某麦数据 API 接口关键参数 analysis 逆向分析

博主： xadminx
发布时间：2020 年 07 月 08 日
380 次浏览
暂无评论
7529字数
分类：【技术讨论】

声明

仅供技术讨论，不用于任何盈利或者商业目的
如有侵权，请发送邮件到博主邮箱，将在收到邮件的第一时间删除相关内容

分析过程

首先下一个 analysis 的 XHR断点，在断下的位置向上查找：

找到函数名，再次以函数名搜索：

直到找到一个请求拦截器，然后进入这个拦截器，查查看拦截器的具体操作：

提一下拦截器，拦截器的话主要是在请求之前由前端对请求的再次操作：

继续看拦截器的代码，似乎是加密的代码：

下断点，继续运行，看一下调试的信息，可以发现生成 analysis 代码就是这里：

所以只需要把这里的代码单独拿出来，就行了，然后把这段代码的几个关键参数找出来，内置到 JS 代码里面，通过外部调用就可以生成 analysis 参数。

主要的关键参数是下图中指定的参数：

以及用到的几个函数，只需要通过这个方法查看一下稍微修改代码就行了，以前几次网站代码的修改都是在这几个地方动手脚

以下是 JS 用的代码：

l = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/"]
function n_(t) {
    var n;
    n = f(t.toString(), "binary");
    return u(n)
}
function a(t) {
    return l[t >> 18 & 63] + l[t >> 12 & 63] + l[t >> 6 & 63] + l[63 & t]
}
function s(t, e, n) {
    for (var r, i = [], o = e; o < n; o += 3)
        r = (t[o] << 16 & 16711680) + (t[o + 1] << 8 & 65280) + (255 & t[o + 2]),
            i.push(a(r));
    return i.join("")
}
function u(t) {
    for (var e, n = t.length, r = n % 3, i = "", o = [], a = 16383, u = 0, c = n - r; u < c; u += a)
        o.push(s(t, u, u + a > c ? c : u + a));
    return 1 === r ? (e = t[n - 1],
        i += l[e >> 2],
        i += l[e << 4 & 63],
        i += "==") : 2 === r && (e = (t[n - 2] << 8) + t[n - 1],
        i += l[e >> 10],
        i += l[e >> 4 & 63],
        i += l[e << 2 & 63],
        i += "="),
        o.push(i),
        o.join("")
}
function K(t, e, n, r) {
    for (var i = 0; i < r && !(i + n >= e.length || i >= t.length); ++i)
        e[i + n] = t[i];
    return i
}
function W(t) {
    for (var e = [], n = 0; n < t.length; ++n)
        e.push(255 & t.charCodeAt(n));
    return e
}
function t_(t, e, n, r) {
    return K(W(e), t, 0, r)
}
function f(e, n) {
    var r = e.length;
    t = new Uint8Array(r);
    var i = t_(t, e, n, r);
    return t
}
function v_(n) {
    return n_(encodeURIComponent(n)["replace"](/%([0-9A-F]{2})/g, function (a, n) {
        return String["fromCharCode"]("0x" + n)
    }))
}
function k_(a, n) {
    //n || (n = s()),
    a = a["split"]("");
    for (var t = a["length"], e = n["length"], r = "charCodeAt", i = 0; i < t; i++)
        //a[i] = m_(a[i][r](0) ^ n[(i + 10) % e][r](0));
        a[i] = String["fromCharCode"](a[i][r](0) ^ n[(i + 10) % e][r](0));
    return a["join"]("")
}
function getAnalysis (synct, url, p_str) {
    var g = new Date() - 1000 * synct;
    var e = new Date() - g - 1515125653845;
    var S = 1;
    var palist = [];
     for (var key in p_str) {
        palist.push(p_str[key])
    }
    var mm = palist["sort"]()["join"]("");
    m_0 = v_(mm);
    m_1 = m_0 + "@#" + url.replace("https://api.xxxxx.cn", "");
    m_2 = m_1 + "@#" + e;
    m_3 = m_2 + "@#" + S;
    var b = "00000008d78d46a";
    return v_(k_(m_3, b))
}

以下是python代码实现：

# -*- coding: utf-8 -*-
__version_ = 'python 3.7'
__author__ = 'Json·G'
__date__ = '2020/7/6 15:50'


import requests
import datetime
import execjs

js_xxxxx = """
l = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/"]
function n_(t) {
    var n;
    n = f(t.toString(), "binary");
    return u(n)
}
function a(t) {
    return l[t >> 18 & 63] + l[t >> 12 & 63] + l[t >> 6 & 63] + l[63 & t]
}
function s(t, e, n) {
    for (var r, i = [], o = e; o < n; o += 3)
        r = (t[o] << 16 & 16711680) + (t[o + 1] << 8 & 65280) + (255 & t[o + 2]),
            i.push(a(r));
    return i.join("")
}
function u(t) {
    for (var e, n = t.length, r = n % 3, i = "", o = [], a = 16383, u = 0, c = n - r; u < c; u += a)
        o.push(s(t, u, u + a > c ? c : u + a));
    return 1 === r ? (e = t[n - 1],
        i += l[e >> 2],
        i += l[e << 4 & 63],
        i += "==") : 2 === r && (e = (t[n - 2] << 8) + t[n - 1],
        i += l[e >> 10],
        i += l[e >> 4 & 63],
        i += l[e << 2 & 63],
        i += "="),
        o.push(i),
        o.join("")
}
function K(t, e, n, r) {
    for (var i = 0; i < r && !(i + n >= e.length || i >= t.length); ++i)
        e[i + n] = t[i];
    return i
}
function W(t) {
    for (var e = [], n = 0; n < t.length; ++n)
        e.push(255 & t.charCodeAt(n));
    return e
}
function t_(t, e, n, r) {
    return K(W(e), t, 0, r)
}
function f(e, n) {
    var r = e.length;
    t = new Uint8Array(r);
    var i = t_(t, e, n, r);
    return t
}
function v_(n) {
    return n_(encodeURIComponent(n)["replace"](/%([0-9A-F]{2})/g, function (a, n) {
        return String["fromCharCode"]("0x" + n)
    }))
}
function k_(a, n) {
    //n || (n = s()),
    a = a["split"]("");
    for (var t = a["length"], e = n["length"], r = "charCodeAt", i = 0; i < t; i++)
        //a[i] = m_(a[i][r](0) ^ n[(i + 10) % e][r](0));
        a[i] = String["fromCharCode"](a[i][r](0) ^ n[(i + 10) % e][r](0));
    return a["join"]("")
}
function getAnalysis (synct, url, p_str) {
    var g = new Date() - 1000 * synct;
    var e = new Date() - g - 1515125653845;
    var S = 1;
    var palist = [];
     for (var key in p_str) {
        palist.push(p_str[key])
    }
    var mm = palist["sort"]()["join"]("");
    m_0 = v_(mm);
    m_1 = m_0 + "@#" + url.replace("https://api.xxxxx.cn", "");
    m_2 = m_1 + "@#" + e;
    m_3 = m_2 + "@#" + S;
    var b = "00000008d78d46a";
    return v_(k_(m_3, b))
}
"""


def handle(params, url_start):
    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
        "Accept-Encoding": "gzip, deflate, br",
        "Accept-Language": "zh-CN,zh;q=0.9",
        "Cache-Control": "max-age=0",
        "Connection": "keep-alive",
        "Host": "www.xxxxx.cn",
        "If-Modified-Since": "Mon, 09 Dec 2019 11:03:14 GMT",
        "If-None-Match": 'W/"5dee29f2 - be2"',
        "Referer": "https://www.xxxxx.cn/",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
    }
    resp = requests.get('https://www.xxxxx.cn/rank', headers=headers)
    t = resp.cookies.get_dict()
    synct = t.get('synct')

    def getanaly(synct, url, params):
        ctx = execjs.compile(js_xxxxx)
        new_pwd = ctx.call("getAnalysis", synct, url, params)
        return new_pwd

    analysis = getanaly(synct, url_start, params)
    headers_sub = {
        "Accept": "application/json, text/plain, */*",
        "Accept-Encoding": "gzip, deflate, br",
        "Accept-Language": "zh-CN,zh;q=0.9",
        "Connection": "keep-alive",
        "Host": "api.xxxxx.cn",
        "Origin": "https://www.xxxxx.cn",
        "Sec-Fetch-Mode": "cors",
        "Sec-Fetch-Site": "same-site",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
    }

    params['analysis'] = analysis
    url = url_start + '?'
    res = requests.get(url=url, headers=headers_sub, params=params)
    return res.json()


url_start = "https://api.xxxxx.cn/rank/index"
time_now = datetime.datetime.now().strftime('%Y-%m-%d')
params = {
    "brand": "free",
    "country": "cn",
    "genre": "5000",
    "device": "iphone",
    "date": str(time_now),
    "is_rank_index": 1
}
params["page"] = 1
json_return = handle(params, url_start)
page = json_return["maxPage"]
for i in range(int(page) - 1):
    params = {
        "brand": "free",
        "country": "cn",
        "genre": "5000",
        "device": "iphone",
        "date": str(time_now),
        "is_rank_index": 1
    }
    params["page"] = i + 2
    json_return = handle(params, url_start)
    print(json_return)
    quit()

最后修改：2020 年 07 月 30 日

如果觉得我的文章对你有用，请随意赞赏

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

评论 *

私密评论

名称 *

🎲

邮箱 *

地址

rdzqrllmux
《血肉狂魔》科幻片高清在线免费观看：https://www.j...
wrtseqbadf
你的文章让我感受到了不一样的视角，非常精彩。 https...
tzpidingaf
你的文章让我感受到了不一样的视角，非常精彩。 http:...
qegcpxegqi
《小镇反面(经典黑白影片现代重制版 )》动作片高清在线免费观看...
glanphxyyl
你的文章让我感受到了不一样的视角，非常精彩。 http:...

某麦数据 API 接口关键参数 analysis 逆向分析

xadminx • 2020 年 07 月 08 日

<h2>声明</h2><ul><li>仅供技术讨论，不用于任何盈利或者商业目的</li><li>如有侵权，请发送邮件到博主邮箱，将在收到邮件的第一时间删除相关内容</li></ul><h2>分析过程</h2>首先下一个 analysis 的 XHR断点，在断下的位置向上查找： <img src="https://jsong.cn/usr/uploads/2020/07/369557927.jpg" alt="" title="" style="">找到函数名，再次以函数名搜索： <img src="https://jsong.cn/usr/uploads/2020/07/3739301456.jpg" alt="" title="" style="">直到找到一个请求拦截器，然后进入这个拦截器，查查看拦截器的具体操作： <img src="https://jsong.cn/usr/uploads/2020/07/75268157.jpg" alt="" title="" style="">提一下拦截器，拦截器的话主要是在请求之前由前端对请求的再次操作： <img src="https://jsong.cn/usr/uploads/2020/07/3924896437.jpg" alt="" title="" style="">继续看拦截器的代码，似乎是加密的代码： <img src="https://jsong.cn/usr/uploads/2020/07/2239333137.jpg" alt="" title="" style="">下断点，继续运行，看一下调试的信息，可以发现生成 analysis 代码就是这里： <img src="https://jsong.cn/usr/uploads/2020/07/1163175829.jpg" alt="" title="" style="">所以只需要把这里的代码单独拿出来，就行了，然后把这段代码的几个关键参数找出来，内置到 JS 代码里面，通过外部调用就可以生成 analysis 参数。主要的关键参数是下图中指定的参数： <img src="https://jsong.cn/usr/uploads/2020/07/970686153.jpg" alt="" title="" style="">以及用到的几个函数，只需要通过这个方法查看一下稍微修改代码就行了，以前几次网站代码的修改都是在这几个地方动手脚以下是 JS 用的代码：<pre><code class="lang-javascript">l = [&quot;A&quot;, &quot;B&quot;, &quot;C&quot;, &quot;D&quot;, &quot;E&quot;, &quot;F&quot;, &quot;G&quot;, &quot;H&quot;, &quot;I&quot;, &quot;J&quot;, &quot;K&quot;, &quot;L&quot;, &quot;M&quot;, &quot;N&quot;, &quot;O&quot;, &quot;P&quot;, &quot;Q&quot;, &quot;R&quot;, &quot;S&quot;, &quot;T&quot;, &quot;U&quot;, &quot;V&quot;, &quot;W&quot;, &quot;X&quot;, &quot;Y&quot;, &quot;Z&quot;, &quot;a&quot;, &quot;b&quot;, &quot;c&quot;, &quot;d&quot;, &quot;e&quot;, &quot;f&quot;, &quot;g&quot;, &quot;h&quot;, &quot;i&quot;, &quot;j&quot;, &quot;k&quot;, &quot;l&quot;, &quot;m&quot;, &quot;n&quot;, &quot;o&quot;, &quot;p&quot;, &quot;q&quot;, &quot;r&quot;, &quot;s&quot;, &quot;t&quot;, &quot;u&quot;, &quot;v&quot;, &quot;w&quot;, &quot;x&quot;, &quot;y&quot;, &quot;z&quot;, &quot;0&quot;, &quot;1&quot;, &quot;2&quot;, &quot;3&quot;, &quot;4&quot;, &quot;5&quot;, &quot;6&quot;, &quot;7&quot;, &quot;8&quot;, &quot;9&quot;, &quot;+&quot;, &quot;/&quot;]
function n_(t) {
 var n;
 n = f(t.toString(), &quot;binary&quot;);
 return u(n)
}
function a(t) {
 return l[t &gt;&gt; 18 &amp; 63] + l[t &gt;&gt; 12 &amp; 63] + l[t &gt;&gt; 6 &amp; 63] + l[63 &amp; t]
}
function s(t, e, n) {
 for (var r, i = [], o = e; o &lt; n; o += 3)
 r = (t[o] &lt;&lt; 16 &amp; 16711680) + (t[o + 1] &lt;&lt; 8 &amp; 65280) + (255 &amp; t[o + 2]),
 i.push(a(r));
 return i.join(&quot;&quot;)
}
function u(t) {
 for (var e, n = t.length, r = n % 3, i = &quot;&quot;, o = [], a = 16383, u = 0, c = n - r; u &lt; c; u += a)
 o.push(s(t, u, u + a &gt; c ? c : u + a));
 return 1 === r ? (e = t[n - 1],
 i += l[e &gt;&gt; 2],
 i += l[e &lt;&lt; 4 &amp; 63],
 i += &quot;==&quot;) : 2 === r &amp;&amp; (e = (t[n - 2] &lt;&lt; 8) + t[n - 1],
 i += l[e &gt;&gt; 10],
 i += l[e &gt;&gt; 4 &amp; 63],
 i += l[e &lt;&lt; 2 &amp; 63],
 i += &quot;=&quot;),
 o.push(i),
 o.join(&quot;&quot;)
}
function K(t, e, n, r) {
 for (var i = 0; i &lt; r &amp;&amp; !(i + n &gt;= e.length || i &gt;= t.length); ++i)
 e[i + n] = t[i];
 return i
}
function W(t) {
 for (var e = [], n = 0; n &lt; t.length; ++n)
 e.push(255 &amp; t.charCodeAt(n));
 return e
}
function t_(t, e, n, r) {
 return K(W(e), t, 0, r)
}
function f(e, n) {
 var r = e.length;
 t = new Uint8Array(r);
 var i = t_(t, e, n, r);
 return t
}
function v_(n) {
 return n_(encodeURIComponent(n)[&quot;replace&quot;](/%([0-9A-F]{2})/g, function (a, n) {
 return String[&quot;fromCharCode&quot;](&quot;0x&quot; + n)
 }))
}
function k_(a, n) {
 //n || (n = s()),
 a = a[&quot;split&quot;](&quot;&quot;);
 for (var t = a[&quot;length&quot;], e = n[&quot;length&quot;], r = &quot;charCodeAt&quot;, i = 0; i &lt; t; i++)
 //a[i] = m_(a[i][r](0) ^ n[(i + 10) % e][r](0));
 a[i] = String[&quot;fromCharCode&quot;](a[i][r](0) ^ n[(i + 10) % e][r](0));
 return a[&quot;join&quot;](&quot;&quot;)
}
function getAnalysis (synct, url, p_str) {
 var g = new Date() - 1000 * synct;
 var e = new Date() - g - 1515125653845;
 var S = 1;
 var palist = [];
 for (var key in p_str) {
 palist.push(p_str[key])
 }
 var mm = palist[&quot;sort&quot;]()[&quot;join&quot;](&quot;&quot;);
 m_0 = v_(mm);
 m_1 = m_0 + &quot;@#&quot; + url.replace(&quot;https://api.xxxxx.cn&quot;, &quot;&quot;);
 m_2 = m_1 + &quot;@#&quot; + e;
 m_3 = m_2 + &quot;@#&quot; + S;
 var b = &quot;00000008d78d46a&quot;;
 return v_(k_(m_3, b))
}</code></pre>以下是python代码实现：<pre><code class="lang-python"># -*- coding: utf-8 -*-
__version_ = &#039;python 3.7&#039;
__author__ = &#039;Json·G&#039;
__date__ = &#039;2020/7/6 15:50&#039;

import requests
import datetime
import execjs

js_xxxxx = &quot;&quot;&quot;
l = [&quot;A&quot;, &quot;B&quot;, &quot;C&quot;, &quot;D&quot;, &quot;E&quot;, &quot;F&quot;, &quot;G&quot;, &quot;H&quot;, &quot;I&quot;, &quot;J&quot;, &quot;K&quot;, &quot;L&quot;, &quot;M&quot;, &quot;N&quot;, &quot;O&quot;, &quot;P&quot;, &quot;Q&quot;, &quot;R&quot;, &quot;S&quot;, &quot;T&quot;, &quot;U&quot;, &quot;V&quot;, &quot;W&quot;, &quot;X&quot;, &quot;Y&quot;, &quot;Z&quot;, &quot;a&quot;, &quot;b&quot;, &quot;c&quot;, &quot;d&quot;, &quot;e&quot;, &quot;f&quot;, &quot;g&quot;, &quot;h&quot;, &quot;i&quot;, &quot;j&quot;, &quot;k&quot;, &quot;l&quot;, &quot;m&quot;, &quot;n&quot;, &quot;o&quot;, &quot;p&quot;, &quot;q&quot;, &quot;r&quot;, &quot;s&quot;, &quot;t&quot;, &quot;u&quot;, &quot;v&quot;, &quot;w&quot;, &quot;x&quot;, &quot;y&quot;, &quot;z&quot;, &quot;0&quot;, &quot;1&quot;, &quot;2&quot;, &quot;3&quot;, &quot;4&quot;, &quot;5&quot;, &quot;6&quot;, &quot;7&quot;, &quot;8&quot;, &quot;9&quot;, &quot;+&quot;, &quot;/&quot;]
function n_(t) {
    var n;
    n = f(t.toString(), &quot;binary&quot;);
    return u(n)
}
function a(t) {
    return l[t &gt;&gt; 18 &amp; 63] + l[t &gt;&gt; 12 &amp; 63] + l[t &gt;&gt; 6 &amp; 63] + l[63 &amp; t]
}
function s(t, e, n) {
    for (var r, i = [], o = e; o &lt; n; o += 3)
        r = (t[o] &lt;&lt; 16 &amp; 16711680) + (t[o + 1] &lt;&lt; 8 &amp; 65280) + (255 &amp; t[o + 2]),
            i.push(a(r));
    return i.join(&quot;&quot;)
}
function u(t) {
    for (var e, n = t.length, r = n % 3, i = &quot;&quot;, o = [], a = 16383, u = 0, c = n - r; u &lt; c; u += a)
        o.push(s(t, u, u + a &gt; c ? c : u + a));
    return 1 === r ? (e = t[n - 1],
        i += l[e &gt;&gt; 2],
        i += l[e &lt;&lt; 4 &amp; 63],
        i += &quot;==&quot;) : 2 === r &amp;&amp; (e = (t[n - 2] &lt;&lt; 8) + t[n - 1],
        i += l[e &gt;&gt; 10],
        i += l[e &gt;&gt; 4 &amp; 63],
        i += l[e &lt;&lt; 2 &amp; 63],
        i += &quot;=&quot;),
        o.push(i),
        o.join(&quot;&quot;)
}
function K(t, e, n, r) {
    for (var i = 0; i &lt; r &amp;&amp; !(i + n &gt;= e.length || i &gt;= t.length); ++i)
        e[i + n] = t[i];
    return i
}
function W(t) {
    for (var e = [], n = 0; n &lt; t.length; ++n)
        e.push(255 &amp; t.charCodeAt(n));
    return e
}
function t_(t, e, n, r) {
    return K(W(e), t, 0, r)
}
function f(e, n) {
    var r = e.length;
    t = new Uint8Array(r);
    var i = t_(t, e, n, r);
    return t
}
function v_(n) {
    return n_(encodeURIComponent(n)[&quot;replace&quot;](/%([0-9A-F]{2})/g, function (a, n) {
        return String[&quot;fromCharCode&quot;](&quot;0x&quot; + n)
    }))
}
function k_(a, n) {
    //n || (n = s()),
    a = a[&quot;split&quot;](&quot;&quot;);
    for (var t = a[&quot;length&quot;], e = n[&quot;length&quot;], r = &quot;charCodeAt&quot;, i = 0; i &lt; t; i++)
        //a[i] = m_(a[i][r](0) ^ n[(i + 10) % e][r](0));
        a[i] = String[&quot;fromCharCode&quot;](a[i][r](0) ^ n[(i + 10) % e][r](0));
    return a[&quot;join&quot;](&quot;&quot;)
}
function getAnalysis (synct, url, p_str) {
    var g = new Date() - 1000 * synct;
    var e = new Date() - g - 1515125653845;
    var S = 1;
    var palist = [];
     for (var key in p_str) {
        palist.push(p_str[key])
    }
    var mm = palist[&quot;sort&quot;]()[&quot;join&quot;](&quot;&quot;);
    m_0 = v_(mm);
    m_1 = m_0 + &quot;@#&quot; + url.replace(&quot;https://api.xxxxx.cn&quot;, &quot;&quot;);
    m_2 = m_1 + &quot;@#&quot; + e;
    m_3 = m_2 + &quot;@#&quot; + S;
    var b = &quot;00000008d78d46a&quot;;
    return v_(k_(m_3, b))
}
&quot;&quot;&quot;

def handle(params, url_start):
    headers = {
        &quot;Accept&quot;: &quot;text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3&quot;,
        &quot;Accept-Encoding&quot;: &quot;gzip, deflate, br&quot;,
        &quot;Accept-Language&quot;: &quot;zh-CN,zh;q=0.9&quot;,
        &quot;Cache-Control&quot;: &quot;max-age=0&quot;,
        &quot;Connection&quot;: &quot;keep-alive&quot;,
        &quot;Host&quot;: &quot;www.xxxxx.cn&quot;,
        &quot;If-Modified-Since&quot;: &quot;Mon, 09 Dec 2019 11:03:14 GMT&quot;,
        &quot;If-None-Match&quot;: &#039;W/&quot;5dee29f2 - be2&quot;&#039;,
        &quot;Referer&quot;: &quot;https://www.xxxxx.cn/&quot;,
        &quot;User-Agent&quot;: &quot;Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36&quot;
    }
    resp = requests.get(&#039;https://www.xxxxx.cn/rank&#039;, headers=headers)
    t = resp.cookies.get_dict()
    synct = t.get(&#039;synct&#039;)

def getanaly(synct, url, params):
        ctx = execjs.compile(js_xxxxx)
        new_pwd = ctx.call(&quot;getAnalysis&quot;, synct, url, params)
        return new_pwd

analysis = getanaly(synct, url_start, params)
    headers_sub = {
        &quot;Accept&quot;: &quot;application/json, text/plain, */*&quot;,
        &quot;Accept-Encoding&quot;: &quot;gzip, deflate, br&quot;,
        &quot;Accept-Language&quot;: &quot;zh-CN,zh;q=0.9&quot;,
        &quot;Connection&quot;: &quot;keep-alive&quot;,
        &quot;Host&quot;: &quot;api.xxxxx.cn&quot;,
        &quot;Origin&quot;: &quot;https://www.xxxxx.cn&quot;,
        &quot;Sec-Fetch-Mode&quot;: &quot;cors&quot;,
        &quot;Sec-Fetch-Site&quot;: &quot;same-site&quot;,
        &quot;User-Agent&quot;: &quot;Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36&quot;
    }

params[&#039;analysis&#039;] = analysis
    url = url_start + &#039;?&#039;
    res = requests.get(url=url, headers=headers_sub, params=params)
    return res.json()

url_start = &quot;https://api.xxxxx.cn/rank/index&quot;
time_now = datetime.datetime.now().strftime(&#039;%Y-%m-%d&#039;)
params = {
 &quot;brand&quot;: &quot;free&quot;,
 &quot;country&quot;: &quot;cn&quot;,
 &quot;genre&quot;: &quot;5000&quot;,
 &quot;device&quot;: &quot;iphone&quot;,
 &quot;date&quot;: str(time_now),
 &quot;is_rank_index&quot;: 1
}
params[&quot;page&quot;] = 1
json_return = handle(params, url_start)
page = json_return[&quot;maxPage&quot;]
for i in range(int(page) - 1):
 params = {
 &quot;brand&quot;: &quot;free&quot;,
 &quot;country&quot;: &quot;cn&quot;,
 &quot;genre&quot;: &quot;5000&quot;,
 &quot;device&quot;: &quot;iphone&quot;,
 &quot;date&quot;: str(time_now),
 &quot;is_rank_index&quot;: 1
 }
 params[&quot;page&quot;] = i + 2
 json_return = handle(params, url_start)
 print(json_return)
 quit()
</code></pre>

某麦数据 API 接口关键参数 analysis 逆向分析

声明

分析过程

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

【Python】Python实现DES加密解密

【网络安全】phpMyAdmin 4.0.x—4.6.2 远程代码执行漏洞（CVE-2016-5734）

宝塔面板 + OLAindex + onedrive 搭建私人网盘

【网络安全】Webug4.0 万能密码登录

欢迎使用 Typecho

【网络安全】Pikachu 靶场之暴力破解实战（token防爆破）

【Golang】UDP协议通信

【Golang】优雅的实现协程

【Python】盗版小说网站爬虫上千线程快速爬取顺序存储

宝塔面板 + OLAindex + onedrive 搭建私人网盘

某麦数据 API 接口关键参数 analysis 逆向分析

声明

分析过程

发表评论 取消回复 使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

某麦数据 API 接口关键参数 analysis 逆向分析

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款