本次记录尝试逆向某比里比里视频平台播放量:
主要思路:(不断debug,观察代码设计还原实现)
1.播放量增加必定是点击播放后的记录
2.清空监视器,点击播放开始debug,截取到的就代表包含了增加播放量的包
3.验证截取到的包,测试看哪一个是包含增加播放量的
4.还原模拟发送请求
浏览器逆向debug没有捷径只能不断练习找感觉。懂Java、js越多越好,虽然看的都是经过混淆的代码,但还是能看到实现的过程(本人也还在学习阶段)
测试了超级久太多内容了,这里我也就只能记录还原实现的过程吧
还原cookie内容:
buvid3与b_nut:
这里经过测试是经过某一个请求自动带上的内容,接着从cookie中读出即可
first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.cookies.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]
sid与cid:(是b_nut同链接中的返回中正则读出)
first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P<dict>.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]
CURRENT_FNVAL:
是一个固定值4048
b_lsid:
debug找到后试着读懂:原理就是时间戳,向上去整,转换成16进制,时间搓用o函数处理,然后随机生成0-1的数字,*16接着调用o处理再用“_”将生成的8位与时间搓拼接起来,转为大写
def b_lsid():
t = ""
for _ in range(8):
t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()
result = t.rjust(8,"0")
times = int(time.time()*1000)
result2 = hex(times)[2:].upper()
return result+"_"+result2
print(b_lsid())
#DC51010FA3_1843C354EFF
sid:
sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.cookies.get_dict()["sid"]
print(sid)
_uuid:
经过debug查看代码后,发现这个uuid没有魔改也只是随机的性质生成再拼接内容
def gen_uuid():
uuid_sec = str(uuid.uuid4())
time_sec = str(int(time.time() * 1000 % 1e5))
time_sec = time_sec.rjust(5, "0")
return f"{uuid_sec}{time_sec}infoc"
buvid4:
从请求中发现返回值中有b_4与buvid4的值是一样的
buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)
buvid_fp:
一开始debug发现有点深奥,扣js代码执行后,发现有点不一样,再细看才发现原来是每个视频都固定一个值,值遇我扣js运行出来不一样可能是某参数影响值的变化,因为发现固定的所以没细看了解了
最后整合请求:
代码:
import json
import math
import time
import random
import re
import uuid
import requests
from requests import post
sessions = requests.Session()
sessions.headers.update({
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36",
})
#buvid3,b_nut
first_req = sessions.get("https://www.bilibili.com/video/BV1fq4y1T7X8/")
bnut_3 = first_req.cookies.get_dict()
b_nut = bnut_3["b_nut"]
buvid3 = bnut_3["buvid3"]
sessions.cookies.set("b_nut", b_nut)
sessions.cookies.set("buvid3", buvid3)
print(buvid3,b_nut)
time.sleep(0.5)
#aid,cid
first_req_text = first_req.text
re_fin = re.compile ("__INITIAL_STATE__=(?P<dict>.*?);",re.S)
dict_fin = re_fin.search(first_req_text).group("dict")
dict_fins = json.loads(dict_fin)["videoData"]
aid = dict_fins["aid"]
cid = dict_fins["cid"]
# print(dict_fin)
# sessions.cookies.set("aid", aid)
# sessions.cookies.set("cid", cid)
print(cid, aid)
#print(b_lsid())
#sid
time.sleep(0.5)
CURRENT_FNVAL = "4048"
sessions.cookies.set("CURRENT_FNVAL", CURRENT_FNVAL)
sid_dir = sessions.get(f"https://api.bilibili.com/x/player/v2?aid={aid}&cid={cid}")
sid = sid_dir.cookies.get_dict()["sid"]
print(sid)
sessions.cookies.set("sid", sid)
def bl_lsid():
t = ""
for _ in range(8):
t += hex(math.ceil(16 * random.uniform(0,1)))[2:].upper()
result = t.rjust(8,"0")
times = int(time.time()*1000)
result2 = hex(times)[2:].upper()
return result+"_"+result2
b_lsid = bl_lsid()
print(b_lsid)
sessions.cookies.set("b_lsid", b_lsid)
#_uuid
def l_uuid():
uuid_sec = str(uuid.uuid4())
time_sec = str(int(time.time() * 1000 % 1e5))
time_sec = time_sec.rjust(5, "0")
return f"{uuid_sec}{time_sec}infoc"
_uuid = l_uuid()
print(_uuid)
sessions.cookies.set("uuid", _uuid)
time.sleep(0.5)
buvid4 = sessions.get("https://api.bilibili.com/x/frontend/finger/spi").json()["data"]["b_4"]
print(buvid4)
sessions.cookies.set("buvid4", buvid4)
CURRENT_QUALITY = "16"
sessions.cookies.set("CURRENT_QUALITY", CURRENT_QUALITY)
sessions.cookies.set("theme_style", "light")
url = "https://api.bilibili.com/x/click-interface/click/web/h5"
ctime = int(time.time())
data = {
"aid": aid,
"cid": cid,
"part": "1",
"lv": "0",
"ftime": ctime - random.randint(100, 500), # 浏览器首次打开时间
"stime": ctime,
"type": "3",
"sub_type": "0",
"from_spmid": "",
"spmid": "333.788.0.0",
"refer_url": "",
"csrf": ""
}
sessions.headers.update({
"content-type": "application/x-www-form-urlencoded",
"referer": 'https://www.bilibili.com/video/BV1fq4y1T7X8/',
"origin": 'https://www.bilibili.com',
"content-length": "138",
"sec-fetch-site": "same-site",
"sec-fetch-mode": "cors",
"sec-fetch-dest": "empty",
})
print(sessions.post(url=url,data=data).text)
模拟请求成功:
与浏览器中一致: