利用python urllib3自动提交表单 (基于Q学校的学工系统)
0x00 背景
由于每天被催着提交每日健康信息(主要是总是把这事忘了懒),很早之间就想写个自动提交的脚本…
0x01 过程分析
学校的信息提交是在手机app上进行的,再打开app之前先用HttpCanary抓一下包
点开这个request看一下:
嗯…应该是和cookies有关,再点开几个包看一下
发现每个post上都有这个cookies,那大概这就是用来标识用户的。
现在的登录流程已经清晰了:先向服务器发送账号和密码,等待服务器返回一个cookies,之后使用这个cookies进行http request。
现在抓一个提交健康信息的request看看:
就是一个post带一个json而已…
0x03 代码实现
import urllib3
import json
def checkRequest(urllib3Request): #检查request请求
print("HTTP", urllib3Request.status, ":", end=" ")
if urllib3Request.status == 200:
print("Success")
else:
print("Failed")
def makeDiction(urllib3Request): #将返回的request整理为字典
urllib3RequesDict = urllib3Request.data.decode(encoding="utf-8")
return json.loads(urllib3RequesDict)
http = urllib3.PoolManager()
# 登录信息
with open(r".\userdata.json", "rb") as file:
userdata = file.read()
# 获取登录cookies
print("STEP 1: Getting login cookies...")
login_req = http.request(
"POST",
"http://xuegon********du.cn:8080/authentication/login",
headers = {
"user-agent": "Dart/2.10 (dart:io)",
"content-type": "application/json",
"accept-encoding": "gzip",
"content-length": str(len(userdata)),
"host": "xuegon********du.cn:8080"
},
body = userdata
)
checkRequest(login_req)
cookies = makeDiction(login_req)["data"]# 读取得到的cookies
print("Login cookies:", cookies)
del login_req, userdata
# 尝试模拟登录
print("\nSTEP 2: Trying to log in...")
login_test_req = http.request(
"POST",
"http://xuegon********du.cn:8080/info/current",
headers = {
"user-agent": "Dart/2.10 (dart:io)",
"cookie": "syt.sessionId="+cookies,
"accept-encoding": "gzip",
"content-length": "0",
"authorization": cookies,
"host": "xuegon********du.cn:8080"
}
)
checkRequest(login_test_req)
username = makeDiction(login_test_req)["data"]["name"]# 输出登录信息(姓名)
print("Login username:", username)
del login_test_req, username
# 读取今日健康信息
with open(r".\healthinfo.json", "rb") as file:
healthdata = file.read()
# 提交健康信息
print("\nSTEP 3: Submitting health information...")
health_req = http.request(
"POST",
"http://xuegon********du.cn:8080/student/healthInfo/save",
headers={
"user-agent": "Dart/2.10 (dart:io)",
"content-type": "application/json",
"cookie": "syt.sessionId=" + cookies,
"accept-encoding": "gzip",
"content-length": str(len(healthdata)),
"host": "xuegon********du.cn:8080"
},
body=healthdata
)
checkRequest(health_req)
message = makeDiction(health_req)["message"]
print("message:", message)
del health_req, healthdata
还有两个json文件:
userinfo.json
{
"username": "20********",
"password": "******",
"type": "student"
}
healthinfo.json
{
"home": "在校",
"address": "",
"keepInHome": "否",
"keepInHomeDate": null,
"keepInHomeReasonSite": "",
"contact": "否",
"contactType": "",
"infect": "否",
"infectType": "",
"infectDate": "",
"familyNCP": "否",
"familyNCPType": "",
"familyNCPDate": "",
"familyNCPRelation": "",
"cold": "否",
"fever": "否",
"feverValue": "",
"cough": "否",
"diarrhea": "否",
"homeInHubei": "否",
"arriveHubei": "无",
"travel": "无",
"remark": "无",
"submitCount": 4,
"contactDetail": "",
"location": "山************************院",
"naDetection": "否",
"areaInfect": "否",
"areaInfectType": "",
"areaInfectDate": "",
"areaInfectNumber": "",
"contactAH": "否",
"contactAHDetail": "",
"outProvinceBack14": "未出省",
"naDetectionDate": "",
"pharynxResult": "阴性",
"anusResult": "阴性",
"saDetection": "否",
"lgMResult": "阴性",
"lgGResult": "阴性",
"saDetectionDate": ""
}