py每日spider案例之某website之登录接口(AES+MD5)
逆向参数:
加密位置:
AES密钥是从服务器返回:
CryptoJS=require('crypto-js')
function E(e, t, n) {
var r = CryptoJS.enc.Utf8.parse(t)
, o = CryptoJS.enc.Utf8.parse(n)
, a = CryptoJS.AES.encrypt(e, r, {
iv: o,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
})
, i = a.toString();
return i
}
function md5(params){
return CryptoJS.MD5(params).toString()
}
e={
"country_code": "86",
"username": "123456",
"password": "123456789"
}
p='a6459365fb4fec734bd8f6899055865e'
i='54d92ed5e010cfad'
usrname=E(e.username, p, i)
passwd=E(md5(e.password),p,i)
console.log(usrname,passwd);
密钥接口:
import requests
headers = {
"accept": "*/*",
"accept-language": "zh-CN,zh;q=0.9",
"cache-control": "no-cache",
"content-length": "0",
"content-type": "application/json; charset=utf-8",
"csrf-token": "5V3ASMrC-MSus--cGPjYtpsRMfQGf1OIX4wY",
"origin": "https://hotel.ocyuan.com",
"pragma": "no-cache",
"priority": "u=1, i",
"referer": "https://hotel.ocyuan.com/login",
"sec-ch-ua": "\"Google Chrome\";v=\"137\", \"Chromium\";v=\"137\", \"Not/A)Brand\";v=\"24\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-origin",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36",
"x-b3-flags;": "",
"x-b3-parentspanid;": "",
"x-b3-sampled;": "",
"x-b3-spanid;": "",
"x-b3-traceid;": "",
"x-ot-span-context;": "",
"x-request-id;": "",
"x-requested-with": "XMLHttpRequest",
"x-ty-referer": "/login"
}
cookies = {
"router-prefix": "",
"gTyPlatLang": "zh",
"locale": "zh",
"fast-sid": "l71RIaX2onXaGAHQPWT-UN6wtkByxMxr",
"_tpmGuid": "TY-2a9e0b8110ee65ea",
"_tpmSeqId": "seq_id_cc8904809058ec0c",
"csrf-token": "eqB6A9Dj-5sAdiAxtxoy6wByWi_0LzSVNffI",
"csrf-token.sig": "icFHnld-ZT5IsiHn7Ax3hHwquKk"
}
url = "https://hotel.ocyuan.com/v2/api/hotel/secret-key"
response = requests.post(url, headers=headers, cookies=cookies)
print(response.text)
print(response)
登录接口:
import requests
import json
headers = {
"accept": "*/*",
"accept-language": "zh-CN,zh;q=0.9",
"cache-control": "no-cache",
"content-type": "application/json; charset=utf-8",
"csrf-token": "5V3ASMrC-MSus--cGPjYtpsRMfQGf1OIX4wY",
"origin": "https://hotel.ocyuan.com",
"pragma": "no-cache",
"priority": "u=1, i",
"referer": "https://hotel.ocyuan.com/login",
"sec-ch-ua": "\"Google Chrome\";v=\"137\", \"Chromium\";v=\"137\", \"Not/A)Brand\";v=\"24\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-origin",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36",
"x-b3-flags;": "",
"x-b3-parentspanid;": "",
"x-b3-sampled;": "",
"x-b3-spanid;": "",
"x-b3-traceid;": "",
"x-ot-span-context;": "",
"x-request-id;": "",
"x-requested-with": "XMLHttpRequest",
"x-ty-referer": "/login"
}
cookies = {
"router-prefix": "",
"gTyPlatLang": "zh",
"locale": "zh",
"fast-sid": "l71RIaX2onXaGAHQPWT-UN6wtkByxMxr",
"_tpmGuid": "TY-2a9e0b8110ee65ea",
"_tpmSeqId": "seq_id_cc8904809058ec0c",
"csrf-token": "3JZQ5ASx-Xemm0bgfhxQ3nRd8jKkO6zzjRtI",
"csrf-token.sig": "rOQJ3srLIp6-jNC4-TVJi-AF-90"
}
url = "https://hotel.ocyuan.com/v3/api/hotel/login"
data = {
"country_code": "86",
"username": "4qX3IUJtPXRRbCeUpaK/sQ==",
"password": "PhcdT3t2Rpn83aXD9ZEavRYR88o53F1C51wQ0diEXrZp7zx/Dl/0twS/wEoG4rEc",
"secret_key_id": "52e8fe69-3d7a-4b6d-ac53-b5230ef52e0d",
"secure_key": "{\"verifyId\":\"v_EVoY1s1iGnAgOLOAuEvDPYjg1ofZE0zt\",\"challenge\":\"s_3WTB0DtGMIcsMM8XcY9l17WHFGJjudxP\",\"validate\":\"captcha_rCQfexPrl8ZUTl7UyB3YWGng3oopBOKP\"}",
"current_domain": "hotel.ocyuan.com"
}
data = json.dumps(data, separators=(',', ':'))
response = requests.post(url, headers=headers, cookies=cookies, data=data)
print(response.text)
print(response)
浙公网安备 33010602011771号