一、2.17登陆爬虫1人人网 分析使用手机端
有两个ajax请求一个get,一个post
rkey和passward
密码是js加密
js解析 过程1.通过initlator列看谁触发了这个请求2.搜索关键字3.Eventlistener,通过元素绑定的时间监听找到js文件定位js文件找到关键js代码模拟重现js2py:/pyv8创建js执行环境加载js文件使用requests模块js=requests.get().content.decode()context.execute(js) # encoding:utf-8"""需求:使用python模拟登陆人人网这里是通过手机端抓包分析1.创建一个login类2.使用session保存cookies3.创建headers4.使用get请求获取rkey5.模拟js文件对密码进行加密6.封装post的data7.发送post请求8.验证登陆情况"""import requestsimport js2pyimport json# 1.创建一个login类class Login(object): def __init__(self,usename,password):# 2.使用session self.session = requests.session()# 3.创建headers self.headers = { "User-Agent": "Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/合适的镜子) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4040.5 Mobile Safari/537.36", "Referer": "http://activity.renren.com/livecell/log?c1=-100&c2=&c3=&c4=&from_uid=&isFull=&QRCodeRecharge=", "Cookie": "anonymid=k6oosjesp8yg78; depovince=GW; _r01_=1; ick_login=0fa8c0b3-2af0-4aab-a64d-442d9a0c444b; taihe_bi_sdk_uid=1b955e0c05f02a12f72b0b6ba1ba7b9a; taihe_bi_sdk_session=2d4fc17e745e910859ed75b8a088a926; first_login_flag=1; ln_uact=15274981840; ln_hurl=http://head.xiaonei.com/photos/0/0/women_main.gif; jebe_key=d97606ea-4077-4fe5-9c14-8e7fdf983d40%7C73a8c8b55e9d2fc6ee645755e392d637%7C1581858934155%7C1%7C1581858934120; loginfrom=syshome; ick=8b729f9d-b548-4a31-94d6-89bf940e85fe; __utma=151146938.314196357.1581860047.1581860047.1581860047.1; __utmc=151146938; __utmz=151146938.1581860047.1.1.utmcsr=renren.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utmb=151146938.1.10.1581860047; _de=274873309A1DE248A26C34AD3C012A9F; jebecookies=441797e1-4dd5-423c-a16c-3417ab097422|||||; _ga=GA1.2.314196357.1581860047; _gid=GA1.2.939470823.1581861296; Hm_lvt_07f79d4628d137beb4c64984faf7a207=1581861296; Hm_lpvt_07f79d4628d137beb4c64984faf7a207=1581861296; _c1=-100; JSESSIONID=DB0C217FC2DEAB699CAC14778B4A80F7" }# 3.1保存headers self.session.headers = self.headers self.usename = usename self.password = password# 4.使用get请求获取rkey def get_key(self): self.respone = self.session.get("http://activity.renren.com/livecell/rKey") # print(respone.content.decode())# request返回的数据一定要加content# 5.模拟js文件对密码进行加密 def encrypt(self): self.content = js2py.EvalJs() # 获取js文件 self.content.n = json.loads(self.respone.content)['data'] # 转成字典 self.content.t ={"password":self.password} js = '''t.password = t.password.split("").reverse().join(""), setMaxDigits(130); var o = new RSAKeyPair(n.e,"",n.n) , r = encryptedString(o, t.password);''' # 加载四个js文件,其中前三个使用字符串拼接 for i in ['Barrett.js','BigInt.js','RSA.js', js]: if i == js: result = js else: result = self.session.get("http://s.xnimg.cn/a85738/wap/mobile/wechatLive/js/" + i).content.decode() self.content.execute(result)# 6.封装post的data def post(self): self.data={ "phoneNum": self.usename, "password": self.content.r, "c1": "-100", "rKey":self.content.n.rkey, }# 7.发送post请求 response = self.session.post("http://activity.renren.com/livecell/ajax/clog",data=self.data) print(response.content.decode()) # 运行函数 def run(self): self.get_key() self.encrypt() self.post()# 8.验证登陆情况if __name__ == '__main__': username = input('请输入你的账号') password = input('请输入你的密码') login = Login(username, password) login.run()