可以清除的看到这里的发送没有加密,接受有加密。
接收解密
有枣没枣打三棒子,直接找拦截器。
找到拦截器,查看 response 部分的内容。
其实这里直接就有了,下面是解密 JS:
var u = require("crypto-js")
function fn(data) {
var l = "QV1f3nHn2qm7i3xrj3Y9K9imDdGTjTu9"
var n = u.enc.Utf8.parse(l)
, r = u.AES.decrypt(data, n, {
mode: u.mode.ECB,
padding: u.pad.Pkcs7
})
, i = r.toString(u.enc.Utf8)
, s = JSON.parse(i);
return s;
}
上爬虫
import json
import requests
import execjs
from streamlit import header
f = open("shuwei.js", mode="r", encoding="utf-8")
js_code = f.read()
f.close()
js = execjs.compile(js_code)
headers = {
"Accept": "application/json, text/plain, */*",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "zh-CN,zh;q=0.9",
"Cache-Control": "no-cache",
"Connection": "keep-alive",
"Content-Length": "173",
"Content-Type": "application/json;charset=UTF-8",
"Devicetype": "1",
"Host": "app.swguancha.com",
"Origin": "https://www.swguancha.com",
"Pragma": "no-cache",
"Referer": "https://www.swguancha.com/home/city",
"Sec-Ch-Ua": "\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Google Chrome\";v=\"122\"",
"Sec-Ch-Ua-Mobile": "?0",
"Sec-Ch-Ua-Platform": "\"Windows\"",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-site",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36"
}
url = "https://app.swguancha.com/client/v1/cPublic/consumer/baseInfo"
payload = {
"size": 6, "current": 2,
"propertyCode":
[
"DISTRICT_PROP_GJ025_RJDQSCZZ",
"DISTRICT_PROP_GJ117_NMSYGGQDCYYCLS",
"DISTRICT_PROP_GJ001_NMHJRK"
],
"dimensionTime": "2019",
"levelType": 2
}
resp = requests.post(url=url, data=json.dumps(payload, separators=(',', ':')), headers=headers)
res = js.call("fn", resp.text)
print(res)
评论