chaser-gt 0.1.0

High-performance Geetest v4 captcha solver with automatic deobfuscation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350

//! Auto-deobfuscation system for Geetest constants.
//!
//! This module automatically fetches and deobfuscates the latest Geetest
//! JavaScript to extract the required constants (mapping, abo, device_id).
//! Constants are cached locally and automatically refreshed when Geetest
//! updates their script.

use crate::error::{GeekedError, Result};
use crate::models::{CachedConstants, Constants};
use chrono::Utc;
use regex::Regex;
use std::collections::HashMap;
use std::path::PathBuf;

/// Deobfuscator for extracting Geetest constants.
pub struct Deobfuscator {
    cache_path: PathBuf,
}

impl Default for Deobfuscator {
    fn default() -> Self {
        Self::new()
    }
}

impl Deobfuscator {
    /// Create a new Deobfuscator with default cache location.
    pub fn new() -> Self {
        let cache_dir = directories::ProjectDirs::from("com", "geeked", "chaser-gt")
            .map(|dirs| dirs.cache_dir().to_path_buf())
            .unwrap_or_else(|| PathBuf::from(".cache"));

        Self {
            cache_path: cache_dir.join("constants.json"),
        }
    }

    /// Create a Deobfuscator with a custom cache path.
    pub fn with_cache_path(cache_path: PathBuf) -> Self {
        Self { cache_path }
    }

    /// Get constants, using cache if valid or fetching fresh ones.
    pub async fn get_constants(&self) -> Result<Constants> {
        // Try to load from cache first
        if let Ok(Some(cached)) = self.load_cache() {
            // Check if the cached version is still current
            match self.fetch_current_version().await {
                Ok(current_version) => {
                    if cached.version == current_version {
                        tracing::debug!("Using cached constants (version: {})", cached.version);
                        return Ok(cached.into());
                    }
                    tracing::info!(
                        "Geetest version changed: {} -> {}, refreshing constants",
                        cached.version,
                        current_version
                    );
                }
                Err(e) => {
                    // If we can't check version, use cache anyway
                    tracing::warn!("Failed to check version, using cached constants: {}", e);
                    return Ok(cached.into());
                }
            }
        }

        // Fetch and deobfuscate fresh constants
        let constants = self.fetch_and_deobfuscate().await?;
        self.save_cache(&constants)?;
        Ok(constants.into())
    }

    /// Load cached constants from disk.
    fn load_cache(&self) -> Result<Option<CachedConstants>> {
        if !self.cache_path.exists() {
            return Ok(None);
        }

        let contents = std::fs::read_to_string(&self.cache_path)?;
        let cached: CachedConstants = serde_json::from_str(&contents)?;
        Ok(Some(cached))
    }

    /// Save constants to cache.
    fn save_cache(&self, constants: &CachedConstants) -> Result<()> {
        if let Some(parent) = self.cache_path.parent() {
            std::fs::create_dir_all(parent)?;
        }
        let contents = serde_json::to_string_pretty(constants)?;
        std::fs::write(&self.cache_path, contents)?;
        tracing::debug!("Saved constants to cache: {:?}", self.cache_path);
        Ok(())
    }

    /// Fetch the current Geetest script version without downloading the full script.
    async fn fetch_current_version(&self) -> Result<String> {
        let static_path = self.get_static_path().await?;
        // Extract version from path like "/geetest.gt.com/gcaptcha4/v1.9.3-26b399/js/..."
        let version = static_path
            .split('/')
            .nth(3)
            .ok_or_else(|| {
                GeekedError::Deobfuscation("Failed to extract version from path".into())
            })?
            .to_string();
        Ok(version)
    }

    /// Get the static path for the current Geetest script.
    async fn get_static_path(&self) -> Result<String> {
        // rquest v5 has TLS fingerprinting built-in by default
        let client = rquest::Client::new();

        let params = [
            ("callback", "geetest_1738850809870"),
            ("captcha_id", "588a5218557e1eadf33d682a6958c31b"),
            ("challenge", &uuid::Uuid::new_v4().to_string()),
            ("client_type", "web"),
            ("lang", "en"),
        ];

        let resp = client
            .get("https://gcaptcha4.geetest.com/load")
            .query(&params)
            .send()
            .await?;

        let text = resp.text().await?;

        // Parse JSONP response: geetest_xxx({"status": "success", "data": {...}})
        let json_start = text
            .find('(')
            .ok_or_else(|| GeekedError::Deobfuscation("Invalid JSONP response format".into()))?
            + 1;
        let json_end = text
            .rfind(')')
            .ok_or_else(|| GeekedError::Deobfuscation("Invalid JSONP response format".into()))?;

        let json_str = &text[json_start..json_end];
        let response: serde_json::Value = serde_json::from_str(json_str)?;

        let static_path = response["data"]["static_path"]
            .as_str()
            .ok_or_else(|| GeekedError::Deobfuscation("Missing static_path in response".into()))?
            .to_string();

        Ok(static_path)
    }

    /// Fetch and deobfuscate the Geetest script to extract constants.
    async fn fetch_and_deobfuscate(&self) -> Result<CachedConstants> {
        let static_path = self.get_static_path().await?;
        let version = static_path
            .split('/')
            .nth(3)
            .ok_or_else(|| GeekedError::Deobfuscation("Failed to extract version".into()))?
            .to_string();

        tracing::info!("Fetching Geetest script version: {}", version);

        // rquest v5 has TLS fingerprinting built-in by default
        let client = rquest::Client::new();

        let script_url = format!("https://static.geetest.com{}/js/gcaptcha4.js", static_path);
        let script = client.get(&script_url).send().await?.text().await?;

        // Extract XOR key and encrypted table
        let (encrypted_table, xor_key) = self.extract_table_and_key(&script)?;

        // Decrypt the lookup table
        let table = self.decrypt_table(&encrypted_table, &xor_key);

        // Replace obfuscated names in script
        let deobfuscated = self.replace_obfuscated_names(&script, &table)?;
        
        // Debug: Log a sample of the deobfuscated script to help diagnose extraction
        // Use char-safe operations to avoid panics on unicode
        if let Some(lib_pos) = deobfuscated.find("_lib") {
            // Take chars around the match position
            let context: String = deobfuscated.chars()
                .skip(lib_pos.saturating_sub(20))
                .take(120)
                .collect();
            tracing::debug!("Deobfuscated _lib context: {}", context);
        }
        if let Some(abo_pos) = deobfuscated.find("_abo") {
            let context: String = deobfuscated.chars()
                .skip(abo_pos.saturating_sub(20))
                .take(170)
                .collect();
            tracing::debug!("Deobfuscated _abo context: {}", context);
        }

        // Extract constants
        let abo = self.extract_abo(&deobfuscated)?;
        let mapping = self.extract_mapping(&deobfuscated)?;
        let device_id = self.extract_device_id(&deobfuscated);

        Ok(CachedConstants {
            version,
            fetched_at: Utc::now(),
            mapping,
            abo,
            device_id,
        })
    }

    /// Extract the encrypted table and XOR key from the script.
    fn extract_table_and_key(&self, script: &str) -> Result<(String, String)> {
        // Extract encrypted table from: decodeURI("...")
        let table_re = Regex::new(r#"decodeURI\("([^"]+)"\)"#)?;
        let encrypted_table = table_re
            .captures(script)
            .and_then(|c| c.get(1))
            .map(|m| {
                urlencoding::decode(m.as_str())
                    .unwrap_or_default()
                    .to_string()
            })
            .ok_or_else(|| {
                GeekedError::Deobfuscation("Failed to extract encrypted table".into())
            })?;

        // Extract XOR key from: }}}\("..."\)}
        let key_re = Regex::new(r#"\}\}\}\("([^"]+)"\)\}"#)?;
        let xor_key = key_re
            .captures(script)
            .and_then(|c| c.get(1))
            .map(|m| m.as_str().to_string())
            .ok_or_else(|| GeekedError::Deobfuscation("Failed to extract XOR key".into()))?;

        Ok((encrypted_table, xor_key))
    }

    /// Decrypt the lookup table using XOR.
    fn decrypt_table(&self, encrypted: &str, key: &str) -> Vec<String> {
        let key_bytes = key.as_bytes();
        let decrypted: String = encrypted
            .chars()
            .enumerate()
            .map(|(i, c)| {
                let key_byte = key_bytes[i % key_bytes.len()];
                ((c as u8) ^ key_byte) as char
            })
            .collect();

        decrypted.split('^').map(String::from).collect()
    }

    /// Replace obfuscated function calls with actual strings.
    fn replace_obfuscated_names(&self, script: &str, table: &[String]) -> Result<String> {
        // Match patterns like: _xxxx(123)
        let re = Regex::new(r"(_.{4})\((\d+?)\)")?;
        let mut result = script.to_string();

        for cap in re.captures_iter(script) {
            if let (Some(full), Some(index_str)) = (cap.get(0), cap.get(2)) {
                if let Ok(index) = index_str.as_str().parse::<usize>() {
                    if let Some(replacement) = table.get(index) {
                        // Use double quotes like Go's fmt.Sprintf("%q", ...) 
                        result = result.replace(full.as_str(), &format!("\"{}\"", replacement));
                    }
                }
            }
        }

        Ok(result)
    }

    /// Extract the abo constant from deobfuscated script.
    fn extract_abo(&self, script: &str) -> Result<HashMap<String, String>> {
        // Match: ["_lib"]={...}, (double quotes from deobfuscation)
        let re = Regex::new(r#"\["_lib"\]=(\{[^}]+\}),"#)?;
        let abo_str = re
            .captures(script)
            .and_then(|c| c.get(1))
            .map(|m| m.as_str())
            .ok_or_else(|| GeekedError::Deobfuscation("Failed to extract abo constant".into()))?;

        // Clean up and parse as JSON
        // Convert 'key':'value' to "key":"value"
        let cleaned = abo_str.replace('\'', "\"");
        // Add quotes to unquoted keys
        let key_re = Regex::new(r"([{,])\s*([A-Za-z0-9_]+)\s*:")?;
        let json_str = key_re.replace_all(&cleaned, r#"$1"$2":"#);

        let abo: HashMap<String, String> = serde_json::from_str(&json_str).map_err(|e| {
            GeekedError::Deobfuscation(format!("Failed to parse abo as JSON: {}", e))
        })?;

        Ok(abo)
    }

    /// Extract the mapping constant from deobfuscated script.
    fn extract_mapping(&self, script: &str) -> Result<String> {
        // Match: ["_abo"]={"pattern":"result"} (Go's format)
        let re = Regex::new(r#"\["_abo"\]=(\{"[^}]+\})"#)?;
        let mapping = re
            .captures(script)
            .and_then(|c| c.get(1))
            .map(|m| m.as_str().to_string())
            .ok_or_else(|| {
                GeekedError::Deobfuscation("Failed to extract mapping constant".into())
            })?;

        Ok(mapping)
    }

    /// Extract the device_id from deobfuscated script.
    fn extract_device_id(&self, script: &str) -> String {
        // Match: ["options"]["deviceId"]="..." (double quotes)
        let re = Regex::new(r#"\["options"\]\["deviceId"\]="([^"]*)""#).ok();
        re.and_then(|r| r.captures(script))
            .and_then(|c| c.get(1))
            .map(|m| m.as_str().to_string())
            .unwrap_or_default()
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_decrypt_table() {
        let deob = Deobfuscator::new();

        // Simple test case
        let encrypted = "hello";
        let key = "key";
        let result = deob.decrypt_table(encrypted, key);

        // The decryption should produce some output
        assert!(!result.is_empty());
    }

    #[test]
    fn test_extract_abo_parsing() {
        let deob = Deobfuscator::new();

        // Simulate what the deobfuscated script might look like
        let script = r#"something['_lib']={'TYSC':'opMx'},other"#;
        let result = deob.extract_abo(script);

        assert!(result.is_ok());
        let abo = result.unwrap();
        assert_eq!(abo.get("TYSC"), Some(&"opMx".to_string()));
    }
}