本教程仅限于学术探讨,也没有专门针对某个网站而编写,禁止用于非法用途、商业活动、恶意滥用技术等,否则后果自负。观看则同意此约定。如有侵权,请告知删除,谢谢!
懒得写逆向过程了自己看源码,主导一个懒字,贯彻到底
关注...
。
# !/usr/bin/env python
# -*- coding: utf-8 -*-
# @Time : 2023/6/7 12:52
# @Author : Jay
# @File : fwd.py
# @Description :
import time
import string
import random
import requests
from loguru import logger
from urllib3 import disable_warnings
disable_warnings()
headers = {
"Authorization": "",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 MicroMessenger/7.0.20.1781(0x6700143B) NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF XWEB/6939",
}
strDigit = string.digits + string.ascii_letters
def getIdf():
e, i, u = "1234567890", 255, 0
idf = str(int(time.time() * 1000)) + "-" + str(int(1000000 * (random.random() + 1)))
for a in range(len(idf)):
i ^= ord(idf[a])
u += ord(idf[a])
return idf + str(ord(e[(i + 256) % 10])) + str(ord(e[u % 10]))
# 接口验证定义的BlackBox
def getBlackBox():
profile_url = "https://fp.tongdun.net/wxapp/profile.json?partner=fenwandao"
params = {
# 置空的字段为AES加密,由于key、iv没有传入后端所以无法校验参数,从而置空
"partner": "fenwandao",
"app_name": "fenwandao_wx",
"t": "",
"id": "",
"v": "GeVeM4b8MRzyErm9LPSNmp==", # 后端校验平台的参数固定
"a": "",
"b": "",
"c": "",
"d": "",
"e": "",
"f": "",
"i": "",
"idf": getIdf(),
"g": "",
"h": "" # hash128加盐整个params
}
tokenId = requests.post(url=profile_url, headers=headers, data=params, verify=False).json()['result']['tokenId']
return box(tokenId)
def box(td):
td = list(td)
td[0] = random.choice(strDigit)
td.insert(4, random.choice(strDigit))
td.insert(15, random.choice(strDigit))
td.insert(-1, random.choice(strDigit))
return "".join(td) + ":0"
def random_str(s=4):
return "".join([random.choice(strDigit) for _ in range(s)])
# 自定义的BlackBox
def getCustomBlackBox():
return box(f"{random_str()}{int(time.time())}{random_str(9)}")
def run():
data = {
"contactName": "屌毛",
"contactPhone": "10086",
"deliveryType": 1,
"combineTicketVos": [],
"ordinaryTicketVos": [{
"seatPlanId": 1352,
"seatPlanName": "VIP票320元",
"seatPlanPrice": 320,
"seatPlanQuantity": 1,
"seatInfoVo": None,
"frequentContactsId": 523566
}],
"payment": 320,
"totalPrice": 320,
"performId": 389,
"projectId": "266",
"privilegeCodeList": [],
"blackBox": getCustomBlackBox() # 因blackBox是同盾随机的字符串id,可以自定义类似的随机字符串跳过请求,使提交订单更快
}
start_ts = time.time()
res = requests.post("https://api.livelab.com.cn/order/app/center/v3/create", headers=headers, verify=False, json=data).json()
orderNo = res.get("data", False)
if orderNo:
logger.success(f"`订单号 {orderNo} -> 【广州】萧秉治Xiao Bing Chih Project X Live Tour 巡回演唱会`下单成功!")
res = requests.post(f"https://api.livelab.com.cn/performance/app/order/cancel/order?orderNo={orderNo}",
json={"custom": {"auth": True, "loading": False, "ignoreStatus": False}}, headers=headers, verify=False).json()
logger.success(f"订单取消状态 --> {res.get('msg', '取消失败.')}")
else:
logger.warning(res)
logger.success(f"订单提交耗时: {round(time.time() - start_ts, 2)} 秒")
if __name__ == '__main__':
run()