中国移动云盘这活动可以不用下载app,直接使用微信小程序即可,所以抓包也相对简单。我使用的是PC微信3.4+fiddler4进行的抓包。这里仅实现签到活动,同理移动云盘的其它活动也一样可以做到,这里就不给其它活动代码了,自己尝试吧,并不难。
import requests
url = "https://caiyun.feixin.10086.cn:7071/market/signin/page/info"
payload='operation=getActivityInfo&marketName=sign_in_3'
headers = {
'Host': ' caiyun.feixin.10086.cn:7071',
'Connection': ' keep-alive',
'Accept': ' */*',
'jwtToken': 'Cookies中自行提取',
'X-Requested-With': ' XMLHttpRequest',
'User-Agent': ' Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat',
'token': '加密tooken',
'Sec-Fetch-Site': ' same-origin',
'Sec-Fetch-Mode': ' cors',
'Sec-Fetch-Dest': ' empty',
'Referer': ' https://caiyun.feixin.10086.cn:7071/portal/newsignin/index.html',
'Accept-Encoding': ' gzip, deflate, br',
'Accept-Language': ' en-us,en',
'Cookie': '登录账号的cookie',
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)请求数据包中有一个重要的地方,token。翻阅H5的js源码中可以看到是使用的RSA加密,并且可以找到加密证书公钥。
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEdVKnXpmib/xkN/SYguTHTTd4
f1N3K8L/QmcWLKtyrdoFwENaaAZC1v471+ge9y3cAgsSZJNbW9LmPD/7W0KZ3K1H
XLS5PBMAGFW/CybJ8nE8+xCH6ypOhFMq504q9mDujhtOI54XvDC1BZnDvA5J1Opx
eJuOtRAQar/7BgU1nwIDAQAB
-----END PUBLIC KEY-----将上面的密钥保存为public.pem文件,然后通过如下代码加密手机号+“-”+毫秒级时间戳即可得到token。
引用模块,没安装的自行安装python模块
import time
import datetime
import base64
from Crypto import Random
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
msg=str(手机号+'-'+str (int(round(time.time() * 1000))))
rsakey = RSA.importKey(open("public.pem").read())
cipher = Cipher_pkcs1_v1_5.new(rsakey)
cipher_text = base64.b64encode(cipher.encrypt(msg.encode('utf-8')))
print(cipher_text.decode('utf-8'))上面的代码输出的就是token了,然后请求的时候带入即可。
完整代码:
import requests
import time
import datetime
import base64
from Crypto import Random
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
msg=str(手机号+'-'+str (int(round(time.time() * 1000))))
rsakey = RSA.importKey(open("public.pem").read())
cipher = Cipher_pkcs1_v1_5.new(rsakey)
cipher_text = base64.b64encode(cipher.encrypt(msg.encode('utf-8')))
print(cipher_text.decode('utf-8'))
url = "https://caiyun.feixin.10086.cn:7071/market/signin/page/info"
payload='operation=getActivityInfo&marketName=sign_in_3'
headers = {
'Host': ' caiyun.feixin.10086.cn:7071',
'Connection': ' keep-alive',
'Accept': ' */*',
'jwtToken': 'Cookies中自行提取',
'X-Requested-With': ' XMLHttpRequest',
'User-Agent': ' Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat',
'token': cipher_text.decode('utf-8'),
'Sec-Fetch-Site': ' same-origin',
'Sec-Fetch-Mode': ' cors',
'Sec-Fetch-Dest': ' empty',
'Referer': ' https://caiyun.feixin.10086.cn:7071/portal/newsignin/index.html',
'Accept-Encoding': ' gzip, deflate, br',
'Accept-Language': ' en-us,en',
'Cookie': '登录账号的cookie',
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)自己抓包替换下cookies和jwtToken。
抓包可以使用PC版的微信,版本不要最新的,不然抓不到,我用的3.4,自己下载吧,网上很多不提供地址了。配合fiddler抓包就行了。
📮评论