聲明:
本文章中所有內容僅供學習交流使用，不用于其他任何目的，抓包內容、敏感網址、數據接口等均已做脫敏處理，嚴禁用于商業用途和非法用途，否則由此產生的一切后果均與作者無關！
有相關問題請第一時間頭像私信聯系我刪除博客！

前言

__zp_stoken__ 風控有點惡心搞了很久才百分百成功了剩下解決驗證碼即可。

逆向分析

主要監測點就是要處理要window.top和window的關系。

{
? ? "ancestorOrigins": {
? ? },
? ? "href": "about:blank",
? ? "origin": "null",
? ? "protocol": "about:",
? ? "host": "",
? ? "hostname": "",
? ? "port": "",
? ? "pathname": "blank",
? ? "search": "",
? ? "hash": ""
}

location里面什么都沒有，值在window.top.location里面。

然后就是把node的一些監測點建議全部清除。可以參考boda、零點、挽風開源里面怎么去除監測點的，全部清除。

最后python代碼

#
import timeimport requests
seed = ""
ts = ""
session = requests.session()
headers = {"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0","x-requested-with": "XMLHttpRequest"
}
cookies = {}
url = "/zpgeek/search/joblist.json"
params = {"scene": "1","query": "fff","city": "101280100","experience": "","payType": "","partTime": "","degree": "","industry": "","scale": "","stage": "","position": "","jobType": "","salary": "","multiBusinessDistrict": "","multiSubway": "","page": "1","pageSize": "30"
}
response = session.get(url, headers=headers, cookies=cookies, params=params)
data = response.json()['zpData']seed = data['seed']
ts = data['ts']
print(seed, ts)
for i in range(1,10):result = requests.get("http://127.0.0.1:3000/", json=dict(session.cookies),params={'url': "", 'seed': seed, 'ts': ts}).json()token = result['_abck']print(token)session.cookies.set('__zp_stoken__', token)response = session.get(url, headers=headers, params=params)print(response.json())params['page'] = itime.sleep(1)

結果

總結

?1.出于安全考慮,本章未提供完整流程,調試環節省略較多,只提供大致思路,具體細節要你自己還原,相信你也能調試出來。