朴朴超市小程序 sign-v2 分析

声明

本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!

部分python代码

复制代码
cp = execjs.compile(open('run.js','r',encoding='utf-8').read())
result = cp.call('getSign',unique_id)
print(result)
headers = {
    "accept": "application/json",
    "accept-language": "zh-CN,zh;q=0.9",
    "cache-control": "no-cache",
    "chart_ab": "4",
    "content-type": "application/json",
    "is_show_classification_word": "1",
    "label_assembly_ab": "1",
    "open-id": "",
    "pp-os": "0",
    "pp-placeid": unique_id,
    "pp-suid": unique_id,
    "pp_storeid": unique_id,
    "pragma": "no-cache",
    "priority": "u=1, i",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "cross-site",
    "shopping_car_hint_banner_module": "1",
    "sign-v2": result['sign'],
    "spu_shopping_guide_link_ab": "1",
    "timestamp": str(result["timestamp"]),
}
url = "product/recall"
data = {
    "card_line": 1,
    "page": 1,
    "size": 20,
    "area_list": [],
    "area_second_id": "",
    "is_top": 0
}
data = json.dumps(data, separators=(',', ':'))
response = requests.post(url, headers=headers, data=data)

print(response.text)
print(response)
复制代码
cp = execjs.compile(open('run.js','r',encoding='utf-8').read())
result = cp.call('getSign',unique_id)
print(result)
headers = {
    "accept": "application/json",
    "accept-language": "zh-CN,zh;q=0.9",
    "cache-control": "no-cache",
    "chart_ab": "4",
    "content-type": "application/json",
    "is_show_classification_word": "1",
    "label_assembly_ab": "1",
    "open-id": "",
    "pp-os": "0",
    "pp-placeid": unique_id,
    "pp-suid": unique_id,
    "pp_storeid": unique_id,
    "pragma": "no-cache",
    "priority": "u=1, i",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "cross-site",
    "shopping_car_hint_banner_module": "1",
    "sign-v2": result['sign'],
    "spu_shopping_guide_link_ab": "1",
    "timestamp": str(result["timestamp"]),
}
url = "product/recall"
data = {
    "card_line": 1,
    "page": 1,
    "size": 20,
    "area_list": [],
    "area_second_id": "",
    "is_top": 0
}
data = json.dumps(data, separators=(',', ':'))
response = requests.post(url, headers=headers, data=data)

print(response.text)
print(response)

结果

总结

1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。

相关推荐
databook2 分钟前
Manim实现闪电特效
后端·python·动效
Blossom.11810 分钟前
AI“点亮”萤火虫:边缘机器学习让微光成像走进4K时代
人工智能·pytorch·python·深度学习·数码相机·opencv·机器学习
我不是混子36 分钟前
什么是Java 的 Lambda 表达式?
java·后端
小蝙蝠侠1 小时前
JMeter 执行流程
java·jmeter
Eiceblue1 小时前
Python 将 HTML 转换为纯文本 TXT (HTML 文本提取)
开发语言·vscode·python·html
跟橙姐学代码1 小时前
给Python项目加个“隔离间”,从此告别依赖纠缠!
前端·python·ipython
2501_915921431 小时前
TCP 抓包分析实战,从抓取到定位(命令、常见症状、排查流程与真机抓包补充)
网络·网络协议·tcp/ip·ios·小程序·uni-app·iphone
2501_916013741 小时前
App 上架服务全流程解析,iOS 应用代上架、ipa 文件上传工具、TestFlight 测试与苹果审核实战经验
android·ios·小程序·https·uni-app·iphone·webview
程序员小假1 小时前
我们来说一说 ThreadLocal 内存泄漏
java·后端