我在校园吗?
科技日新月异的当下,时刻需要我们,,,校园激起了我的学习欲望
行动代号SchoolDays
我在校园吗?
工具Python,Fiddler
下载安卓Fiddler,并完成基本设置。
打开fiddler的Captuer Traffic 开始抓包
1,在电脑上打开小程序我校园
无干预情况下,小程序会自动调用微信认证,但我们本地控制本地断网(此步骤有点扯淡)可以卡出一个经由账号密码登录的界面。
在fiddler界面会有有一个url为https://gw.wozaixiaoyuan.com/basicinfo/mobile/login/username 的请求。在insperctors界面可看见自己本人无加密的明文登录请求。
2,设置fiddler短点automatic breakpoints before requests
手动进行数据提交,会在fiddler看见url为https://student.wozaixiaoyuan.com/health/save.json 的请求 数据无加密 这里以健康打卡为例
可在inspectors 下的webforms下看见data数据
3,编写python代码
# -*- coding =utf-8 -*-
# @time : 2022.7.8 9:47
# @software: PyCharm
# Author:Xiao_yu
import json
import logging
import requests, time, random
import smtplib
import time
from email.mime.text import MIMEText
from email.utils import formataddr
logger = logging.getLogger()
logger.setLevel(logging.INFO)
def get_status(self):
if self['code'] == 0:
return "Sucessful"
elif self['code'] == 1:
return "Time Wrong"
elif self['code'] == -10:
return "···Token已失效"
else:
return "!!!发生未知错误"
class answer:
def __init__(self):
self.my_sender = 'XX'
self.my_pass = 'XX'
self.my_user = 'XX'
username='XX'
password='XX'
# print(self.get_seq())
header = {
"Host": "student.wozaixiaoyuan.com",
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "en-us,en",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat", # 修改3 抓包获取/从旧版代码复制
"Content-Length": "360",
}
loginUrl = "https://gw.wozaixiaoyuan.com/basicinfo/mobile/login/username"
data = "{}"
session = requests.session()
url = loginUrl + "?username=" + username + "&password=" + password
respt = session.post(url, data=data, headers=header)
res = json.loads(respt.text)
if res["code"] == 0:
print("登陆成功")
jwsession = respt.headers['JWSESSION'] #获取JWESSION 十分重要为下面提交数据做铺垫
else:
print(res)
print('登录失败')
self.api = "https://student.wozaixiaoyuan.com/health/save.json"
self.headers = {
"Host": "student.wozaixiaoyuan.com",
"Content-Type": "application/x-www-form-urlencoded",
"Accept-Encoding": "gzip, deflate, br",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat", # 修改8 抓包获取/从旧版代码复制
"Referer": "https://servicewechat.com/wxce6d08f781975d91/186/page-frame.html", # 修改9 抓包获取/从旧版代码复制
"Content-Length": "360",
"JWSESSION": str(jwsession),
}
temperature=self.get_random_temprature()
self.data = {
"answers":["0","XXX","XXX","XXX",temperature,"没有","1","1","2"],
"latitude":'XXX',
"longitude":'XXX',
"country":'中国',
"city":'XXX',
"district":'XXX',
"province":'XXX',
"township":'XXX',
"street":"XXX",
"areacode":'XXX',
"towncode":'XXX',
"citycode":'XXX',
}
def get_random_temprature(self):
random.seed(time.ctime())
return "{:.1f}".format(random.uniform(36.2, 36.7))
# def get_seq(self):
# current_hour = datetime.datetime.now()
# current_hour = current_hour.hour + 1
# if 6 <= current_hour <= 13:
# return "1"
# elif 14 <= current_hour < 19:
# return "2"
# elif 19 <= current_hour < 22:
# return "3"
# else:
# return 1
def run(self):
datatime=time.time()
self.data["timestampHeader"]=int(datatime)
res = requests.post(self.api, headers=self.headers, data=self.data, ).json() # 打卡提交
print(res)
try:
msg = MIMEText(get_status(res), 'plain', 'utf-8') # 填写邮件内容
msg['From'] = formataddr(["schooldays", self.my_sender]) # 括号里的对应发件人邮箱昵称、发件人邮箱账号
msg['To'] = formataddr(["tset", self.my_user]) # 括号里的对应收件人邮箱昵称、收件人邮箱账号,此处xxx可选择性修改
msg['Subject'] = get_status(res) # 邮件的主题,也可以说是标题
server = smtplib.SMTP_SSL("smtp.qq.com", 465) # 发件人邮箱中的SMTP服务器
server.login(self.my_sender, self.my_pass) # 括号中对应的是发件人邮箱账号、邮箱授权码
server.sendmail(self.my_sender, [self.my_user, ], msg.as_string()) # 括号中对应的是发件人邮箱账号、收件人邮箱账号、发送邮件
server.quit() # 关闭连接
except Exception: # 如果 try 中的语句没有执行,则会执行下面的 ret=False
res = False
return True
if __name__ == "__main__":
answer().run()
def main_handler(event, context):
logger.info('got event{}'.format(event))
return answer().run()
中间有行代码是在以账号密码登录后,在获取JWEssion,为下面数据提交做铺垫
登录代码来源于https://gitee.com/DominicKK/autocheck#4errorcode
学习了一下大佬的代码,自己用fiddler抓了抓健,,卡的包。
本贴仅供学习参考,代码请与24h后删除。