This article mainly analyzes 58 APP in the same city, and obtains the real mobile phone number of the rental business
For the mobile phone number of the 58APP rental module, I now find that there are two situations:
-
A mobile phone number can be seen directly in an APP.
-
One is invisible as follows
This paper mainly analyzes the second case.
Capture environment:
-
Charles' packet capture artifact
-
Android
After configuring the capture environment, open the APP on the mobile phone to enter the rental section, click on a listing to enter the detailed information.
Find rental listings in charles
If you observe the information of this merchant in detail, you can find two more important parameters, InfoID and userID. According to experience, these two are very useful in the back.
Click the phone button and the following will occur
Click the call button and Charles appears with a request to get a call
You can see that there is a calling number in the return parameter, and you can intuitively modify the infoId to get the phone number of other businesses
Use charles to modify the infoid in the request address (in the list captured earlier) to send the request
Successfully got the phone number.....
The request returned by the first type of phone number is encrypted as shown in the following figure, which is being sorted out recently. The next part describes how to reversely analyze 58APP to get the encrypted code for decryption.
If you are interested, you can follow my column Python data analysis https://zhuanlan.zhihu.com/c_99646580
This article is for educational use only.