size% *}"; done

let start=0 sizeR=size-1

let M=size/1024/1024 "K=(size-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; sizeh=$M.$K

while (( $start < $size )); do

let block=512*1024 end=start+block-1

if (( $end >= $sizeR )); then

let end=sizeR block=end-start+1

let M=start/1024/1024 "K=(start-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; starth=$M.$K

let M=end/1024/1024 "K=(end-M*1024*1024)/1024*100/1024"; if (( $K < 10 )); then K=0$K; fi; endh=$M.$K

let "percent=start/(size/10000)" percentI=percent/100 "percentD=percent-(percentI*100)"

if (( $percentI < 10 )); then percentI=0$percentI; fi

if (( $percentD < 10 )); then percentD=0$percentD; fi

echo "上传分片 ${starth}M-${endh}M/${sizeh}M($start-$end/$size) $percentI.$percentD%"

dd "if=$file" of=/tmp/part.flv skip=$start bs=$block count=1 iflag=skip_bytes status=none

return=

return=$(curl "$url" -A "Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101 Firefox/43.0.4" -H "Content-Range: bytes $start-$end/$size" -H "Content-Disposition: attachment" -F "files[]=@/tmp/part.flv;type=video/x-flv;filename=\"$uploadFile\""$silent)

if [[ $silent == "" ]]; then echo; fi

if [[ $return == "-1" ]]; then echo "无效地址"; exit; fi

if [[ "$return" == "${return#*size\"\:}" ]]; then

echo "上传出错，重新尝试"

else

current=${return#*size\"\:}

until [[ "$current" == "${current%,*}" ]]; do current="${current%,*}"; done

start=$current

rm -rf /tmp/part.flv

done

echo "完成

投稿代码：

[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#"

echo -e "[vupload]$filename;$uploadFile;2;[/vupload]#p#这里填分P标题#e#\r" >>~/bili_upload_history.txt

脚本之家

历物语 – Shell

2016年4月1日 esterTion 留下评论

丢在这里了
所有文件保存在/tmp/koyomi
运行时需要密钥，可通过抓包客户端保存

https://lambda.ap-northeast-1.amazonaws.com/2015-03-31/functions/koyomimonogatari_app_auth_get/invocations

请求，保存json为/tmp/koyomi/key，并在脚本中指定HTTPS代理 $proxy ，即可正常运作
koyomi为批量下载一整集视频，自动选择最高清晰度
koyomi-raw为下载单个文件

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){
	keydata=$(cat /tmp/koyomi/key)
	k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done
	p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done
	s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done
	cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"
  s=; if [[ $2 == "s" ]]; then s="-s "; fi
  if [[ $2 == "c" ]]; then s="-C - "; fi
  mkdir -p /tmp/koyomi/${1%/*}
  done=no
  while [[ $done == no ]]; do
    curl --connect-timeout 30 -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s
    errno=$?
    if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi
    if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else if [[ $errno != 18 ]]; then done=done; fi; fi
  done
  if [[ -e /tmp/koyomi/$1 ]]; then
  if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then
    echo "密钥已失效"
    rm -f /tmp/koyomi/key
    exit
  fi; fi
}


if [[ $1 == "" ]]; then
  echo "请输入集数"
  exit
fi

if [[ ! -e /tmp/koyomi/key ]]; then
  echo "密钥文件缺失"
  exit
fi



basepath=movie/koyomi_$1
#basepath=movie/$1
echo -n "获取信息..."
downitem "$basepath/index.m3u8" s
if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$basepath/index.m3u8) != "" ]]; then
  echo "该集不存在"
  exit
fi
echo "完成"
info=$(cat /tmp/koyomi/$basepath/index.m3u8)
br=0k
bw=0
until [[ "$info" == "${info%.m3u8*}" ]];do
  info=${info%.m3u8*}
  curbw=$(echo -n "$info" | tail -n 2)
  curbr=$(echo -n "$curbw" | tail -n 1)
  curbw=${curbw#*BANDWIDTH=}; until [[ "$curbw" == "${curbw%,*}" ]];do curbw=${curbw%,*}; done
  curbr=${curbr%bps/*}
  echo "$br $bw $curbr $curbw"
  if (( $curbw > $bw )); then bw=$curbw; br=$curbr; fi
done
filepath=$basepath/${br}bps
echo -n "${br}bps 获取分段..."
downitem "$filepath/movie_.m3u8" s
seginfo=$(cat /tmp/koyomi/$filepath/movie_.m3u8)
segs=${seginfo%.ts*}
until [[ "$segs" == "${segs#*movie_}" ]];do segs=${segs#*movie_}; done
until [[ "$segs" == "${segs#0}" ]];do segs=${segs#0}; done
let segs++
echo "共$segs分段"

downitem $filepath/vdata
cur=0
while (( $cur < $segs )); do
  if (( $cur < 1000 )); then file="movie_00$cur.ts"; fi
  if (( $cur < 100 )); then file="movie_000$cur.ts"; fi
  if (( $cur < 10 )); then file="movie_0000$cur.ts"; fi
  echo -e "\r\n\r-----------------------\n$file"
  downitem $filepath/$file c
  if [[ ! -e /tmp/koyomi/$filepath/$file ]]; then let cur--; fi
  let cur++
done

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){

keydata=$(cat /tmp/koyomi/key)

k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done

p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done

s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done

cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"

s=; if [[ $2 == "s" ]]; then s="-s "; fi

if [[ $2 == "c" ]]; then s="-C - "; fi

mkdir -p /tmp/koyomi/${1%/*}

done=no

while [[ $done == no ]]; do

curl --connect-timeout 30 -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s

errno=$?

if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi

if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else if [[ $errno != 18 ]]; then done=done; fi; fi

done

if [[ -e /tmp/koyomi/$1 ]]; then

if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then

echo "密钥已失效"

rm -f /tmp/koyomi/key

exit

fi; fi

}

if [[ $1 == "" ]]; then

echo "请输入集数"

exit

if [[ ! -e /tmp/koyomi/key ]]; then

echo "密钥文件缺失"

exit

basepath=movie/koyomi_$1

#basepath=movie/$1

echo -n "获取信息..."

downitem "$basepath/index.m3u8" s

if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$basepath/index.m3u8) != "" ]]; then

echo "该集不存在"

exit

echo "完成"

info=$(cat /tmp/koyomi/$basepath/index.m3u8)

br=0k

bw=0

until [[ "$info" == "${info%.m3u8*}" ]];do

info=${info%.m3u8*}

curbw=$(echo -n "$info" | tail -n 2)

curbr=$(echo -n "$curbw" | tail -n 1)

curbw=${curbw#*BANDWIDTH=}; until [[ "$curbw" == "${curbw%,*}" ]];do curbw=${curbw%,*}; done

curbr=${curbr%bps/*}

echo "$br $bw $curbr $curbw"

if (( $curbw > $bw )); then bw=$curbw; br=$curbr; fi

done

filepath=$basepath/${br}bps

echo -n "${br}bps 获取分段..."

downitem "$filepath/movie_.m3u8" s

seginfo=$(cat /tmp/koyomi/$filepath/movie_.m3u8)

segs=${seginfo%.ts*}

until [[ "$segs" == "${segs#*movie_}" ]];do segs=${segs#*movie_}; done

until [[ "$segs" == "${segs#0}" ]];do segs=${segs#0}; done

let segs++

echo "共$segs分段"

downitem $filepath/vdata

cur=0

while (( $cur < $segs )); do

if (( $cur < 1000 )); then file="movie_00$cur.ts"; fi

if (( $cur < 100 )); then file="movie_000$cur.ts"; fi

if (( $cur < 10 )); then file="movie_0000$cur.ts"; fi

echo -e "\r\n\r-----------------------\n$file"

downitem $filepath/$file c

if [[ ! -e /tmp/koyomi/$filepath/$file ]]; then let cur--; fi

let cur++

done

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){
	keydata=$(cat /tmp/koyomi/key)
	k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done
	p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done
	s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done
	cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"
  s=; if [[ $2 == "s" ]]; then s="-s "; fi
  if [[ $2 == "c" ]]; then s="-C - "; fi
  mkdir -p /tmp/koyomi/${1%/*}
  done=no
  while [[ $done == no ]]; do
    curl -v -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s
    errno=$?
    if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi
    if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else done=done; fi
  done
  if [[ -e /tmp/koyomi/$1 ]]; then
  if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then
    echo "密钥已失效"
    rm -f /tmp/koyomi/key
    exit
  fi; fi
}


if [[ $1 == "" ]]; then
  echo "请输入集数"
  exit
fi

if [[ ! -e /tmp/koyomi/key ]]; then
  echo "密钥文件缺失"
  exit
fi

downitem $1

if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$1) != "" ]]; then
  echo "文件不存在"
  rm /tmp/koyomi/$1
  exit
fi

#!/bin/sh

proxy="45.32.251.178:8888"

function downitem(){

keydata=$(cat /tmp/koyomi/key)

k="${keydata#*k\"\:\"}"; until [[ "$k" == "${k%\"*}" ]]; do k="${k%\"*}"; done

p="${keydata#*p\"\:\"}"; until [[ "$p" == "${p%\"*}" ]]; do p="${p%\"*}"; done

s="${keydata#*s\"\:\"}"; until [[ "$s" == "${s%\"*}" ]]; do s="${s%\"*}"; done

cookie="Cookie: CloudFront-Key-Pair-Id=$k; CloudFront-Policy=$p; CloudFront-Signature=$s"

s=; if [[ $2 == "s" ]]; then s="-s "; fi

if [[ $2 == "c" ]]; then s="-C - "; fi

mkdir -p /tmp/koyomi/${1%/*}

done=no

while [[ $done == no ]]; do

curl -v -x "$proxy" "https://d3249smwmt8hpy.cloudfront.net/$1" -H "$cookie" -o /tmp/koyomi/$1 $s

errno=$?

if [[ $errno == 6 || $errno == 7 ]]; then echo "无网络连接"; exit; fi

if [[ $errno == 28 || $errno == 56 ]]; then echo "连接超时，重试"; else done=done; fi

done

if [[ -e /tmp/koyomi/$1 ]]; then

if [[ $(grep -F "AccessDenied" /tmp/koyomi/$1) != "" ]]; then

echo "密钥已失效"

rm -f /tmp/koyomi/key

exit

fi; fi

}

if [[ $1 == "" ]]; then

echo "请输入集数"

exit

if [[ ! -e /tmp/koyomi/key ]]; then

echo "密钥文件缺失"

exit

downitem $1

if [[ $(grep -F "NoSuchKey" /tmp/koyomi/$1) != "" ]]; then

echo "文件不存在"

rm /tmp/koyomi/$1

exit

作死笔录

扫描收藏夹那些事~

2016年3月29日 esterTion 2条评论

本来想在微博发的，想想算了，给自己惹事

和群里几个人密谋了一个计划，进行了两周，结束了
整理整理自己的作死经历

很久以前就注意到B的收藏夹了，大概是上次换API的时候。收藏夹这个东西，首先是视个人隐私设定如无物，只要有mid随便看别人的收藏夹。其次就是，除了投稿的list信息，收藏夹有剩下的所有信息。
于是来灵感了，全扫一遍怎么样
于是谋划了这个计划

其中一开头就遇到了问题

这里得出了B站收藏夹的一个奇怪的特性
收藏夹号称无上限，实际上是有上限的，上限30000个。但是这个上限和平时的上限不太一样，在加满30000个的状态下，添加第30001个视频的时候，收藏夹里是找不到这个视频的，但是它并不是没有添加上，而是处于一个“溢出”的状态。如果删除前30000个里的一个，则第30001个进入收藏列表，收藏夹总数依旧显示30000。

历时两周，扫下了4100000前的数据