作者:qiuqiu | 来源:互联网 | 2023-02-05 10:26
本次记录尝试逆向某比里比里视频平台播放量:
主要思路:(不断debug,观察代码设计还原实现)
1.播放量增加必定是点击播放后的记录
2.清空监视器,点击播放开始debug,截取到的就代表包含了增加播放量的包
3.验证截取到的包,测试看哪一个是包含增加播放量的
4.还原模拟发送请求
浏览器逆向debug没有捷径只能不断练习找感觉。懂Java、js越多越好,虽然看的都是经过混淆的代码,但还是能看到实现的过程(本人也还在学习阶段)
测试了超级久太多内容了,这里我也就只能记录还原实现的过程吧
还原COOKIE内容:
buvid3与b_nut:
这里经过测试是经过某一个请求自动带上的内容,接着从COOKIE中读出即可
first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.COOKIEs.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]
sid与cid:(是b_nut同链接中的返回中正则读出)
first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]
CURRENT_FNVAL:
是一个固定值4048
b_lsid:
debug找到后试着读懂:原理就是时间戳,向上去整,转换成16进制,时间搓用o函数处理,然后随机生成0-1的数字,*16接着调用o处理再用“_”将生成的8位与时间搓拼接起来,转为大写
def b_lsid():t = ""for _ in range(8):t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()result = t.rjust(8,"0")times = int(time.time()*1000)result2 = hex(times)[2:].upper()return result+"_"+result2print(b_lsid())#DC51010FA3_1843C354EFF
sid:
sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.COOKIEs.get_dict()["sid"]
print(sid)
_uuid:
经过debug查看代码后,发现这个uuid没有魔改也只是随机的性质生成再拼接内容
def gen_uuid():uuid_sec = str(uuid.uuid4())time_sec = str(int(time.time() * 1000 % 1e5))time_sec = time_sec.rjust(5, "0")return f"{uuid_sec}{time_sec}infoc"
buvid4:
从请求中发现返回值中有b_4与buvid4的值是一样的
buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)
buvid_fp:
一开始debug发现有点深奥,扣js代码执行后,发现有点不一样,再细看才发现原来是每个视频都固定一个值,值遇我扣js运行出来不一样可能是某参数影响值的变化,因为发现固定的所以没细看了解了
最后整合请求:
代码:
import json
import math
import time
import random
import re
import uuidimport requests
from requests import postsessiOns= requests.Session()
sessions.headers.update({"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36",})
#buvid3,b_nut
first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.COOKIEs.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]sessions.COOKIEs.set("b_nut", b_nut)
sessions.COOKIEs.set("buvid3", buvid3)
print(buvid3,b_nut)time.sleep(0.5)#aid,cid
first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]
# print(dict_fin)
# sessions.COOKIEs.set("aid", aid)
# sessions.COOKIEs.set("cid", cid)
print(cid, aid)#print(b_lsid())
#sidtime.sleep(0.5)CURRENT_FNVAL = "4048"
sessions.COOKIEs.set("CURRENT_FNVAL", CURRENT_FNVAL)sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.COOKIEs.get_dict()["sid"]
print(sid)
sessions.COOKIEs.set("sid", sid)def bl_lsid():t = ""for _ in range(8):t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()result = t.rjust(8,"0")times = int(time.time()*1000)result2 = hex(times)[2:].upper()return result+"_"+result2b_lsid = bl_lsid()
print(b_lsid)
sessions.COOKIEs.set("b_lsid", b_lsid)#_uuid
def l_uuid():uuid_sec = str(uuid.uuid4())time_sec = str(int(time.time() * 1000 % 1e5))time_sec = time_sec.rjust(5, "0")return f"{uuid_sec}{time_sec}infoc"_uuid = l_uuid()
print(_uuid)
sessions.COOKIEs.set("uuid", _uuid)time.sleep(0.5)buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)
sessions.COOKIEs.set("buvid4", buvid4)CURRENT_QUALITY = "16"
sessions.COOKIEs.set("CURRENT_QUALITY", CURRENT_QUALITY)sessions.COOKIEs.set("theme_style", "light")url = "https://api.bilibili.com/x/click-interface/click/web/h5"
ctime = int(time.time())data = {"aid": aid,"cid": cid,"part": "1","lv": "0","ftime": ctime - random.randint(100, 500), # 浏览器首次打开时间"stime": ctime,"type": "3","sub_type": "0","from_spmid": "","spmid": "333.788.0.0","refer_url": "","csrf": ""
}
sessions.headers.update({"content-type": "application/x-www-form-urlencoded","referer": 'https://www.bilibili.com/video/BV1fq4y1T7X8/',"origin": 'https://www.bilibili.com',"content-length": "138","sec-fetch-site": "same-site","sec-fetch-mode": "cors","sec-fetch-dest": "empty",
})
print(sessions.post(url=url,data=data).text)
模拟请求成功:
与浏览器中一致: