声明
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
逆向分析
cp1 = execjs.compile(open('decode__1174.js', 'r', encoding='utf-8').read())
json_data = {"order": "DESC","sort": "section2","page": 1,"pageSize": 21,"action": {"gameId": "1767","goodsCatalogueId": 6,"merchantMark": None,"keywords": [],"searchWords": [],"searchPropertyIds": [],"unionGameIds": [],"goodsSearchActions": []}
}
result = cp.call('getData' ,json_data)
url = cp1.call('getData',json_data,_waf_bd8ce2ce37)
url = result['url']
header = result['header']
print(header)
# url = result['url']
print(url)
headers = {'Accept': 'application/json, text/plain, */*','Accept-Language': 'zh-CN,zh;q=0.9','Cache-Control': 'no-cache','Connection': 'keep-alive','Content-Type': 'application/json','PZOs': 'windows','PZPlatform': 'pc','PZTimestamp': str(header['Timestamp']),'PZVersion': '1.0.0','PZVersionCode': '1','Pragma': 'no-cache','Random': str(header['Random']),'Sec-Fetch-Dest': 'empty','Sec-Fetch-Mode': 'cors','Sec-Fetch-Site': 'same-site','Sign': header['strMd5'],'Skey': 'CLIENT','channelInfo': '{"channelCode":null,"tag":null,"channelType":null,"searchWord":"null"}','x-oss-forbid-overwrite': 'true',
}
response = requests.post(url,cookies=cookies,headers=headers,json=data,
)
print(response.text)
cp1 = execjs.compile(open('decode__1174.js', 'r', encoding='utf-8').read())
json_data = {"order": "DESC","sort": "section2","page": 1,"pageSize": 21,"action": {"gameId": "1767","goodsCatalogueId": 6,"merchantMark": None,"keywords": [],"searchWords": [],"searchPropertyIds": [],"unionGameIds": [],"goodsSearchActions": []}
}
result = cp.call('getData' ,json_data)
url = cp1.call('getData',json_data,_waf_bd8ce2ce37)
url = result['url']
header = result['header']
print(header)
# url = result['url']
print(url)
headers = {'Accept': 'application/json, text/plain, */*','Accept-Language': 'zh-CN,zh;q=0.9','Cache-Control': 'no-cache','Connection': 'keep-alive','Content-Type': 'application/json','PZOs': 'windows','PZPlatform': 'pc','PZTimestamp': str(header['Timestamp']),'PZVersion': '1.0.0','PZVersionCode': '1','Pragma': 'no-cache','Random': str(header['Random']),'Sec-Fetch-Dest': 'empty','Sec-Fetch-Mode': 'cors','Sec-Fetch-Site': 'same-site','Sign': header['strMd5'],'Skey': 'CLIENT','channelInfo': '{"channelCode":null,"tag":null,"channelType":null,"searchWord":"null"}','x-oss-forbid-overwrite': 'true',
}
response = requests.post(url,cookies=cookies,headers=headers,json=data,
)
print(response.text)
结果
总结
1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。
)
)
-- 配置与部署)
