def encpyptwithXor(param):
return [i ^ 0x5 for i in param.encode()]
然后return的时候调用了一个方法
点进去查看源码如下,即进行一些转换,最后进行一次类似于python切片的逻辑:
a为常量:
接下来用python实现:
def byte_to_str(alist,bolean,length ) -> list:
res = [0 for _ in range(length * 2)]
bo = False
i = 0
while i < length:
b = alist[i + bolean] & 0xFF
bo1 = bo + True
res[bo] = s[b >> 4]
bo = bo1 + True
res[bo1] = s[b & 0xF]
i += 1
return res
此为抓包显示的加密参数,原始参数为19920120000:
运行测试效果:
发现有些不一致,但后面结果一样,自然而然想到了+86(即国际区号)
测试一下:
OK,剩下的搞定剩余参数即可。
error | message |
---|---|
1101 | 没有输入验证码 |
1102 | 验证码错误 |
1009 | 账号或密码错误 |
0 | 账号密码错误,未注册也时显示该错误码 |
1039 | 请使用手机验证码登陆(使用新设备会提示此错误码) |
准备写一个web服务,现在首要任务是在网上收集一些device_id和iid,怕我自己的被封。。
# -*- coding: utf-8 -*-
# @Time : 2019/6/27 18:06
# @Author : Conderfly
# @Email : [email protected]
# @File : login.py
import re
import base64
import requests
from server.utils.generate_check_url import generate_url
from server.utils.yundama import indetify
from server.utils.constants import s,headers
def encpyptwithXor(param):
return [i ^ 0x5 for i in param.encode()]
def byte_to_str(alist,bolean,length ) -> list:
res = [0 for _ in range(length * 2)]
bo = False
i = 0
while i < length:
b = alist[i + bolean] & 0xFF
bo1 = bo + True
res[bo] = s[b >> 4]
bo = bo1 + True
res[bo1] = s[b & 0xF]
i += 1
return res
def get_login_params(param):
xor = encpyptwithXor(param=param)
return "".join(byte_to_str(xor, False, len(xor)))
def douyin_login_params(mobile,password,captcha=""):
mobile = "+86" +mobile
mobile, password = get_login_params(mobile), get_login_params(password)
login_params = {
"mobile": mobile,
"password":password,
}
url = generate_url("https://lf.snssdk.com/user/mobile/login/v2/?mix_mode=1",extract=login_params)
url = re.sub(r'&mobile[\s\S]*?&as',"&as",url)
form_data = {
"mobile": mobile,
"password": password,
"mix_mode": 1,
"retry": "no_retry",
}
if captcha:
form_data["captcha"] = captcha
return url, form_data
def login(mobile,password):
message,captcha = "error",""
while message != "success":
url, form_data = douyin_login_params(mobile,password,captcha)
response = requests.post(url,data=form_data,headers=headers,verify=False)
response_json = response.json()
data, message = response_json.get("data"), response_json.get("message")
if message == "error":
error_code = data.get("error_code")
if error_code in [1101,1102]:
# 验证码问题
image_content = base64.b64decode(data.get("captcha").encode())
captcha = indetify(image_content)
elif error_code == 1009:
# 密码错误
return {"code":0,"message":"账号或密码错误。"}
else:
print(error_code)
else:
return {"code":1,"cookie":response.cookies.get_dict(),"message":response_json}
if __name__ == '__main__':
res = login("199****2945", "********")
print(res)
print("input:+86199****2945")
print("result:",get_login_params("199****2945"))