本篇僅提供思路,代碼不能直接拿來用哦
每天早上8點都要打開今日校園APP簽到,填表。。就不能讓人好好睡個覺啊!!為了解決這個頭疼的問題,想到了用python中的Request庫進行發送請求
魯迅說:人類越來越懶、發明越來越多!創造來源於我們的生活啊!
話不多說,開始造車!
國際慣例!打開Burp抓抓抓 在點擊提交按鈕后,捕獲到了三個POST請求 讓我們來逐條分析
1. 第一個POST的作用: 判斷"wid":"422"任務是否存在,存在返回"message":"SUCCESS" ,不存在則返回"message":null 【這里提一下”422“的含義,簡單的說就是老師發布這個表給同學們填,這個任務的編號是422。】
2. 第二個POST的作用: 查詢"wid":"422"任務的基本信息,為啥這里說是基本信息,因為只返回了這個任務創建者是誰,什么時候發布的等等,並沒有返回這條任務的詳細內容
3. 第三個POST的作用: 聰明的小伙伴們應該已經猜到了,第三個POST請求返回的就是 "message":"SUCCESS" 以及"wid":”422“這個任務的詳細信息, 內容是老師讓我們填的一些個人狀況,家庭住址什么的
數據包分析完了,很明顯,重點在第三條,第三條數據的Body中的"wid":"422"是關鍵,我們只要找到這個"wid":"num"中的num 再構造Request請求就OK了!
怎么找呢,想到了一種窮舉的思路,用指定范圍的數值來構造 422~999的POST請求 ,再傳到Body里 發送Request請求 完成提交
在構造Body時發現了個更好玩的地方,如果把422改成423 就會返回”您無需填寫該信息收集,請勿代填“ 說明這個任務不是我們學院老師發布的,也就是說如果是其他學院發布的任務 我想提交都提交不了!! 這里是重點 我們可以利用系統這個判斷機制進行不斷的發包 如果返回不是SUCCESS就是沒提交成功(沒提交成功不代表沒發包成功),則繼續構造包 發送包,如果返回SUCCESS那就皆大歡喜 成功提交了,咱們的最終目的就完成了
下面看代碼,可不要被這一堆代碼給嚇到哦,head,body部分都是復制粘貼的Burp抓的數據包
import requests
import json
import time
num = 454
rangeSet = num + 1
cookies = {'MOD_AUTH_CAS': 'YcxNA903馬賽克583063221'}
global null
null=''
headers = \
{
"Host": "hnu馬賽克y.com",
"Connection": "close",
"Content-Length": "3596",
"Accept": "application/json, text/plain, */*",
"Origin": "https:馬賽克pd馬賽克om",
"X-Requested-With": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0 (Linux; Android 10; Redmi K20 Pro Build/QKQ1.190825.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/77.0.3865.92 Mobile Safari/537.36 yiban/8.1.9 cpdaily/8.1.9 wisedu/8.1.9",
"Sec-Fetch-Mode": "cors",
"Content-Type": "application/json",
"Sec-Fetch-Site": "same-origin",
"Referer": "https://hnua馬賽克wec-coun馬賽克llector-馬賽克x.html?collectorWid=422",
"Accept-Encoding": "gzip,deflate",
"Accept-Language": "zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7"
}
while num<rangeSet:
body = {"formWid": "194", "collectWid": "422", "schoolTaskWid": "17174", "form": [
{"wid": "1004", "formWid": "194", "fieldType": 2, "title": "你所在的校區",
"description": "如果你所在的學校只有一個校區,請選擇【本校區】;如果有多個校區的,請選擇【其他】,並填寫校區名稱", "minLength": 0, "sort": "1",
"maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 1, "colName": "field001",
"value": "其他", "fieldItems": [
{"itemWid": "4035", "content": "其他", "isOtherItems": 1, "contendExtend": "馬賽克校區", "isSelected": 1}]},
{"wid": "1005", "formWid": "194", "fieldType": 1, "title": "你的身份證號", "description": "請填入完整18位身份證號",
"minLength": 18, "sort": "2", "maxLength": 18, "isRequired": 1, "imageCount": null, "hasOtherItems": 0,
"colName": "field002", "value": "4128012001馬賽克0", "fieldItems": []},
{"wid": "1006", "formWid": "194", "fieldType": 1, "title": "你的當前所在地區",
"description": "請選擇你目前所在的省、市、區(縣),不在大陸地區的,請選擇海外具體地區。", "minLength": 1, "sort": "3", "maxLength": 300,
"isRequired": 1, "imageCount": -2, "hasOtherItems": 0, "colName": "field003", "value": "馬賽克省/馬賽克市/馬賽克區",
"fieldItems": [], "area1": "馬賽克省", "area2": "馬賽克市", "area3": "馬賽克區"},
{"wid": "1007", "formWid": "194", "fieldType": 2, "title": "你所在的小區(村)是否有確診情況?", "description": "",
"minLength": 0, "sort": "4", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0,
"colName": "field004", "value": "否",
"fieldItems": [{"itemWid": "4037", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1008", "formWid": "194", "fieldType": 2, "title": "共同居住人是否有確診病例?", "description": "", "minLength": 0,
"sort": "5", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0, "colName": "field005",
"value": "否",
"fieldItems": [{"itemWid": "4039", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1009", "formWid": "194", "fieldType": 2, "title": "是否去過湖北疫區?", "description": "", "minLength": 0,
"sort": "6", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0, "colName": "field006",
"value": "否",
"fieldItems": [{"itemWid": "4041", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1010", "formWid": "194", "fieldType": 2, "title": "與疫區人員是否有接觸?", "description": "", "minLength": 0,
"sort": "7", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0, "colName": "field007",
"value": "否",
"fieldItems": [{"itemWid": "4043", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1011", "formWid": "194", "fieldType": 2, "title": "是否留置觀察?", "description": "", "minLength": 0,
"sort": "8", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0, "colName": "field008",
"value": "否",
"fieldItems": [{"itemWid": "4045", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1012", "formWid": "194", "fieldType": 2, "title": "是否曾經確診?", "description": "", "minLength": 0,
"sort": "9", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0, "colName": "field009",
"value": "否",
"fieldItems": [{"itemWid": "4047", "content": "否", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]},
{"wid": "1013", "formWid": "194", "fieldType": 2, "title": "健康狀況是否良好?", "description": "", "minLength": 0,
"sort": "10", "maxLength": null, "isRequired": 1, "imageCount": null, "hasOtherItems": 0,
"colName": "field010", "value": "是",
"fieldItems": [{"itemWid": "4048", "content": "是", "isOtherItems": 0, "contendExtend": "", "isSelected": 1}]}]}
body["collectWid"] = num
body1 = json.dumps(body)
r = requests.post("https://hnu馬賽克com/wec-coun馬賽克lector-apps/stu/co馬賽克or/sub馬賽克m",
headers=headers, data=body1, cookies=cookies)
check = r.text.split("\",\"")[1].split("\"")[2]
checkNO1 = "該收集已結束!"
checkNO2 = "您無需填寫該信息收集,請勿代填"
checkNO3 = "數據異常,該收集不存在,請聯系管理員!"
checkYES = "SUCCESS"
if check == checkNO2:
print("不是本班,自動忽略,一分鍾后程序將判斷編號:",num)
time.sleep(60)
else:
pass
if check == checkNO1:
print("該次收集已結束,無法提交,程序將判斷編號:",num)
else:
pass
if check == checkNO3:
print("這條信息還不存在 程序將休眠30分鍾,下次將判斷編號:",num)
time.sleep(1800)
else:
pass
if check == checkYES:
print("今日成功提交! 八小時后程序再次啟動")
time.sleep(28800)
else:
pass
num+=1
最后給代碼加上了休眠
最終部署在服務器上的運行效果展示:
完
