python爬蟲：小程序逆向實戰教程

根據我之前發表的文章，我們進行延伸實戰https://blog.csdn.net/weixin_64809364/article/details/146981598?spm=1001.2014.3001.5501

1. 想要爬取什么小程序，我們進行搜索

?2. 找到我們vx小程序的文件地址，我們就可以進行破解

破解步驟強看一下上一篇文章：開頭的網址
下面圖片就是我們破解成功的圖片

3. ?使用微信開發者工具打開我們的破解之后的小程序（根據下面的圖片勾選配置，不然會影響你的賬號）

?4. 如果控制臺沒有報錯或者左側直接可以加載出來，我們小程序的界面，這時候我們的前期工作就已經完畢，接下來就是js請求加密、解密，獲取批量數據（注意：不要干擾小程序的正常運行，違法行為）

?5. 我們先進行響應解密

?通過輸出，我們可以看出來需要響應解密（我們先進行入口定位）：這里我們采用關鍵字搜索decrypt(

?通過關鍵字搜索，我們找到了，響應解密入口，看到iv，我們就可以猜到它使用了AES加密算法，我們就可以使用AES進行解密
將圖片中的代碼復制粘貼，放到pycahrm中進行調試，并且再python中獲得加密值，我們進行測試，最終效果如下：

const CryptoJS = require("crypto-js")function i(e, n) {var r = "WAG0JIUGYALACVJF", i = CryptoJS.enc.Utf8.parse(r) // key, t = CryptoJS.enc.Utf8.parse(n); // ivreturn CryptoJS.AES.decrypt(e, i, {iv: t,mode: CryptoJS.mode.CBC,padding: CryptoJS.pad.Pkcs7}).toString(CryptoJS.enc.Utf8)
}// 響應解密測試
e = "TwTu0RHcacQCBBjk7NHDtzo7sCA5v/gnk6Acz+7xaWdSLEUSAAsPx4dCrw/jbVLIANinR0oHq9jjnjjAWxX89xH6fivgNQfCAudgqV1JGUWKfe1u1co2qIEm639luWnGfQPqYyhyz7qbDpbP9XwUWrjnlo2+Knunwky5NsejyfO5ZG9963VDgFaxeD9GVf1RxTmkm5cFQMUvnQt64TsVfPJB4Rz0gXnvDKqL/+iyHbeVkUUnyRpJ8Y6osdw5LxSZoHjpH1qck7ulQWhRC3cI8GLQ6alWt3TdJOfDJpjqLDZqw++WZGNp5gmPjTRRbyOMZjg+ZYFAq1dMCA5OJR1gT2rZSp6hgwp7OHlpih/V1kuVkHM/CRWzETGkAoZM7dnUpr99poNjkTeBPudGnJ2viapj5qlPsxUIwF3UJgJJUk0c22QOQzU8bwrXz6/LXQRtOJveNBNcl6K1Z6SDYxv9+BFlXvKuCsagpL+8jWaYtl5LuPSmXv4PbwqBBlrt+fVhgmmKB959hbp5NJmCN4vGIl/I4lDQKtmI9yL0L3AjRLkhLVPb0VzgPxtrxvg7YlG5R3n0nwkgmxQzp/tGFI+S83+ZewLFf2UxSQChumeHcQm+Vepsz9RwT6winTG07LcHTsPga554Fz/enZgvJ2BB0AISV+4mo12yVOAbF49oIKM5sOlmlavpEB5jGRqeGWGEiFXtwpFE8DQ+fgIAH4QQDQkYdLxEgqSdaQvh/azd7/fAIi5DMxryrTTRHnLXq4dxdEOGVpdA9PA8wDMD0ULPYM3y5hNS2ehj/vl/lIjC/mObC6tXF+i5LjUcSMrvsFEXfdF87hqWjoVW7LYHZlgShM+duTIqmxlztkWXQxNbFZw/mydHZZlmIu0jbP00xZEiBDiqPvtV3Z/GTK5KfUMLfzG5ClZHM0W6G2aVz9HT8BXFEX/h0L6GcJjrrHBieKyueUGg7YzYSfG2CEiu1tRMN15fNhNt1VSp9gUgiv4tkUg5avd6G28o99JxfLjZZ8hnOw7YduhWU3x3SLzUj4IFs+PIQxZzcZI5/UpJ5vqfgU8BBk6jqBhGCxInBDLA8sKu4vhAcQvYzsMBv+b26gHzqWP7Jr6vSDwJ/J02KNeieSS7RvsEt8mOHmyjqE6jnlbGgdB3CB6Sq3CL3Qb/v10DAnhFSPmqAWSlc91LCfU6uRGsWELzNQdo7Q8DiOyn1R1JaTyGyXU2zFGyKZ2uzHsng2xVBRyP+Qpd+VMq2wHBKM/ZGmhQ0e5anIxXi/yO7imsruX1ayUGvQJB+MQFCWj4BVKLNpsu2Ftn/mm6YbZfvmTePgwg3+TIal+yKQwNCLH753DVpn4/vJ+FMQkgvW5vmw/qI25oi5ZvgwTSrd3qh1ZceOreg301+VkV8EiJ3D3bV0qUFz20tf9LCwtx4I+wDvA18XMJFWq3Z6XQ7YARPALh2x494r4WML2xY2d2lDzVwsX13pdBmIw35MXndZ5THBvAhz6GCSM3V0aLnr1ldC62VuGwcTXYNzFhGBy12c9NBHX4BjCXcP6TD67xxtN+pGo5eOuvKPbgoC9+TJN5Yae5jWmRx8SUnUcwDYC3ARb/gqnUryyjPzoeh2QxB+71vuXr2aUXVmEy2TAhI34vZZRQpxbKhBpxTxwCxO6U0P5en4oSWnxqNT8hsoxCVjzOFnDGzVKuVQyhav9M4y/VWx84bonQy+iGdZ3KCxqg45KdRtKD0bT2rrlEuq1vRBacv//sLK2Nc8tKHpsxDeAGvRbryG0vPVu8ijY7bpJ+uvWoiSZraIX+E2401e9m5ikqxX9RTiEFUbYbowqnK6Uvtjc94CmBQHNxrgkJiNSBbQbU1iAptE5r1Eu4IwYLAyuxHCxnhJsrw1vDBu3IAKIDsDTt1QMsTGoCT84fiXXJa0Q7N7sYtrCv8JQoMwpdcB1fsrKdfb12Qi7uksOy7mMY7IRv0RXcCgBt9pnkG2MttidRPoI5jxNdZRpuyN8fiy1Qunun2ByTA2/aajt9gsDFMl/6cGByvvKuJR1hnOKvw1v5TBDla+N9aObEBTiapEiqoMlp/vHeQg9CVgJf/LSuClU8U6E7wc/skyLQNMIK9LbcrFaq74EvRaHzp99fqyhdEoYFpPhYPCltZRrh71wZuuQKtYxQIoIAbwbZQ8dkHiqGiZNjJ/vG6W2JMUU7qihFZdDLRNCj9pObYSGoS5s7G+06bKpaPi7Mf1NQfOzRGCFnGiLeEaxbTWMF0uZvFp6EjeUwElK5Ed6H8HBiC+jCRx4="
n = "HVK6TCJKWBLYFT2T"

?然后我們使用python的第三方模塊，使用python調用js代碼
安裝第三方模塊：pip install execjs
我們在使用前要導入以下代碼（在windows電腦下，mac不需要）：

import subprocess
from functools import partialsubprocess.Popen = partial(subprocess.Popen, encoding="utf-8")import execjs

# -*- coding: utf-8 -*-
# coding=utf-8
import base64import requests
import time
import subprocess
from functools import partialsubprocess.Popen = partial(subprocess.Popen, encoding="utf-8")import execjsheaders = {'authority': 'min-api.xliii.cn','user-agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1 wechatdevtools/1.06.2407110 MicroMessenger/8.0.5 Language/zh_CN webview/','content-type': 'application/json','accept': '*/*','sec-fetch-site': 'cross-site','sec-fetch-mode': 'cors','sec-fetch-dest': 'empty','referer': '',
}params = {'requestData': '3x5T5fobv/lgYOMehTSyKGQD547tWeTGXItoZhgPp0fdGFU9fLYHyxyriTtogilHi2THpYQGaGYne7kTTUQ/vAcuyg03cf2ijUKRdbV9DNcxl17qsxy3PXtIHU2jYIBNv7g7bywLOSKdhrOlSIpDEM2PVCfOGbirswA0LP1wlTM=','iv': 'zbdozs4sjdtIxKmY',
}response = requests.get('', params=params, headers=headers)
ret = response.json().get('data')
b64 = ret.get('data')
# print(b64)# 響應解密
with open("APP_decrypt.js", encoding="utf8") as f:jsCode = f.read()
js_compile = execjs.compile(jsCode)
n = "HVK6TCJKWBLYFT2T"
ret = js_compile.call("i", str(b64), n)
print(ret)

展示效果如下，我們可以獲取到數據了：

6. 我們在進行請求加密

我們在network中發現，要使用請求加密，所以我們直接使用關鍵字搜索

?我們把所需要的代碼復制到pycharm中進行分析調試
最終效果如下：

// 請求加密
const CryptoJS = require("crypto-js")let c = '{"res_id": 88038, "appid": "wx41cd4f32cf8164b3", "ver": "7.0.0", "min_push": 0, "scene": 1001}'function t(e, n) {var r = "WAG0JIUGYALACVJF", i = CryptoJS.enc.Utf8.parse(r), t = CryptoJS.enc.Utf8.parse(n);return CryptoJS.AES.encrypt(e, i, {iv: t,mode: CryptoJS.mode.CBC,padding: CryptoJS.pad.Pkcs7}).toString()
}function d() {for (var e = "", a = ["1", "2", "4", "5", "3", "8", "0", "7", "9", "6", "A", "Q", "W", "E", "R", "T", "Y", "U", "I", "O", "P", "S", "D", "F", "G", "H", "J", "K", "L", "q", "w", "S", "e", "a", "s", "d", "z", "x", "c", "v", "f", "r", "t", "g", "b", "y", "h", "n", "m", "j", "u", "i", "o", "k", "l", "p"], n = 0; n < 16; n++)e += a[(Math.random() * (a.length - 1)).toFixed(0)];return e
}let u = d()
// console.log(ret)
function s(){return {'requestData':t(c,u,undefined),'iv':u}
}console.log(s())

?然后我們也搬到python中，使用python進行調試：

7.完整代碼如下：

# -*- coding: utf-8 -*-
# coding=utf-8
import base64import requests
import time
import subprocess
from functools import partialsubprocess.Popen = partial(subprocess.Popen, encoding="utf-8")import execjsheaders = {'authority': 'min-api.xliii.cn','user-agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1 wechatdevtools/1.06.2407110 MicroMessenger/8.0.5 Language/zh_CN webview/','content-type': 'application/json','accept': '*/*','sec-fetch-site': 'cross-site','sec-fetch-mode': 'cors','sec-fetch-dest': 'empty','referer': '',
}params = {'requestData': '3x5T5fobv/lgYOMehTSyKGQD547tWeTGXItoZhgPp0fdGFU9fLYHyxyriTtogilHi2THpYQGaGYne7kTTUQ/vAcuyg03cf2ijUKRdbV9DNcxl17qsxy3PXtIHU2jYIBNv7g7bywLOSKdhrOlSIpDEM2PVCfOGbirswA0LP1wlTM=','iv': 'zbdozs4sjdtIxKmY',
}response = requests.get('', params=params, headers=headers)
ret = response.json().get('data')
b64 = ret.get('data')
# print(b64)# 響應解密
with open("APP_decrypt.js", encoding="utf8") as f:jsCode = f.read()
js_compile = execjs.compile(jsCode)
n = "HVK6TCJKWBLYFT2T"
ret = js_compile.call("i", str(b64), n)
print(ret)

本文來自互聯網用戶投稿，該文觀點僅代表作者本人，不代表本站立場。本站僅提供信息存儲空間服務，不擁有所有權，不承擔相關法律責任。
如若轉載，請注明出處：http://www.pswp.cn/pingmian/75725.shtml
繁體地址，請注明出處：http://hk.pswp.cn/pingmian/75725.shtml
英文地址，請注明出處：http://en.pswp.cn/pingmian/75725.shtml

如若內容造成侵權/違法違規/事實不符，請聯系多彩編程網進行投訴反饋email:809451989@qq.com，一經查實，立即刪除！