这几天查询了下Python3 的语法和一些类库,刚好也发现了公司oa通讯录 一些隐藏的后门0.0
于是果断拿起来当练手项目了
首先先用开发者工具F12爬到OA 网站 MSS action的URL地址
url = 'http://mss.xxxx.com/lbsp/BaseAction.action'
获取headers
headers = {"Content-Type": "application/json;charset=utf-8",
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0',
'Server':'Apache-Coyote/1.1',
'Transfer-Encoding':'chunked'}
获取Post Data
data = {'type':'contactsInfo','act':'getSearchUser','dounid':'%25E7%258E%258B%25E5%25AE%259D%25E5%25A9%25B7'}
发起post请求
test=requests.post(url,data=data,cookies = cookies,headers = headers)
print (test.text)
jsonStr = test.text
唔...结果返回值却不如意:
{"exceptionMsg":"会话对象为空,可能为会话已经过期!","exceptionType":"01"}
会话对象为空,可能为会话已经过期!
根据提示,可能是cookies没加入
测试了下网页模拟post请求 添加cookie 发现需要带个cookie0.0
cookies={}#初始化cookies字典变量
info_cookies ='JSESSIONID=4675FE422A936A3C1BEDCEA97D3E5945; usergoodsUnid=8214275298AE1C0A0D319FD5F9E56C1C; ys-lbspuserName=s%3Awdwdfi'
for line in info_cookies.split(';'):
name,value=line.strip().split('=',1)
cookies[name]=value #为字典cookies添加内容
方法很土0.0 吐槽也就认了,添加cookie,返回 json 串
test=requests.post(url,data=data,cookies = cookies,headers = headers)
{"user_unid":"3F07A2EE9A85C990CDE8E1C8577813CE","user_sort":"","postname":"软件工程师","user_display_name":"王X琪","user_contact_tel":"151XXXXXX66","user_office_tel":"15XXXXX366","user_ext_num":"","user_mail":"whuaiqi@XXXwell.com","user_personphoto":"uploadPhoto/userphoto/3F07A2EE9A85C990CDE8E1C8577813CE.jpg","user_dept_sort":""}
jsonStr = test.text
ok,解析json 串
data = json.loads(jsonStr)
if 'exceptionMsg' in data:
print (data.get('exceptionMsg'))
return False
for i in range(0,len(data)):
#{"user_unid":"37F03B0F7A5C7492069C6D9A22A61E36",
# "user_sort":"1","postname":"集团董事长兼集团总裁",
# "user_display_name":"吴雄",
# "user_contact_tel":"13*****7666",
# "user_office_tel":"0*****66",
# "user_ext_num":"8866",
# "user_mail":"w**@l***ell.com",
# "user_personphoto":"uploadPhoto/userphoto/37F03B0F7A5C7492069C6D9A22A61E36_11.jpg",
# "user_dept_sort":"1"}
if len(data[i]['user_personphoto'])>=1:
down_img(data[i]['user_personphoto'],data[i]['user_display_name'],data[i]['user_unid'])
# print ('http://mss.linewell.com/lbsp/'+data[i]['user_personphoto'])
else:
pass
嗯,加个错误json 验证
对对对,你看的没错,我只是为了爬个通讯录.jpg