发下只有sing是变化的,接下来就是对sign的解密,老办法直接搜索
上一个函数reture返回去的值为sign;
sign是:把(r.token + "&" + s + "&" + a + "&" + n.data)做为参数,经过上面的函数加密而成的,
参数里面只有s是做为时间戳而变化的,其他没有变化
准备要加密的参数
#(r.token + "&" + s + "&" + a + "&" + n.data)
import time
toke="8492c0ab1bc89f984e7a905d240730c0"
s=int(time.time()*1000)
a='12574478'
data='{"appName":"cateCpcAd","keywords":"儿童手表","urlEncodeType":"NO"}'
sign=toke+"&"+str(s)+"&"+a+"&"+data
print(sign)
可以看到解决:
校验:我们明白加密参数只有时间戳是变化的,所以我们使用时间戳看看我们的sign是不是正确
可以看到了sign一样
import time
import execjs
import requests
def Encrypted_parameter():
toke="8492c0ab1bc89f984e7a905d240730c0"
s=int(time.time()*1000)
a='12574478'
data='{"appName":"cateCpcAd","keywords":"儿童手表","urlEncodeType":"NO"}'
sign=toke+"&"+str(s)+"&"+a+"&"+data
resp=execjs.compile(open("sign.js",mode="r",encoding="utf-8").read()).call("sign",sign)
return resp,data
def first_get(sign,data):
print(data)
url="https://h5api.m.1688.com/h5/mtop.1688.wap.ads.get/1.0/?"
params={
"jsv": "2.6.1",
"appKey": "12574478",
"t": "1675576271643",
"sign": sign,
"api": "mtop.1688.wap.ads.get",
"v": "1.0",
"type": "jsonp",
"dataType": "jsonp",
"timeout": "20000",
"callback": "mtopjsonp1",
"data": "%7B%22appName%22%3A%22cateCpcAd%22%2C%22keywords%22%3A%22%E5%84%BF%E7%AB%A5%E6%89%8B%E8%A1%A8%22%2C%22urlEncodeType%22%3A%22NO%22%7D"
}
# params["data"]=data
headers={
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36",
"referer": "https://show.1688.com/"
}
resp=requests.get(url=url,params=params,headers=headers)#params拼接完整的url
return resp.text
if __name__ == '__main__':
sign,data=Encrypted_parameter()
print(sign)
print(first_get(sign,data))
["FAIL_SYS_TOKEN_EMPTY::令牌为空"]我们加上cookies试试
加上cookies:["FAIL_SYS_ILLEGAL_ACCESS::非法请求"],我们加时间戳
完整的代码
#(r.token + "&" + s + "&" + a + "&" + n.data)
import time
import execjs
import requests
def Encrypted_parameter():
toke="8492c0ab1bc89f984e7a905d240730c0"
s=int(time.time()*1000)
a='12574478'
data='{"appName":"cateCpcAd","keywords":"儿童手表","urlEncodeType":"NO"}'
sign=toke+"&"+str(s)+"&"+a+"&"+data
resp=execjs.compile(open("sign.js",mode="r",encoding="utf-8").read()).call("sign",sign)
return resp,data,s
def first_get(sign,data,s):
url="https://h5api.m.1688.com/h5/mtop.1688.wap.ads.get/1.0/?"
params={
"jsv": "2.6.1",
"appKey": "12574478",
"t": s, #注意里面的时间戳必须和上面的一致,使用不能使用int(time.time()*1000),只能从上面传递给下面
"sign": sign,
"api": "mtop.1688.wap.ads.get",
"v": "1.0",
"type": "jsonp",
"dataType": "jsonp",
"timeout": "20000",
"callback": "mtopjsonp1",
"data": data
}
#params["data"]=data
headers={
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36",
"referer": "https://show.1688.com/",
"cookie": "_m_h5_tk=8492c0ab1bc89f984e7a905d240730c0_1675577418201; _m_h5_tk_enc=41136a2430d4d74ee68f0d87dfad572e; cna=2ZpNHAqSmQsCAXUXUwCxaJBf; xlly_s=1; cookie2=1aae865588bc73d9ee6406f6625da379; t=36b7a3f2764d151ee150479a7469fb17; _tb_token_=751599e5eb515; __cn_logon__=false; _csrf_token=1675570410633; alicnweb=touch_tb_at%3D1675575430232; tfstk=cexFBdvEnDneVKv-MGjyubWEpcIdwV5lGlWV-bThKjPMP9fDd7BgC86NURPl-; l=fBrb79buT98Y2jYaKOfaFurza77OSIRYYuPzaNbMi9fPOMCB5lSVW6JhK-Y6C3GVF606R3PZC7jvBeYBq3tSnxvOCgpMGIMmndLHR35..; isg=BBcXOwC7OLH1vrw9c7IKfHHwpothXOu-8mNbvWlEM-ZNmDfacSx7DtW8_jiGcMM2"
}
resp=requests.get(url=url,params=params,headers=headers)#params拼接完整的url
return resp.text
if __name__ == '__main__':
sign,data,s=Encrypted_parameter()
response=first_get(sign,data,s)
print(response)