声明
本文章中所有内容仅供学习交流使用,不用于其他任何目的,抓包内容、敏感网址、数据接口等均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关!
wx a15018601872 q 2766958292
逆向分析
部分python代码
cp = execjs.compile(open('mtgsig1.2.js', 'r', encoding='utf-8').read())
flag = False
result = cp.call('getMtgsig', data1,)
print(result)
url = result['url']
print(url)
headers = {
"Accept": "/",
"Accept-Language": "zh-CN,zh;q=0.9",
"Connection": "keep-alive",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-origin",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36",
"sec-ch-ua": ""Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": ""Windows""
}
response = requests.get(
url,
headers=headers,
)
print(response.text)
print(response)
结果
总结
1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。