教务系统快速抢课模块的实现（Python）

 

今天看到小20们在抢课，想看看教务系统啥样子，emmmmmmm

一看就是，华而不实，土豆服务器，果然，到抢课的点了，服务器直接白给。卡的要死

闭着眼都知道是谁的杰作（手动滑稽）

废话不多说，开干

Section A - ASP.NET_SessionId的获取方法

了解一下ASP.NET_SessionId的相关内容，大概是，ASP.NET_SessionId是用来判断web会话状态的一个参数，只要访问过页面之后就会保存在cookies中。

了解了机制，只需要请求一下login_home.aspx即可

获取到该参数，进行下一步

登录教务系统,分析发包，发现了几个未知参数

一番寻找，如下，就在html源码中

dsdsdsds开头的这个参数，深扒了教务系统的JS代码，在第262行发现了这个函数

function chkpwd(obj) {
    if (obj.value != '') {
        var s = md5(document.all.txt_asmcdefsddsd.value + md5(obj.value).substring(0, 30).toUpperCase() + '10476').substring(0, 30).toUpperCase();
        document.all.dsdsdsdsdxcxdfgfg.value = s;
    } else {
        document.all.dsdsdsdsdxcxdfgfg.value = obj.value;
    }
}
function chkyzm(obj) {
    if (obj.value != '') {
        var s = md5(md5(obj.value.toUpperCase()).substring(0, 30).toUpperCase() + '10476').substring(0, 30).toUpperCase();
        document.all.fgfggfdgtyuuyyuuckjg.value = s;
    } else {
        document.all.fgfggfdgtyuuyyuuckjg.value = obj.value.toUpperCase();
    }
}

python实现就容易了

dsdsdsdsdxcxdfgfg = md5(userID + md5(userPwd)[:30].upper() + "10000")[:30].upper()
fgfggfdgtyuuyyuuckjg = md5(md5(userYzm)[:30].upper() + "10000")[:30].upper()
#10000 是学校代码

放上登录源码

session_requests = requests.session()
    session_requests.headers["User_Agent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
    url_index = "http://jw.*.cn/jwweb/home.aspx"
    url_login = "http://jw.*.cn/jwweb/_data/login_home.aspx"
    ######################信息获取#################################################
    #第一次请求
    print("正在获取服务器配置信息...")
    rsp = session_requests.get(url_index)
    ASP_NET_SessionId = session_requests.cookies["ASP.NET_SessionId"]
    route = session_requests.cookies["route"]
    #第二次请求
    rsp = session_requests.get(url_login)
    soup = BeautifulSoup(rsp.text, 'html.parser')
    rest = soup.find('input', {'name':'__VIEWSTATE'})
    VIEWSTATE = rest["value"]
    rest = soup.find('input', {'name':'__VIEWSTATEGENERATOR'})
    VIEWSTATEGENERATOR = rest["value"]
    rest = soup.find('input', {'name':'__EVENTVALIDATION'})
    EVENTVALIDATION = rest["value"]
    #print(VIEWSTATE + "\n" + VIEWSTATEGENERATOR + "\n" + EVENTVALIDATION)
    print("获取成功!请输入账号密码.")
    #################################################################################
    while True:
        print("请输入账号： " + userID)###############
        print("请输入密码： " + userPwd)##############

        dsdsdsdsdxcxdfgfg = md5(userID + md5(userPwd)[:30].upper() + "10476")[:30].upper()
        #fgfggfdgtyuuyyuuckjg = md5(md5(yzm)[:30].upper() + "10476")[:30].upper()
        
        print("正在登录......")
        params_login = {
            "__VIEWSTATE":VIEWSTATE,
            "__VIEWSTATEGENERATOR":VIEWSTATEGENERATOR,
            "__EVENTVALIDATION":EVENTVALIDATION,
            "pcInfo": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36undefined5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 SN:NULL",
            "txt_mm_expression":"",
            "txt_mm_length":"",
            "txt_mm_userzh":"",
            "typeName": "%D1%A7%C9%FA",
            "dsdsdsdsdxcxdfgfg": dsdsdsdsdxcxdfgfg,
            "fgfggfdgtyuuyyuuckjg":yzm,
            "validcodestate": "0",
            "Sel_Type":"***",
            "txt_asmcdefsddsd": userID,
            "txt_pewerwedsdfsdff":"",
            "txt_psasas": "%C7%EB%CA%E4%C8%EB%C3%DC%C2%EB"
        }
        #第三次请求----登录
        headers_login = {
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
            "Accept-Encoding": "gzip, deflate",
            "Accept-Language": "zh-CN,zh;q=0.9",
            "Cache-Control": "max-age=0",
            "Connection": "keep-alive",
            "Content-Length": "789",
            "Content-Type": "application/x-www-form-urlencoded",
            "Host": "jw.***.cn",
            "Origin": "http://jw.*.cn",
            "Referer": "http://jw.*.cn/jwweb/_data/login_home.aspx",
            "Upgrade-Insecure-Requests": "1",
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
        }
        rsp = session_requests.post(url_login, data = params_login, headers = headers_login)
        soup = BeautifulSoup(rsp.text, 'html.parser')
        rest = soup.find('span', {'id':'divLogNote'})
        print("登录反馈：" + rest.string)
        if rest.string == "正在加载，请稍候...":
            print("登录成功!")
            break
        else:
            print("登录失败!请重新登录....")

 

 

Section B - 接下来就是选课系统了，怎么实现抢课？

先把参数放上去

经过尝试，参数的含义都放入了注释中

sel_lx = 2
sel_xq = 1
print("请输入您的校区代码（校区：1西校区，3东校区）： " + str(sel_xq)) ########################
params_getClass = {
    "sel_lx" : sel_lx,                  #类型：0必修，2选修
    "sel_xq" : sel_xq,                  #校区：1西校区，3东校区
    "kc" : ""
}
headers_getClass = {
    "Host": "jw.*.cn",
    "Connection": "keep-alive",
    "Content-Length": "21",
    "Cache-Control": "max-age=0",
    "Upgrade-Insecure-Requests": "1",
    "Origin": "http://jw.*.cn",
    "Content-Type": "application/x-www-form-urlencoded",
    "User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
    "Referer": "http://jw.*.cn/jwweb/wsxk/stu_xszx.aspx",
    "Accept-Encoding": "gzip, deflate",
    "Accept-Language": "zh-CN,zh;q=0.9"
}

打印出所有公共课的列表

            rsp = session_requests.post(url_getClass, data = params_getClass, headers = headers_getClass)
            soup = BeautifulSoup(rsp.text, 'html.parser')
            rest = soup.find('table', {'id':'oTable'})
            classValueSet = rest.find_all('input', {'type':'checkbox'})
            nameSet = rest.find_all('a', {'onclick':"openWin(this,'kc')"})
            classLNo = rest.find_all('input', {'type':"hidden"})
            num = 0
            resList = []
            for cvs in classValueSet:
                tmpDict = {
                    "name" : "",
                    "classValue" : "",#=|
                    "getValue" : "",#||||||
                    "classNo" : "",#chkkc50
                    "classLNo" : ""#chkSKBJ14
                }
                tmpDict["classValue"] = cvs["value"]
                tmpDict["classNo"] = cvs["name"]
                tmpDict["classLNo"] = classLNo[num]["name"]
                tmpDict["name"] = nameSet[num].string
                nameR = rest.find('a', {'onclick':"openWinDialog(this," + str(num) + ")"})
                tmpDict["getValue"] = nameR["value"]
                #print(tmpDict)
                resList.append(tmpDict)
                num += 1
            allCourse = num
            print("----------所选校区的所有课程如下----------")
            num = 0
            for tmp in resList:
                print(str(num) + " --- " + tmp["name"])
                num += 1

 

然后当点开

会发包，代码如下

            while True:
                your_c = input("请输入你要的课程: (输入-1退出): ")
                if int(your_c) and your_c == "" < 0:
                    break
                classData = {
                    "lx" : "ZX",
                    "id" : resList[int(your_c)]["getValue"],
                    "xq" : sel_xq,
                }
                headers_chClass = {
                    "Host": "jw.*.cn",
                    "Proxy-Connection": "keep-alive",
                    "Upgrade-Insecure-Requests": "1",
                    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
                    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
                    "Referer": "http://jw.*.cn/jwweb/wsxk/stu_xszx.aspx",
                    "Accept-Encoding": "gzip, deflate",
                    "Accept-Language": "zh-CN,zh;q=0.9"
                }
                infList = []
                rsp = session_requests.get(url_chClass, params = classData, headers = headers_chClass)
                soup = BeautifulSoup(rsp.text, 'html.parser')
                restB = soup.find_all('tr', {'class':'B'})
                restH = soup.find_all('tr', {'class':'H'})
                num = 0
                for tmp in range(len(restB) + len(restH)):
                    tmpDict = {
                        "time" : "",
                        "place" : "",
                        "haveNum" : "",
                        "teacher" : "",
                        "value" : ""
                    }
                    restNow = restB[int(tmp/2)]
                    if tmp % 2 == 1:
                        restNow = restH[int((tmp-1)/2)]
                    rtd_r = restNow.find_all("td",{"align":"right"})
                    rtd_l = restNow.find_all("td",{"align":"left"})
                    tmpDict["haveNum"] = rtd_r[2].text
                    tmpDict["time"] = rtd_l[1].text
                    tmpDict["place"] = rtd_l[2].text
                    tmpDict["teacher"] = restNow.find("a",{"id":"showD"}).text
                    tmpDict["value"] = restNow.find("input",{"type":"radio"})["value"]
                    print(str(tmp) + "、时间：" + tmpDict["time"].replace("\\u2002", "") + ", 地点：" + tmpDict["place"]+ ", 数量：" + tmpDict["haveNum"]+ ", 老师：" + tmpDict["teacher"])
                    infList.append(tmpDict)
                chpt = input("请选择对应时间的课堂序号(输入-1退出): ")
                if int(chpt) < 0 and chpt == "":
                    continue

以上许多参数，都是通过html源码得到

本节讲述了登录源码+查看课程源码+查看具体节数源码

具体源码可私聊发

完事大吉，祝大家期末考个好成绩，拜拜