盼之代售反爬分析

原创于 2025-09-26 21:03:50 发布 · 1.3k 阅读

9 ·

CC 4.0 BY-SA版权

文章标签：

#javascript #node.js #python #django

声明
本文章中所有内容仅供学习交流使用，不用于其他任何目的，抓包内容、敏感网址、数据接口等均已做脱敏处理，严禁用于商业用途和非法用途，否则由此产生的一切后果均与作者无关！
逆向分析

部分python代码

cp1 = execjs.compile(open('decode__1174.js', 'r', encoding='utf-8').read())
json_data = {
"order": "DESC",
"sort": "section2",
"page": 1,
"pageSize": 21,
"action": {
"gameId": "1767",
"goodsCatalogueId": 6,
"merchantMark": None,
"keywords": [],
"searchWords": [],
"searchPropertyIds": [],
"unionGameIds": [],
"goodsSearchActions": []
}
}
result = cp.call('getData' ,json_data)
url = cp1.call('getData',json_data,_waf_bd8ce2ce37)
url = result['url']
header = result['header']
print(header)
# url = result['url']
print(url)
headers = {
'Accept': 'application/json, text/plain, */*',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Cache-Control': 'no-cache',
'Connection': 'keep-alive',
'Content-Type': 'application/json',
'PZOs': 'windows',
'PZPlatform': 'pc',
'PZTimestamp': str(header['Timestamp']),
'PZVersion': '1.0.0',
'PZVersionCode': '1',
'Pragma': 'no-cache',
'Random': str(header['Random']),
'Sec-Fetch-Dest': 'empty',
'Sec-Fetch-Mode': 'cors',
'Sec-Fetch-Site': 'same-site',
'Sign': header['strMd5'],
'Skey': 'CLIENT',
'channelInfo': '{"channelCode":null,"tag":null,"channelType":null,"searchWord":"null"}',
'x-oss-forbid-overwrite': 'true',
}
response = requests.post(
url,
cookies=cookies,
headers=headers,
json=data,
)
print(response.text)