声明:
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
逆向分析
部分代码
231滑块准备更新了,普通版本已经全部换最新版,淘系还是用着老版本,我试过用新老版本都可以过淘系,不清楚什么检测逻辑不管先了,最近在疯狂学习app,就先研究了普通231滑块。
headers = {
'accept': 'application/json, text/plain, */*',
'accept-language': 'zh-CN,zh;q=0.9',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'priority': 'u=1, i',
'referer': '',
'sec-ch-ua': '"Not(A:Brand";v="99", "Microsoft Edge";v="133", "Chromium";v="133"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'same-origin',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0',
}
url = "/analyze.jsonp"
cp = execjs.compile(open('./ali231.js','r',encoding='utf-8').read())
n = cp.call('get231')
print(n)
token = ""
params = {
"t": token,
"n": n,
"p": "",
"scene": "nc_other_h5",
"asyn": "0",
"lang": "cn",
"v": "1",
"callback": ""
}
response = requests.get(url, headers=headers, params=params)
# print(response.text)
# print(response)
data = json.loads(re.findall('{.*}',response.text)[0])['result']
print(data)
value =data['value']
csessionid = data['csessionid']
cp1 = execjs.compile(open('pageEncrypt.js','r',encoding='utf-8').read())
phone = ""
pageEncrpt = cp1.call('getEncryptPage',"",phone)
url = "/mobWapPayFeeCheck"
params = {
自己填
}
response = requests.post(url, headers=headers, params=params,cookies=cookies)
print(response.text)
orderNo = response.json()['orderNo']
secstate = response.json()['secstate']
pageEncrpt = cp1.call('getEncryptPage',secstate,phone)
url = "/mobWapPayFeeApply"
params = {
"secstate.state": secstate,
"commonBean.phoneNo": phone,
"pageEncrpt": pageEncrpt
}
response = requests.get(url, headers=headers, cookies=cookies, params=params)
print(response.text)
结果
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
