Micro-channel public platform simulated landing how broken * ( ask god to help )

micro-letters written before the public platform simulated landing , but that is what happened a few months ago , and now it micro-channel platform to strengthen public security protection , anti- capture , landing md5 password encryption , simulated landing procedures before writing the amount of fans would not be caught with a

Great God seeking advice , how to break , the public platform to achieve micro-channel simulated landing , caught the public issue of the amount of fans
------ Solution ---- ----------------------------------------
with httpUnit simulated landing directly on code
public static void main (String [] args) {
WebClient webClient = new WebClient ();
webClient.setJavaScriptEnabled (false);
String url = "https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN";
WebRequest webRequest = null;
try {
webRequest = new WebRequest (new URL (url));
/ / Set post
webRequest.setHttpMethod (HttpMethod.POST);
Map additionalHeaders = new HashedMap ();
additionalHeaders.put ("Accept", "application / json, text / javascript, * / *; q = 0.01");
additionalHeaders.put ("Accept-Encoding", "gzip, deflate");
additionalHeaders.put ("Accept-Language", "zh-cn");
additionalHeaders.put ("Cache-Control", "no-cache");
additionalHeaders.put ("Connection", "Keep-Alive");
additionalHeaders.put ("Content-Type", "application / x-www-form-urlencoded; charset = UTF-8");
additionalHeaders.put ("Host", "mp.weixin.qq.com");
additionalHeaders.put ("Referer", "https://mp.weixin.qq.com/");
additionalHeaders.put ("User-Agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0 ) " ) ;
additionalHeaders.put ("X-Requested-With", "XMLHttpRequest");
webRequest.setAdditionalHeaders (additionalHeaders);
/ / Set request body parameters
String params = "f = json & imagecode = & pwd =" + MD5Utils.md5 ("xxx") + "& username = xxx";
webRequest.setRequestBody (params);
WebResponse webResponse = webClient.loadWebResponse (webRequest);
String contentAsString = webResponse.getContentAsString ();
System.out.println (contentAsString);
Gson gson = new Gson ();
ReturnVo returnVo = gson.fromJson (contentAsString, ReturnVo.class);
if ("302". equals (returnVo.getRet ())) {
WebClient webClient2 = new WebClient ();
webClient2.setJavaScriptEnabled (false);
String url2 = "https://mp.weixin.qq.com" + returnVo.getErrMsg ();

/ / establish a connection, the download page
HtmlPage htmlPage = (HtmlPage) webClient.getPage (url2);
System.out.println (htmlPage.asXml (). toString ());
}

} catch (Exception e) {
e.printStackTrace ();
}
specific processes can whisper ... can achieve simulated landing , the prerequisite is to bypass SSL
------ For reference only -------------- -------------------------
had to analyze , on the basis of before you change .
Another foot step ahead . There have anti- attack , and ultimately no way that's no solution.
------ For reference only -------------------------------------- -
md5 is not unbreakable . Before focusing on micro-channel is not secure this one , now added . Not to say that these things can not crack , but it depends on the price you need to crack
------ For reference only ----------------------- ----------------
MD5 , then already broken out , there are key is how to get his cookie ( he will return to three set-cookie) and then use what cookie header information to continue to access it all set up, but it always returns json content is shown to be an error message. How to get what I want cookie. Which cookie to continue accessing
------ For reference only ------------------------------ ---------


worship god . . . .