websocket直接繞過JS加密示例及思路原理_第1頁
websocket直接繞過JS加密示例及思路原理_第2頁
websocket直接繞過JS加密示例及思路原理_第3頁
websocket直接繞過JS加密示例及思路原理_第4頁
websocket直接繞過JS加密示例及思路原理_第5頁
已閱讀5頁,還剩9頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

第websocket直接繞過JS加密示例及思路原理目錄websocket--hook服務(wù)端--WebSocketServer.js客戶端注入JS代碼python開端口get_data.py文件方式get_user_id.py文件方式get_data.py終端方式get_user_id.py終端方式爬蟲調(diào)用者

websocket--hook

大致思路

原理:

瀏覽器(客戶端):在瀏覽器中注入一段JS代碼,與服務(wù)端建立連接。調(diào)用瀏覽器中的js方法,把返回的數(shù)據(jù)發(fā)送給服務(wù)端

node啟動(dòng)js代碼,監(jiān)聽某端口(客戶端):服務(wù)端把參數(shù)(python發(fā)過來的)發(fā)送給客戶端處理,并接收處理結(jié)果,再次把接收的結(jié)果返回給python處理

python(調(diào)用者):把參數(shù)發(fā)送給node,接收node傳回來的數(shù)據(jù)

優(yōu)點(diǎn):

1.對(duì)于js混淆加密較深的,可以采用此方法。

2.不用扣js加密代碼,直接調(diào)用瀏覽器環(huán)境

缺點(diǎn):

1.如果有selenium監(jiān)測(cè),要想使用此方法,必須先繞過selenium監(jiān)測(cè),否則只能使用真機(jī)進(jìn)行js注入

2.需要node環(huán)境,寫一個(gè)websocket服務(wù)端和客戶端

3.速度沒有直接破解js快

服務(wù)端--WebSocketServer.js

leticonv=require('iconv-lite')

varws=require("nodejs-websocket");

console.log("開始建立連接...")

varserver=ws.createServer(function(conn){

letcached={};

conn.on("text",function(msg){

if(!msg)return;

//console.log("msg",msg);

varkey=conn.key;

if((msg==="Browser")||(msg==="Python")){

//browser或者python第一次連接

cached[msg]=key;

//console.log("cached",cached);

return;

if(Object.values(cached).includes(key)){

//console.log(server.connections.forEach(conn=conn.key));

vartargetConn=server.connections.filter(function(conn){

returnconn.key!==key;

//console.log("將要發(fā)送的實(shí)參:",msg);

targetConn.forEach(conn={

conn.send(msg);

conn.on("close",function(code,reason){

//console.log("關(guān)閉連接")

conn.on("error",function(code,reason){

console.log("異常關(guān)閉")

conn.on("connection",function(conn){

console.log(conn)

}).listen(10512)

console.log("WebSocket建立完畢")

客戶端注入JS代碼

createSocket();

functioncreateSocket(){

window.ws=newWebSocket('ws://:10512/');

window.ws.onopen=function(e){

console.log("連接服務(wù)器成功");

window.ws.send("Browser");

window.ws.onclose=function(e){

console.log("服務(wù)器關(guān)閉");

setTimeout(createSocket,60000);

window.ws.onerror=function(){

console.log("連接出錯(cuò)");

window.ws.onmessage=function(e){

varxmlhttp=newglb.XMLHttpRequest();

functionstate_Change(){

if(xmlhttp.readyState==4){

if(xmlhttp.status==200){

letresult=xmlhttp.responseText

result=JSON.parse(result)

result=JSON.stringify(result)

//result=String.fromCharCode(result)

//發(fā)送給Python

//console.log(result);

window.ws.send(result);

}else{

alert("ProblemretrievingXMLdata");

xmlhttp.onreadystatechange=state_Change;

xmlhttp.open('GET',e.data,true);

xmlhttp.send(null);

python開端口

#-*-coding:utf-8-*-

fromsanicimportSanic

fromsanic.responseimportjson

importos

importurllib3

fromtoutiao2_文件方式.get_dataimportget_data

fromtoutiao2_文件方式.get_user_idimportget_user

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

app=Sanic(__name__)

@app.route("/get_user_id",methods=["GET"])

defcaptcha_server(request):

try:

data=request.args

media_id=data['media_id'][0]

returnget_user_id(media_id)

exceptExceptionase:

pass

@app.route("/get_data",methods=["GET"])

defcaptcha_server(request):

try:

data=request.args

user_id=data['user_id'][0]

offset=data['offset'][0]

returnget_res(user_id,offset)

exceptExceptionase:

pass

defget_user_id(media_id):

html=get_user(media_id)

returnhtml

defget_res(user_id,offset):

html=get_data(user_id,offset)

returnhtml

if__name__=="__main__":

app.run(host="",port=4007)

get_data.py文件方式

#-*-coding:utf-8-*-

importtime

fromws4py.client.threadedclientimportWebSocketClient

import_locale

_locale._getdefaultlocale=(lambda*args:['zh_CN','utf8'])

importurllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

classCG_Client(WebSocketClient):

defopened(self):

self.max_cursor=0

self.send("Python")

defclosed(self,code,reason=None):

#print("Closeddown:",code,reason)

pass

defreceived_message(self,resp):

data=resp.data.decode("utf-8")

write_data(data)

ws.close()

defwrite_data(data):

withopen('./data.txt','w',encoding='utf-8')asf:

f.write(data)

f.close()

defget_data(user_id,offset):

ws=CG_Client('ws://:10512/')

ws.connect()

try:

real_arg=f"/api/feed_backflow/profile_share/v1/category=profile_articlevisited_uid={user_id}stream_api_version=82request_source=1offset={offset}user_id={user_id}appId=1286appType=mobile_detail_webisAndroid=trueisIOS=falseisMobile=truecookie_enabled=truescreen_width=288screen_height=511browser_language=zh-CNbrowser_platform=MacIntelbrowser_name=firefoxbrowser_version=85.0.4183.83browser_online=truetimezone_name=Asia%2FShanghai"

time.sleep(0.1)

ws.send(real_arg)

ws.run_forever()

exceptKeyboardInterrupt:

print('異常關(guān)閉')

ws.close()

get_user_id.py文件方式

#-*-coding:utf-8-*-

importtime

fromws4py.client.threadedclientimportWebSocketClient

import_locale

_locale._getdefaultlocale=(lambda*args:['zh_CN','utf8'])

importio

importsys

importurllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

#sys.stdout=io.TextIOWrapper(sys.stdout.buffer,encoding='utf8')

#media_id=sys.argv[1].split(',',1)[0]#sys.argv--[get_attention.py,user_id,cursor]

classCG_Client(WebSocketClient):

defopened(self):

self.max_cursor=0

self.send("Python")

defclosed(self,code,reason=None):

#print("Closeddown:",code,reason)

pass

defreceived_message(self,resp):

data=resp.data.decode("utf-8")

write_user(data)

ws.close()

defwrite_user(data):

withopen('./user.txt','w',encoding='utf-8')asf:

f.write(data)

f.close()

defget_user(media_id):

ws=CG_Client('ws://:10512/')

ws.connect()

try:

real_arg=f"/user/profile/homepage/share/v7/media_id={media_id}request_source=1appId=1286appType=mobile_detail_webisAndroid=trueisIOS=falseisMobile=truecookie_enabled=truescreen_width=393screen_height=882browser_language=zh-CNbrowser_platform=MacIntelbrowser_name=Chromebrowser_version=85.0.4183.83browser_online=truetimezone_name=Asia%2FShanghai"

time.sleep(0.1)

ws.send(real_arg)

ws.run_forever()

exceptKeyboardInterrupt:

print('異常關(guān)閉')

ws.close()

get_data.py終端方式

#-*-coding:utf-8-*-

importtime

fromws4py.client.threadedclientimportWebSocketClient

import_locale

_locale._getdefaultlocale=(lambda*args:['zh_CN','utf8'])

importio

importsys

importurllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

sys.stdout=io.TextIOWrapper(sys.stdout.buffer,encoding='utf8')

user_id=sys.argv[1].split(',',1)[0]#sys.argv--[get_attention.py,user_id,cursor]

offset=str(sys.argv[2])

classCG_Client(WebSocketClient):

defopened(self):

print("連接成功")

self.max_cursor=0

self.send("Python")

defclosed(self,code,reason=None):

print("Closeddown:",code,reason)

defreceived_message(self,resp):

data=resp.data.decode("utf-8")

print(data)

ws.close()

ws=CG_Client('ws://:10512/')

ws.connect()

real_arg=f"/api/feed_backflow/profile_share/v1/category=profile_articlevisited_uid={user_id}stream_api_version=82request_source=1offset={offset}user_id={user_id}appId=1286appType=mobile_detail_webisAndroid=trueisIOS=falseisMobile=truecookie_enabled=truescreen_width=288screen_height=511browser_language=zh-CNbrowser_platform=MacIntelbrowser_name=firefoxbrowser_version=85.0.4183.83browser_online=truetimezone_name=Asia%2FShanghai"

time.sleep(0.1)

ws.send(real_arg)

ws.run_forever()

exceptKeyboardInterrupt:

ws.close()

get_user_id.py終端方式

#-*-coding:utf-8-*-

importtime

fromws4py.client.threadedclientimportWebSocketClient

import_locale

_locale._getdefaultlocale=(lambda*args:['zh_CN','utf8'])

importio

importsys

importurllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

sys.stdout=io.TextIOWrapper(sys.stdout.buffer,encoding='utf8')

media_id=sys.argv[1].split(',',1)[0]#sys.argv--[get_attention.py,user_id,cursor]

classCG_Client(WebSocketClient):

defopened(self):

print("連接成功")

self.max_cursor=0

self.send("Python")

defclosed(self,code,reason=None):

print("Closeddown:",code,reason)

defreceived_message(self,resp):

data=resp.data.decode("utf-8")

#data=resp.data.decode("gbk")

print(data)

ws.close()

ws=CG_Client('ws://:10512/')

ws.connect()

real_arg=f"/user/profile/homepage/share/v7/media_id={media_id}request_source=1appId=1286appType=mobile_detail_webisAndroid=trueisIOS=falseisMobile=truecookie_enabled=truescreen_width=393screen_height=882browser_language=zh-CNbrowser_platform=MacIntelbrowser_name=Chromebrowser_version=85.0.4183.83browser_online=truetimezone_name=Asia%2FShanghai"

time.sleep(0.1)

ws.send(real_arg)

ws.run_forever()

exceptKeyboardInterrupt:

ws.close()

爬蟲調(diào)用者

importtime

importrequests

importjson

importurllib3

fromtoutiao2_文件方式.get_user_idimportget_user,CG_Client

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

defopen_user():

withopen('./user.txt','r',encoding='utf-8')asf:

user=json.loads(f.read())

f.close()

returnuser

defopen_data():

withopen('./data.txt','r',encoding='utf-8')asf:

data=json.loads(f.read())

f.close()

returndata

#media_id換user_id

defstart_ocean_toutiao_user_id(media_id):

data={

'media_id':media_id,

requests.get(':4007/get_user_id',params=data,timeout=3)

time.sleep(2)

response=open_user()

res_media_id=response.get('data').ge

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論