解决方案:股市数据采集js逆向解决hexin
优采云 发布时间: 2022-11-14 12:55解决方案:股市数据采集js逆向解决hexin
此记录扣除了 JS 核心算法
爬行思路:
1. 找到请求正文并获取数据链接
2.带上请求正文尝试请求并研究请求情况(cookie将过期一段时间)。
3.尝试要求身体状况来解决问题
4. 开始反向挂钩所需的核心请求正文
5.不断调试和扣JS代码
6.获取数据后,考虑失败后如何自动更新
找到请求正文:
数据
嵌套在多层中,最后可以在数据中看到内容请求网址
:请求网址
尝试请求:
启用数据和标头:
data = {
"question":"20221030涨停",
"perpage":50,
"page":1,
"secondary_intent":"",
"log_info":{"input_type":"typewrite"},
"source":"Ths_iwencai_Xuangu",
"version":"2.0",
"query_area":"",
"block_list":"",
"add_info":{
"urp":{
"scene":1,
"company":1,
"business":1
},
"contentType":"json",
"searchInfo":True
},
"rsh":"Ths_iwencai_Xuangu_xdoaiz62bgbofsagvw5mfuwnxmdl7mto",
}
headers = {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36",
"Content-Type": "application/json",
"Referer": "http://www.iwencai.com/unifiedwap/result?w=20221030%E6%B6%A8%E5%81%9C",
"cookie": f"v={hexin_v}",
}
resp = requests.post(url=url,data=json.dumps(data),headers=headers).text
print(resp)
尝试请求正文以获取问题:
仔细观察 cookie,再加上测试,发现 cookie 中的参数可以减少,最终只剩下 v=
然后,V
后面的数据和Hexin-V一模一样,可以得出拼接起来检测的结论,然后测试还发现,用heixn-v可以不用cookie请求,这样就可以理解请求的原理了,解法就是heixn-v
反向挂钩所需的核心请求正文:
这适用于钩子请求标头,当找到 hexin-v 时会捕获该标头:
func_ = window.XMLHttpRequest.prototype.setRequestHeader;
window.XMLHttpRequest.prototype.setRequestHeader = function(name,value){
if (name === "hexin-v"){
debugger
}
return func_.apply(this,[name,value]);
}
//将代码复制到浏览器,接着再次点击请求
查找核心算法实现:
上层是实现原理:
然后从代码中验证 rt.update 是 hexin-v 的来源
将生成的放入请求中,请求成功
然后找到核心RT并扣上代码!!!(耐心创造奇迹)。
法典:
//var TOKEN_SERVER_TIME = 1667085000.423;
var document = {}
var window = {}
second = [1, "", 0, "he", "ad", 29, "\x180G\x1f", "?>=a", "\u2574\u253c\u257d\u2530\u2575\u2539\u257c\u2533\u257d\u2522\u256e\u2521\u2560\u2524\u2561\u2525", "CHAMELEON_LOADED"]
var r, e, a , n;
r = e = a = n = first;
var u, c, s , t;
u = c = s = t = second;
function serverTimeNow(){
return parseInt(TOKEN_SERVER_TIME);
}
function v() {
var n = arguments[s[0]];
if (!n)
return r[0];
for (var t = u[1], o = a[1], i = c[2]; i < n.length; i++) {
var v = n.charCodeAt(i)
, f = v ^ o;
o = v,
t += e[2].fromCharCode(f)
}
return t
}
function ot() {
var n, t, e , c;
n = t = e = c = second;
var a, o, i , r;
a = o = i = r = first;
var u = arguments[a[52]];
if (!u)
return o[0];
for (var s = a[0], v = n[267], f = o[200], l = t[2]; l < u.length; l++) {
var p = u.charCodeAt(l);
f = (f + t[0]) % v.length,
p ^= v.charCodeAt(f),
s += i[2].fromCharCode(p)
}
return s
}
var qn = function() {
var n, t, r , a;
n = t = r = a = first;
var e, o, i , s;
e = o = i = s = second;
var u = o[15]
, c = o[102]
, f = e[103];
function l(r) {
var a = o[102]
, i = e[103];
this[n[76]] = r;
for (var u = t[52], c = r["length"]; u < c; u++)
this[u] = t[52]
}
l.prototype.toBuffer = function() {
for (var a = "base_f", u = this["base_fileds"], c = [], s = -e[0], v = o[2], f = u[r[56]]; v < f; v++)
for (var l = this[v], p = u[v], d = s += p; c[d] = l & parseInt(t[77], n[78]),
--p != r[52]; )
--d,
l >>= parseInt(n[79], i[106]);
return c
};
l.prototype.decodeBuffer = function(n) {
for (var r = e[8], a = this[ot(e[108], e[109])], o = t[52], u = e[2], s = a[c + r + f]; u < s; u++) {
var v = a[u]
, l = i[2];
do {
l = (l t[52]);
this[u] = l >>> i[2]
}
};
return l;
}()
function at() {
<p>
var n, t, r;
n = t = r = u;
var a, o, i;
a = o = i = e;
var c = arguments[o[52]];
if (!c)
return t[1];
for (var s = o[0], v = o[1], f = a[52]; f < c.length; f++) {
var l = c.charCodeAt(f)
, p = l ^ v;
v = v * f % n[222] + o[200],
s += i[2].fromCharCode(p)
}
return s
}
var zn
!function(n) {
var t = s[13]
, o = c[53]
, i = r[83]
, f = r[84]
, l = s[110]
, d = r[85]
, h = r[86];
function g(n, a, o, i, u) {
for (var c = s[13], v = r[87], f = n[s[111]]; a < f; )
o[i++] = n[a++] ^ u & parseInt(c + v + t + "11", r[88]),
u = ~(u * parseInt(e[89], e[82]))
}
function w(n) {
for (var t = c[112], i = r[52], v = n[s[111]], f = []; i < v; ) {
var l = n[i++] parseInt(e[90], e[82])), m.charAt(l >> parseInt(s[114], e[78]) & parseInt(a[91], r[88])), m.charAt(l >> u[59] & parseInt("6" + o, a[78])), m.charAt(l & parseInt(a[92], u[113])))
}
return f.join(e[0])
}
for (var m = at(u[115], s[116]), I = {}, y = u[2]; y < parseInt(i + "0", e[93]); y++)
I[m.charAt(y)] = y;
function O(n) {
var t, r, e;
t = r = e = s;
var o, i, u;
o = i = u = a;
for (var c = ot(i[94]), l = e[2], p = n[o[56]], d = []; l < p; ) {
var h = I[n.charAt(l++)] > parseInt(t[121], r[122]) & parseInt(f + b + c, t[106]), h & parseInt(o[96], u[88]))
}
return d
}
function D(n) {
var t = O(n);
if (rn,
p,
t[r[52]] != h)
return error = T + B + l,
void 0;
var a = t[c[0]]
, o = [];
return g(t, +parseInt(e[79], c[122]), o, +u[2], a),
x(o) == a ? o : void 0
}
function x(n) {
var t = o;
t = Vn;
for (var e = c[2], i = a[52], u = n[c[111]]; i < u; i++)
e = (e >= o[52];
return c
}
function getBrowserFeature() {
return 3812;
}
function getPlatform() {
return 7;
}
function getBrowserIndex(){
return 10;
}
function getPluginNum(){
return 5;
}
function timeNow(){
return time = s[52].now(),
time / parseInt(c[131], a[88]) >>> c[2]
}
var En = a[8]
var An = v(a[35], s[49])
var Vn = 0
var Un = s[63]
var rt={};
!function(n) {
var t = e[87], o = a[8], i = e[8], f = s[215], l = r[52], p = s[0], d = parseInt(c[216], u[122]), h = e[86], g = u[217], w = u[123], m = e[165], I = parseInt(t + En, c[122]), y = parseInt(a[79], a[82]), _ = c[218], C = parseInt(a[193], e[82]), E = parseInt(o + i, r[78]), A = parseInt(u[219], s[122]), b = parseInt(f + An, s[106]), T = parseInt(r[194], s[106]), B = parseInt(ot(s[220], e[195]), r[82]), R = parseInt(e[196], u[122]), k = parseInt(e[197], a[78]), S;
function P() {
var n = s[0]
, t = r[88]
, e = parseInt(u[13], c[122])
, a = s[217];
S = new qn([a, a, a, a, n, n, n, e, t, t, t, t, t, t, t, a, t, n]);
S[p] = serverTimeNow();
M(),
S[B] = Vn;
S[k] = Un;
S[R] = c[2];
S[h] = strhash();
S[b] = getBrowserFeature();
S[g] = getPlatform();
S[w] = getBrowserIndex();
S[m] = getPluginNum();
}
function M() { //阅读后发现可以偷懒没直接使用random返回
S[l] = Math.random() * parseInt(u[141], r[78]) >>> r[52]
}
function O() {
S[R]++,
S[p] = serverTimeNow(),
S[d] = timeNow(),
S[B] = Vn,
S[I] = 0,
S[y] = 0,
S[_] = 0,
S[C] = 0,
S[E] = 0,
S[A] = 0;
var n = S.toBuffer();
console.log(n);
return zn.encode(n)
}
//n[e[57]] = P;
P();
function D() {
return O()
}
n["update"] = D
}(rt);
result = rt.update();
console.log(result);</p>
扣除 js 时还发现 TOKEN_SERVER_TIME = 1667085000.423;系统时间会发生变化,因此如果需要长时间使用,则需要更新
失败的结果:
蟒蛇代码:
如何申请
为了获取那个系统时间,请求失败返回的代码可以看到一个JS链接,然后请求这个链接获取JS代码,从而拦截并保存到TXT文件中
<p>def update_time():
global hexin_v
token_time_url = requests.post(url=url,headers = headers,data=json.dumps(data)).text
url_js = re.compile('
