逆向目标
- 网站:
https://www.fastmoss.com/shop-marketing/tiktok
- 接口:
https://www.fastmoss.com/api/shop/shopList/
- 参数:
fm-sign
逆向分析
我们今天要分析的是店铺排名,先分析网络请求,找到目标接口
按照上图操作Copy as cURL
,将curl
转为 python request
直接分析测试 python
代码,加密点只能是 cookie
或 fm-sign参数
,先来测试 cookie
,代码里直接设置为 None
然后运行依然可以拿到请求结果,说明加密和 cookie
无关,那就只能是 fm-sign
参数了,如下
import requests
headers = {
"fm-sign": "479f735a55570d174198e5c1ce93f515",
"lang": "EN_US",
"priority": "u=1, i",
"referer": "https://www.fastmoss.com/shop-marketing/tiktok",
"region": "US",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36"
}
url = "https://www.fastmoss.com/api/shop/shopList/"
params = {
"page": "1",
"pagesize": "10",
"order": "1,2",
"region": "US",
"_time": "1727184797",
"cnonce": "57869802"
}
response = requests.get(url, headers=headers, cookies=None, params=params)
print(response.json())
逆向过程
搜索关键词 fm-sign