-
js逆向播放量增加,增加视频热度,uuid,sid,buvid3,aid,b_lsid, b_nut 还原实现过程
本次记录尝试逆向某比里比里视频平台播放量:
主要思路:(不断debug,观察代码设计还原实现)
1.播放量增加必定是点击播放后的记录
2.清空监视器,点击播放开始debug,截取到的就代表包含了增加播放量的包
3.验证截取到的包,测试看哪一个是包含增加播放量的
4.还原模拟发送请求
浏览器逆向debug没有捷径只能不断练习找感觉。懂Java、js越多越好,虽然看的都是经过混淆的代码,但还是能看到实现的过程(本人也还在学习阶段)
测试了超级久太多内容了,这里我也就只能记录还原实现的过程吧
还原cookie内容:
buvid3与b_nut:
这里经过测试是经过某一个请求自动带上的内容,接着从cookie中读出即可
- first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
- bnut_3 = first_req.cookies.get_dict()
- b_nut = bnut_3["b_nut"]
- buvid3 = bnut_3["buvid3"]
sid与cid:(是b_nut同链接中的返回中正则读出)
- first_req_text = first_req.text
- re_fin = re.compile ("__INITIAL_STATE__=(?P
.*?);" ,re.S) - dict_fin = re_fin.search(first_req_text).group("dict")
- dict_fins = json.loads(dict_fin)["videoData"]
- aid = dict_fins["aid"]
- cid = dict_fins["cid"]
CURRENT_FNVAL:
是一个固定值4048
b_lsid:
debug找到后试着读懂:原理就是时间戳,向上去整,转换成16进制,时间搓用o函数处理,然后随机生成0-1的数字,*16接着调用o处理再用“_”将生成的8位与时间搓拼接起来,转为大写
- def b_lsid():
- t = ""
- for _ in range(8):
- t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()
- result = t.rjust(8,"0")
- times = int(time.time()*1000)
- result2 = hex(times)[2:].upper()
- return result+"_"+result2
- print(b_lsid())
- #DC51010FA3_1843C354EFF
sid:
- sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
- sid = sid_dir.cookies.get_dict()["sid"]
- print(sid)
_uuid:
经过debug查看代码后,发现这个uuid没有魔改也只是随机的性质生成再拼接内容
- def gen_uuid():
- uuid_sec = str(uuid.uuid4())
- time_sec = str(int(time.time() * 1000 % 1e5))
- time_sec = time_sec.rjust(5, "0")
- return f"{uuid_sec}{time_sec}infoc"
buvid4:
从请求中发现返回值中有b_4与buvid4的值是一样的
- buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
- print(buvid4)
buvid_fp:
一开始debug发现有点深奥,扣js代码执行后,发现有点不一样,再细看才发现原来是每个视频都固定一个值,值遇我扣js运行出来不一样可能是某参数影响值的变化,因为发现固定的所以没细看了解了
最后整合请求:
代码:
- import json
- import math
- import time
- import random
- import re
- import uuid
- import requests
- from requests import post
- sessions = requests.Session()
- sessions.headers.update({
- "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36",
- })
- #buvid3,b_nut
- first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
- bnut_3 = first_req.cookies.get_dict()
- b_nut = bnut_3["b_nut"]
- buvid3 = bnut_3["buvid3"]
- sessions.cookies.set("b_nut", b_nut)
- sessions.cookies.set("buvid3", buvid3)
- print(buvid3,b_nut)
- time.sleep(0.5)
- #aid,cid
- first_req_text = first_req.text
- re_fin = re.compile ("__INITIAL_STATE__=(?P
.*?);" ,re.S) - dict_fin = re_fin.search(first_req_text).group("dict")
- dict_fins = json.loads(dict_fin)["videoData"]
- aid = dict_fins["aid"]
- cid = dict_fins["cid"]
- # print(dict_fin)
- # sessions.cookies.set("aid", aid)
- # sessions.cookies.set("cid", cid)
- print(cid, aid)
- #print(b_lsid())
- #sid
- time.sleep(0.5)
- CURRENT_FNVAL = "4048"
- sessions.cookies.set("CURRENT_FNVAL", CURRENT_FNVAL)
- sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
- sid = sid_dir.cookies.get_dict()["sid"]
- print(sid)
- sessions.cookies.set("sid", sid)
- def bl_lsid():
- t = ""
- for _ in range(8):
- t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()
- result = t.rjust(8,"0")
- times = int(time.time()*1000)
- result2 = hex(times)[2:].upper()
- return result+"_"+result2
- b_lsid = bl_lsid()
- print(b_lsid)
- sessions.cookies.set("b_lsid", b_lsid)
- #_uuid
- def l_uuid():
- uuid_sec = str(uuid.uuid4())
- time_sec = str(int(time.time() * 1000 % 1e5))
- time_sec = time_sec.rjust(5, "0")
- return f"{uuid_sec}{time_sec}infoc"
- _uuid = l_uuid()
- print(_uuid)
- sessions.cookies.set("uuid", _uuid)
- time.sleep(0.5)
- buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
- print(buvid4)
- sessions.cookies.set("buvid4", buvid4)
- CURRENT_QUALITY = "16"
- sessions.cookies.set("CURRENT_QUALITY", CURRENT_QUALITY)
- sessions.cookies.set("theme_style", "light")
- url = "https://api.bilibili.com/x/click-interface/click/web/h5"
- ctime = int(time.time())
- data = {
- "aid": aid,
- "cid": cid,
- "part": "1",
- "lv": "0",
- "ftime": ctime - random.randint(100, 500), # 浏览器首次打开时间
- "stime": ctime,
- "type": "3",
- "sub_type": "0",
- "from_spmid": "",
- "spmid": "333.788.0.0",
- "refer_url": "",
- "csrf": ""
- }
- sessions.headers.update({
- "content-type": "application/x-www-form-urlencoded",
- "referer": 'https://www.bilibili.com/video/BV1fq4y1T7X8/',
- "origin": 'https://www.bilibili.com',
- "content-length": "138",
- "sec-fetch-site": "same-site",
- "sec-fetch-mode": "cors",
- "sec-fetch-dest": "empty",
- })
- print(sessions.post(url=url,data=data).text)
模拟请求成功:
与浏览器中一致:
-
相关阅读:
【数据库】数据库绪论,你都会了吗
JAVA版的数据结构——链表
netty系列之:来,手把手教你使用netty搭建一个DNS tcp服务器
DocCMS keyword SQL注入漏洞复现 [附POC]
自定义类型:结构体,声明,变量初始化,结构体内存对齐。
CeresScanMatcher 匹配的使用步骤与实例解析
mysql跨库关联查询(dblink)
AttitudeFactor.h/AttitudeFactor.cpp
装修知识总结
kdxf speex
- 原文地址:https://blog.csdn.net/weixin_47481982/article/details/127666941