QQ空间协议发送|删除留言_删除qq留言脚本-CSDN博客

本文链接：https://blog.csdn.net/qq_37454479/article/details/142435056

QQ空间协议批量发送|删除留言实现，可用来批量删除和发送QQ空间留言

JS/爬虫逆向玩转qq空间协议保姆级教学——留言篇

想了解更多关于QQ空间协议可以阅本专栏

本专栏包含QQ空间协议登录、点赞、评论、访客、发说说等

文章结尾附Python代码

QQ空间协议账号密码登录

QQ空间扫码登录协议实现

一、抓包

1.1发送留言

POST https://h5.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/add_msgb?=&g_tk=1725015059

原始表单数据content=%E4%BD%A0%E5%A5%BD&hostUin=355097572&uin=3592795816&format=fs&inCharset=utf-8&outCharset=utf-8&iNotice=1&ref=qzone&json=1&g_tk=1725015059&qzreferrer=https%3A%2F%2Fuser.qzone.qq.com%2Fproxy%2Fdomain%2Fqzonestyle.gtimg.cn%2Fqzone%2Fmsgboard%2Fmsgbcanvas.html%23page%3D1

{
   "content": "你好",
   "hostUin": "355097572",
   "uin": "3592795816",
   "format": "fs",
   "inCharset": "utf-8",
   "outCharset": "utf-8",
   "iNotice": "1",
   "ref": "qzone",
   "json": "1",
   "g_tk": "1725015059",
   "qzreferrer": "https://user.qzone.qq.com/proxy/domain/qzonestyle.gtimg.cn/qzone/msgboard/msgbcanvas.html#page=1"
}

g_tk——通过Cookie里的p_skey计算获得

content——留言内容

hostUin——留言的QQ

uin——登录的QQ

响应结果

1.2删除留言

POST https://h5.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/del_msgb?=&g_tk=1725015059

原始请求表单hostUin=3592795816&idList=1000050000&uinList=355097572&format=fs&iNotice=1&inCharset=utf-8&outCharset=utf-8&ref=qzone&json=1&g_tk=1725015059&qzreferrer=https%3A%2F%2Fuser.qzone.qq.com%2Fproxy%2Fdomain%2Fqzonestyle.gtimg.cn%2Fqzone%2Fmsgboard%2Fmsgbcanvas.html%23page%3D1

{
   "hostUin": "3592795816",
   "idList": "1000050000",
   "uinList": "355097572",
   "format": "fs",
   "iNotice": "1",
   "inCharset": "utf-8",
   "outCharset": "utf-8",
   "ref": "qzone",
   "json": "1",
   "g_tk": "1725015059",
   "qzreferrer": "https://user.qzone.qq.com/proxy/domain/qzonestyle.gtimg.cn/qzone/msgboard/msgbcanvas.html#page=1"
}

g_tk

hostUin——登录的QQ

idList——留言id

uinList——留言的QQ

响应结果

1.3留言id获取

GET https://user.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/get_msgb?uin=3592795816&hostUin=3592795816&start=0&s=0.9832228755695684&format=jsonp&num=10&inCharset=utf-8&outCharset=utf-8&g_tk=1725015059

这是查看留言板的包

uin——登录的QQ

hostUin——留言板的QQ，可替换为他人QQ查看他人留言板

g_tk

响应结果

可以在响应中看到浏览的QQ、留言id、时间、内容等

id—— 删除留言包的idList

uin——删除留言包的uinList

二、g_tk算法

通过跟栈即可找放到g_tk加密的地方可以看到，g_tk是通过Cookie中的p_skey进行计算得到

可参考本专栏其他文章查看更多

三、Python代码实现

3.1g_tk

def get_tk(skey):
    hash_value = 5381
    for char in skey:
        hash_value += (hash_value << 5) + ord(char)
    return str(hash_value & 2147483647)

3.2发送留言

def post_to_qzone(cookie, g_tk, content, host_uin, uin):
    url = "https://h5.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/add_msgb"
    data = {
        'content': content,
        'hostUin': host_uin,
        'uin': uin,
        'format': 'fs',
        'inCharset': 'utf-8',
        'outCharset': 'utf-8',
        'iNotice': 1,
        'ref': 'qzone',
        'json': 1,
        'g_tk': g_tk,
        'qzreferrer': 'https://user.qzone.qq.com/proxy/domain/qzonestyle.gtimg.cn/qzone/msgboard/msgbcanvas.html#page=1'
    }
    # 构建请求头、Cookie 此处请求头自己替换你抓包的浏览器的请求头即可
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Cookie': cookie,
        'Referer': 'https://user.qzone.qq.com/'
    }

    # 发送POST请求
    response = requests.post(url, data=data, headers=headers)
    if response.status_code == 200:
        print("请求成功:", response.json())
    else:
        print("请求失败，状态码:", response.status_code)

3.3获取留言id和留言QQ

def get_qzone_messages(cookie, uin, host_uin, g_tk, start=0, num=10):
    url = "https://user.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/get_msgb"
    params = {
        'uin': uin,
        'hostUin': host_uin,
        'start': start,
        's': 0.9832228755695684,
        'format': 'jsonp',
        'num': num,
        'inCharset': 'utf-8',
        'outCharset': 'utf-8',
        'g_tk': g_tk
    }
    # 构建请求头、Cookie
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Cookie': cookie,
        'Referer': 'https://user.qzone.qq.com/'
    }
    # 发送 GET 请求
    response = requests.get(url, headers=headers, params=params)
    if response.status_code == 200:
        print("请求成功:", response.text)
    else:
        print("请求失败，状态码:", response.status_code)

3.4删除留言

def delete_qzone_message(cookie, g_tk, host_uin, id_list, uin_list):
    url = "https://h5.qzone.qq.com/proxy/domain/m.qzone.qq.com/cgi-bin/new/del_msgb"
    data = { #表单
        'hostUin': host_uin,
        'idList': id_list,
        'uinList': uin_list,
        'format': 'fs',
        'iNotice': 1,
        'inCharset': 'utf-8',
        'outCharset': 'utf-8',
        'ref': 'qzone',
        'json': 1,
        'g_tk': g_tk,
        'qzreferrer': 'https://user.qzone.qq.com/proxy/domain/qzonestyle.gtimg.cn/qzone/msgboard/msgbcanvas.html#page=1'
    }
    # 请求头
    headers = {
        'Host': 'user.qzone.qq.com',
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0',
        'Accept': '*/*',
        'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2',
        'Accept-Encoding': 'gzip, deflate, br, zstd',
        'Connection': 'keep-alive',
        'Referer': f'https://user.qzone.qq.com/{host_uin}/infocenter',
        'Sec-Fetch-Dest': 'script',
        'Sec-Fetch-Mode': 'no-cors',
        'Sec-Fetch-Site': 'same-origin',
        'Pragma': 'no-cache',
        'Cache-Control': 'no-cache',
        'TE': 'trailers',
        'Cookie': cookie  # 设置Cookie
    }
    response = requests.post(url, data=data, headers=headers)
    if response.status_code == 200:
        print("请求成功:", response.json())
    else:
        print("请求失败，状态码:", response.status_code)