京东秒杀商品抢购-茅台抢购工具的说明和下一步探讨

本帖最后由 qiucx 于 2021-2-14 23:33 编辑

https://www.52pojie.cn/thread-1340718-1-1.html 是京东秒杀商品抢购-茅台抢购工具，主要是分析了网页端抢购的http协议，再用python模拟。但是2021年2月后，京东只限于从app发起抢购，所以，这个工具已经无效了。看到好多朋友还在用这个软件，想提醒一下。

不管app还是网页，茅台的抢购网站都是 https://marathon.jd.com/ ，并且都要路过 https://marathon.jd.com/m/captcha.html https://marathon.jd.com/seckillM/seckill.action https://marathon.jd.com/seckillnew/orderService/init.action https://marathon.jd.com/seckillnew/orderService/submitOrder.action

----------------------------------------
https://marathon.jd.com/seckillnew/orderService/submitOrder.action?skuId=100012043978 HTTP/1.1

Cookie: mid=dC4C9xk_bCF9JVG0qClGYIfCMbb4vXDbunMcBkvP9g0; seckill100012043978=HKoZoHLA4YIAp8zLlMPAlugxJJDxG4jJgIhfSibUpcdp9Qh3PH//fX9COF+BYrIweQnsntytW0Eh8esGFktkOZTINtgSvri9IoCYqgff0w16M5VGuRd/SPeGJEAoMYtvY+uVBRUxk8/CRbShlqobIKU3+r+HfzhyyuiXniGqQaamNDd/cMUt+6FA+hcZPjnFkMNgF9QMByllLywi; seckillSid=; seckillSku=100012043978; pt_key=app_openAAJfxGQVADCUamF_bU4CZZpFgNIs-17nnMlGiZbNxRDCljC4-ucx1oPOuDhscCmMiqRFCLFFnUE; pt_pin=hzchenxuan; pwdt_id=hzchenxuan; sid=4a99f36017dec8e3dd71c97ca9ef609w; mba_muid=1604884012677799294146.52.1606874400871; mba_sid=52.17; __jda=123122771.1604884012677799294146.1604884012.1606813191.1606874264.38; __jdb=123122771.2.1604884012677799294146|38.1606874264; __jdc=123122771; __jdv=123122771%7Ckong%7Ct_1000170135%7Ctuiguang%7Cnotset%7C1606804759288; pre_seq=15; pre_session=18452977c7b8b073262c5cecaf8b6d6bf3d65f21|118; shshshfp=e6e8f922b7455516cd1028821609b3fd; shshshfpa=257aca6b-28c9-bf17-c073-fd9311e16cc4-1604890225; shshshfpb=mEHZKweebckWfQLdZLLdpHA%3D%3D; mt_xid=V2_52007VwMVU1hRW18eSRpbA2EFGlpeUFdaGk4pCFBjA0YCWgpOD0tMGUAANwNBTg5dW1oDHBFVAjUEGwEOXVtdL0oYXwR7AxFOXFhDWhpCGloOYwciUG1aYlkeTxFZAFcBFVFZ; 3AB9D23F7A4B3C9B=UF6VAFQCDAP25CSGXJU7LR6IYMZOQ4XSVNVO4XURULE6QGMIK6ZQNPSEVBASCMXDICO77QPOEGOJUZRCODXXG6WP6I; __jdu=1604884012677799294146; qd_fs=1605315215982; qd_ls=1605315215982; qd_sq=1; qd_ts=1605315215982; qd_uid=KHGZ8C4V-V5UJQF4EJUXGBIOT7H7J; UUID=FA82F5EF-BA9B-40E5-BE59-EAB212925158; deviceId=18452977c7b8b073262c5cecaf8b6d6bf3d65f21; deviceType=iPhone11,6; jdpay_appId=com.360buy.jdmobile; jdpay_appVersion=167422; jdpay_browserId=pay; jdpay_sdkVersion=3.00.20.00; moduleBuildVersion=5; moduleName=JDPaySDK; moduleVersion=3.00.20.00; osPlatform=iOS; BATQW722QTLYVCRD={"tk":"jdd01GM47TGODOM7YZ23K3DZASK4JWNIHXWC5JV7SJHCV5MDMOHWHCBPSCBXO6OKW5JV6FSBZYPDPX5JEERVQHMPANME3WUSARGJ4TT6OPBQ01234567","t":1605107554723}; __wga=1605089797483.1605089797483.1605026534809.1605026534809.1.2; cid=8; retina=1; sc_width=414; visitkey=5684448630764332; webp=0
---------------------------------------------------
最终抢购连接所需的关键参数是 mid 和 seckill100012043978，查看后， 参数是从https://un.m.jd.com/cgi-bin/app/appjmp?tokenKey=AAEAME8P-wtLKtsGpEqNiw-6xCC8dv_0SgqKgEm7Yer_qNqvPqQqhjijK3OvFbhzDA9e3w1&lbs=%7B%22cityId%22%3A%22%22%2C%22districtId%22%3A%22%22%2C%22provinceId%22%3A%22%22%2C%22districtName%22%3A%22%22%2C%22lng%22%3A%22120.217248%22%2C%22provinceName%22%3A%22%22%2C%22lat%22%3A%2230.250230%22%2C%22cityName%22%3A%22%22%7D&to=https%3A%2F%2Fdivide.jd.com%2Fuser_routing%3FskuId%3D100012043978%26from%3Dapp 获取的返回值：

999999999999999999999999999999999999999
Set-Cookie: pt_key=app_openAAJfxGQVADCUamF_bU4CZZpFgNIs-17nnMlGiZbNxRDCljC4-ucx1oPOuDhscCmMiqRFCLFFnUE; EXPIRES=Fri, 01-Jan-2021 02:00:03 GMT; PATH=/; DOMAIN=.jd.com; HTTPONLY
Set-Cookie: pt_pin=hzchenxuan; EXPIRES=Fri, 01-Jan-2021 02:00:03 GMT; PATH=/; DOMAIN=.jd.com; HTTPONLY
Set-Cookie: pwdt_id=hzchenxuan; EXPIRES=Fri, 01-Jan-2021 02:00:03 GMT; PATH=/; DOMAIN=.jd.com
Set-Cookie: sid=4a99f36017dec8e3dd71c97ca9ef609w; EXPIRES=Fri, 01-Jan-2021 02:00:03 GMT; PATH=/; DOMAIN=.jd.com
Location: https://divide.jd.com/user_routing?skuId=100012043978&from=app&mid=dC4C9xk_bCF9JVG0qClGYIfCMbb4vXDbunMcBkvP9g0&lng=120.217248&lat=30.250230&sid=4a99f36017dec8e3dd71c97ca9ef609w&un_area=15_1213_3408_59963
Cache-control: private
----------------------------------

编辑一：
这个tokenkey是从这里来的：

POST https://api.m.jd.com/client.action?functionId=genToken HTTP/1.1
Host: api.m.jd.com
Content-Type: application/x-www-form-urlencoded
Accept: */*
Connection: keep-alive
Cookie: pin=hzchenxuan;wskey=AAJfydZIAECwQOkjI41-i1ogrGZdcBRBF8myyk9Q3oUw67lJPJcD9hkp-fMmEsUKiLVzsR_sCKP06TOriSPiC15x8z8j3XoM;whwswswws=zIITnWvdguD/nuiQpCbACiNtuzQyJjogrH934h4X+80tnvAsz71WLS3DmBUgfaMk3Z782MQTfHJ61yNC1Omhdrg==;unionwsws={"jmafinger":"zIITnWvdguD/nuiQpCbACiNtuzQyJjogrH934h4X+80tnvAsz71WLS3DmBUgfaMk3Z782MQTfHJ61yNC1Omhdrg==","devicefinger":"eidIa2008120ads7zvQvZ34tSP6NlapQs14bUc70MN0ot6m7j8qUX/vVDIDC9hTjUn+I4jE0E5Up/P4YQ11audrSLI1BuAEQl9mOnz7ZXlsCCLj80EpM"}
User-Agent: JD4iPhone/167541 (iPhone; iOS 14.3; Scale/3.00)
Accept-Language: zh-Hans-CN;q=1
Content-Length: 960
Accept-Encoding: gzip, deflate, br

adid=56D332EE-A80D-44AB-9882-EF51080E373D&area=15_1213_2963_49965&body=%7B%22to%22%3A%22https%3A%5C/%5C/plogin.m.jd.com%5C/jd-mlogin%5C/static%5C/html%5C/appjmp_blank.html%22%2C%22action%22%3A%22to%22%7D&build=167541&client=apple&clientVersion=9.4.0&d_brand=apple&d_model=iPhone11%2C6&eid=eidIa2008120ads7zvQvZ34tSP6NlapQs14bUc70MN0ot6m7j8qUX/vVDIDC9hTjUn%2BI4jE0E5Up/P4YQ11audrSLI1BuAEQl9mOnz7ZXlsCCLj80EpM&isBackground=N&lang=zh_CN&networkType=wifi&networklibtype=JDNetworkBaseAF&openudid=18452977c7b8b073262c5cecaf8b6d6bf3d65f21&osVersion=14.3&partner=apple&scope=11&screen=1242%2A2688&sign=6481225cf50f76c41257d5958a04a744&st=1613313278223&sv=122&uts=0f31TVRjBSsGYQSQDxRLo%2BsWGXNcigPCDqVL%2BKBivRNsDsbaosYZWJDfLG6o2Q%2B%2Baq7wQnBEj/DTytHGpyKix3cTTLnamDF6g5akb8QT6W69Yyeey7sbyduaMuU9aDSEcMJroUxWvC/VGqhc0GcHE4k71Q9oca0BBFh6KdX0TCj06LhL6sC5xpVE6ytxaN72BSfuu60rdJCEY6CSTuSwWQ%3D%3D&uuid=hjudwgohxzVu96krv/T6Hg%3D%3D&wifiBssid=c1c03d6a5761cfd7a33af1c902b4c570

返回：tokenKey=AAEAMLtQZoMwOkrb7V3vfSKVnDXWGAmJlTYT_Xy7IM1b5HlJG6_urqHOtZw05_OT1ui5Bg0

上面请求涉及sign，这个有人分析过了，不知道算法有没有改，明天看看到底是哪些数据md5的，还有就是uts，应该是登录后生成的，几个request都用了一样的uts