java爬虫,破解JS加密的Cookie

最新推荐文章于 2023-10-14 17:00:00 发布
最新推荐文章于 2023-10-14 17:00:00 发布
阅读量9.8k 收藏 16
点赞数 2
分类专栏: J2EE 文章标签: 爬虫 加密 cookie 破解 htmlunit
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/bohu83/article/details/78085253
版权

一 序:

因为爬取数据需要,代理跟验证码识别属于不可避免的问题。本文总结了下因为爬取免费代理IP数据遇到的js加密cookie问题。

二 问题:

对于常见的静态页面来说,jsoup的解析是比较常见的。


但是这个网站如果直接用jsoup去抓取,会报错。

org.jsoup.HttpStatusException: HTTP error fetching URL. Status=521, URL=http://www.kuaidaili.com/ops/proxylist/1
	at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:679)
	at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:628)
	at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:260)
	at org.jsoup.helper.HttpConnection.get(HttpConnection.java:249)

三 问题分析及解决:

其实浏览器是能正常浏览的,我们打开浏览器看下过程。以Chrome的为例子



可以明显看到第一次是报错的,HTTP状态码是521,不是200.

     第二次是200,但是第二次的cookie多了一些:_ydclearance=a3fd46bd1a232b52d7313218-72dc-4427-aa33-5690668af31d-1506323606

这就是问题的原因了。

用程序来模拟下,打印下参数:

			CloseableHttpClient httpClient = HttpClients.createDefault();
			
			Registry<CookieSpecProvider> cookieSpecProviderRegistry = RegistryBuilder.<CookieSpecProvider>create()
	                .register("myCookieSpec", context -> new MyCookieSpec()).build();//注册自定义CookieSpec
			String url = baseUrl + i;
			HttpGet get = new HttpGet(url);
			HttpClientContext context = HttpClientContext.create();
			 context.setCookieSpecRegistry(cookieSpecProviderRegistry);
			 get.setConfig(RequestConfig.custom().setCookieSpec("myCookieSpec").build());
			 WebRequest request = null;
			 WebClient wc = null;
			try {
				//1、获取521状态时返回setcookie
				CloseableHttpResponse response = httpClient.execute(get, context);
				// 响应状态
				System.out.println("status:" + response.getStatusLine());
				System.out.println(">>>>>>headers:");
				HeaderIterator iterator = response.headerIterator();
				while (iterator.hasNext()) {
					System.out.println("\t" + iterator.next());
				}
				System.out.println(">>>>>>cookies:");
				// context.getCookieStore().getCookies().forEach(System.out::println);
				String cookie =getCookie(context);
				System.out.println("cookie="+cookie);
				response.close();

输出日志: 

status:HTTP/1.1 521 
>>>>>>headers:
	Date: Mon, 25 Sep 2017 07:10:25 GMT
	Content-Type: text/html
	Connection: keep-alive
	Set-Cookie: yd_cookie=fa424be4-70a9-4478226851c4b3f3e8e031e4ed7860052980; Expires=1506330625; Path=/; HttpOnly
	Cache-Control: no-cache, no-store
	Server: WAF/2.4-12.1
>>>>>>cookies:
cookie=yd_cookie=fa424be4-70a9-4478226851c4b3f3e8e031e4ed7860052980;Expires=Mon Sep 25 17:10:25 CST 2017;Path=/
TM真是套路深啊,不愧为是代理爬虫网站,发爬虫更有一套。

拿到这个cookie,再调用一次目标URL。看看反馈数据:

				HttpGet secGet = new HttpGet(url);
				secGet.setHeader("Cookie",cookie);
				//测试用,对比获取结果
				CloseableHttpResponse secResponse = httpClient.execute(secGet, context);
				System.out.println("secstatus:" + secResponse.getStatusLine());
				String content = EntityUtils.toString(secResponse.getEntity());
	            System.out.println(content);
	            secResponse.close();
我以为就返回正常结果数据了,结果是我太傻了,返回了一段JS,而且是加密过的 

<html><body><script language="javascript"> 
window.οnlοad=setTimeout("dv(43)", 200); function dv(VC) {var qo, mo="", no="", oo = [0x43,0xe5,0xb0,0x27,0x71,0x6f,0xe9,0x58,0xd8,0x21,0x55,0x56,0xd0,0x4f,0xcd,0x91,0x1c,0x9e,0x09,0xe7,0x80,0x6f,0x8d,0xf3,0x60,0x73,0xe9,0x66,0xd4,0x47,0x1e,0x76,0xec,0x69,0xe3,0xbc,0x27,0x02,0x70,0xe0,0xf2,0x65,0xd1,0xac,0x19,0xf3,0x6c,0xe4,0x57,0x3c,0xc3,0xa8,0x13,0xe1,0xb4,0x37,0x0e,0xf2,0x5f,0x32,0x43,0x0e,0x88,0xfe,0xd7,0x99,0x68,0xe0,0xdb,0xa6,0xd2,0xab,0x80,0x57,0x52,0xd6,0xa3,0x7c,0x5d,0xd5,0x29,0x28,0xa0,0x75,0x48,0x3d,0x18,0x13,0xdd,0x4a,0x21,0xf1,0xbe,0x89,0x70,0x72,0xe0,0x4b,0x16,0xee,0xa7,0x74,0x41,0x40,0x13,0xb3,0x7e,0x53,0x24,0xfa,0x12,0xec,0xbd,0x8e,0x5b,0x37,0x02,0xec,0xdd,0x4c,0xf8,0x59,0xad,0x34,0x8c,0x93,0xfd,0x58,0x33,0x6d,0xc6,0x45,0xc5,0xc2,0xb7,0xac,0x81,0x50,0x4b,0x61,0x98,0x03,0x57,0x52,0x25,0x8d,0x60,0x51,0x26,0x09,0xa2,0x8b,0x5e,0x33,0x1c,0xaa,0x77,0x42,0x37,0x65,0x35,0x73,0x7f,0x66,0x5b,0xae,0x1b,0x99,0x18,0x8a,0x18,0x9a,0x1b,0xf5,0xf6,0x66,0xf0,0x3b,0xad,0x34,0x50,0xbc,0x2f,0xb1,0x2e,0xd9,0x60,0x5d,0xd7,0x56,0x5f,0xd9,0xc4,0xb5,0x0a,0xf9,0x70,0xbc,0x3d,0x1c,0xae,0xad,0xa0,0x87,0x7c,0x47,0x95,0x1c,0x9c,0x05,0x45,0xc7,0x16,0x17,0x83,0x33,0xb1,0x2c,0x76,0xf4,0x2e,0x9c,0x19,0x65,0x66,0x3d,0xb9,0x3c,0xb2,0x25,0xbd,0x0a,0x90,0x0f,0x8f,0xce,0xa9,0x16,0x98,0x0f,0xc5,0x14,0x8e,0xfc,0x79,0xe1,0x2e,0x2f,0x39,0x51,0x42,0x94,0x3b];qo = "qo=251; do{oo[qo]=(-oo[qo])&0xff; oo[qo]=(((oo[qo]>>2)|((oo[qo]<<6)&0xff))-180)&0xff;} while(--qo>=2);"; eval(qo);qo = 250; do { oo[qo] = (oo[qo] - oo[qo - 1]) & 0xff; } while (-- qo >= 3 );qo = 1; for (;;) { if (qo > 250) break; oo[qo] = ((((((oo[qo] + 162) & 0xff) + 32) & 0xff) << 1) & 0xff) | (((((oo[qo] + 162) & 0xff) + 32) & 0xff) >> 7); qo++;}po = ""; for (qo = 1; qo < oo.length - 1; qo++) if (qo % 5) po += String.fromCharCode(oo[qo] ^ VC);eval("qo=eval;qo(po);");} </script> </body></html>

好吧,我承认js不行。搞不懂其中的细节。

但是我们有web控制台,我们可以看看这个js是运行出啥结果

document.cookie='_ydclearance=efad3fbba88e7738d15cc25b-5203-428b-b273-5d6459ee5246-1506330645; expires=Mon, 25-Sep-17 09:10:45 GMT; domain=.kuaidaili.com; path=/'; window.document.location=document.URL


这个数据就是js加密后的cookie,也是我们想要的数据。

上面的js大概意思就是生成新的cookie,页面重新刷新一下。eval("qo=eval;qo(po);这句话是赋值的。针对浏览器起作用。

也就是说我们如果能拿到这个新cookie,就能是jsoup重新发挥作用,获取数据。

至此,这个网站的反爬虫策略已经清楚了:

1. 返回状态521,带有ydcookie

2. ydcookie在访问会返回js.

3.执行js会返回加密后的_ydclearance,带着加密后的cookie会能正常访问。

那么关键就是如何执行这个js了。httpclient及jsoup是不满足业务需求了,Python有PyV8来做JavaScript引擎,那么Java采用啥好呢。

Google一下,网上常见的HtmlUnit/Selenium/PhantomJs三类流行的js渲染引擎。

Seleninum :需要安装浏览器,结合相应的WebDriver,正确配置webdriver的路径参数
优点:支持复杂功能。缺点:性能差一些,不适合作为服务器,更是小部分数据调试
HtmlUnit/:基于HTTPclient封装的,无浏览器界面,性能一般。解析js差。

PhantomJs :看介绍比较主流,性能尚可。值得深入学习。(目前我也没用过)

其实这些引擎估计学习起来都有成本,官网的资料不太全或者自己自己看不太懂,需要自己在调试过程中结合API去搞明白。

说白了就是要不断的踩坑,才知道哦原来是这么回事。

***********************************我是一个分割线*********************************************************


废话说完了,周末时间不多,找个学习代价小的HTMLUNIT去尝试。

 			URL link=new URL(url); 	   
	             request=new WebRequest(link); 
	            request.setCharset("UTF-8");	 
	            request.setAdditionalHeader("Referer", "http://www.kuaidaili.com/ops/proxylist/1/");//设置请求报文头里的refer字段
	            设置请求报文头里的User-Agent字段
	            request.setAdditionalHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/38.0");
	            wc = new WebClient();
	            wc.getCookieManager().setCookiesEnabled(true);//开启cookie管理  
	            wc.getOptions().setJavaScriptEnabled(true);//开启js解析。对于变态网页,这个是必须的  
	            wc.getOptions().setCssEnabled(false);//关闭css解析。
	            wc.getOptions().setThrowExceptionOnFailingStatusCode(false);  
	            wc.getOptions().setThrowExceptionOnScriptError(false);	          
	            wc.getOptions().setRedirectEnabled(true);
	            wc.getOptions().setTimeout(10000);
	            wc.setJavaScriptTimeout(50000);
	            //设置cookie
	            List<Cookie> cList = context.getCookieStore().getCookies();	
	            if(cList != null && !cList.isEmpty())
	            {	
	            	  
	            	  for(int j=0;j<cList.size();j++) 
	                  {  
	            		  Cookie ck = cList.get(j);
	            		    //cookie
	            			com.gargoylesoftware.htmlunit.util.Cookie ucookies=new com.gargoylesoftware.htmlunit.util.Cookie("www.kuaidaili.com", ck.getName() , ck.getValue());  	            			         		  
	            			wc.getCookieManager().addCookie(ucookies); 
	                  }	  
	            }
				//获取动态跳转页					
				HtmlPage hp  = wc.getPage(request);				
				String body = hp.getBody().asXml();
				//截取js函数
				String function = body.substring(body.indexOf("function"),body.lastIndexOf("}")+1);
				//把设置cookie的函数替换成返回
				function = function.replace("eval(\"qo=eval;qo(po);\")", "return po");		
				System.out.println("function:"+function);
				//提取js函数参数(正则表达式匹配)
				String regx ="setTimeout\\(\\\"\\D+\\((\\d+)\\)\"";
				Pattern pattern = Pattern.compile(regx); 	
			    Matcher matcher = pattern.matcher(body); 
			    String call = "";
			    String args ="";
			    while(matcher.find()){ 
			    	String group =matcher.group();
			    	 args = group.substring(group.lastIndexOf("(")+1,group.indexOf(")"));
			    	 call = group.substring(group.indexOf("\"")+1,group.lastIndexOf("\""));
			    	System.out.println(args+":"+call);
			    }				
				// 执行js获取加密后的数据

后面执行js就能获取数据: ScriptResult  ckstr =hp.executeJavaScript


我们用获取的加密的cookie,传给jsoup。这就能正常访问数据了。

以测试为例http://www.kuaidaili.com/ops/proxylist/1,2两个页面为例

日志如下:

status:HTTP/1.1 521 
>>>>>>headers:
	Date: Mon, 25 Sep 2017 07:10:25 GMT
	Content-Type: text/html
	Connection: keep-alive
	Set-Cookie: yd_cookie=fa424be4-70a9-4478226851c4b3f3e8e031e4ed7860052980; Expires=1506330625; Path=/; HttpOnly
	Cache-Control: no-cache, no-store
	Server: WAF/2.4-12.1
>>>>>>cookies:
cookie=yd_cookie=fa424be4-70a9-4478226851c4b3f3e8e031e4ed7860052980;Expires=Mon Sep 25 17:10:25 CST 2017;Path=/
15:10:27.023 [main] INFO  c.g.htmlunit.WebClient - statusCode=[521] contentType=[text/html]
15:10:27.033 [main] INFO  c.g.htmlunit.WebClient - <html><body><script language="javascript"> window.οnlοad=setTimeout("kt(180)", 200); function kt(OD) {var qo, mo="", no="", oo = [0xe7,0xd1,0x34,0xe1,0x60,0xfd,0x51,0x2f,0xc4,0x2b,0xc2,0x90,0xb5,0x43,0xf0,0x7e,0xfb,0xd9,0x22,0x42,0x32,0x5f,0x5d,0x23,0xe6,0xb4,0x5a,0x38,0xf5,0x2c,0xd6,0x94,0x2a,0xf7,0xd5,0xf5,0x99,0xe9,0x52,0x92,0x68,0x46,0x45,0x4d,0x03,0x53,0x8b,0x61,0xc6,0x2f,0x0d,0x45,0x13,0xe0,0xc7,0x08,0x80,0x80,0xb8,0x9e,0xf2,0x53,0x53,0xa3,0x81,0x21,0xdc,0xb2,0x88,0xc8,0x01,0xc0,0x68,0xd0,0x29,0x61,0xd1,0x71,0x01,0xde,0x1f,0xdc,0x1d,0xbc,0x04,0x6c,0xa4,0xec,0x35,0x3d,0x67,0xcf,0x28,0xf5,0xab,0xe3,0x08,0x78,0x4e,0xed,0x2e,0x8e,0x34,0x7c,0xd4,0x05,0x55,0x9d,0x32,0x8a,0xc2,0x3b,0x2b,0xf2,0x89,0x67,0x6d,0xb3,0x31,0x67,0x78,0x56,0x84,0xa4,0x41,0xee,0x7e,0x14,0xbb,0x63,0xbb,0x1c,0xd4,0x74,0xa1,0x9f,0xc5,0x65,0x25,0x65,0xd5,0x9d,0xc5,0xc5,0xa4,0xbc,0xfc,0x25,0x3d,0x75,0x50,0xa8,0x70,0x5d,0xf9,0x5f,0x37,0x27,0xee,0xd4,0x62,0x20,0xe7,0xa5,0x23,0xd8,0xf8,0x90,0xdd,0x4b,0xa9,0x67,0xe4,0xca,0xdd,0x9b,0x19,0xbe,0x3c,0xd3,0x9f,0x4d,0xfa,0x98,0x88,0x50,0x14,0x5a,0x18,0x7e,0xe3,0x04,0x0a,0xb9,0x89,0x99,0x41,0xaf,0x98,0x16,0xab,0x91,0x3f,0x8d,0x21,0xd8,0xbe,0x4c,0x1a,0x78,0x47,0xe4,0xc2,0x78,0xde,0x76,0xd2,0x78,0x06,0xd3,0x91,0xf7,0xf0,0x6e,0x1c,0xb1,0xd1,0xb7,0x3e,0xcb,0x99,0xf7,0x95,0x73,0x6e,0x04,0x6a,0x02,0x7f,0xb4,0x22,0x87,0x3b];qo = "qo=241; do{oo[qo]=(-oo[qo])&0xff; oo[qo]=(((oo[qo]>>5)|((oo[qo]<<3)&0xff))-211)&0xff;} while(--qo>=2);"; eval(qo);qo = 240; do { oo[qo] = (oo[qo] - oo[qo - 1]) & 0xff; } while (-- qo >= 3 );qo = 1; for (;;) { if (qo > 240) break; oo[qo] = ((((((oo[qo] + 44) & 0xff) + 55) & 0xff) << 2) & 0xff) | (((((oo[qo] + 44) & 0xff) + 55) & 0xff) >> 6); qo++;}po = ""; for (qo = 1; qo < oo.length - 1; qo++) if (qo % 6) po += String.fromCharCode(oo[qo] ^ OD);eval("qo=eval;qo(po);");} </script> </body></html>
function:function kt(OD) {var qo, mo="", no="", oo = [0xe7,0xd1,0x34,0xe1,0x60,0xfd,0x51,0x2f,0xc4,0x2b,0xc2,0x90,0xb5,0x43,0xf0,0x7e,0xfb,0xd9,0x22,0x42,0x32,0x5f,0x5d,0x23,0xe6,0xb4,0x5a,0x38,0xf5,0x2c,0xd6,0x94,0x2a,0xf7,0xd5,0xf5,0x99,0xe9,0x52,0x92,0x68,0x46,0x45,0x4d,0x03,0x53,0x8b,0x61,0xc6,0x2f,0x0d,0x45,0x13,0xe0,0xc7,0x08,0x80,0x80,0xb8,0x9e,0xf2,0x53,0x53,0xa3,0x81,0x21,0xdc,0xb2,0x88,0xc8,0x01,0xc0,0x68,0xd0,0x29,0x61,0xd1,0x71,0x01,0xde,0x1f,0xdc,0x1d,0xbc,0x04,0x6c,0xa4,0xec,0x35,0x3d,0x67,0xcf,0x28,0xf5,0xab,0xe3,0x08,0x78,0x4e,0xed,0x2e,0x8e,0x34,0x7c,0xd4,0x05,0x55,0x9d,0x32,0x8a,0xc2,0x3b,0x2b,0xf2,0x89,0x67,0x6d,0xb3,0x31,0x67,0x78,0x56,0x84,0xa4,0x41,0xee,0x7e,0x14,0xbb,0x63,0xbb,0x1c,0xd4,0x74,0xa1,0x9f,0xc5,0x65,0x25,0x65,0xd5,0x9d,0xc5,0xc5,0xa4,0xbc,0xfc,0x25,0x3d,0x75,0x50,0xa8,0x70,0x5d,0xf9,0x5f,0x37,0x27,0xee,0xd4,0x62,0x20,0xe7,0xa5,0x23,0xd8,0xf8,0x90,0xdd,0x4b,0xa9,0x67,0xe4,0xca,0xdd,0x9b,0x19,0xbe,0x3c,0xd3,0x9f,0x4d,0xfa,0x98,0x88,0x50,0x14,0x5a,0x18,0x7e,0xe3,0x04,0x0a,0xb9,0x89,0x99,0x41,0xaf,0x98,0x16,0xab,0x91,0x3f,0x8d,0x21,0xd8,0xbe,0x4c,0x1a,0x78,0x47,0xe4,0xc2,0x78,0xde,0x76,0xd2,0x78,0x06,0xd3,0x91,0xf7,0xf0,0x6e,0x1c,0xb1,0xd1,0xb7,0x3e,0xcb,0x99,0xf7,0x95,0x73,0x6e,0x04,0x6a,0x02,0x7f,0xb4,0x22,0x87,0x3b];qo = "qo=241; do{oo[qo]=(-oo[qo])&0xff; oo[qo]=(((oo[qo]>>5)|((oo[qo]<<3)&0xff))-211)&0xff;} while(--qo>=2);"; eval(qo);qo = 240; do { oo[qo] = (oo[qo] - oo[qo - 1]) & 0xff; } while (-- qo >= 3 );qo = 1; for (;;) { if (qo > 240) break; oo[qo] = ((((((oo[qo] + 44) & 0xff) + 55) & 0xff) << 2) & 0xff) | (((((oo[qo] + 44) & 0xff) + 55) & 0xff) >> 6); qo++;}po = ""; for (qo = 1; qo < oo.length - 1; qo++) if (qo % 6) po += String.fromCharCode(oo[qo] ^ OD);return po;}
180:kt(180)
ScriptResult[result=document.cookie='_ydclearance=741fe8b32f4e2cc1692d597e-ff12-4627-a1a1-4200846cb27f-1506330626; expires=Mon, 25-Sep-17 09:10:26 GMT; domain=.kuaidaili.com; path=/'; window.document.location=document.URL page=HtmlPage(http://www.kuaidaili.com/ops/proxylist/1)@1667534569]
_ydclearance=741fe8b32f4e2cc1692d597e-ff12-4627-a1a1-4200846cb27f-1506330626; expires=Mon, 25-Sep-17 09:10:26 GMT; domain=.kuaidaili.com; path=/
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:110.72.151.94port=8123
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:59.62.42.71port=808
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:121.232.147.106port=9000
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:182.129.241.103port=9000
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:117.158.1.210port=9797
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:182.129.241.48port=9000
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:121.232.146.181port=9000
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:117.90.5.104port=9000
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:122.96.59.99port=80
http://www.kuaidaili.com/ops/proxylist/1.shtml,正在解析ip:117.90.4.39port=9000
status:HTTP/1.1 521 
>>>>>>headers:
	Date: Mon, 25 Sep 2017 07:10:45 GMT
	Content-Type: text/html
	Connection: keep-alive
	Set-Cookie: yd_cookie=bec9e152-9fef-4e1d7f68f1a0fe7c3550f7195af4f1450737; Expires=1506330645; Path=/; HttpOnly
	Cache-Control: no-cache, no-store
	Server: WAF/2.4-12.1
>>>>>>cookies:
cookie=yd_cookie=bec9e152-9fef-4e1d7f68f1a0fe7c3550f7195af4f1450737;Expires=Mon Sep 25 17:10:45 CST 2017;Path=/
15:10:46.176 [main] INFO  c.g.htmlunit.WebClient - statusCode=[521] contentType=[text/html]
15:10:46.176 [main] INFO  c.g.htmlunit.WebClient - <html><body><script language="javascript"> window.οnlοad=setTimeout("dv(43)", 200); function dv(VC) {var qo, mo="", no="", oo = [0x43,0xe5,0xb0,0x27,0x71,0x6f,0xe9,0x58,0xd8,0x21,0x55,0x56,0xd0,0x4f,0xcd,0x91,0x1c,0x9e,0x09,0xe7,0x80,0x6f,0x8d,0xf3,0x60,0x73,0xe9,0x66,0xd4,0x47,0x1e,0x76,0xec,0x69,0xe3,0xbc,0x27,0x02,0x70,0xe0,0xf2,0x65,0xd1,0xac,0x19,0xf3,0x6c,0xe4,0x57,0x3c,0xc3,0xa8,0x13,0xe1,0xb4,0x37,0x0e,0xf2,0x5f,0x32,0x43,0x0e,0x88,0xfe,0xd7,0x99,0x68,0xe0,0xdb,0xa6,0xd2,0xab,0x80,0x57,0x52,0xd6,0xa3,0x7c,0x5d,0xd5,0x29,0x28,0xa0,0x75,0x48,0x3d,0x18,0x13,0xdd,0x4a,0x21,0xf1,0xbe,0x89,0x70,0x72,0xe0,0x4b,0x16,0xee,0xa7,0x74,0x41,0x40,0x13,0xb3,0x7e,0x53,0x24,0xfa,0x12,0xec,0xbd,0x8e,0x5b,0x37,0x02,0xec,0xdd,0x4c,0xf8,0x59,0xad,0x34,0x8c,0x93,0xfd,0x58,0x33,0x6d,0xc6,0x45,0xc5,0xc2,0xb7,0xac,0x81,0x50,0x4b,0x61,0x98,0x03,0x57,0x52,0x25,0x8d,0x60,0x51,0x26,0x09,0xa2,0x8b,0x5e,0x33,0x1c,0xaa,0x77,0x42,0x37,0x65,0x35,0x73,0x7f,0x66,0x5b,0xae,0x1b,0x99,0x18,0x8a,0x18,0x9a,0x1b,0xf5,0xf6,0x66,0xf0,0x3b,0xad,0x34,0x50,0xbc,0x2f,0xb1,0x2e,0xd9,0x60,0x5d,0xd7,0x56,0x5f,0xd9,0xc4,0xb5,0x0a,0xf9,0x70,0xbc,0x3d,0x1c,0xae,0xad,0xa0,0x87,0x7c,0x47,0x95,0x1c,0x9c,0x05,0x45,0xc7,0x16,0x17,0x83,0x33,0xb1,0x2c,0x76,0xf4,0x2e,0x9c,0x19,0x65,0x66,0x3d,0xb9,0x3c,0xb2,0x25,0xbd,0x0a,0x90,0x0f,0x8f,0xce,0xa9,0x16,0x98,0x0f,0xc5,0x14,0x8e,0xfc,0x79,0xe1,0x2e,0x2f,0x39,0x51,0x42,0x94,0x3b];qo = "qo=251; do{oo[qo]=(-oo[qo])&0xff; oo[qo]=(((oo[qo]>>2)|((oo[qo]<<6)&0xff))-180)&0xff;} while(--qo>=2);"; eval(qo);qo = 250; do { oo[qo] = (oo[qo] - oo[qo - 1]) & 0xff; } while (-- qo >= 3 );qo = 1; for (;;) { if (qo > 250) break; oo[qo] = ((((((oo[qo] + 162) & 0xff) + 32) & 0xff) << 1) & 0xff) | (((((oo[qo] + 162) & 0xff) + 32) & 0xff) >> 7); qo++;}po = ""; for (qo = 1; qo < oo.length - 1; qo++) if (qo % 5) po += String.fromCharCode(oo[qo] ^ VC);eval("qo=eval;qo(po);");} </script> </body></html>
function:function dv(VC) {var qo, mo="", no="", oo = [0x43,0xe5,0xb0,0x27,0x71,0x6f,0xe9,0x58,0xd8,0x21,0x55,0x56,0xd0,0x4f,0xcd,0x91,0x1c,0x9e,0x09,0xe7,0x80,0x6f,0x8d,0xf3,0x60,0x73,0xe9,0x66,0xd4,0x47,0x1e,0x76,0xec,0x69,0xe3,0xbc,0x27,0x02,0x70,0xe0,0xf2,0x65,0xd1,0xac,0x19,0xf3,0x6c,0xe4,0x57,0x3c,0xc3,0xa8,0x13,0xe1,0xb4,0x37,0x0e,0xf2,0x5f,0x32,0x43,0x0e,0x88,0xfe,0xd7,0x99,0x68,0xe0,0xdb,0xa6,0xd2,0xab,0x80,0x57,0x52,0xd6,0xa3,0x7c,0x5d,0xd5,0x29,0x28,0xa0,0x75,0x48,0x3d,0x18,0x13,0xdd,0x4a,0x21,0xf1,0xbe,0x89,0x70,0x72,0xe0,0x4b,0x16,0xee,0xa7,0x74,0x41,0x40,0x13,0xb3,0x7e,0x53,0x24,0xfa,0x12,0xec,0xbd,0x8e,0x5b,0x37,0x02,0xec,0xdd,0x4c,0xf8,0x59,0xad,0x34,0x8c,0x93,0xfd,0x58,0x33,0x6d,0xc6,0x45,0xc5,0xc2,0xb7,0xac,0x81,0x50,0x4b,0x61,0x98,0x03,0x57,0x52,0x25,0x8d,0x60,0x51,0x26,0x09,0xa2,0x8b,0x5e,0x33,0x1c,0xaa,0x77,0x42,0x37,0x65,0x35,0x73,0x7f,0x66,0x5b,0xae,0x1b,0x99,0x18,0x8a,0x18,0x9a,0x1b,0xf5,0xf6,0x66,0xf0,0x3b,0xad,0x34,0x50,0xbc,0x2f,0xb1,0x2e,0xd9,0x60,0x5d,0xd7,0x56,0x5f,0xd9,0xc4,0xb5,0x0a,0xf9,0x70,0xbc,0x3d,0x1c,0xae,0xad,0xa0,0x87,0x7c,0x47,0x95,0x1c,0x9c,0x05,0x45,0xc7,0x16,0x17,0x83,0x33,0xb1,0x2c,0x76,0xf4,0x2e,0x9c,0x19,0x65,0x66,0x3d,0xb9,0x3c,0xb2,0x25,0xbd,0x0a,0x90,0x0f,0x8f,0xce,0xa9,0x16,0x98,0x0f,0xc5,0x14,0x8e,0xfc,0x79,0xe1,0x2e,0x2f,0x39,0x51,0x42,0x94,0x3b];qo = "qo=251; do{oo[qo]=(-oo[qo])&0xff; oo[qo]=(((oo[qo]>>2)|((oo[qo]<<6)&0xff))-180)&0xff;} while(--qo>=2);"; eval(qo);qo = 250; do { oo[qo] = (oo[qo] - oo[qo - 1]) & 0xff; } while (-- qo >= 3 );qo = 1; for (;;) { if (qo > 250) break; oo[qo] = ((((((oo[qo] + 162) & 0xff) + 32) & 0xff) << 1) & 0xff) | (((((oo[qo] + 162) & 0xff) + 32) & 0xff) >> 7); qo++;}po = ""; for (qo = 1; qo < oo.length - 1; qo++) if (qo % 5) po += String.fromCharCode(oo[qo] ^ VC);return po;}
43:dv(43)
ScriptResult[result=document.cookie='_ydclearance=efad3fbba88e7738d15cc25b-5203-428b-b273-5d6459ee5246-1506330645; expires=Mon, 25-Sep-17 09:10:45 GMT; domain=.kuaidaili.com; path=/'; window.document.location=document.URL page=HtmlPage(http://www.kuaidaili.com/ops/proxylist/2)@1410367298]
_ydclearance=efad3fbba88e7738d15cc25b-5203-428b-b273-5d6459ee5246-1506330645; expires=Mon, 25-Sep-17 09:10:45 GMT; domain=.kuaidaili.com; path=/
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:117.90.4.39port=9000
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:122.193.14.85port=83
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:118.117.137.188port=9000
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:163.125.66.201port=9797
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:60.178.170.141port=8081
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:120.199.64.163port=8081
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:182.92.207.196port=80
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:111.62.243.64port=80
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:121.232.144.221port=9000
http://www.kuaidaili.com/ops/proxylist/2.shtml,正在解析ip:116.214.32.51port=8080
proxy list size=0

三 结论:

能获取数据,但是快代理的免费数据质量太差了。两页每页10个没有一个是有效的。

从经济的角度:获取代理ip的成本不太值得,这是周末在家调试的。要是业务需要的话,还是找靠谱的去买比较好。

四 调试过程中踩得坑:

1 htmlunit 新版本2.27有bug

java.lang.ClassCastException: java.lang.Integer cannot be cast to net.sourceforge.htmlunit.corejs.javascript.Function
	at com.gargoylesoftware.htmlunit.javascript.host.event.EventListenersContainer.getEventHandler(EventListenersContainer.java:343)
	at com.gargoylesoftware.htmlunit.javascript.host.event.EventListenersContainer.executeEventHandler(EventListenersContainer.java:280)
	at com.gargoylesoftware.htmlunit.javascript.host.event.EventListenersContainer.executeBubblingListeners(EventListenersContainer.java:309)
	at com.gargoylesoftware.htmlunit.javascript.host.event.EventTarget.fireEvent(EventTarget.java:201)
	at com.gargoylesoftware.htmlunit.html.DomElement$2.run(DomElement.java:1375)
	at net.sourceforge.htmlunit.corejs.javascript.Context.call(Context.java:637)
	at net.sourceforge.htmlunit.corejs.javascript.ContextFactory.call(ContextFactory.java:518)
	at com.gargoylesoftware.htmlunit.html.DomElement.fireEvent(DomElement.java:1380)
	at com.gargoylesoftware.htmlunit.html.HtmlPage.executeEventHandlersIfNeeded(HtmlPage.java:1208)
	at com.gargoylesoftware.htmlunit.html.HtmlPage.initialize(HtmlPage.java:289)
	at com.gargoylesoftware.htmlunit.WebClient.loadWebResponseInto(WebClient.java:529)
	at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:396)
	at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:313)
	at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:478)
getPage报错,后续的调试无法进行,短时间来不及去看源码所以暂时放弃。用2.26或更以前版本

2. 缺包:如果使用2.24

Exception in thread "main" java.lang.NoClassDefFoundError: org/w3c/dom/ElementTraversal
	at java.lang.ClassLoader.defineClass1(Native Method)
	at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
	at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
	at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
	at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
	at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
	at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
	at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
解决办法:引入 

<dependency>  
            <groupId>xml-apis</groupId>  
            <artifactId>xml-apis</artifactId>  
            <version>1.4.01</version>  
        </dependency>

或者尝试2.26

3.ScriptResult[result=null

没结果,注js函数拼

。。。
bohu83
关注
  • 2
    点赞
  • 16
    收藏
    觉得还不错? 一键收藏
  • 3
    评论
专栏目录
Java爬虫破解Js加密Cookie
baidu_23275675的博客
11-23 1297
 如果你要获得的cookie形如: _ydclearance=efad3fbba88e7738d15cc25b-5203-428b-b273-5d6459ee5246-1506330645  并且返回的数据如下: window.onload=setTimeout("dv(43)", 200); function dv(VC) {var qo, mo="", no="", oo = [0x...
爬虫代理的cookie如何生成运行
12-16
HTTP是用于互联网传输数据信息到本地的一种传送协议 我们在浏览器中输入输入关键词,会返回页面内容。这就是我们用浏览器向网站所在的服务器发送了一个请求,网站的服务器接收到这个请求后进行解析,然后把网页内容呈现出来。 有时候服务器网站会检测IP在一个时间段内的请求次数,如果过于频繁,就会拒绝服务,简称为封IP。 HTTP代理就是用别人的IP进行访问,进行IP伪装。 除非是访问网站或APP专用数据api接口,正常的HTTP请求都需要进行ua(User-Agent)优化,因为ua是浏览器标识,如果http请求没有ua,或ua太少,都会被网站运维统计异常的,ua越丰富分布就越真实。cookie最好是登
java 爬虫 保存cookies_写爬虫,免不了要研究JavaScript设置cookies的问题
weixin_34870633的博客
03-05 382
那天碰到这样一个网页,用浏览器打开很正常。然而用requests下载URL却得到“521”的状态码,返回的内容是一串压缩混淆的JavaScript代码。就是下面这个样子:返回的是JavaScript就好说了。肯定是浏览器运行这段JavaScript后,再次加载就可以得到真实网页内容了。那么问题来了,这段js代码都做了些什么呢?我们先观察一下浏览器的加载过程。因为你已经成功打开了这个网页,浏览器已经...
Java爬虫引擎Java爬虫引擎
06-29
一、此爬虫引擎利用HttpClient实现,支持httphttps,支持自定义UserAgent,自定义Header,支持Proxy,支持HTML抓取,也支持图片抓取。此框架分三个部分:WebClient,Webquest以及ResponseResult,其中WebClient为引擎最核心部分,实现了资源下载,而Webquest为请求部分,自定义UserAgent,自定义Header,设置Proxy全部是针对Webquest,ResponseResult为响应部分,包括响应头,响应流,以及响应cookie等。二、html抓取测试
Python爬虫如何破解JS加密Cookie
01-19
通过Fiddler抓包比较,基本可以确定是JavaScript生成加密Cookie导致原来的请求返回521。 发现问题:   打开Fiddler软件,用浏览器打开目标站点(http://www.kuaidaili.com/proxylist/2/) 。可以发现浏览器对这个页面加载了两次,第一次返回521,第二次才正常返回数据。很多没有写过网站或是爬虫经验不足的童鞋,可能就会觉得奇怪为什么会这样?为什么浏览器可能正常返回数据而代码却不行?   仔细观察两次返回的结果可以发现:   1、第二次请求比第一次请求的Cookie内容多了个这个_ydclearance=0c316df6ea04c52
HTTP 1.1状态代码(HTTP 错误代号)及其含义
01-08
HTTP 1.1状态代码(HTTP错误代号)及其含义  包含了常见的HTTP 1.1状态代码以及它们对应的状态信息和含义。    应当谨慎地使用那些只有HTTP 1.1支持的状态代码,因为许多浏览器还只能够支持HTTP 1.0。如果你使用了HTTP 1.1特有的状态代码,最好能够检查一下请求的HTTP版本号。
JS逆向---cookie爬虫破解技术实战案例分析(某地zf网站)
m0_52336378的博客
10-14 1569
Cookie爬虫指的是服务器端通过校验请求头中的 Cookie 值来区分正常用户和爬虫程序的手段,这种手段被广泛应用在 Web 应用中。这次主要是对各类cookie加密的网站情况进行分析学习响应cookie和session的处理学习基于首页返回的cookie值声明本文章中所有内容仅供学习交流使用,不用于其他任何目的,不提供完整代码,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关。
js_cookie 破解 | 爬虫遇到 521 还不会解决吗?
静觅
08-10 594
最近看到一篇【猿人学 Python】文章【写爬虫,免不了要研究 JavaScript 设置 cookies 的问题 】, 里面说到了 mps“zggaw“的破解返回 52...
java 爬虫 抓取网上的图片报错521解决方案
weixin_39310051的博客
08-11 1192
521错误码需要请求多次,才能返回想要的值;使用Fiddler 4抓取到url调用了三次才拿到结果,所以需要逐一解析返回值。 1、第一次请求:
Java的角度简单修复Cookie越权漏洞
weixin_30385925的博客
05-28 1325
    技术实在是有限,讲解cookie越权的时候可能有点简单和粗糙。这里就简单记录学习下。     首先自己写一段存在漏洞的代码code:       sendCookie.java            package cookie; import java.io.IOException; import javax.servlet.ServletException; im...
java代码-java爬虫源代码
03-20
java代码-java爬虫源代码 ——学习参考资料:仅用于个人学习使用!
模拟登录的Java爬虫实现.zip
最新发布
03-06
爬虫(Web Crawler)是一种自动化程序,用于从互联网上收集信息。其主要功能是访问网页、提取数据并存储,以便后续分析或展示。爬虫通常由搜索引擎、数据挖掘工具、监测系统等应用于网络数据抓取的场景。 爬虫的工作流程包括以下几个关键步骤: URL收集: 爬虫从一个或多个初始URL开始,递归或迭代地发现新的URL,构建一个URL队列。这些URL可以通过链接分析、站点地图、搜索引擎等方式获取。 请求网页: 爬虫使用HTTP或其他协议向目标URL发起请求,获取网页的HTML内容。这通常通过HTTP请求库实现,如Python中的Requests库。 解析内容: 爬虫对获取的HTML进行解析,提取有用的信息。常用的解析工具有正则表达式、XPath、Beautiful Soup等。这些工具帮助爬虫定位和提取目标数据,如文本、图片、链接等。 数据存储: 爬虫将提取的数据存储到数据库、文件或其他存储介质中,以备后续分析或展示。常用的存储形式包括关系型数据库、NoSQL数据库、JSON文件等。 遵守规则: 为避免对网站造成过大负担或触发反爬虫机制,爬虫需要遵守网站的robots.txt协议,限制访问频率和深度,并模拟人类访问行为,如设置User-Agent。 反爬虫应对: 由于爬虫的存在,一些网站采取了反爬虫措施,如验证码、IP封锁等。爬虫工程师需要设计相应的策略来应对这些挑战。 爬虫在各个领域都有广泛的应用,包括搜索引擎索引、数据挖掘、价格监测、新闻聚合等。然而,使用爬虫需要遵守法律和伦理规范,尊重网站的使用政策,并确保对被访问网站的服务器负责。
基于微博用户数据的 Java 爬虫项目
02-21
基于微博用户数据的 Java 爬虫项目。它主要实现了以下功能: 用户关注列表抓取:用户可以通过程序抓取自己或者其他用户的关注列表,以及关注列表的关注列表,形成一个用户网络。 用户个人信息抓取:用户可以通过程序抓取自己或者其他用户的个人信息,包括昵称、性别、地区、生日、学校、标签等。 数据存储和分析:用户可以通过程序将抓取的数据存储到 MySQL 数据库中,以便于后续的分析和挖掘。 数据可视化:用户可以通过程序将数据库中的数据以图表的形式展示出来,以便于观察和比较。
Easyui select onChange事件
热门推荐
bohu83的博客
07-28 1万+
一背景: 通常原声的select下面想要触发其onchange事件是比较容易的 a b 直接写函数function getVal()就行了。 二 实现: 根据前面select前后关联:根据选择不同,后面的结束时间可以赋值或者是必填 $('#Type').combobox({ onChange: function (new
HTTP隧道代理及wireshark抓包分析HTTPS过程
bohu83的博客
11-03 9344
一 序  为了验证HTTP的隧道代理。我们用抓包分析验证过程 二 使用connect 当客户端向Proxy发起Http CONNECT Method的时候,就是告诉Proxy,先在Proxy和目标服务器之间先建立起连接,在这个连接建立起来之后,目标服务器会返回一个回复给Proxy,Proxy将这个回复转发给客户端,这个Response是Proxy跟目标服务器连接建立的
URLENcode 判断字符集格式 UTF8,GBK
bohu83的博客
10-27 2436
18:%E6%B5%8B%E8%AF%95 12:%B2%E2%CA%D4 测试 测试 ���� 测试 URL编码的字符集是ascII码。我们常见的汉字跟特殊字符就需要特殊处理。 场景: 搜索引擎: https://www.baidu.com/s?word=%E6%B5%8B%E8%AF%95 这个就是“”测试“”的编码 public class EncodeTest {
http常用状态码说明
bohu83的博客
04-11 2046
原文地址如下:http://flychao88.iteye.com/blog/1817804300客户端请求一个实际指向多个资源的URL时会返回这个状态码。301在请求的URL已被移除时使用,响应的Location首部中应该包含资源现在所处的URL。 400用于告知客户端发送了一个错误的请求。 401客户端未取得认证。 403请求被服务器拒绝。404服务器无法找到所请求的URL。*********
《跟开涛学SpringMVC》学习笔记
bohu83的博客
04-11 2036
一 背景:    原来用spring那会,还是低版本没有注解,配置一堆bean。后来一直没怎么用过,也就疏忽了,现在整理项目的时候,给前端app提供rest接口,就是用springMVC实现的,接触整理下有关知识点。开涛大神的blog原文地址如下:http://jinnianshilongnian.iteye.com/blog/1752171他在写blog的时候比较早,一些新版本特性还没用,我自己
java 爬虫cookie_爬虫中获取cookie的方式
05-26
爬虫中获取cookie有多种方式,以下是其中的一些常用方法: 1. 使用第三方库,如JsoupHttpClient等,这些库内置了Cookie管理功能,可以自动处理Cookie。 2. 使用HttpURLConnection或者HttpClient等原生类库,手动设置Cookie,通过获取服务器返回的Set-Cookie头部信息来获取Cookie信息。 3. 使用浏览器插件,如EditThisCookie等,手动获取Cookie信息,然后将其复制到爬虫代码中使用。 无论哪种方式,获取到Cookie后都需要将其保存下来,并在后续的请求中添加Cookie信息,以保持会话状态。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值