这是RaPHP代码
php
<?php
/**
* 编译:湖南人爱科技有限公司
* 400-087-0306
* 永久官方:www.n658.com
* 抖音评论发布请求脚本(修正 req_content 格式)
* 核心修正:req_content 仅保留 "ticket,path,timestamp",贴合真实解码结果
*/
// 1. 基础配置(表单数据与接口URL)
$targetUrl = 'https://www.douyin.com/aweme/v1/web/comment/publish?app_name=aweme&enter_from=follow&previous_page=follow&device_platform=webapp&aid=6383';
$formData = [
'aweme_id' => '7534053219086929179', // 视频ID(你的原始表单数据)
'comment_send_celltime' => '4052', // 发送时间戳(原始数据)
'comment_video_celltime' => '12693', // 视频播放时间(原始数据)
'one_level_comment_rank' => '-1', // 评论排序(原始数据)
'paste_edit_method' => 'non_paste', // 粘贴编辑方式(原始数据)
'text' => '人爱科技你这视频教程和技术好厉害!', // 评论内容
'text_extra' => '[]' // 额外文本信息(原始数据)
];
// 2. 生成关键头部参数(严格贴合真实格式)
/**
* 编译:湖南人爱科技有限公司
* 400-087-0306
* 永久官方:www.n658.com
* 生成 Uifid(128位十六进制,抖音设备唯一标识标准格式)
*/
function generateUifid() {
$chars = '0123456789abcdefABCDEF';
$uifid = '';
for ($i = 0; $i < 128; $i++) {
$uifid .= $chars[rand(0, strlen($chars) - 1)];
}
return $uifid;
}
/**
* 编译:湖南人爱科技有限公司
* 400-087-0306
* 永久官方:www.n658.com
* 生成 Bd-Ticket-Guard-Client-Data(修正 req_content 为 "ticket,path,timestamp")
* @param string $path 请求路径(从URL中提取,如 "/aweme/v1/web/comment/publish")
*/
function generateClientData($path) {
$timestamp = time();
// 核心修正:req_content 仅保留 "ticket,path,timestamp",与真实解码结果一致
$clientData = [
'ts_sign' => 'ts.2.' . bin2hex(random_bytes(64)), // 时间戳签名(模拟抖音格式)
'req_content' => 'ticket,path,timestamp', // 严格匹配真实解码结果,不添加额外参数
'req_sign' => base64_encode(hash('sha256', $path . $timestamp, true)), // 基于 path+timestamp 签名(贴合元数据关联逻辑)
'timestamp' => $timestamp
];
return base64_encode(json_encode($clientData));
}
/**
* 编译:湖南人爱科技有限公司
* 400-087-0306
* 永久官方:www.n658.com
* 生成 Bd-Ticket-Guard-Ree-Public-Key(RSA公钥格式,模拟真实值结构)
*/
function generatePublicKey() {
// 模拟抖音公钥格式(Base64编码前的原始公钥结构)
$publicKey = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA BL5ZquujBw3/aR8Nynaw
M8wHUBwXDhrsXcwaxqcra7xNvQ26fQdKAw40rSV93Mc5e2qseb6XDrAphdEmB0Y9
eZ8QIDAQAB
-----END PUBLIC KEY-----";
// 移除换行符后Base64编码(抖音公钥存储格式)
$publicKeyClean = str_replace(["\n", "\r"], "", $publicKey);
return base64_encode($publicKeyClean);
}
/**
* 编译:湖南人爱科技有限公司
* 400-087-0306
* 永久官方:www.n658.com
* 生成 X-Tt-Session-Dtrait(会话特征,模拟抖音基于设备+会话的关联逻辑)
* @param string $uifid 设备唯一标识
* @param string $awemeId 视频ID(业务参数关联,确保会话与请求的关联性)
*/
function generateSessionDtrait($uifid, $awemeId) {
// 基于 Uifid+视频ID 生成,模拟业务参数与会话的绑定
$baseStr = $uifid . $awemeId . time();
$part1 = base64_encode(hash('sha256', $baseStr . '_part1', true));
$part2 = base64_encode(hash('sha256', $baseStr . '_part2', true));
return $part1 . '_' . $part2;
}
// 3. 提取请求路径(用于 Bd-Ticket-Guard-Client-Data 中的 path 关联)
$urlParts = parse_url($targetUrl);
$requestPath = "/aweme/v1/web/comment/publish"; // 提取 "/aweme/v1/web/comment/publish"
// 4. 生成完整请求头部(严格贴合抖音格式)
$uifid = generateUifid();
$headers = [
// Bd-Ticket-Guard 系列头部(严格匹配真实字段顺序与格式)
'Accept: application/json, text/plain, */*',
'Bd-Ticket-Guard-Client-Data: ' . generateClientData($requestPath),
'Bd-Ticket-Guard-Iteration-Version: 1',
'Bd-Ticket-Guard-Ree-Public-Key: ',
'Bd-Ticket-Guard-Version: 2',
'Bd-Ticket-Guard-Web-Sign-Type: 1',
'Bd-Ticket-Guard-Web-Version: 2',
'Hnra-Vip: HNRA.VIP',
// 设备与会话标识
'Uifid: ',
'Origin:https://www.douyin.com',
'Referer:https://www.douyin.com/user/MS4wLjABAAAAFxbTL15GBxQqcinigdZY04rmbaGPbYhtlt3m_JMfhTg',
// CSRF 防护与内容格式
'X-Secsdk-Csrf-Token: DOWNGRADE', // 保持你提供的原始 CSRF 令牌
'X-Tt-Session-Dtrait: ',
'Content-Type: application/x-www-form-urlencoded', // 表单提交必需格式
// 模拟真实浏览器环境(避免爬虫UA拦截)
'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.289 Safari/537.36',
// 关键:添加登录态 Cookie(必须替换为真实登录后的 Cookie,否则403)
"Cookie: "
];
// 5. 使用 CURL 发送 POST 请求(携带表单数据+正确头部)
$ch = curl_init();
// 基础请求配置
curl_setopt($ch, CURLOPT_URL, $targetUrl);
curl_setopt($ch, CURLOPT_POST, true);
// 表单数据编码(application/x-www-form-urlencoded 格式)
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($formData));
// 注入完整头部
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// 接收响应结果(不直接输出)
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// 开发环境临时关闭 SSL 校验(生产环境需开启,避免安全风险)
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
// 跟随重定向(避免3xx状态码导致的请求失败)
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
// 6. 执行请求并输出调试信息
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
// 输出调试内容(便于定位问题)
echo "=== 请求调试信息 ===\n";
echo "1. 请求URL: " . $targetUrl . "\n";
echo "2. HTTP状态码: " . $httpCode . "\n";
echo "3. 请求路径(用于签名): " . $requestPath . "\n";
echo "4. 表单数据(编码后): " . http_build_query($formData) . "\n";
echo "5. 关键头部示例:\n";
echo " - Bd-Ticket-Guard-Client-Data: " . generateClientData($requestPath) . "\n";
echo " - Uifid: " . $uifid . "\n";
echo "6. CURL错误(若有): " . $curlError . "\n";
echo "7. 接口响应结果:\n" . $response . "\n";
curl_close($ch);
?>是这python代码
python
import requests
import random
import time
import hashlib
import base64
import json
from urllib.parse import urlparse, urlencode
# 1. 基础配置(表单数据与接口URL)
target_url = 'https://www.douyin.com/aweme/v1/web/comment/publish?app_name=aweme&enter_from=follow&previous_page=follow&device_platform=webapp&aid=6383'
form_data = {
'aweme_id': '7534053219086929179', # 视频ID
'comment_send_celltime': '4052', # 发送时间戳
'comment_video_celltime': '12693', # 视频播放时间
'one_level_comment_rank': '-1', # 评论排序
'paste_edit_method': 'non_paste', # 粘贴编辑方式
'text': '人爱科技你这视频教程和技术好厉害!', # 评论内容
'text_extra': '[]' # 额外文本信息
}
# 2. 生成关键头部参数(严格贴合真实格式)
def generate_uifid():
"""生成Uifid(128位十六进制,抖音设备唯一标识标准格式)"""
chars = '0123456789abcdefABCDEF'
uifid = ''.join(random.choice(chars) for _ in range(128))
return uifid
def generate_client_data(path):
"""生成Bd-Ticket-Guard-Client-Data"""
timestamp = int(time.time())
# 生成随机的ts_sign
ts_sign_bytes = bytearray(random.getrandbits(8) for _ in range(64))
ts_sign = 'ts.2.' + ts_sign_bytes.hex()
# 核心:req_content仅保留"ticket,path,timestamp"
client_data = {
'ts_sign': ts_sign,
'req_content': 'ticket,path,timestamp',
'req_sign': base64.b64encode(hashlib.sha256(f"{path}{timestamp}".encode()).digest()).decode(),
'timestamp': timestamp
}
return base64.b64encode(json.dumps(client_data).encode()).decode()
def generate_public_key():
"""生成Bd-Ticket-Guard-Ree-Public-Key(RSA公钥格式)"""
public_key = "-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA BL5ZquujBw3/aR8NynawM8wHUBwXDhrsXcwaxqcra7xNvQ26fQdKAw40rSV93Mc5e2qseb6XDrAphdEmB0Y9eZ8QIDAQAB-----END PUBLIC KEY-----"
public_key_clean = public_key.replace("\n", "").replace("\r", "")
return base64.b64encode(public_key_clean.encode()).decode()
def generate_session_dtrait(uifid, aweme_id):
"""生成X-Tt-Session-Dtrait(会话特征)"""
base_str = f"{uifid}{aweme_id}{int(time.time())}"
part1 = base64.b64encode(hashlib.sha256(f"{base_str}_part1".encode()).digest()).decode()
part2 = base64.b64encode(hashlib.sha256(f"{base_str}_part2".encode()).digest()).decode()
return f"{part1}_{part2}"
# 3. 提取请求路径
parsed_url = urlparse(target_url)
request_path = "/aweme/v1/web/comment/publish"
# 4. 生成完整请求头部
uifid = generate_uifid()
public_key = generate_public_key()
session_dtrait = generate_session_dtrait(uifid, form_data['aweme_id'])
headers = [
'Accept: application/json, text/plain, */*',
f'Bd-Ticket-Guard-Client-Data: {generate_client_data(request_path)}',
'Bd-Ticket-Guard-Iteration-Version: 1',
f'Bd-Ticket-Guard-Ree-Public-Key: {public_key}',
'Bd-Ticket-Guard-Version: 2',
'Bd-Ticket-Guard-Web-Sign-Type: 1',
'Bd-Ticket-Guard-Web-Version: 2',
'Hnra-Vip: HNRA.VIP',
f'Uifid: {uifid}',
'Origin: https://www.douyin.com',
'Referer: https://www.douyin.com/user/MS4wLjABAAAAFxbTL15GBxQqcinigdZY04rmbaGPbYhtlt3m_JMfhTg',
'X-Secsdk-Csrf-Token: DOWNGRADE',
f'X-Tt-Session-Dtrait: {session_dtrait}',
'Content-Type: application/x-www-form-urlencoded',
'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.289 Safari/537.36',
"Cookie: " # 请在此处添加真实的Cookie
]
# 转换headers为字典格式(requests库要求)
headers_dict = {}
for header in headers:
key, value = header.split(': ', 1)
headers_dict[key] = value
# 5. 发送POST请求
try:
# 编码表单数据
encoded_form_data = urlencode(form_data)
# 发送请求
response = requests.post(
target_url,
data=encoded_form_data,
headers=headers_dict,
verify=False, # 开发环境关闭SSL验证,生产环境应开启
allow_redirects=True
)
# 6. 输出调试信息
print("=== 请求调试信息 ===")
print(f"1. 请求URL: {target_url}")
print(f"2. HTTP状态码: {response.status_code}")
print(f"3. 请求路径(用于签名): {request_path}")
print(f"4. 表单数据(编码后): {encoded_form_data}")
print("5. 关键头部示例:")
print(f" - Bd-Ticket-Guard-Client-Data: {generate_client_data(request_path)}")
print(f" - Uifid: {uifid}")
print("6. 接口响应结果:")
print(response.text)
except Exception as e:
print(f"请求发生错误: {str(e)}")提示:只提供交流和学习,请无他使用!