目标网站:
链接:https://passport.fang.com/?backurl=http%3a%2f%2fmy.fang.com%2fHead%2fLoginOut.do
如图 通过关键字pwd 搜索可查看js的加密方法,
通过分析,并通过 execjs (pip install PyExecJS) 第三方库模拟执行js函数, , 徐创建一个js文件来执行
具体代码如下:
import execjs import requests useaname = "帐号" pwd = "密码" def get_pwd(pwd): with open("ftx.js", "r") as f: ctx = execjs.compile(f.read()) result = ctx.call('getpwd', pwd) return result def getPostFtx(): url = "https://passport.fang.com/login.api" headers = { 'accept': '*/*', 'content-type': 'application/x-www-form-urlencoded; charseT=UTF-8', 'origin': 'https://passport.fang.com', 'referer': 'https://passport.fang.com/?backurl=http%3a%2f%2fmy.fang.com%2fhead%2flogInout.do', 'user-agent': 'mozilla/5.0 (windowS NT 10.0; win64; x64) appLewEbkit/537.36 (KHTML, likE gecko) chrome/73.0.3683.75 safari/537.36', 'X-requested-with': 'XMlhtTprequest', } data = { 'uid':'19965412404', 'pwd': get_pwd(pwd), 'service':'soufun-passport-web', 'autOlogin':'1', } response = requests.post(url=url, headers=headers, data=data) print(response.status_code) print(response.text) if __name__ == '__main__': getPostFtx()
其中的ftx.js 文件自己新建的js把加密代码拷进去, 具体的js代码 如下图全部复制粘贴.
