js逆向播放量增加，增加视频热度，uuid，sid，buvid3，aid，b_lsid,b_nut还原实现过程

本次记录尝试逆向某比里比里视频平台播放量：

主要思路：（不断debug，观察代码设计还原实现）

1.播放量增加必定是点击播放后的记录

2.清空监视器，点击播放开始debug，截取到的就代表包含了增加播放量的包

3.验证截取到的包，测试看哪一个是包含增加播放量的

4.还原模拟发送请求

浏览器逆向debug没有捷径只能不断练习找感觉。懂Java、js越多越好，虽然看的都是经过混淆的代码，但还是能看到实现的过程（本人也还在学习阶段）

测试了超级久太多内容了，这里我也就只能记录还原实现的过程吧

还原COOKIE内容：

buvid3与b_nut：

这里经过测试是经过某一个请求自动带上的内容,接着从COOKIE中读出即可

first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.COOKIEs.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]

sid与cid：（是b_nut同链接中的返回中正则读出）

first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]

CURRENT_FNVAL：

是一个固定值4048

b_lsid:

debug找到后试着读懂：原理就是时间戳，向上去整，转换成16进制，时间搓用o函数处理，然后随机生成0-1的数字，*16接着调用o处理再用“_”将生成的8位与时间搓拼接起来，转为大写

def b_lsid():t = ""for _ in range(8):t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()result = t.rjust(8,"0")times = int(time.time()*1000)result2 = hex(times)[2:].upper()return result+"_"+result2print(b_lsid())#DC51010FA3_1843C354EFF

sid：

sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.COOKIEs.get_dict()["sid"]
print(sid)

_uuid:

 经过debug查看代码后，发现这个uuid没有魔改也只是随机的性质生成再拼接内容

def gen_uuid():uuid_sec = str(uuid.uuid4())time_sec = str(int(time.time() * 1000 % 1e5))time_sec = time_sec.rjust(5, "0")return f"{uuid_sec}{time_sec}infoc"

buvid4:

从请求中发现返回值中有b_4与buvid4的值是一样的

buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)

buvid_fp:

一开始debug发现有点深奥，扣js代码执行后，发现有点不一样，再细看才发现原来是每个视频都固定一个值，值遇我扣js运行出来不一样可能是某参数影响值的变化，因为发现固定的所以没细看了解了

最后整合请求：

代码：

import json
import math
import time
import random
import re
import uuidimport requests
from requests import postsessiOns= requests.Session()
sessions.headers.update({"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36",})
#buvid3,b_nut
first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.COOKIEs.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]sessions.COOKIEs.set("b_nut", b_nut)
sessions.COOKIEs.set("buvid3", buvid3)
print(buvid3,b_nut)time.sleep(0.5)#aid,cid
first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]
# print(dict_fin)
# sessions.COOKIEs.set("aid", aid)
# sessions.COOKIEs.set("cid", cid)
print(cid, aid)#print(b_lsid())
#sidtime.sleep(0.5)CURRENT_FNVAL = "4048"
sessions.COOKIEs.set("CURRENT_FNVAL", CURRENT_FNVAL)sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.COOKIEs.get_dict()["sid"]
print(sid)
sessions.COOKIEs.set("sid", sid)def bl_lsid():t = ""for _ in range(8):t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()result = t.rjust(8,"0")times = int(time.time()*1000)result2 = hex(times)[2:].upper()return result+"_"+result2b_lsid = bl_lsid()
print(b_lsid)
sessions.COOKIEs.set("b_lsid", b_lsid)#_uuid
def l_uuid():uuid_sec = str(uuid.uuid4())time_sec = str(int(time.time() * 1000 % 1e5))time_sec = time_sec.rjust(5, "0")return f"{uuid_sec}{time_sec}infoc"_uuid = l_uuid()
print(_uuid)
sessions.COOKIEs.set("uuid", _uuid)time.sleep(0.5)buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)
sessions.COOKIEs.set("buvid4", buvid4)CURRENT_QUALITY = "16"
sessions.COOKIEs.set("CURRENT_QUALITY", CURRENT_QUALITY)sessions.COOKIEs.set("theme_style", "light")url = "https://api.bilibili.com/x/click-interface/click/web/h5"
ctime = int(time.time())data = {"aid": aid,"cid": cid,"part": "1","lv": "0","ftime": ctime - random.randint(100, 500), # 浏览器首次打开时间"stime": ctime,"type": "3","sub_type": "0","from_spmid": "","spmid": "333.788.0.0","refer_url": "","csrf": ""
}
sessions.headers.update({"content-type": "application/x-www-form-urlencoded","referer": &＃39;https://www.bilibili.com/video/BV1fq4y1T7X8/&＃39;,"origin": &＃39;https://www.bilibili.com&＃39;,"content-length": "138","sec-fetch-site": "same-site","sec-fetch-mode": "cors","sec-fetch-dest": "empty",
})
print(sessions.post(url=url,data=data).text)


模拟请求成功: 

与浏览器中一致：