python爬蟲js逆向

小髒辮兒發表於2019-09-22

js逆向要想是想,要非常熟悉web的執行流程,針對不同網站,有不同的思路,這個部落格是針對人人直播的一個爬取,先直接上程式碼,然後在講解,

import requests
import js2py
import json

headers = {
    "User-Agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1",
}

session = requests.session()

context = js2py.EvalJs()

phoneNum = "*********"
password = "******"

context.t = {
    "phoneNum":phoneNum,
    "password":password,
    "c1":-100
}

response = session.get("http://activity.renren.com/livecell/rKey",headers=headers)
result = json.loads(response.content.decode('utf-8'))
context.n = result["data"]

with open('BigInt.js','r',encoding='utf-8') as f:
    context.execute(f.read())

with open('Barrett.js','r',encoding='utf-8') as f:
    context.execute(f.read())

with open('RSA.js','r',encoding='utf-8') as f:
    context.execute(f.read())

js = '''
t.password = t.password.split("").reverse().join("")
setMaxDigits(130)
var o = new RSAKeyPair(n.e,"",n.n)
var r = encryptedString(o, t.password)
t.password = r
t.rKey = n.rkey
'''
context.execute(js)

# 模擬登入
data = {
    "c1":context.t.c1,
    "password":context.t.password,
    "phoneNum":context.t.phoneNum,
    "rKey":context.t.rKey
}
response=session.post("http://activity.renren.com/livecell/ajax/clog",headers=headers,data=data)




with open('13-test.html','wb') as f:
    f.write(response.content)

賬號密碼自己註冊一個,別想著直接用啊,
context = js2py.EvalJs(),這個函式的運用要靈活,
所有的js檔案都需要自己在瀏覽器上尋找的,這也是最膈應人的,經常性的看的我老眼昏花,
大概步驟:
訪問頁面,拿到js,讀取寫入,在ide中執行,獲取自己構造請求的真實資料,傳送請求

相關文章