潭州课堂25班：Ph201805201 爬虫基础 第十四课 js破解 (课堂笔记）

 

 

 

 

 

打断点

找要的数据

 

鼠标的点击事件

 

 

 

 

 

新浪微博登录

表单提交分析 ：

 

 

 

先佃输入错误密码开始调式

 f10 往下走，

f11 进入函数

sh + f11 跳出函数

 

 

 

 

# -*- coding: utf-8 -*-
# 斌彬电脑
# @Time : 2018/9/20 0020 4:30

#    新浪js分析

import requests
import base64
import time
import re
import json
import rsa
import binascii


class WeiboLogin(object):
    def __init__(self, username, password):
        self.username = self.encrypt_username(username)
        self.password = password
        self.session = requests.session()
        self.headers = {
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"}

    def pre_login(self):
        params = {
            "entry": "weibo",
            "callback": "sinaSSOController.preloginCallBack",
            "su": self.username,
            "rsakt": "mod",
            "checkpin": "1",
            "client": "ssologin.js(v1.4.19)",
            "_": int(time.time() * 1000)
        }

        url = 'https://login.sina.com.cn/sso/prelogin.php?'
        response = self.session.get(url, headers=self.headers, params=params)
        json_data = re.search(r'preloginCallBack\((.*?)\)', response.text).group(1)
        return json.loads(json_data)

    def login(self, pre_login_data):
        data = {
            "entry": "weibo",
            "gateway": "1",
            "from": "",
            "savestate": "7",
            "qrcode_flag": "false",
            "useticket": "1",
            "pagerefer": "",
            "vsnf": "1",
            "su": self.username,
            "service": "miniblog",
            "servertime": pre_login_data['servertime'],
            "nonce": pre_login_data['nonce'],
            "pwencode": "rsa2",
            "rsakv": pre_login_data['rsakv'],
            "sp": self.encrypt_password(self.password, pre_login_data['pubkey'], pre_login_data['servertime'],
                                        pre_login_data['nonce']),
            "sr": "1920*1080",
            "encoding": "UTF-8",
            "prelt": "49",
            "url": "https://weibo.com/ajaxlogin.php?framelogin=1&callback=parent.sinaSSOController.feedBackUrlCallBack",
            "returntype": "META"
        }
        url = "https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.19)"
        response = self.session.post(url, headers=self.headers, data=data)
        return response.content.decode('gbk')

    def houxu_login(self, login_response):
        first_url = re.search(r'location.replace\("(.*?)"\)', login_response).group(1)
        response = self.session.get(first_url, headers=self.headers).content.decode('gbk')

        all_url = re.search(r'arrURL":\["(.*?)"\]', response).group(1)
        all_url = all_url.split('","')
        data = "&callback=sinaSSOController.doCrossDomainCallBack&" + "scriptId=ssoscript1&" + "client=ssologin.js(v1.4.19)&" + "_=" + str(
            int(time.time() * 1000))
        for url in all_url:
            url = url.replace('\\', '')
            self.session.get(url + data, headers=self.headers)

    def encrypt_password(self, password, pubkey, servertime, nonce):
        my_password = str(servertime) + '\t' + str(nonce) + '\n' + str(password)
        publickey = rsa.PublicKey(int(pubkey, 16), int('10001', 16))
        return binascii.b2a_hex(rsa.encrypt(my_password.encode(), publickey)).decode()

    def encrypt_username(self, username):
        return base64.b64encode(username.encode())

    def yanzheng(self):
        resp = self.session.get('https://weibo.com/wnanbei/home', headers=self.headers)
        print(resp.text)

    def __call__(self, *args, **kwargs):
        json_data = self.pre_login()
        login_response = self.login(json_data)
        self.houxu_login(login_response)
        self.yanzheng()


if __name__ == "__main__":
    my_login = WeiboLogin('账号', '密码')
    my_login()