本案例中所有内容仅供个人学习交流,抓包内容、敏感网址、数据接口均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关
1.接口分析
javascript
https://脱敏/oauth-client/wechatSmall/smallLogin
说明:鉴权
POST
Query:{
wxScene:1145,//进入方式
wxQuery:"",
bd_source:"wx",
bd_origin:"scene_1145"
}
FormBody:{
_q:"",
_v:"",
_t:"",
_s:"",
code:"",//小程序登录code
platform:"wechat$$$small",
autoLogin:"true",
encryptedData:""
}
响应:{
"ret": true,
"data": {
"cookies": {
"_q": "脱敏",
"csrfToken": "脱敏",
"_s": "脱敏",
"QunarGlobal": "脱敏",
"_t": "脱敏",
"_v": "脱敏",
"_i": "脱敏"
},
"nowTime": 脱敏,
"openId": "脱敏",
"token": "脱敏",
"unionId": "脱敏",
"wechatSingle": false
}
}
javascript
https://脱敏/h_venus
说明:酒店列表接口
POST
Query:{
qrt: h_hlist
source: mini
pVersion: 3.23.87
SDKVersion: 3.10.3
channelScene: 1256
wxScene: 1256
wxQuery:
wx_q: 脱敏
wx_s: 脱敏
wx_t: 脱敏
wx_v: 脱敏
unionId: 脱敏
openId: 脱敏
bd_source: wx
bd_origin: scene_1256
}
ReqHeades:{
Cookie:"wxScene=1145;wxQuery=;_q=脱敏;csrfToken=脱敏;_s=脱敏;QunarGlobal=脱敏;_t=脱敏;_v=脱敏;_i=脱敏;unionId=脱敏;openId=脱敏;bd_source=wx;_dangerDivide=true;QN1=脱敏;Expires=Mon,16-Nov-2612:00:59GMT;Max-Age=630720000;Domain=qunar.com;Path=/;QN48=脱敏;QN300=wx",
openid:"脱敏"
}
ReqPayload:{
b:"{\"platform\":\"Qunar\",\"bizVersion\":387,\"bookingBizVersion\":387,\"disVersion\":\"41\",\"searchType\":0,\"num\":20,\"start\":0,\"cityUrl\":\"\",\"fromDate\":\"2025-11-16\",\"toDate\":\"2025-11-17\",\"q\":\"\",\"suggestType\":\"\",\"needSec\":true,\"experGroupOfFilter\":true,\"sort\":\"\",\"locationAreaFilter\":[],\"comprehensiveFilter\":[],\"currLatitude\":\"脱敏\",\"currLongitude\":\"脱敏\",\"coordConvert\":0,\"fromForLog\":\"\",\"jingjiaoActivityPayStatus\":-1,\"vtoken\":\"脱敏\",\"bd_origin\":\"\",\"level\":\"\",\"minPrice\":\"\",\"maxPrice\":\"\",\"lastCityUrl\":\"\",\"distanceLocationAreaFilter\":[],\"city\":\"脱敏\",\"hourlyRoom\":false,\"channelId\":1,\"searchRoomType\":\"MIXED_ROOM\",\"searchListUid\":\"脱敏\",\"searchRequestUid\":\"脱敏\",\"becheck\":\"脱敏\",\"bmagic\":\"脱敏=\",\"betime\":\"脱敏\"}",
c:"{\"h_ct\":\"MINI\",\"adid\":\"\",\"brush\":\"\",\"cas\":\"\",\"catom\":\"\",\"cid\":\"smart_app\",\"gid\":\"脱敏\",\"ke\":\"\",\"lat\":\"\",\"lgt\":\"\",\"ma\":\"\",\"mno\":\"\",\"model\":\"microsoft\",\"msg\":\"\",\"nt\":\"\",\"osVersion\":\"Windows 11 x64\",\"pid\":\"脱敏\",\"ref\":\"\",\"sid\":\"\",\"t\":\"h_hlist\",\"un\":\"脱敏\",\"vid\":\"脱敏\",\"uid\":\"脱敏\",\"uuid\":\"脱敏\",\"sdkVersion\":\"3.10.3\",\"wxVersion\":\"4.1.2.17\",\"pVersion\":\"3.23.87\"}",
source:"mini"
}
响应:{
"bstatus": {
"code": 0,
"des": "success"
},
"data":{}
}2.逆向分析
javascript
becheck:HmacSHA1
bmagic:B64(AES(字符变换("脱敏加密参数"),"脱敏key","脱敏iv"))
betime:时间戳+15位随机3.风控分析
javascript
风控大概是两个点,如果不处理会返回服务器异常
这里就不方便讲了,想了解的加扣扣4.效果
咨询、沟通、合作
2227669390