remove ne1 check

2025-11-25 11:29:38 +08:00 · 2021-06-08 16:23:19 +08:00
parent 738fb6be6d
commit 2eefab8fe4
4 changed files with 6 additions and 72 deletions
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,4 +10,3 @@ redis==3.5.3
 captcha==0.3

 passlib==1.7.4
-cryptography==3.4.7
--- a/web/README.md
+++ b/web/README.md
@@ -7,7 +7,6 @@
 * tornado
 * mongodb
 * pymongo
-* cryptography

 # 导入数据

--- a/web/crypto.py
+++ b/web/crypto.py
@@ -1,54 +0,0 @@
-#!/usr/local/bin/python3
-# coding: utf-8
-
-# YYeTsBot - test.py
-# 2/7/21 12:07
-#
-
-__author__ = "Benny <benny.think@gmail.com>"
-
-import base64
-from hashlib import md5
-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
-
-
-def pad(data):
-    length = 16 - (len(data) % 16)
-    return data + (chr(length) * length).encode()
-
-
-def unpad(data):
-    return data[:-(data[-1] if type(data[-1]) == int else ord(data[-1]))]
-
-
-def bytes_to_key(data, salt, output=48):
-    # extended from https://gist.github.com/gsakkis/4546068
-    assert len(salt) == 8, len(salt)
-    data = bytes(data, "ascii")
-    data += salt
-    key = md5(data).digest()
-    final_key = key
-    while len(final_key) < output:
-        key = md5(key + data).digest()
-        final_key += key
-    return final_key[:output]
-
-
-def decrypt(encrypted, passphrase):
-    encrypted = base64.b64decode(encrypted)
-    assert encrypted[0:8] == b"Salted__"
-    salt = encrypted[8:16]
-    key_iv = bytes_to_key(passphrase, salt, 32 + 16)
-    key = key_iv[:32]
-    iv = key_iv[32:]
-    cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
-    decryptor = cipher.decryptor()
-    a = decryptor.update(encrypted[16:]) + decryptor.finalize()
-    return unpad(a)
-
-
-if __name__ == '__main__':
-    passphrase = "39300"
-    test = "U2FsdGVkX19Sch0x9oifjNaBt9eTkZSPUUVVhpjAp0s="
-    result = decrypt(test, passphrase)
-    print(result)
--- a/web/server.py
+++ b/web/server.py
@@ -33,7 +33,6 @@ from tornado.concurrent import run_on_executor
 from passlib.hash import pbkdf2_sha256
 from captcha.image import ImageCaptcha

-from crypto import decrypt

 enable_pretty_logging()

@@ -85,30 +84,21 @@ class AntiCrawler:
        self.redis = Redis()

    def execute(self) -> bool:
-
        header_result = self.header_check()
        ban_check = self.ban_check()
        if header_result or ban_check:
            return True

    def header_check(self):
-        cypher_text = self.tornado.request.headers.get("ne1", "")
        referer = self.tornado.request.headers.get("Referer")
-        param = self.tornado.get_query_argument("id")
+        resource_id = self.tornado.get_query_argument("id")
        uri = self.tornado.request.uri
-        logging.info("Verifying: Referer:[%s] ct:[%s], uri:[%s], id:[%s]", referer, cypher_text, uri, param)
-
-        if (referer is None) or (param not in referer):
+        logging.info("Verifying: Referer:[%s] uri:[%s]", referer, uri)
+        if referer is None:
            return True
-
-        try:
-            passphrase = param
-            result = decrypt(cypher_text, passphrase).decode('u8')
-        except Exception:
-            logging.error("Decrypt failed")
-            result = ""
-
-        if result != self.tornado.request.uri:
+        if resource_id not in uri:
+            return True
+        if resource_id not in referer:
            return True

    def ban_check(self):