我在校园吗?
科技日新月异的当下,时刻需要我们,,,校园激起了我的学习欲望
行动代号SchoolDays
我在校园吗?
工具Python,Fiddler
下载安卓Fiddler,并完成基本设置。
打开fiddler的Captuer Traffic 开始抓包
1,在电脑上打开小程序我校园
无干预情况下,小程序会自动调用微信认证,但我们本地控制本地断网(此步骤有点扯淡)可以卡出一个经由账号密码登录的界面。
在fiddler界面会有有一个url为https://gw.wozaixiaoyuan.com/basicinfo/mobile/login/username 的请求。在insperctors界面可看见自己本人无加密的明文登录请求。
2,设置fiddler短点automatic breakpoints before requests
手动进行数据提交,会在fiddler看见url为https://student.wozaixiaoyuan.com/health/save.json 的请求 数据无加密 这里以健康打卡为例
可在inspectors 下的webforms下看见data数据
3,编写python代码
import json
import logging
import requests, time, random
import smtplib
import time
from email.mime.text import MIMEText
from email.utils import formataddr
logger = logging.getLogger()
logger.setLevel(logging.INFO)
def get_status(self):
if self['code'] == 0:
return "Sucessful"
elif self['code'] == 1:
return "Time Wrong"
elif self['code'] == -10:
return "···Token已失效"
else:
return "!!!发生未知错误"
class answer:
def __init__(self):
self.my_sender = 'XX'
self.my_pass = 'XX'
self.my_user = 'XX'
username='XX'
password='XX'
header = {
"Host": "student.wozaixiaoyuan.com",
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "en-us,en",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat",
"Content-Length": "360",
}
loginUrl = "https://gw.wozaixiaoyuan.com/basicinfo/mobile/login/username"
data = "{}"
session = requests.session()
url = loginUrl + "?username=" + username + "&password=" + password
respt = session.post(url, data=data, headers=header)
res = json.loads(respt.text)
if res["code"] == 0:
print("登陆成功")
jwsession = respt.headers['JWSESSION']
else:
print(res)
print('登录失败')
self.api = "https://student.wozaixiaoyuan.com/health/save.json"
self.headers = {
"Host": "student.wozaixiaoyuan.com",
"Content-Type": "application/x-www-form-urlencoded",
"Accept-Encoding": "gzip, deflate, br",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat",
"Referer": "https://servicewechat.com/wxce6d08f781975d91/186/page-frame.html",
"Content-Length": "360",
"JWSESSION": str(jwsession),
}
temperature=self.get_random_temprature()
self.data = {
"answers":["0","XXX","XXX","XXX",temperature,"没有","1","1","2"],
"latitude":'XXX',
"longitude":'XXX',
"country":'中国',
"city":'XXX',
"district":'XXX',
"province":'XXX',
"township":'XXX',
"street":"XXX",
"areacode":'XXX',
"towncode":'XXX',
"citycode":'XXX',
}
def get_random_temprature(self):
random.seed(time.ctime())
return "{:.1f}".format(random.uniform(36.2, 36.7))
def run(self):
datatime=time.time()
self.data["timestampHeader"]=int(datatime)
res = requests.post(self.api, headers=self.headers, data=self.data, ).json()
print(res)
try:
msg = MIMEText(get_status(res), 'plain', 'utf-8')
msg['From'] = formataddr(["schooldays", self.my_sender])
msg['To'] = formataddr(["tset", self.my_user])
msg['Subject'] = get_status(res)
server = smtplib.SMTP_SSL("smtp.qq.com", 465)
server.login(self.my_sender, self.my_pass)
server.sendmail(self.my_sender, [self.my_user, ], msg.as_string())
server.quit()
except Exception:
res = False
return True
if __name__ == "__main__":
answer().run()
def main_handler(event, context):
logger.info('got event{}'.format(event))
return answer().run()
中间有行代码是在以账号密码登录后,在获取JWEssion,为下面数据提交做铺垫
登录代码来源于https://gitee.com/DominicKK/autocheck#4errorcode
学习了一下大佬的代码,自己用fiddler抓了抓健,,卡的包。
本贴仅供学习参考,代码请与24h后删除。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)