I wrote it in a text editing tool, and then copied to the CSDN format is a bit messy, you can paste it into the text editing tool and analyze it slowly
9 Homepage: https://kyfw.12306.cn/otn/login/init
12 No parameter
https://kyfw.12306.cn/otn/dynamicJs/lzuhkeb
13 No parameter
https://kyfw.12306.cn/otn/HttpZF/GetJS
16 Submit parameter json appid=otn submit method post
return format json { "result_message":"User is not logged in","result_code":1}
https://kyfw.12306.cn/passport/web/auth/uamtk
17 Request js submission parameters_ timestamp submission method get
Return value: js page, I don't know what it is for now
https://kyfw.12306.cn/otn/resources/js/newpasscode/captcha_js.js?_=1517557036153
19 Request verification code get Submission method par
Submission parameters: login_site =E
module=login
rand =sjrand
0.3361067676459024 Look at js and find that this is a string of random numbers generated by js
Return value: verification code
https://kyfw.12306.cn/passport/captcha/captcha-image?login_site=E&module=login&rand=sjrand&0.3361067676459024
28 Verification verification code Submit method post Submit parameter data type
answer= 46,40,123,43 (click coordinates) login_site='E' rand='sjrand'
Return value: {"result_message":"Verification of verification code succeeded","result_code":"4"}
https://kyfw.12306.cn/passport/captcha/captcha- check
29 Verify password post data=
username='username'
password='password'
appid='otn'
Return value: {
"result_message":"Login successful",
"result_code":0,
"uamtk":"TO9jaUjO_U3G8Hai2kwqMCXdem-_8uUX8VNVZEHaODUga8280 "
}
https://kyfw.12306. cn/passport/web/login
30 post Submit parameter json _json_att= 302 Do a forward, forward to
https://kyfw.12306.cn/otn/passport?redirect=/otn/login/userLogin It is recommended to cancel automatic forwarding and change to manual forwarding
No return value
https://kyfw.12306.cn/otn/login/userLogin
31 get submit parameters: redirect='/otn/login/userLogin'
Return value: a page does not know whether there is useful information mixed in
<script>
/*<![CDATA[*/
var ctx='/otn/';
var globalRepeatSubmitToken = null;
var global_lang = 'zh_CN';
var sessionInit = '';
var isShowNotice = null;
var CLeftTicketUrl = null;
var isTestFlow = null;
var isMobileCheck = null;
var passport_appId = 'otn';
var passport_login = 'https: //kyfw.12306.cn/passport/web/login';
var passport_captcha = 'https://kyfw.12306.cn/passport/captcha/captcha-image';
var passport_authuam = 'https://kyfw.12306.cn/passport/web/auth/uamtk';
var passport_captcha_check = ' https://kyfw.12306.cn/passport/captcha/captcha-check';
var passport_authclient = 'uamauthclient';
var passport_loginPage = 'login/init';
var passport_okPage = 'index/initMy12306';
var passport_proxy_captcha = 'login/ init';
/*]]>*/
</script>
https://kyfw.12306.cn/otn/passport?redirect=/otn/login/userLogin
32 This URL is requested again, no return value, no parameters Submission method get
https://kyfw.12306. cn/otn/HttpZF/GetJS
33 Authenticate through the page: submit method post submit parameter appid=otn
return value: json {
"result_message":"Authentication passed"
,"result_code":0
,"apptk":null,
"newapptk":"rk3L9wKOtg0j33K_b4GY4fAZlFByJWbvXuNhH7KSdcg928280"
}
https://kyfw.12306.cn/passport/web/auth/uamtk
34 json upload 33 obtained newapptk TK
= rk3L9wKOtg0j33K_b4GY4fAZlFByJWbvXuNhH7KSdcg928280
return value: { "apptk": "rk3L9wKOtg0j33K_b4GY4fAZlFByJWbvXuNhH7KSdcg928280 ", "result_code": 0, "result_message": " verified", "username": "Confidential"}
https://kyfw.12306.cn/ otn/uamauthclient
35, no submission parameters, no return value for forwarding, it is recommended to automatically forward get
https://kyfw.12306.cn/otn/login/userLogin
36, no submission parameters, there is a return value, no request is required, it is forwarded by 35 and
returned Value: is a page,
<script>
/*<![CDATA[*/
var ctx='/otn/';
var globalRepeatSubmitToken = null;
var global_lang = 'zh_CN';
var sessionInit = '\ u8D75 \ u97F6 \ u6656';
var isShowNotice = null;
var CLeftTicketUrl = null;
var isTestFlow = null;
var isMobileCheck = null;
var passport_appId = null;
var passport_login = null;
var passport_captcha = null;
var passport_authuam = null;
var passport_captcha_check = null;
var passport_authclient = null;
var passport_loginPage = null;
var passport_okPage = null;
var passport_proxy_captcha = null;
/ *]]> * /
</script>
https://kyfw.12306.cn/otn/index/initMy12306
38, I have requested this again, no return value, no parameters, get
https://kyfw.12306.cn/otn/HttpZF/GetJS
40 A QR code on the page after the login is successful, whether you want it or not, submit it by get the
number 36 is the presence of the return data value
ticket = gQFK7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAyeV94QUJfb0M5RFQxampvUWhxY3AAAgRPFXRaAwSEAwAA ';
parameters: Ticket = gQFK7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAyeV94QUJfb0M5RFQxampvUWhxY3AAAgRPFXRaAwSEAwAA
https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=gQFK7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAyeV94QUJfb0M5RFQxampvUWhxY3AAAgRPFXRaAwSEAwAA
41 is a welcome page after a successful login: None Submit by parameter get
Return value
<script>
/*<![CDATA[*/
var ctx='/otn/';
var globalRepeatSubmitToken = null;
var global_lang = 'zh_CN';
var sessionInit = '\u8D75\u97F6\u6656';
var isShowNotice = null;
var CLeftTicketUrl = 'leftTicket/queryZ';
var isTestFlow = null;
var isMobileCheck = 'N';
var passport_appId = 'otn';
var passport_login = 'https://kyfw.12306.cn/passport/web/login';
var passport_captcha = 'https://kyfw.12306.cn/passport/captcha/captcha-image';
var passport_authuam = 'https://kyfw.12306.cn/passport/web/auth/uamtk';
var passport_captcha_check = 'https://kyfw.12306.cn/passport/captcha/captcha-check';
var passport_authclient = 'uamauthclient';
var passport_loginPage = 'login/init';
var passport_okPage = 'index/initMy12306';
var passport_proxy_captcha = 'login/init';
/*]]>*/
</script>
https://kyfw.12306.cn/otn/leftTicket/init
42 Requested this again, no return value, no parameters , get, it is recommended to download this js and study
https://kyfw.12306.cn/otn/HttpZF/GetJS
43, no return value, no parameters
https://kyfw.12306.cn/otn/dynamicJs/qxsjdcd
44 According to my analysis, this side advertisement is
https://ad.12306.cn/res/0004.html
49, the return value is json, this page is super important, the submission method get parameter (what the hell, this is actually an advertisement, Now I'm going to remove the super important words, but I also request it first to see if there is any return value I need)
placementNo=0004
clientType=2
billMaterialsId=170b890cf8f24c569644092ef827e993 (I found that this value exists in the previous advertisement page, so The side advertisement of No. 44 must be requested) Sure enough, 12306 even has a hole in the advertisement
https://ad.12306.cn/sdk/webservice/rest/appService/getAdAppInfo.json?placementNo=0004&clientType=2&billMaterialsId=170b890cf8f24c569644092ef827e993
返回值json类型
{"code":"00",
"message":"获取成功",
"materialsList":
[
{"billId":"28475bc01d85417d9f04df530f355b81"
,"billMaterialsId":"170b890cf8f24c569644092ef827e993"
,"filePath":"https://ad.12306.cn/res/delivery/0004/2018/01/29/201801291712188110.jpg"
,"title":"中铁联名卡"
,"placementPattern":"jpg"
,"linkUri":"https://creditcard.bankcomm.com/content/dam/pc/activity/ztcard/zhongtieka4.html"
,"marginBottom":"0"
,"skipTime":"5000"
,"linkType":"1"
,"showSkipBtn":"0"
,"btnhui":"https://ad.12306.cn/sdk/webservice/rest/appService/btnhui.json?placementNo=0004&billMaterialsId=170b890cf8f24c569644092ef827e993"
,"btnview":"https://ad.12306.cn/sdk/webservice/rest/appService/btnview.json?placementNo=0004&billMaterialsId=170b890cf8f24c569644092ef827e993"
,"thirdViewUrlList":[],
"thirdClickUrlList":[],
"skipTimeAgain":"0",
"fileList":
[{"filePath":"https://ad.12306.cn/res/delivery/0004/2018/01/29/201801291712188110.jpg",
"fileHeight":"360",
"marginBottom":"0"}]}],
"getType":"1",
"serviceUrl":"https://ad.12306.cn/sdk/webservice/rest/appService/getAdAppInfo.json",
"isDefault":"0",
"btnhui":"https://ad.12306.cn/sdk/webservice/rest/appService/btnhui.json"
}
50, what the hell, why did you request a verification code again, compare this verification code with the number 19 What's the difference in
No. 19
https://kyfw.12306.cn/passport/captcha/captcha-image?login_site=E&module=login&rand=sjrand&0.3361067676459024
No. 50
https://kyfw.12306.cn/otn/passcodeNew/getPassCodeNew ?module=passenger&rand=randp&0.9681090452847763
There is still a difference, no matter, save the submitted parameters and return values first.
No. 50 Verification code submitted parameters
module=passenger
rand=randp
0.9681090452847763 (this should also be a random number, to Time to test)
53, finally arrived at the main page, this page submits the ticket purchase information, returns the query train volume information, the submitted parameters are
leftTicketDTO.train_date departure date
leftTicketDTO.from_station BJP (code name Beijing)
leftTicketDTO.to_station ZDN ( Code name Zhumadian)
purpose_codes ADULT (don't know what it is? It doesn't matter, let's go ahead and check where this parameter has appeared. Well, I admit that I didn't find it, so submit it and try it first)
The return value is the json type of vehicle information queried. What if the data is in hand? Don't talk about it
{"data":{"flag":"1","map":{"BJP":"Beijing","BXP":"Beijing West","ZDN":"Zhumadian","ZLN":"Zhumadian" West "}," result ": [" SrRaidpHwIsnGTBWAkUu% 2FepYkIMI7CzHy% 2FIkNnrT3cerfSiH8bXKHyfBY% 2F9QBo% 2B7tgMuK9SaO1gl% 0AF5% 2Fs% 2BMzj5IYouLVPF2n6unu9baxgenDF4G4CLlrhO% 2B% 2FVD1wxTRd2zFBYGSSz3qsbnM9SgCSyQx% 2FW% 0AYSSCMLhd0P% 2BQCXKUTiI0e8eXbOX69hQrNAsqDTzSVc2CGgoidc% 2FZFTL986ymRvkzn% 2Frs8KXg0dhU% 0AiYPFUXA4lNwmOByrfhLn36pUQQ6e | book | 24000K460109 | K4601 | BXP | HKN|BXP|ZDN|02:38|14:26|11:48|Y|7ZWqE1balF8uzWEZSW0%2FYYh1j77OGWXuTNhs4K7wNOnd%2B%2F%2Fa|20180210|3|PC|01|08|0|0|||||None| |Yes|||No||||101020|112|0","|Book|24000T303901|T3039|BXP|HKN|BXP|ZDN|03:35|12:50|09:15|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|PC|01|08|0|0|||None|||None||None|None||||10401030|1413|0"," Zp% 2FYpzUGmmQzk% 2BA8hltQcfvHaxGOqmLNG1Fd0oyFCdIiRw8oyRUoRyv7Al7UPvh4wCuVROdKWdvY% 0Agw4dOErMONBQj% 2B1yje3bLsnCDrqg5vRHHpI15duSCMXr% 2FUZojyg22IZOV4SkyCcRRNn6ObSDGigM% 0AO7TXB2968rNcgSN0% 2FCksPW1lEcy1Yo% 2F113r7AflZIJZKAH% 2FF% 2BPktq% 2FQRo9% 2FqfX2ZffN4bc7rMKbc% 0AdNlW% 2FJLso0% 2FWdbjW% 2F4JPbztYXudwcFAdlRhADqWw2FG4 | book | 330000K5980X | K599 | BTC | GZQ | BXP | ZDN | 05: 14|16:36|11:22|Y|OASN3HdgM4uZD5tdr1eQebZtO9NSFZ%2Fij61rMA%2B0NO56wfWKlQSMT9uP2Og%3D|20180209|3|C1|09|23|0|0||||None|||Yes||No|None||| ||10401030|1413|1","|Book|240000G48508|G485|BXP|NXG|BXP|ZLN|07:03|11:12|04:09|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P4| |09|1|0|||||||||||None|None|None||O0M090|OM9|0","|Book|240000G5290H|G529|BXP|NFZ|BXP|ZLN|07:08|11:36|04:28|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P4|01|11|1|0|||||||||||None|None|None||O0M090|OM9 |0","|Book|2400000G710H|G71|BXP|NZQ|BXP|ZLN|07:27|11:52|04:25|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P2|01|10|1| 0||||||||||None|None|None||O0M090|OM9|0","|Book|2400000K2117|K21|BXP|NNZ|BXP|ZDN|08:18|20:43| 12:25|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|PB|01|14|0|0||||None|||No||None|None|||||10401030|1413|0" ,"|Book|240000K96714|K967|BJP|HHQ|BJP|ZDN|08:37|20:56|12:19|N|wQ%2BpSmPQZ8dgJ0lK4UaHmyKBfXh8YFe%2BcjEMqJvOGWVo%2BoWyE0CkXbx6FhU%3D|10|2016 |0|0||||None|||None||None|None|||||10401030|1413|0","|Book|240000K43304|K433|BXP|AXM|BXP|ZDN|08:42| 20:00|11:18|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|P3|01|13|0|0||||None|||None||None|None||||10401030|1413|0"," |Book|240000G4210E|G421|BXP|NFZ|BXP|ZLN|09:05|13:23|04:18|N|6xvTEGx43CMlsHaPGw6M7BtXdiK7jKfJAjq5PrTC%2BykW2%2FLx|20180210|3|P3|01|08|1|0|| ||||||||None|None|None||O090M0|O9M|0","|Book|240000G5570I|G557|BXP|WHN|BXP|ZLN|11:07|15:23|04:16 |N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P3|01|10|1|0||||||||||None|None|None||O0M090|OM9|0","|Book|240000G40107 |G401|BXP|KQW|BXP|ZLN|11:43|15:56|04:13|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P2|01|08|1|0||||||| |||None|None|None||O0M090|OM9|0","|Book|240000G51713|G517|BXP|WHN|BXP|ZLN|12:19|16:28|04:09|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL |20180210|3|P3|01|07|1|0||||||||||None|None|None||O0M090|OM9|0","|Book|2400000G6909|G69|BXP|IZQ|BXP|ZLN|13:07|17:09|04:02|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P4|01|07|1|0|||| ||||||None|None|None||O0M090|OM9|0","|Book|240000G51915|G519|BXP|WHN|BXP|ZLN|14:05|18:16|04:11|N |NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P4|01|09|1|0|||||||||None|None|None||O0M090|OM9|0","|Book|240000G50506|G505 |BXP|CWQ|BXP|ZLN|15:40|19:43|04:03|N|AOLpYQokAKA%2BgQBdTMWiSfo52ZrE0ZWt5gyqzCg3bJ9tuCInvQgmQSvQQBA%3D|20180210|3|P4|01|08|1|0||||||None| ||||None|None|None||O090M0P0|O9MP|0","|Book|240000G5730O|G573|BXP|KAN|BXP|ZLN|16:18|20:15|03:57|N|NFWR18% 2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P3|01|07|1|0||||||||||None|None|None||O0M090|OM9|0","|Book|240000G52507|G525|BXP| HKN|BXP|ZLN|17:14|21:29|04:15|N|NFWR18%2FAH8fkkS5qIccRzBvusOdBg5wvhJBO5NIfOXbYURzL|20180210|3|P4|01|10|1|0|||||||||||None|None|None||O0M090|OM9|0","|Book| 240000K1571D|K157|BXP|ZJZ|BXP|ZDN|18:12|05:35|11:23|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|PB|None| |||None||None|None||||10401030|1413|0","|Book|240000T2890E|T289|BXP|NNZ|BXP|ZDN|22:08|06:59|08:51|N |fTaYYc3zlaDeHVYuLyhVxUi%2BAqTHqhdgjollq8W4eP%2FvCaVVuRLpgwPkcc6QAhnkwBHTBbDVrH4%3D|20180210|3|P4|01|08|0|0||None||None|||None||None|None|||||1040106030|14163 |Book|24000Z417707|Z4177|BXP|WCN|BXP|ZDN|23:50|08:32|08:42|N|2vX%2BO37WGI835%2BwfN4JtT%2FRTftl48EKe|20180210|3|PC|01|07|0|0 ||||None|None|||||||||4020|42|0"]},"httpstatus":200,"messages":"","status":true}23|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|PB|01|10|0||||None|||None||None|None||||10401030|1413|0"," |Book|240000T2890E|T289|BXP|NNZ|BXP|ZDN|22:08|06:59|08:51|N|fTaYYc3zlaDeHVYuLyhVxUi%2BAqTHqhdgjollq8W4eP%2FvCaVVuRLpgwPkcc06QAhnkwBHTBbDVrH4%|3D|01|20180 ||None||None|||None||None|None||||1040106030|14163|0","|Book|24000Z417707|Z4177|BXP|WCN|BXP|ZDN|23:50|08:32 |08:42|N|2vX%2BO37WGI835%2BwfN4JtT%2FRTftl48EKe|20180210|3|PC|01|07|0|0||||None|None|||||||||4020|42|0 "]},"httpstatus":200,"messages":"","status":true}23|N|YcXLEyKoj4zNjfnHCihQXvd%2Ftm1r04aUNTdsNtIfL1QUKcIRhBlJL3bvI2o%3D|20180210|3|PB|01|10|0||||None|||None||None|None||||10401030|1413|0"," |Book|240000T2890E|T289|BXP|NNZ|BXP|ZDN|22:08|06:59|08:51|N|fTaYYc3zlaDeHVYuLyhVxUi%2BAqTHqhdgjollq8W4eP%2FvCaVVuRLpgwPkcc06QAhnkwBHTBbDVrH4%|3D|01|20180 ||None||None|||None||None|None||||1040106030|14163|0","|Book|24000Z417707|Z4177|BXP|WCN|BXP|ZDN|23:50|08:32 |08:42|N|2vX%2BO37WGI835%2BwfN4JtT%2FRTftl48EKe|20180210|3|PC|01|07|0|0||||None|None|||||||||4020|42|0 "]},"httpstatus":200,"messages":"","status":true}51|N|fTaYYc3zlaDeHVYuLyhVxUi%2BAqTHqhdgjollq8W4eP%2FvCaVVuRLpgwPkcc6QAhnkwBHTBbDVrH4%3D|20180210|3|P4|01|08|0|0||None||None|||None||None|0||||104010603 ","|Book|24000Z417707|Z4177|BXP|WCN|BXP|ZDN|23:50|08:32|08:42|N|2vX%2BO37WGI835%2BwfN4JtT%2FRTftl48EKe|20180210|3|PC|01|07| 0|0||||None|None|||||||||4020|42|0"]},"httpstatus":200,"messages":"","status":true}51|N|fTaYYc3zlaDeHVYuLyhVxUi%2BAqTHqhdgjollq8W4eP%2FvCaVVuRLpgwPkcc6QAhnkwBHTBbDVrH4%3D|20180210|3|P4|01|08|0|0||None||None|||None||None|0||||104010603 ","|Book|24000Z417707|Z4177|BXP|WCN|BXP|ZDN|23:50|08:32|08:42|N|2vX%2BO37WGI835%2BwfN4JtT%2FRTftl48EKe|20180210|3|PC|01|07| 0|0||||None|None|||||||||4020|42|0"]},"httpstatus":200,"messages":"","status":true}
https://kyfw.12306.cn/otn/leftTicket/queryZ?leftTicketDTO.train_date=2018-02-10&leftTicketDTO.from_station=BJP&leftTicketDTO.to_station=ZDN&purpose_codes=ADULT
54 post Submit parameter _json_att=
Return value:
{"validateMessagesShowId": "_validatorMessage","status":true,"httpstatus":200,"data":{"flag":true},"messages":[],"validateMessages":{}}
https://kyfw.12306. cn/otn/login/checkUser
55 Click to reserve the vehicle
Submit parameters as follows: (These parameters are relatively simple, and secretStr is easy to confuse people. Leave a small pit for you, haha)
secretStr = SrRaidpHwIsnGTBWAkUu% 2FepYkIMI7CzHy% 2FIkNnrT3cerfSiH8bXKHyfBY% 2F9QBo% 2B7tgMuK9SaO1gl% 0AF5% 2Fs% 2BMzj5IYouLVPF2n6unu9baxgenDF4G4CLlrhO% 2B% 2FVD1wxTRd2zFBYGSSz3qsbnM9SgCSyQx% 2FW% 0AYSSCMLhd0P% 2BQCXKUTiI0e8eXbOX69hQrNAsqDTzSVc2CGgoidc% 2FZFTL986ymRvkzn% 2Frs8KXg0dhU% 0AiYPFUXA4lNwmOByrfhLn36pUQQ6e & train_date = 2018-02-10 & back_train_date = 2018-02-02 & tour_flag = dc & purpose_codes = ADULT & query_from_station_name = Beijing&query_to_station_name=Zhumadian&undefinedSubmission
method post https://kyfw.12306.cn/otn/leftTicket/submitOrderRequest
Return value: {"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data" :"N","messages":[],"validateMessages":{}}
Because I don't need to buy a ticket, I didn't submit an order, so it's almost over here