文章目录
前言
地址:aHR0cHM6Ly93d3cucWltYWkuY24vcmFuaw==
加密类型:base64
一、页面分析
刷新页面,抓包,可以看到有个analysis参数,这就是我们要破解的参数
二、analysis参数获取
1.找加密位置
直接搜发现找不到
从堆栈入手,慢慢找加密位置
2.参数破解
下断点重新加载,这个a就是我们要找的analysis,分析一下,外面嵌套了两个方法p.d和,p.j,传了参数r,y
看下r,y的值,其中y是定值,r是经过加密后的值
然后再看下r未加密时的值,里面有时间跟页数的参数分别是4和5
看下Object(p.d)这个方法,其中I()方法是base64加密,后面的r方法进行字符串的转换
下面这个是Object(p.j)这个方法,直接扣这个方法,没啥难度,其他参数改补的补
三、源码
var window = global;
var CryptoJS = require('crypto-js');
var navigator = {
appCodeName: "Mozilla",
appName: "Netscape",
appVersion: "5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
connection: {onchange: null, effectiveType: "4g", rtt: 100, downlink: 5.5, saveData: false},
cookieEnabled: true,
doNotTrack: null,
geolocation: {},
hardwareConcurrency: 4,
language: "zh-CN",
languages: ["zh-CN", "zh"],
maxTouchPoints: 0,
mediaCapabilities: {},
mediaSession: {metadata: null, playbackState: "none"},
mimeTypes: {},
onLine: true,
permissions: {},
platform: "Win32",
plugins: {},
product: "Gecko",
productSub: "20030107",
userActivation: {hasBeenActive: false, isActive: false},
userAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
vendor: "Google Inc.",
vendorSub: "",
webkitPersistentStorage: {},
webkitTemporaryStorage: {},
javaEnabled: function () {
return false
}
};
window['navigator'] = navigator;
function base64(data) {
var wordArray = CryptoJS.enc.Utf8.parse(data);
var base64_data = CryptoJS.enc.Base64.stringify(wordArray);
return base64_data
}
function i() {
var e = "";
return ["66", "72", "6f", "6d", "43", "68", "61", "72", "43", "6f", "64", "65"].forEach(function (t) {
e += unescape("%u00" + t)
}),
e
}
function d_r(e) {
var t = i();
return String[t](e)
}
function d(e) {
return base64(encodeURIComponent(e).replace(/%([0-9A-F]{2})/g, function (e, t) {
return d_r("0x" + t)
}))
}
function o() {
return unescape("861831832863830866861836861862839831831839862863839830865834861863837837830830837839836861835833".replace(/8/g, "%u00"))
}
function j(e, t) {
t || (t = o()),
e = e.split("");
for (var n = e.length, a = t.length, i = "charCodeAt", s = 0; s < n; s++)
e[s] = d_r(e[s][i](0) ^ t[(s + 10) % a][i](0));
return e.join("")
}
var y = "00000008d78d46a"
, w = "synct"
, b = "syncd"
, _ = "@#"
, S = "analysis"
, k = 703;
function get_analysis(date, page) {
var e = {
baseURL: "https://api.qimai.cn",
url: "/rank/indexPlus/brand_id/1" // 0--付费榜 1--免费榜 2--畅销榜
};
var r = [date, "36", page, "all", "cn", "iphone"];
var n = +new Date - (k || 0) - 1515125653845, a = "";
r = r.sort().join(""),
r = d(r),
r += _ + e.url.replace(e.baseURL, ""),
r += _ + n,
r += _ + 1,
a = d(j(r, y))
return a
}
console.log(get_analysis("2021-01-22", 1))
'''
https://www.qimai.cn/rank
'''
import time
import execjs
import requests
headers = {
'authority': 'api.qimai.cn',
'sec-ch-ua': '"Google Chrome";v="87", " Not;A Brand";v="99", "Chromium";v="87"',
'accept': 'application/json, text/plain, */*',
'sec-ch-ua-mobile': '?0',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36',
'origin': 'https://www.qimai.cn',
'sec-fetch-site': 'same-site',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'empty',
'referer': 'https://www.qimai.cn/',
'accept-language': 'zh-CN,zh;q=0.9',
}
date_str = str(time.strftime('%Y-%m-%d',time.localtime(time.time())))
page = 1
with open('./code.js',encoding='utf8') as f:
js_fun = execjs.compile(f.read())
analysis = js_fun.call('get_analysis',date_str,page)
params = (
('analysis', analysis),
('brand', 'all'),
('country', 'cn'),
('device', 'iphone'),
('genre', '36'),
('date', date_str),
('page', page),
)
response = requests.get('https://api.qimai.cn/rank/indexPlus/brand_id/1', headers=headers, params=params)
print(response.json())