标签:逆向 加密 某财新 登录 url base64 pwd sec data
抓包分析
1 勾选协议,否则无法抓取目标包
2 全局搜索password,找到疑似位置,打断点(一般在login.js中)
3 成功断住,并执行相关语句得到加密前、后数据
4 进入加密函数encrypt,即可得到加密过程
python模拟加密过程,并发送请求
import base64
from urllib import parse
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
import requests
# 转换位字节串
pwd = "123456".encode()
# 转换位字节串
key = "G3JH98Y8MY9GWKWG".encode()
# 创建aes加密对象,ECB模式没有初始化向量IV
aes = AES.new(key=key, mode=AES.MODE_ECB)
# 加密,注意加密前需要进行补位,否则无法正确加密
encrypt_data = aes.encrypt(pad(pwd, block_size=16))
# 将加密后的数据进行base64编码和url编码
base64_data = base64.b64encode(encrypt_data)
pwd_url_data = parse.quote(base64_data)
# 将得到的加密数据与抓包工具中加密数据进行比对
print(pwd_url_data)
# 发起请求
headers = {
"authority": "gateway.caixin.com",
"accept": "*/*",
"accept-language": "zh,en;q=0.9,zh-CN;q=0.8",
"cache-control": "no-cache",
"pragma": "no-cache",
"referer": "https://u.caixin.com/",
"sec-ch-ua": "^\\^Google",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "^\\^Windows^^",
"sec-fetch-dest": "script",
"sec-fetch-mode": "no-cors",
"sec-fetch-site": "same-site",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
}
cookies = {
"ENTITY_ID": "",
"CX_FROM": "null",
"GUID": "2146473924",
"T_GUID": "1703854085898",
"sidebarStatus": "1",
"FROM_CHINA": "true",
"gr_user_id": "da3373b5-2020-4458-b789-06c1b6631c78",
"point": "1703951999000",
"GID30": "228871624",
"872f3eaac31f373e_gr_session_id": "de73770b-11f8-4f8f-912d-28176d8c12eb",
"872f3eaac31f373e_gr_session_id_sent_vst": "de73770b-11f8-4f8f-912d-28176d8c12eb",
"lastTime": "1703929345445",
"firstTime": "1703929345445",
"ENTITY_COUNT": "9",
"LOGIN_QR_CODE": "9srgZ5geQpERs3muggeacxCQaggb6ypA"
}
url = "https://gateway.caixin.com/api/ucenter/user/v1/loginJsonp"
params = {
"account": "13788998888",
"password": pwd_url_data,
"deviceType": "5",
"unit": "1",
"areaCode": "^%^2B86",
"callback": "__caixincallback1703929945303"
}
response = requests.get(url, headers=headers, cookies=cookies, params=params)
print(response.text)
print(response)
标签:逆向,
加密,
某财新,
登录,
url,
base64,
pwd,
sec,
data
From: https://www.cnblogs.com/yidaisanhan/p/17936682.html