关于伪造逆向某云剪辑的一些源码
帖子:https://www.52pojie.cn/thread-1915147-1-1.html十分感谢Benx1,终于也参与了一次逆向伪造数据的学习
刚好上午 @朱朱你堕落了 找了我,然后帮他看看CPP的写法
我顺便写了一份CPP跟Python,纯属第一次练习HTTP协议
放出来大家一起玩,python yyds(我为py摇旗呐喊)
友情提醒:不要写CPP,很苦
CPP库:httplib&& nlohmann/json
配置:右键解决方案--属性--C/C++--常规--附加包含目录,填写库目录位置的上一级
例如:我的解决方案目录是C:\Users\12345678\Desktop\Demo,也就是.sln所在目录
然后.cpp的目录是C:\Users\12345678\Desktop\Demo\Demo这个目录
则附加包含目录填写.sln所在目录即可 或者填这个宏 $(MSBuildProjectDirectory)
json库目录:C:\Users\12345678\Desktop\Demo\Demo\nlohmann
httplib库目录:C:\Users\12345678\Desktop\Demo\Demo\cpp-httplib-master
// Demo.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include <iostream>
#include <string>
using namespace std;
#include "cpp-httplib-master/httplib.h"
#include <iostream>
#include <string>
#include <sstream>
#include "nlohmann/json.hpp"
using namespace std;
using json = nlohmann::json;
string ansi_to_utf8(string strAnsi)
{
UINT nLen = MultiByteToWideChar(936, NULL, strAnsi.c_str(), -1, NULL, NULL);
WCHAR *wszBuffer = new WCHAR;
nLen = MultiByteToWideChar(936, NULL, strAnsi.c_str(), -1, wszBuffer, nLen);
wszBuffer = 0;
nLen = WideCharToMultiByte(CP_UTF8, NULL, wszBuffer, -1, NULL, NULL, NULL, NULL);
CHAR *szBuffer = new CHAR;
nLen = WideCharToMultiByte(CP_UTF8, NULL, wszBuffer, -1, szBuffer, nLen, NULL, NULL);
szBuffer = 0;
strAnsi = szBuffer;
delete[]wszBuffer;
delete[]szBuffer;
return strAnsi;
}
void login_func(const httplib::Request& req, httplib::Response& resp)
{
cout << "我是验证包:path = " << req.path << endl;
std::cout << req.body;
json res_json = {
{"code", 0},
{"message","ok"},
{"data",{
{"cardType",u8"永久卡"},
{"token","1lb87kk1kq9kr6cy45oqg2hu7kd00b9g"},
{"expires","2099-12-31 23:59:59"},
{"expiresTs",4102415999},
{"config",""},
{"serverTime",1704196636}
}}
};
std::cout << res_json.dump(4);
resp.status = 200;
resp.set_header("Server", "nginx");
resp.set_header("Date", "Fri, 19 Apr 2024 05:38:47 GMT");
resp.set_header("Content-Type","application/json");
resp.set_header("Connection","keep-alive");
resp.set_header("Access-Control-Max-Age","3628800");
resp.set_header("Trace-Id","a5151a2bf394c717de356206d244dd00");
resp.set_header("Cache-Control","no-cache");
resp.set_content(res_json.dump(), "application/json");
}
void heartbeat_func(const httplib::Request& req, httplib::Response& resp)
{
cout << "我是心跳包 :path = " << req.path << endl;
resp.status = 200;
resp.set_header("Server", "nginx");
resp.set_header("Date", "Fri, 19 Apr 2024 05:38:47 GMT");
resp.set_header("Content-Type", "application/json");
resp.set_header("Connection", "keep-alive");
resp.set_header("Access-Control-Max-Age", "3628800");
resp.set_header("Trace-Id", "a5151a2bf394c717de356206d244dd00");
resp.set_header("Cache-Control", "no-cache");
json h_json = {
{"code", 0},
{"message","ok"},
{"data",{
{"expires","2020-10-16 00:47:58"},
{"expiresTs",4102415999},
{"serverTime",1704196636}
}}
};
resp.set_content(h_json.dump(), "application/json");
}
int main()
{
cout << "server is working..." << endl;
httplib::Server svr;
//http://api6.hwwlyz.com/api/v1/card/login
svr.Post("/api/v1/card/login", login_func);
//http://api6.hwwlyz.com/api/v1/card/heartbeat
svr.Post("/api/v1/card/heartbeat", heartbeat_func);
bool bRet = svr.listen("0.0.0.0", 80);//表示监听8989端口任何ip都可以访问
if (!bRet)
{
cout << "服务器监听失败!" << endl;
}
return 0;
}
python:
from aiohttp import web
importjson
async def handle(request):
heads ={
'Server': 'nginx',
'Date':'Fri, 19 Apr 2024 05:38:47 GMT',
'Content-Type': 'application/json',
'Connection': 'keep-alive',
'Access-Control-Allow-Credentials': 'true',
'Access-Control-Allow-Headers': 'Origin,Content-Type,Accept,User-Agent,Cookie,Authorization,X-Auth-Token,X-Requested-With',
'Access-Control-Allow-Methods': 'GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE',
'Access-Control-Allow-Origin': '*',
'Access-Control-Max-Age': '3628800',
'Trace-Id': 'a5151a2bf394c717de356206d244dd00',
'Cache-Control': 'no-cache',
}
data ={
"code": 0,
"message": "ok",
"data": {
"cardType": "永久卡",
"token": "1lb87kk1kq9kr6cy45oqg2hu7kd00b9g",
"expires": "2099-12-31 23:59:59",
"expiresTs": 4102415999,
"config": "",
"serverTime": 1713504464723
}
}
print('验证包')
response = web.Response(headers=heads, status=200,body=(json.dumps(data)).encode('utf-8'))
return response
async def heartbeat(request):
heads ={
'Server': 'nginx',
'Date':'Fri, 19 Apr 2024 05:38:47 GMT',
'Content-Type': 'application/json',
'Connection': 'keep-alive',
'Access-Control-Allow-Credentials': 'true',
'Access-Control-Allow-Headers': 'Origin,Content-Type,Accept,User-Agent,Cookie,Authorization,X-Auth-Token,X-Requested-With',
'Access-Control-Allow-Methods': 'GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE',
'Access-Control-Allow-Origin': '*',
'Access-Control-Max-Age': '3628800',
'Trace-Id': 'a5151a2bf394c717de356206d244dd00',
'Cache-Control': 'no-cache',
}
data={
"code": 0,
"message": "ok",
"data": {
"expires": "2020-10-16 00:47:58",
"expiresTs": 4080028079,
"serverTime": 1713504464723
}
}
print('心跳包')
return web.Response(headers=heads, status=200,body=(json.dumps(data)).encode('utf-8'))
app = web.Application()
app.add_routes()
if __name__ == '__main__':
web.run_app(app,host='0.0.0.0',port=80)
bester 发表于 2024-4-19 17:00
对了 hosts要改三个地方,别忘记了,或者你自己建dns服务器 转到本机Ip也行 无所谓看你们自己
MTI3LjAuMC4 ...
好教程,网络验证转本地的思路。按照你提供的代码,成功了。
对了 hosts要改三个地方,别忘记了,或者你自己建dns服务器 转到本机Ip也行 无所谓看你们自己
MTI3LjAuMC4xJTIwJTIwYXBpNi5od3dseXouY29tJTBBMTI3LjAuMC4xJTIwJTIwYXBpMy5od3dseXouY29tJTBBMTI3LjAuMC4xJTIwJTIwYXBpLmh3d2x5ei5jb20=
懂的自然懂 本帖最后由 朱朱你堕落了 于 2024-4-20 17:21 编辑
哈哈,我有个地方好像写得有问题。 牛啊大大,虽然但是,小白看不懂{:1_908:} 学习一下! 学习一下! 董督秀 发表于 2024-4-20 19:05
好教程,网络验证转本地的思路。按照你提供的代码,成功了。
hhh,朱朱教的,我跟他学的 导入 lib 可以试试用用 vcpkg lyl610abc 发表于 2024-4-22 14:19
导入 lib 可以试试用用 vcpkg
vcpkg倒是听说很久了,就是不知道有没有pip方便
页:
[1]
2