某拍房数据采集
某拍房数据采集
- 某拍房数据采集
-
- 声明
- 1.逆向目标
- 2.寻找加密位置
- 3.分析加密参数
- 4.python代码书写
某拍房数据采集
声明
本文章中所有内容仅供学习交流,抓包内容、敏感网址、数据接口均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关,若有侵权,请联系我立即删除!
1.逆向目标
点击翻页发包发现sign参数加密
2.寻找加密位置
通过全局搜索关键字发现sign参数特别多,很难找到我们需要的加密位置,可以通过在发包中的发起程序中找到所需要的js文件再进行搜索
进入js文件搜索后,下断点调试,阿里系加密token也是关键词
3.分析加密参数
根据控制台分析
o.token + "&" + a + "&" + s + "&" + n.data
o.token可以直接在请求时的cookie里面获取_m_h5_tk
a的值应该为时间戳,s的值应该为固定参数
n.data为表单数据中的值
通过扣代码将加密代码拿出来,js代码如下
p = function(e) {
function t(e, t) {
return e << t | e >>> 32 - t
}
function n(e, t) {
var n, o, r, i, s;
return r = 2147483648 & e,
i = 2147483648 & t,
s = (1073741823 & e) + (1073741823 & t),
(n = 1073741824 & e) & (o = 1073741824 & t) ? 2147483648 ^ s ^ r ^ i : n | o ? 1073741824 & s ? 3221225472 ^ s ^ r ^ i : 1073741824 ^ s ^ r ^ i : s ^ r ^ i
}
function o(e, o, r, i, s, a, p) {
return e = n(e, n(n(function(e, t, n) {
return e & t | ~e & n
}(o, r, i), s), p)),
n(t(e, a), o)
}
function r(e, o, r, i, s, a, p) {
return e = n(e, n(n(function(e, t, n) {
return e & n | t & ~n
}(o, r, i), s), p)),
n(t(e, a), o)
}
function i(e, o, r, i, s, a, p) {
return e = n(e, n(n(function(e, t, n) {
return e ^ t ^ n
}(o, r, i), s), p)),
n(t(e, a), o)
}
function s(e, o, r, i, s, a, p) {
return e = n(e, n(n(function(e, t, n) {
return t ^ (e | ~n)
}(o, r, i), s), p)),
n(t(e, a), o)
}
function a(e) {
var t, n = "", o = "";
for (t = 0; 3 >= t; t++)
n += (o = "0" + (e >>> 8 * t & 255).toString(16)).substr(o.length - 2, 2);
return n
}
var p, u, c, d, l, f, m, g, y, v;
for (v = function(e) {
for (var t, n = e.length, o = n + 8, r = 16 * ((o - o % 64) / 64 + 1), i = new Array(r - 1), s = 0, a = 0; n > a; )
s = a % 4 * 8,
i[t = (a - a % 4) / 4] = i[t] | e.charCodeAt(a) << s,
a++;
return s = a % 4 * 8,
i[t = (a - a % 4) / 4] = i[t] | 128 << s,
i[r - 2] = n << 3,
i[r - 1] = n >>> 29,
i
}(e = function(e) {
e = e.replace(/\r\n/g, "\n");
for (var t = "", n = 0; n < e.length; n++) {
var o = e.charCodeAt(n);
128 > o ? t += String.fromCharCode(o) : o > 127 && 2048 > o ? (t += String.fromCharCode(o >> 6 | 192),
t += String.fromCharCode(63 & o | 128)) : (t += String.fromCharCode(o >> 12 | 224),
t += String.fromCharCode(o >> 6 & 63 | 128),
t += String.fromCharCode(63 & o | 128))
}
return t
}(e)),
f = 1732584193,
m = 4023233417,
g = 2562383102,
y = 271733878,
p = 0; p < v.length; p += 16)
u = f,
c = m,
d = g,
l = y,
f = o(f, m, g, y, v[p + 0], 7, 3614090360),
y = o(y, f, m, g, v[p + 1], 12, 3905402710),
g = o(g, y, f, m, v[p + 2], 17, 606105819),
m = o(m, g, y, f, v[p + 3], 22, 3250441966),
f = o(f, m, g, y, v[p + 4], 7, 4118548399),
y = o(y, f, m, g, v[p + 5], 12, 1200080426),
g = o(g, y, f, m, v[p + 6], 17, 2821735955),
m = o(m, g, y, f, v[p + 7], 22, 4249261313),
f = o(f, m, g, y, v[p + 8], 7, 1770035416),
y = o(y, f, m, g, v[p + 9], 12, 2336552879),
g = o(g, y, f, m, v[p + 10], 17, 4294925233),
m = o(m, g, y, f, v[p + 11], 22, 2304563134),
f = o(f, m, g, y, v[p + 12], 7, 1804603682),
y = o(y, f, m, g, v[p + 13], 12, 4254626195),
g = o(g, y, f, m, v[p + 14], 17, 2792965006),
f = r(f, m = o(m, g, y, f, v[p + 15], 22, 1236535329), g, y, v[p + 1], 5, 4129170786),
y = r(y, f, m, g, v[p + 6], 9, 3225465664),
g = r(g, y, f, m, v[p + 11], 14, 643717713),
m = r(m, g, y, f, v[p + 0], 20, 3921069994),
f = r(f, m, g, y, v[p + 5], 5, 3593408605),
y = r(y, f, m, g, v[p + 10], 9, 38016083),
g = r(g, y, f, m, v[p + 15], 14, 3634488961),
m = r(m, g, y, f, v[p + 4], 20, 3889429448),
f = r(f, m, g, y, v[p + 9], 5, 568446438),
y = r(y, f, m, g, v[p + 14], 9, 3275163606),
g = r(g, y, f, m, v[p + 3], 14, 4107603335),
m = r(m, g, y, f, v[p + 8], 20, 1163531501),
f = r(f, m, g, y, v[p + 13], 5, 2850285829),
y = r(y, f, m, g, v[p + 2], 9, 4243563512),
g = r(g, y, f, m, v[p + 7], 14, 1735328473),
f = i(f, m = r(m, g, y, f, v[p + 12], 20, 2368359562), g, y, v[p + 5], 4, 4294588738),
y = i(y, f, m, g, v[p + 8], 11, 2272392833),
g = i(g, y, f, m, v[p + 11], 16, 1839030562),
m = i(m, g, y, f, v[p + 14], 23, 4259657740),
f = i(f, m, g, y, v[p + 1], 4, 2763975236),
y = i(y, f, m, g, v[p + 4], 11, 1272893353),
g = i(g, y, f, m, v[p + 7], 16, 4139469664),
m = i(m, g, y, f, v[p + 10], 23, 3200236656),
f = i(f, m, g, y, v[p + 13], 4, 681279174),
y = i(y, f, m, g, v[p + 0], 11, 3936430074),
g = i(g, y, f, m, v[p + 3], 16, 3572445317),
m = i(m, g, y, f, v[p + 6], 23, 76029189),
f = i(f, m, g, y, v[p + 9], 4, 3654602809),
y = i(y, f, m, g, v[p + 12], 11, 3873151461),
g = i(g, y, f, m, v[p + 15], 16, 530742520),
f = s(f, m = i(m, g, y, f, v[p + 2], 23, 3299628645), g, y, v[p + 0], 6, 4096336452),
y = s(y, f, m, g, v[p + 7], 10, 1126891415),
g = s(g, y, f, m, v[p + 14], 15, 2878612391),
m = s(m, g, y, f, v[p + 5], 21, 4237533241),
f = s(f, m, g, y, v[p + 12], 6, 1700485571),
y = s(y, f, m, g, v[p + 3], 10, 2399980690),
g = s(g, y, f, m, v[p + 10], 15, 4293915773),
m = s(m, g, y, f, v[p + 1], 21, 2240044497),
f = s(f, m, g, y, v[p + 8], 6, 1873313359),
y = s(y, f, m, g, v[p + 15], 10, 4264355552),
g = s(g, y, f, m, v[p + 6], 15, 2734768916),
m = s(m, g, y, f, v[p + 13], 21, 1309151649),
f = s(f, m, g, y, v[p + 4], 6, 4149444226),
y = s(y, f, m, g, v[p + 11], 10, 3174756917),
g = s(g, y, f, m, v[p + 2], 15, 718787259),
m = s(m, g, y, f, v[p + 9], 21, 3951481745),
f = n(f, u),
m = n(m, c),
g = n(g, d),
y = n(y, l);
return (a(f) + a(m) + a(g) + a(y)).toLowerCase()
}
console.log(p('1'))
测试后其实就是标准的md5加密
4.python代码书写
大致流程为:
1.先请求主页获取对应cookie值
2.将o.token + "&" + a + "&" + s + "&" + n.data中所需要的参数拼接传入到我们写好的js代码中封装成sign参数再发送请求即可。
下面是关键代码,如需完整代码请私信
获取结果如下
