用python requests库模拟登录,有一个参数不知道怎么求出来
本帖最后由 lbsjs 于 2024-5-16 22:58 编辑完全是学习的:fiddle抓包,用requests库模拟登录的,用手机二唯码登录后,先获得了一个ticket(一串字符串:AAEAIEmac_c28enyaRK-0pp6MaJ4cT58jVzv-XbdANdixZD6),然后下面的一个请求是:
GET https://passport.jd.com/uc/qrCodeTicketValidation?aksParamsU=ARMAclJ6MDAxfQPy1%2BvbGwNWiCyLhvlgyjNMdWlsn6V92fNs%2FG9%2BuYaoJBgucdXXXTr8ZKZ2KVG9AnoAYk%2F%2BAQVKUIGC6Mr4jG1BlE%2FiR7cT06S%2FUc4%2FvvFxUmqAroQmHHo9QwpHjptXEQNpTwVFviEEg%2B7AgGKbgRN1ByVVbQxUOSVbXx5VWn1pWN9wFAy8ES1222rwVrswcVP72sm655adfrH8HjyCIUge1fVWbPZLmcD5KqBK9nrFfLA9dTBgG1DdNWwsBPb54yen56kKTkqV1odZtMsNoLs%2FYWG4X7ypEYimpRM6AmFnKJ0ZBYzRUtKQRLdFiAt%2FVsWqKQr0DrLwsRYZeQrWosiVpfJqedNRsJQc4osfNjobEXc8Ek%2FHjcN5FjHsT4klI7yZMrcXZDhq2qrmvkvtM%2BUg7yHVQ%2FwmSUqBT3ZKr2iEF036Priaxq%2FRC%2FxwN9rN748zrQ6K2UxIuJ0BHsKxCoJ87318%2FsBstIxU8MFe5BhkY%2FQL3ooufz706mBm7G1wk3D45mWXAzy1VvFx449dIOIEaiW7KZVWQbhvbGZtM7qNwvJTcDMUB7%2F5pKqrAg1p67%2BG0rMSDaIZca%2Bx9x0eeex5gsgO06LoimK6YiTKzdVbVF38giQwjtvdM0rZ%2Fvn0j4XSmSiIYqmlkE1AOMiUk%2BKC1L%2B1AzOaS2ayJ3qNVyyf1nJuUJ3QlYtVC4yjc2O3hZ1bffRKvYhrPoHCHCuwmzotpMAgP5IoXkdaAI1v%2Bz2%2Bvx4w9eDYe%2FjX46nxynI02%2BuQbwAL%2FUIwt4u1IIqf0u2CcLV%2FBJffNaa3IqNY92fOqw8RLwYXitXoTGvz5izJWizGI04HsgLdmGRBhGGF99sFeQ1FOCd7xcyPaHCX%2FVz5mBB7%2Fd78A1177huGJkqJhXokgE%2FqUDwv3K74qA3XZF7mP897%2FS%2FdTgZhdUSob0WeZmWK1BA%2BVwqyraBXYItNz9UTfwrGHzjp6xbn2GNIy4dk90ns98ZshMh%2FinX1GUZYL1k1j%2Fz5tmalszx%2BwaqUEU%2FuxT9Su6o0PmfkC7DWxgJp6WLvke%2F6vMdJY1bRsHDpjqN1loX6xjYTEi8cDlqyXuMy%2F5pTqRJcp1KilauykvaMJUpE8Eoq3WEqIl4aTHv9h1HxDZ43uwtDxWgmL8frFkctpjBhMxU1CUtc8jv6xMix1x2K%2BKsSPwXY3mKammrv%2F%2FZG%2FWRvQO%2FoyrWOcItVnd3lI%2BTuYTzJqWuX%2F42LDy%2FgC%2FCKV6AA3UZXYU%2FevfZMn61JaqtEjE7kHJ%2Bs2%2FX4FWJxT2vugWT%2FJn5SC29BhMbUrIcu3BLMBAprYJFrjDe%2BkTzCy86F6xU1fk2iSvlpaTM40ugBmNhpY4%2FuUAzX9Ft0d3F%2B7usK1LE56rdYh4ht6ebbOwqXGig%2Bq6RuAtommasfMEbpXarWYUyXI1ieIkTJvIwXYJuMvuFIwFam6QRBkYUDmzuaJKT4I0NLJwC%2FklZjzBhBItP0AovuSFVC5fv%2F2hC%2B%2BYMlSSaJVvGL9UiqziHPzMeG7KyvnLyAlSlJhmzctT6CQk%2FXM2BkMi5QnqAJvAEVbLsresA6QeoLAAAThQm%2BQZQVEIgXoViD0TcWCawB%2F5FXNpxerLRzBoL6VsWQvQnILE1pEHGBzFamkXJjpvX1I0cmsiGJ0vfApCkDLg1gdaM6PyIxQDpeNFYLLcNumbNNrwLomjv2CDSXI%2F8Fs%2BNw2divHjjblBZQtOtflM11kY4a284rnP18FaSk6zzl6DRBu85gX4nDd1SNaNOF3IZPQydDVUGx9zrplVoc%2BMQpyn5rPUZbK9L6ldjoBFO9Da0zSXmd6t4PDwJddWdLP1bwkQ6Cn2HWFkBlij15
上面的请求里面的aksParamsU参数是怎么获得的,是加密了吗?像这种应该怎么求出来。 这你就需要学习JS逆向了,或selenium操作吧。。。 大概的思路: 通过js逆向,先定位到"aksParamsU"参数,具体分析它的代码生成逻辑,再模拟出来 在网页JS里找ask的生成方式,然后逆向出来。。 直接上selinum,要么那就要一步步js逆向了 nodejs或者chrome 模拟运行一下,得到结果后再python发包 无知灰灰 发表于 2024-5-17 08:06
这你就需要学习JS逆向了,或selenium操作吧。。。
感谢大佬回复,终于算是找到需要学习的方面了。{:1_919:} anning666 发表于 2024-5-17 08:43
大概的思路: 通过js逆向,先定位到"aksParamsU"参数,具体分析它的代码生成逻辑,再模拟出来
{:1_919:} 谢谢,太感谢了,终于找到组织了,之前在别的论坛地方问了个寂寞。终于有方向了。
页:
[1]