网上有很多通过分析pc版本的qq协议来卖qq群发软件或者qq机器人的,想起珊瑚虫的下场就知道触犯了腾讯的利益的下场,大家要注意,做个遵纪守法的攻城狮。
下面是步骤截图:
1.登录http://qun.qzone.qq.com/的网站。
2.打开firebug,获取到连接g_tk的值,如下图:
http://qun.qzone.qq.com/cgi-bin/get_group_list?groupcount=4&count=4&callbackFun=_GetGroupPortal&uin=1758317551&g_tk=2002785566&ua=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20rv%3A25.0)%20Gecko%2F20100101%20Firefox%2F25.0
3.修改var g_tk=2002785566;的值,然后复制代码到firebug的console中
function ajax_request(url,callback,args){
//declare the variable at the top, even though it will be null at first
var req = null;
//figure out what kind of support we have for the XMLHttpRequest object
if (window.XMLHttpRequest){
//modern browsers
req = new XMLHttpRequest();
} else {
//good ol' lousy IE
req = new ActiveXObject("Microsoft.XMLHTTP");
};
//setup the readystatechange listener
req.onreadystatechange = function(){
//right now we only care about a successful and complete response
if (req.readyState === 4 && req.status === 200){
//inject the returned HTML into the DOM
if(callback){
callback(req.responseText,args);
}
};
};
//open the XMLHttpRequest connection
req.open("GET",url,true);
//send the XMLHttpRequest request (nothing has actually been sent until this very line)
req.send(false); //false为同步请求
};
var uin=1758317551;
var g_tk=2002785566;
get_groups();
function get_groups(){
var url="http://qun.qzone.qq.com/cgi-bin/get_group_list?uin="+uin+"&ua=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20rv%3A24.0)%20Gecko%2F20100101%20Firefox%2F24.0&random=0.029393406423685486&g_tk="+g_tk;
ajax_request(url,callback_parse_groups);
}
function callback_parse_groups(response){
var groups=[];
var re = /groupid":(.*?),"groupname":"(.*?)"}/ig;
var arr;
while ((arr = re.exec(response)) != null){
var id=arr[1];
var name=arr[2];
var group={};
group.id=id;
group.name=name;
groups.push(group);
var groupid=id;
var id=group.id;
var name=group.name;
get_group_members(id);
}
}
function get_group_members(group){
var url="http://qun.qzone.qq.com/cgi-bin/get_group_member?uin="+uin+"&groupid="+group+"&random=0.7269802233668716&g_tk="+g_tk;
ajax_request(url,callback_parse_group_members,group);
}
function callback_parse_group_members(response,groupid){
var re = /nick":"(.*?)","uin":(.*?)}/ig;
var arr;
var result="";
var groupmembers=[];
while ((arr = re.exec(response)) != null){
var name=arr[1];
var id=arr[2];
var groupmember={};
groupmember.id=id;
groupmember.name=name;
groupmember.groupid=groupid;
console.info(name+" "+id);
}
}
4.点击运行即可输出所有获取到的群信息和群成员
利用这种方式可以很方便的处理需要登录的网站的信息,包括https的同理。