声明:
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
逆向分析
data = response.json()
print(data)
fp =data['fp']
st = data['st']
data = cp.call('getBg',st,sid)
url = "/api/check"
response = session.post(url, headers=headers, data=data)
data = response.json()
imgStr = data["img"]
img = json.loads(imgStr)
b1 = img['b1']
b2 = img['b2']
handleImg()
res = det.slide_match(target_bytes, background_bytes, simple_target=True)
distance = round(res['target'][0])
data = cp.call('verify',st,sid,imgStr,distance)
url = "/api/check"
response = session.post(url, headers=headers, data=data)
print(response.text)
data = response.json()
vt = data.get('vt')
if vt:
cookies.update(response.cookies)
print(response.cookies)
for i in range(1, 5):
cp = execjs.compile(open('h5st.js', 'r', encoding='utf-8').read())
result = cp.call('getH5st')
# print(result)
headers = {
"accept": "application/json, text/javascript, */*; q=0.01",
"accept-language": "zh-CN,zh;q=0.9",
"cache-control": "no-cache",
"pragma": "no-cache",
"priority": "u=1, i",
"sec-ch-ua": "\"Not A(Brand\";v=\"8\", \"Chromium\";v=\"132\", \"Microsoft Edge\";v=\"132\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-site",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0",
"x-rp-client": "h5_1.0.0"
}
url = "api"
response = session.get(url, headers=headers, params=params,cookies=cookies)
print(result)
print(response.text)
结果
拿到详情结果就是成功
总结
1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。