抖音将部分数据缓存至本地,其中包含了ck(device信息、token、app版本信息等),可以通过安卓程序将数据提取出来用于平时测试。因为该数据是缓存在应用的独立数据目录 安卓默认是不允许app互相访问独立数据,这里需要手机root后才可以提取。
缓存文件目录:
/data/data/com.ss.android.ugc.aweme/shared_prefs
提取的核心操作是通过Runtime在安卓手机上执行脚本,执行RunTime执行su后cat查看缓存文件内容 最后读取cat输出的内容。这里给出这部分代码。
public static String execCmdForResult(String... cmds) {
StringBuffer stringBuffer = new StringBuffer();
try {
Process process = Runtime.getRuntime().exec("su");
OutputStream os = process.getOutputStream();
process.getErrorStream();
InputStream is = process.getInputStream();
int i = cmds.length;
for (int j = 0; j < i; j++) {
String str = cmds[j];
os.write((str + "\n").getBytes());
}
os.write("exit\n".getBytes());
os.flush();
os.close();
stringBuffer.append(readStream(is));
process.waitFor();
process.destroy();
} catch (Exception localException) {
}
return stringBuffer.toString();
}
public static String readStream(InputStream inStream) throws Exception {
ByteArrayOutputStream outSteam = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int len = -1;
while ((len = inStream.read(buffer)) != -1) {
outSteam.write(buffer, 0, len);
}
outSteam.close();
inStream.close();
return new String(outSteam.toByteArray());
}
我们主要提取这五个文件 缓存文件包含数据
ttnetCookieStore.xml cookie,涉及敏感数据,数据需解码(下方代码里的decode方法)
token_shared_preference.xml x-tt-token
wschannel_multi_process_config.xml 登录的设备信息,包含device_id install_id 应用版本 手机版本等查询通用参数。
applog_stats.xml mac_addr fingerprint_codes等
LoginSharePreferences.xml 最后登录的账号信息
提取到的内容部分需要解密一遍 部分是明文
五个文件提取合并,最后得到以下json 可以拿去测试抖音的接口了(敏感数据已打码)
{
"cookies": "n_mh=PNM9_mnN-Sn-enP8doLLQFlfusO7exHcL0lP4QE0MKg; install_id=打码; passport_csrf_token_default=打码; sid_guard=打码%7C1623491553%7C5184000%7CWed%2C+11-Aug-2021+09%3A52%3A33+GMT; odin_tt=打码; odin_tt=打码; sessionid_ss=5c91e35bbe600ff83e97f27b9bd2467b; sid_tt=打码; uid_tt_ss=打码; sessionid=打码; uid_tt=打码; d_ticket=6dfa101f3e38eb553ac11d027b16a588a61ef; ttreq=1$4502faafefd6da2e3473b0bbcbc14a1a9a9c2afc; passport_csrf_token=打码; ",
"token": "打码-1.0.1",
"devices": {
"channel_id": 1239108,
"app_id": 1128,
"device_id": "xxx",
"install_id": "xxx",
"urls": [
"wss://frontier-aweme.snssdk.com/ws/v2"
],
"app_version": 100900,
"platform": 0,
"fpid": 9,
"app_kay": "e1bd35ec9db7b8d846de66ed140b1ad9",
"extra": "os_api=23&device_type=MI 5s&manifest_version_code=100901&dpi=416&uuid=打码&is_background=0&app_name=aweme&version_name=10.9.0&ts=1623491553&sid=打码&app_type=normal&ac=wifi&host_abi=armeabi-v7a&update_version_code=10909900&channel=tengxun_new&_rticket=1623491553963&device_platform=android&iid=打码&ne=1&version_code=100900&cdid=打码&openudid=打码&device_id=打码&resolution=1053*1872&os_version=6.0.1&language=zh&device_brand=Xiaomi&aid=1128",
"os_api": "23",
"device_type": "MI 5s",
"manifest_version_code": "100901",
"dpi": "416",
"uuid": "打码",
"is_background": "0",
"app_name": "aweme",
"version_name": "10.9.0",
"ts": "1623491553",
"sid": "xxx",
"app_type": "normal",
"ac": "wifi",
"host_abi": "armeabi-v7a",
"update_version_code": "10909900",
"channel": "tengxun_new",
"_rticket": "1623491553963",
"device_platform": "android",
"iid": "打码",
"ne": "1",
"version_code": "100900",
"cdid": "打码",
"openudid": "打码",
"resolution": "1053*1872",
"os_version": "6.0.1",
"language": "zh",
"device_brand": "Xiaomi",
"aid": "1128"
},
"fingerprint_codes": "[1,2,3,4,5,6]",
"mac_addr": "08:00:27:ED:打码:打码",
"lastLoginInfo": {
"phoneNumber": {
"countryCode_": 86,
"countryIso_": "CN",
"nationalNumber_": 打码,
"rawInput_": ""
},
"commonUserInfo": {
"avatarUrl": "http://p9.douyinpic.com/aweme/100x100/打码.jpeg",
"secUid": "打码-nFIdeSIthEH52a",
"userName": "打码"
},
"expires": "Jul 12, 2021 5:52:33 PM",
"lastIsReliableLogin": 0,
"loginMethodName": "PHONE_SMS",
"uid": "打码"
}
}
https://blog.csdn.net/u014792378/article/details/118183398
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
