有道翻译案例
# 发现问题:
# 单词只能查询as,其余单词的都不行
"""
JS加密:是一个非常常见的加密,大部分的页面都会存在
JS加密一般都是对参数进行加密(比如:salt、sign、token、signature等)
JS加密的分析步骤:
1. 找到哪些参数在影响数据的获取?
需要做不同的请求,对比参数,找出不同的参数即可
2. 找到参数之后,需要查找这些参数从哪里获得的/生成的原理是什么?
(1) 这些参数可能是通过之前的一些请求传递过来的
(2) 参数是在某个JS文件中生成的 ---> 找出对应的JS文件,分析JS代码,得到参数生成的原理
"""
# 导入requests
import time,random
import requests,hashlib
# 定义请求头
headers = {
'Accept': 'application/json, text/javascript, */*; q=0.01',
'Accept-Encoding': 'gzip, deflate',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Connection': 'keep-alive',
'Content-Length': '236',
'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
'Cookie': 'OUTFOX_SEARCH_USER_ID=986208581@10.108.160.102; JSESSIONID=aaaLdHZ6LoWe0bYE2Fiyx; OUTFOX_SEARCH_USER_ID_NCOO=1300305255.7828863; SESSION_FROM_COOKIE=unknown; ___rl__test__cookies=1606460419940',
'Host': 'fanyi.youdao.com',
'Origin': 'http://fanyi.youdao.com',
'Referer': 'http://fanyi.youdao.com/',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36',
'X-Requested-With': 'XMLHttpRequest',
}
# 自定义输入单词
word = input('请输入想要查询的单词:')
"""
var r = function(e) {
var t = n.md5(navigator.appVersion)
, r = "" + (new Date).getTime()
, i = r + parseInt(10 * Math.random(), 10);
return {
ts: r,
bv: t,
salt: i,
sign: n.md5("fanyideskweb" + e + i + "]BjuETDhU)zqSxf-=B#7m")
}
};
"""
"""
分析salt:
salt: i
i = r + parseInt(10 * Math.random(), 10);
r = "" + (new Date).getTime()
salt = "" + (new Date).getTime() + parseInt(10 * Math.random(), 10)
使用Python代码生成salt
(new Date).getTime() 时间戳的毫秒数 ---> int(round(time.time()*1000))
parseInt(10 * Math.random()) ---> parseInt([0,10)) ---> [0,9] ---> random.randint(0,9)
"""
salt = str(int(round(time.time()*1000))) + str(random.randint(0,9))
# 获取sign
"""
分析sign:
sign: n.md5("fanyideskweb" + e + i + "]BjuETDhU)zqSxf-=B#7m")
sign: n.md5("fanyideskweb" + word + salt + "]BjuETDhU)zqSxf-=B#7m")
"""
def get_sign(sign):
# 1. 初始化md5
md5 = hashlib.md5()
# 2. 加密
md5.update(sign.encode('utf-8'))
# 3. 返回加密数据
return md5.hexdigest()
sign = get_sign("fanyideskweb" + word + salt + "]BjuETDhU)zqSxf-=B#7m")
# 定义参数字典
data = {
'i': word,
'from': 'AUTO',
'to': 'AUTO',
'smartresult': 'dict',
'client': 'fanyideskweb',
'salt': salt,
'sign': sign,
'lts': str(int(round(time.time()*1000))),
'bv': '1dfc4dfa8627abec379e26d41735b09a',
'doctype': 'json',
'version': '2.1',
'keyfrom': 'fanyi.web',
'action': 'FY_BY_REALTlME',
}
# 发起请求,接收响应
response = requests.post(url='http://fanyi.youdao.com/translate_o?smartresult=dict&smartresult=rule',headers=headers,data=data)
print(response.json())
print(response.json()['translateResult'][0][0]['tgt'])
百度翻译案例
import requests
# 安装:pip install pyexecjs
# 1. 导入
import execjs
# 2. 读文件
content = open('signtest.js','r',encoding='utf-8').read()
# 3. 编译
cts = execjs.compile(content)
# 定义请求头
headers = {
'user-agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36',
'cookie': 'BIDUPSID=64A9DBA0F1B3C3DF33007F3583F6DD4C; BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; PSTM=1606438290; BAIDUID=874639856B2331D86B610549BB4AC311:FG=1; FANYI_WORD_SWITCH=1; REALTIME_TRANS_SWITCH=1; HISTORY_SWITCH=1; SOUND_SPD_SWITCH=1; SOUND_PREFER_SWITCH=1; delPer=0; PSINO=1; BA_HECTOR=8g208lag21ag2l84k51fs1fip0q; H_PS_PSSID=1433_33046_33058_31254_33098_33101_32936_31709_26350; Hm_lvt_64ecd82404c51e03dc91cb9e8c025574=1606457415,1606467165; Hm_lpvt_64ecd82404c51e03dc91cb9e8c025574=1606467165; __yjsv5_shitong=1.0_7_871bda3d77fcdf96e73f7f88cda9d6cbc3c3_300_1606467162636_123.113.176.71_69766bcc; yjs_js_security_passport=d3b11c3f582e1a4776d0c0cedb36e2e9f353c6c2_1606467163_js'
}
# 自定义参数
query = input('请输入想要查询的内容:')
# 4. 执行
sign = cts.call('e',query)
print(sign)
# 定义参数
data = {
'from': 'en',
'to': 'zh',
'query': query,
'transtype': 'realtime',
'simple_means_flag': '3',
'sign': sign,
'token': '6d2366a9e58f26634cd446bcbc87a561',
'domain': 'common',
}
response = requests.post(url='https://fanyi.baidu.com/v2transapi?from=en&to=zh',headers=headers,data=data)
print(response.json()['trans_result']['data'][0]['dst'])
signtest.js文件
function e(r) {
// as:"320305.131321201"
// world:"320305.131321201"
var i = "320305.131321201";
var o = r.match(/[\uD800-\uDBFF][\uDC00-\uDFFF]/g);
if (null === o) {
var t = r.length;
t > 30 && (r = "" + r.substr(0, 10) + r.substr(Math.floor(t / 2) - 5, 10) + r.substr(-10, 10))
} else {
for (var e = r.split(/[\uD800-\uDBFF][\uDC00-\uDFFF]/), C = 0, h = e.length, f = []; h > C; C++)
"" !== e[C] && f.push.apply(f, a(e[C].split(""))),
C !== h - 1 && f.push(o[C]);
var g = f.length;
g > 30 && (r = f.slice(0, 10).join("") + f.slice(Math.floor(g / 2) - 5, Math.floor(g / 2) + 5).join("") + f.slice(-10).join(""))
}
var u = void 0
, l = "" + String.fromCharCode(103) + String.fromCharCode(116) + String.fromCharCode(107);
u = null !== i ? i : (i = window[l] || "") || "";
for (var d = u.split("."), m = Number(d[0]) || 0, s = Number(d[1]) || 0, S = [], c = 0, v = 0; v < r.length; v++) {
var A = r.charCodeAt(v);
128 > A ? S[c++] = A : (2048 > A ? S[c++] = A >> 6 | 192 : (55296 === (64512 & A) && v + 1 < r.length && 56320 === (64512 & r.charCodeAt(v + 1)) ? (A = 65536 + ((1023 & A) << 10) + (1023 & r.charCodeAt(++v)),
S[c++] = A >> 18 | 240,
S[c++] = A >> 12 & 63 | 128) : S[c++] = A >> 12 | 224,
S[c++] = A >> 6 & 63 | 128),
S[c++] = 63 & A | 128)
}
for (var p = m, F = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(97) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(54)), D = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(51) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(98)) + ("" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(102)), b = 0; b < S.length; b++)
p += S[b],
p = n(p, F);
return p = n(p, D),
p ^= s,
0 > p && (p = (2147483647 & p) + 2147483648),
p %= 1e6,
p.toString() + "." + (p ^ m)
}
function n(r, o) {
for (var t = 0; t < o.length - 2; t += 3) {
var a = o.charAt(t + 2);
a = a >= "a" ? a.charCodeAt(0) - 87 : Number(a),
a = "+" === o.charAt(t + 1) ? r >>> a : r << a,
r = "+" === o.charAt(t) ? r + a & 4294967295 : r ^ a
}
return r
}
```