爬虫登陆实战——QQ音乐扫码登陆
共 8674字,需浏览 18分钟
·
2022-03-06 09:03
授人以鱼不如授人以渔
开始实战
准备工作
import sys
import os
import subprocess
'''用于在不同OS显示验证码'''
def showImage(img_path):
try:
if sys.platform.find('darwin') >= 0: subprocess.call(['open', img_path])
elif sys.platform.find('linux') >= 0: subprocess.call(['xdg-open', img_path])
else: os.startfile(img_path)
except:
from PIL import Image
img = Image.open(img_path)
img.show()
img.close()
'''验证码验证完毕后关闭验证码并移除'''
def removeImage(img_path):
if sys.platform.find('darwin') >= 0:
os.system("osascript -e 'quit app \"Preview\"'")
os.remove(img_path)
'''保存验证码图像'''
def saveImage(img, img_path):
if os.path.isfile(img_path):
os.remove(img_path)
fp = open(img_path, 'wb')
fp.write(img)
fp.close()
抓取二维码下载链接
首先是个GET请求(Request Method中查看)
其次URL为
https://ssl.ptlogin2.qq.com/ptqrshow
(问号前的网址为根部URL,问号后为参数)
appid: 716027609
e: 2
l: M
s: 3
d: 72
v: 4
t: 0.07644951044008197
daid: 383
pt_3rd_aid: 100497308
appid: 716027609
e: 2
l: M
s: 3
d: 72
v: 4
t: 0.7970151752745949
daid: 383
pt_3rd_aid: 100497308
self.cur_path = os.getcwd()
params = {
'appid': '716027609',
'e': '2',
'l': 'M',
's': '3',
'd': '72',
'v': '4',
't': str(random.random()),
'daid': '383',
'pt_3rd_aid': '100497308',
}
response = self.session.get(self.ptqrshow_url, params=params)
saveImage(response.content, os.path.join(self.cur_path, 'qrcode.jpg'))
showImage(os.path.join(self.cur_path, 'qrcode.jpg'))
登陆抓包准备
左上角按钮能够控制浏览器的抓包状态,如果将它点为灰色的话,浏览器将停止抓包固定住抓包的数量和位置并不会清空。
其次按钮为改变浏览器的运行速率,如果出现网速过快现象使得抓包来不及按,我们可以将前后端发送速率改为缓慢3G网速,这样就能轻松点到截止抓包了。(手速慢才会用这个,比如我)
我们拦截到这些登陆包,一个个寻找登陆所需要的主要包。
关于登陆包只有一个URL为https://ssl.ptlogin2.qq.com/ptqrlogin
参数为:u1: https://graph.qq.com/oauth2.0/login_jump
ptqrtoken: 1506487176
ptredirect: 0
h: 1
t: 1
g: 1
from_ui: 1
ptlang: 2052
action: 1-0-1607136616096
js_ver: 20102616
js_type: 1
login_sig:
pt_uistyle: 40
aid: 716027609
daid: 383
pt_3rd_aid: 100497308
棘手的可变加密参数
第一个参数
params.ptqrtoken=$.str.hash33($.cookie.get("qrsig"))
pt.ptui.login_sig=pt.ptui.login_sig||$.cookie.get("pt_login_sig");
ptqrtoken
参数需要获取cookie中的qrsig键的值信息后经过hash33加密处理。login_sig
参数需要获取cookie中的pt_login_sig键的值信息即可。
一个是点击登陆按钮出现弹窗那一刻有可能出现该参数。
一个是弹出二维码或QQ登陆信息时有可能出现该参数。
appid: 716027609
daid: 383
style: 33
login_text: 授权并登录
hide_title_bar: 1
hide_border: 1
target: self
s_url: https://graph.qq.com/oauth2.0/login_jump
pt_3rd_aid: 100497308
pt_feedback_link: https://support.qq.com/products/77942?customInfo=.appid100497308
session = requests.Session()
params = {
'appid': '716027609',
'daid': '383',
'style': '33',
'login_text': '授权并登录',
'hide_title_bar': '1',
'hide_border': '1',
'target': 'self',
's_url': 'https://graph.qq.com/oauth2.0/login_jump',
'pt_3rd_aid': '100497308',
'pt_feedback_link': 'https://support.qq.com/products/77942?customInfo=.appid100497308',
}
response = session.get('https://xui.ptlogin2.qq.com/cgi-bin/xlogin?', params=params)
cookie = session.cookies
print(cookie)
### 为了好看在这里我给全都拆开看了。
# ->
# ->
=1c1e24098914080000b07d1bd433ca8b619275ff for .ptlogin2.qq.com/>,
第二个参数 1.获取
session = requests.Session()
params = {
'appid': '716027609',
'e': '2',
'l': 'M',
's': '3',
'd': '72',
'v': '4',
't': str(random.random()),
'daid': '383',
'pt_3rd_aid': '100497308',
}
response = session.get('https://ssl.ptlogin2.qq.com/ptqrshow?', params=params)
cookie = session.cookies
print(cookie)
# ->
# ->
=4tlVhzwYo0FHzGeuen5Y-h5reR5cO*HjDyRQXcPedS*7MmOIYRENCN*BwY9JY1dD for .ptlogin2.qq.com/>]>
第二个参数hash33加密
hash33: function hash33(str) {
var hash = 0;
for (var i = 0, length = str.length; i < length; ++i) {
hash += (hash << 5) + str.charCodeAt(i)
}
return hash & 2147483647
}
'''qrsig转ptqrtoken, hash33函数'''
def __decryptQrsig(self, qrsig):
e = 0
for c in qrsig:
e += (e << 5) + ord(c)
return 2147483647 & e
全部代码
import os,sys,time
import subprocess
import random
import re
import requests
def showImage(img_path):
try:
if sys.platform.find('darwin') >= 0: subprocess.call(['open', img_path])
elif sys.platform.find('linux') >= 0: subprocess.call(['xdg-open', img_path])
else: os.startfile(img_path)
except:
from PIL import Image
img = Image.open(img_path)
img.show()
img.close()
def removeImage(img_path):
if sys.platform.find('darwin') >= 0:
os.system("osascript -e 'quit app \"Preview\"'")
os.remove(img_path)
def saveImage(img, img_path):
if os.path.isfile(img_path):
os.remove(img_path)
fp = open(img_path, 'wb')
fp.write(img)
fp.close()
class qqmusicScanqr():
is_callable = True
def __init__(self, **kwargs):
for key, value in kwargs.items(): setattr(self, key, value)
self.info = 'login in qqmusic in scanqr mode'
self.cur_path = os.getcwd()
self.session = requests.Session()
self.__initialize()
'''登录函数'''
def login(self, username='', password='', crack_captcha_func=None, **kwargs):
# 设置代理
self.session.proxies.update(kwargs.get('proxies', {}))
# 获得pt_login_sig
params = {
'appid': '716027609',
'daid': '383',
'style': '33',
'login_text': '授权并登录',
'hide_title_bar': '1',
'hide_border': '1',
'target': 'self',
's_url': 'https://graph.qq.com/oauth2.0/login_jump',
'pt_3rd_aid': '100497308',
'pt_feedback_link': 'https://support.qq.com/products/77942?customInfo=.appid100497308',
}
response = self.session.get(self.xlogin_url, params=params)
pt_login_sig = self.session.cookies.get('pt_login_sig')
# 获取二维码
params = {
'appid': '716027609',
'e': '2',
'l': 'M',
's': '3',
'd': '72',
'v': '4',
't': str(random.random()),
'daid': '383',
'pt_3rd_aid': '100497308',
}
response = self.session.get(self.ptqrshow_url, params=params)
saveImage(response.content, os.path.join(self.cur_path, 'qrcode.jpg'))
showImage(os.path.join(self.cur_path, 'qrcode.jpg'))
qrsig = self.session.cookies.get('qrsig')
ptqrtoken = self.__decryptQrsig(qrsig)
# 检测二维码状态
while True:
params = {
'u1': 'https://graph.qq.com/oauth2.0/login_jump',
'ptqrtoken': ptqrtoken,
'ptredirect': '0',
'h': '1',
't': '1',
'g': '1',
'from_ui': '1',
'ptlang': '2052',
'action': '0-0-%s' % int(time.time() * 1000),
'js_ver': '20102616',
'js_type': '1',
'login_sig': pt_login_sig,
'pt_uistyle': '40',
'aid': '716027609',
'daid': '383',
'pt_3rd_aid': '100497308',
'has_onekey': '1',
}
response = self.session.get(self.ptqrlogin_url, params=params)
print(response.text)
if '二维码未失效' in response.text or '二维码认证中' in response.text:pass
elif '二维码已经失效' in response.text:
raise RuntimeError('Fail to login, qrcode has expired')
else:break
time.sleep(0.5)
removeImage(os.path.join(self.cur_path, 'qrcode.jpg'))
# 登录成功
qq_number = re.findall(r'&uin=(.+?)&service', response.text)[0]
url_refresh = re.findall(r"'(https:.*?)'", response.text)[0]
response = self.session.get(url_refresh, allow_redirects=False, verify=False)
print('账号「%s」登陆成功' % qq_number)
return self.session
'''qrsig转ptqrtoken, hash33函数'''
def __decryptQrsig(self, qrsig):
e = 0
for c in qrsig:
e += (e << 5) + ord(c)
return 2147483647 & e
'''初始化'''
def __initialize(self):
self.headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36',
}
self.ptqrshow_url = 'https://ssl.ptlogin2.qq.com/ptqrshow?'
self.xlogin_url = 'https://xui.ptlogin2.qq.com/cgi-bin/xlogin?'
self.ptqrlogin_url = 'https://ssl.ptlogin2.qq.com/ptqrlogin?'
self.session.headers.update(self.headers)
qq_login = qqmusicScanqr()
session = qq_login.login()
原文链接:blog.csdn.net/qq_45414559
文章转载:Python编程学习圈
(版权归原作者所有,侵删)
点击下方“阅读原文”查看更多