网上有很多通过分析pc版本的qq协议来卖qq群发软件或者qq机器人的,想起珊瑚虫的下场就知道触犯了腾讯的利益的下场,大家要注意,做个遵纪守法的攻城狮。
下面是步骤截图:
1.登录http://qun.qzone.qq.com/的网站。
2.打开firebug,获取到连接g_tk的值,如下图:
http://qun.qzone.qq.com/cgi-bin/get_group_list?groupcount=4&count=4&callbackFun=_GetGroupPortal&uin=1758317551&g_tk=2002785566&ua=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20rv%3A25.0)%20Gecko%2F20100101%20Firefox%2F25.0
3.修改var g_tk=2002785566;的值,然后复制代码到firebug的console中
function ajax_request(url,callback,args){ //declare the variable at the top, even though it will be null at first var req = null; //figure out what kind of support we have for the XMLHttpRequest object if (window.XMLHttpRequest){ //modern browsers req = new XMLHttpRequest(); } else { //good ol‘ lousy IE req = new ActiveXObject("Microsoft.XMLHTTP"); }; //setup the readystatechange listener req.onreadystatechange = function(){ //right now we only care about a successful and complete response if (req.readyState === 4 && req.status === 200){ //inject the returned HTML into the DOM if(callback){ callback(req.responseText,args); } }; }; //open the XMLHttpRequest connection req.open("GET",url,true); //send the XMLHttpRequest request (nothing has actually been sent until this very line) req.send(false); //false为同步请求 }; var uin=1758317551; var g_tk=2002785566; get_groups(); function get_groups(){ var url="http://qun.qzone.qq.com/cgi-bin/get_group_list?uin="+uin+"&ua=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20rv%3A24.0)%20Gecko%2F20100101%20Firefox%2F24.0&random=0.029393406423685486&g_tk="+g_tk; ajax_request(url,callback_parse_groups); } function callback_parse_groups(response){ var groups=[]; var re = /groupid":(.*?),"groupname":"(.*?)"}/ig; var arr; while ((arr = re.exec(response)) != null){ var id=arr[1]; var name=arr[2]; var group={}; group.id=id; group.name=name; groups.push(group); var groupid=id; var id=group.id; var name=group.name; get_group_members(id); } } function get_group_members(group){ var url="http://qun.qzone.qq.com/cgi-bin/get_group_member?uin="+uin+"&groupid="+group+"&random=0.7269802233668716&g_tk="+g_tk; ajax_request(url,callback_parse_group_members,group); } function callback_parse_group_members(response,groupid){ var re = /nick":"(.*?)","uin":(.*?)}/ig; var arr; var result=""; var groupmembers=[]; while ((arr = re.exec(response)) != null){ var name=arr[1]; var id=arr[2]; var groupmember={}; groupmember.id=id; groupmember.name=name; groupmember.groupid=groupid; console.info(name+" "+id); } }
4.点击运行即可输出所有获取到的群信息和群成员
利用这种方式可以很方便的处理需要登录的网站的信息,包括https的同理。