打断点
找要的数据
鼠标的点击事件
新浪微博登录
表单提交分析 :
先佃输入错误密码开始调式
f10 往下走,
f11 进入函数
sh + f11 跳出函数
# -*- coding: utf-8 -*-
# 斌彬电脑
# @Time : 2018/9/20 0020 4:30
# 新浪js分析
import requests
import base64
import time
import re
import json
import rsa
import binascii
class WeiboLogin(object):
def __init__(self, username, password):
self.username = self.encrypt_username(username)
self.password = password
self.session = requests.session()
self.headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"}
def pre_login(self):
params = {
"entry": "weibo",
"callback": "sinaSSOController.preloginCallBack",
"su": self.username,
"rsakt": "mod",
"checkpin": "1",
"client": "ssologin.js(v1.4.19)",
"_": int(time.time() * 1000)
}
url = 'https://login.sina.com.cn/sso/prelogin.php?'
response = self.session.get(url, headers=self.headers, params=params)
json_data = re.search(r'preloginCallBack((.*?))', response.text).group(1)
return json.loads(json_data)
def login(self, pre_login_data):
data = {
"entry": "weibo",
"gateway": "1",
"from": "",
"savestate": "7",
"qrcode_flag": "false",
"useticket": "1",
"pagerefer": "",
"vsnf": "1",
"su": self.username,
"service": "miniblog",
"servertime": pre_login_data['servertime'],
"nonce": pre_login_data['nonce'],
"pwencode": "rsa2",
"rsakv": pre_login_data['rsakv'],
"sp": self.encrypt_password(self.password, pre_login_data['pubkey'], pre_login_data['servertime'],
pre_login_data['nonce']),
"sr": "1920*1080",
"encoding": "UTF-8",
"prelt": "49",
"url": "https://weibo.com/ajaxlogin.php?framelogin=1&callback=parent.sinaSSOController.feedBackUrlCallBack",
"returntype": "META"
}
url = "https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.19)"
response = self.session.post(url, headers=self.headers, data=data)
return response.content.decode('gbk')
def houxu_login(self, login_response):
first_url = re.search(r'location.replace("(.*?)")', login_response).group(1)
response = self.session.get(first_url, headers=self.headers).content.decode('gbk')
all_url = re.search(r'arrURL":["(.*?)"]', response).group(1)
all_url = all_url.split('","')
data = "&callback=sinaSSOController.doCrossDomainCallBack&" + "scriptId=ssoscript1&" + "client=ssologin.js(v1.4.19)&" + "_=" + str(
int(time.time() * 1000))
for url in all_url:
url = url.replace('\', '')
self.session.get(url + data, headers=self.headers)
def encrypt_password(self, password, pubkey, servertime, nonce):
my_password = str(servertime) + ' ' + str(nonce) + '
' + str(password)
publickey = rsa.PublicKey(int(pubkey, 16), int('10001', 16))
return binascii.b2a_hex(rsa.encrypt(my_password.encode(), publickey)).decode()
def encrypt_username(self, username):
return base64.b64encode(username.encode())
def yanzheng(self):
resp = self.session.get('https://weibo.com/wnanbei/home', headers=self.headers)
print(resp.text)
def __call__(self, *args, **kwargs):
json_data = self.pre_login()
login_response = self.login(json_data)
self.houxu_login(login_response)
self.yanzheng()
if __name__ == "__main__":
my_login = WeiboLogin('账号', '密码')
my_login()