本文主要是介绍【WP】猿人学_17_天杀的Http2.0,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
https://match.yuanrenxue.cn/match/17
抓包分析
居然对Fiddler有检测,不允许使用
那就使用浏览器抓包,好像没发现什么加密参数,然后重放也可以成功,时间长了也无需刷新页面,尝试Python复现。
Python复现
import requestsheaders = {"authority": "match.yuanrenxue.cn","accept": "application/json, text/javascript, */*; q=0.01","accept-language": "zh-CN,zh;q=0.9","referer": "https://match.yuanrenxue.cn/match/17","sec-ch-ua": "\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Google Chrome\";v=\"122\"","sec-ch-ua-mobile": "?0","sec-ch-ua-platform": "\"Windows\"","sec-fetch-dest": "empty","sec-fetch-mode": "cors","sec-fetch-site": "same-origin","user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36","x-requested-with": "XMLHttpRequest"
}
cookies = {"sessionid": "zwy0uz1vd0ge1e42310i34b37584m1lj","m": "fb000f94e1ee96b8ffb346da6bc5e2bb|1717678387000","Hm_lvt_c99546cf032aaa5a679230de9a95c7db": "1717646819,1717658072,1717660207,1717678388","qpfccr": "true","no-alert3": "true","Hm_lvt_9bcbda9cbf86757998a2339a0437208e": "1717639423,1717658081,1717660212,1717678393","Hm_lpvt_9bcbda9cbf86757998a2339a0437208e": "1717678529","Hm_lpvt_c99546cf032aaa5a679230de9a95c7db": "1717678589"
}
url = "https://match.yuanrenxue.cn/api/match/17"
params = {"page": "5"
}
response = requests.get(url, headers=headers, cookies=cookies, params=params)print(response.text)
print(response)
Python复现失败,此时浏览器还是可以重放,说明参数没过期,而是被检测了。
{"status": "0", "error": "page no found"}
<Response [200]>根据题目名字以及发包的协议类型,发现使用的是https2.0的协议
而requests模块不支持,这就需要使用httpx模块来发送请求,下面构建Python代码
import httpx# 创建一个HTTP/2.0客户端
client = httpx.Client(http2=True)# 自定义请求头
headers = {"Accept": "application/json, text/javascript, */*; q=0.01","Accept-Encoding": "gzip, deflate, br","Accept-Language": "zh-CN,zh;q=0.9","Referer": "https://match.yuanrenxue.cn/match/17","Sec-Ch-Ua": "\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Google Chrome\";v=\"122\"","Sec-Ch-Ua-Mobile": "?0","Sec-Ch-Ua-Platform": "\"Windows\"","Sec-Fetch-Dest": "empty","Sec-Fetch-Mode": "cors","Sec-Fetch-Site": "same-origin","User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36","X-Requested-With": "XMLHttpRequest"
}# 自定义cookies
cookies = {"sessionid": "zwy0uz1vd0ge1e42310i34b37584m1lj",
}# 请求URL
url = "https://match.yuanrenxue.cn/api/match/17"ret = 0
# 遍历 page 参数从 1 到 5
for page in range(1, 6):# 请求参数params = {"page": str(page)}# 发送GET请求response = client.get(url, headers=headers, cookies=cookies, params=params)for item in response.json()["data"]:ret += item["value"]# 关闭客户端
client.close()
print(ret)
本题的恶心点主要就是在2.0协议了,所以以后发送请求的时候一定要打开协议显示。
这篇关于【WP】猿人学_17_天杀的Http2.0的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
