一、背景
目标链接:http://www.landchina.com/default.aspx?tabid=226 ,中国土地市场网,获取相应的行政区代码、标题、详情页链接和发布时间
二、过程
1、确定加密参数
抓包,数据就在该链接中,复制url和请求头,请求,没有返回数据,返回了一段js代码
function stringToHex(str) {
var val = "";
for (var i = 0; i < str.length; i++) {
if (val == "") val = str.charCodeAt(i).toString(16);
else val += str.charCodeAt(i).toString(16);
}
return val;
}
function YunSuoAutoJump() {
var width = screen.width;
var height = screen.height;
var screendate = width + "," + height;
var curlocation = window.location.href;
if ( - 1 == curlocation.indexOf("security_verify_")) {
document.cookie = "srcurl=" + stringToHex(window.location.href) + ";path=/;";
}
self.location = "/default.aspx?tabid=226&security_verify_data=" + stringToHex(screendate);
}
暂时先不管它,清空cookie,浏览器设置代理,用charles进行抓包,发现总共请求了三次才获得真实数据
第一次请求,增加了cookie值yunsuo_session_verify,同时返回js代码,该代码生成了一个cookie(srcurl)和url
第二次请求,携带cookie(yunsuo_session_verify和srcurl),请求了js生成的url,并新增了cookie(security_session_mid_verify)
第三次请求,携带生成的cookie,请求真实链接,正常返回数据
OK,整体流程已经明白了,下面看看js代码
2、处理js函数
screendate, 就是屏幕的宽高,可以自己写死
url和cookie的生成,都是通过stringToHex函数,对屏幕宽高和请求链接进行了加密
stringToHex函数,遍历字符串的每个字符,对字符进行转换为Unicode编码,然后将编码转为16进制,在拼接起来
def str2token(str_data):
token = ''
for val in str_data:
token += str(hex(ord(val)))
return token.replace('0x', '')
def china_land(url):
screen_data = "1333,800"
cookie = ''
if "security_verify_" not in url:
cookie = 'srcurl=' + str2token(url) + ';path=/;'
url = "http://www.landchina.com/default.aspx?tabid=226&security_verify_data=" + str2token(screen_data)
return url, cookie
在转16进制时,有个小坑,一开始以为和Python的十六进制转换一样,但是发现生成的字符串和实际的不一样,然后查了javascript的16进制转换语法,发现转换后的数据比python的少了“0x”,因此要将‘0x’去除
from public_method import *
url = "http://www.landchina.com/default.aspx?tabid=226"
session = requests.session()
res = session.get(url)
verify_url, cookie = china_land(url)
print(verify_url, cookie)
res = session.get(verify_url)
header = {
"Host": "www.landchina.com",
"User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0",
"Accept": "text/css,*/*;q=0.1",
"Accept-Language": "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
"Accept-Encoding": "gzip, deflate",
"Referer": url,
"Connection": "keep-alive",
"Cookies": cookie,
}
response = session.get(url, headers=header)
print(response.text)
另一个坑是cookie,用了reuqests库的session对象,在最后一次请求时,在headers中携带js生成的cookie,用的Cookie字段,但是没有返回正常数据,然后换了Cookies字段,就正常了,打印了两次的请求头
用cookie:{'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'text/css,*/*;q=0.1', 'Connection': 'keep-alive', 'Host': 'www.landchina.com', 'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2', 'Referer': 'http://www.landchina.com/default.aspx?tabid=226', 'Cookie': 'srcurl=687474703a2f2f7777772e6c616e646368696e612e636f6d2f64656661756c742e617370783f74616269643d323236;path=/;'}
用cookies: {'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'text/css,*/*;q=0.1', 'Connection': 'keep-alive', 'Host': 'www.landchina.com', 'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2', 'Referer': 'http://www.landchina.com/default.aspx?tabid=226', 'Cookies': 'srcurl=687474703a2f2f7777772e6c616e646368696e612e636f6d2f64656661756c742e617370783f74616269643d323236;path=/;', 'Cookie': 'security_session_mid_verify=ce4213c94b70552197bf3caad9ac97da; yunsuo_session_verify=1a27da8d25711fad325811a16a2a4307'}
对比之后,发现如果用Cookie字段,请求头中只有js生成的cookie值,之前请求携带的cookie值就会被替换了,而这次请求时需要三个cookie值,所以需要用cookies字段,从cookie和cookies字段中,requests库都会进行cookie数据的提取,当然,如果用cookie={‘srcurl’:’…’}来携带js加密的cookie值,也是可以获取数据的
三、总结
