实战 | 羊了个羊(小程序抓包工具推荐)
遵纪遵章守纪
任意我和公司适用互联网不准严格认真执行宪法修正案法律规定,严格认真执行公益性治安,敬畏市场公德,不准不良影响互联网人身安全防护,不准再生利用互联网经营不良影响国家的人身安全防护、荣誉奖和共同利益。
总体目标:羊了个羊小软件程序
选择器具:HTTP Debugger Pro 9.11(民众号回信0916取得)
区域:微信公众号容易ios版本
一个构想
点击事件现在开始该游戏后用HTTP Debugger Pro 9.11添加参数包,遇到特别的两人請求文件夹研究分享新一下这只是請求冒险模式参数,有冒险模式id主要为80001和90016,研究分享新一下肯定90016是最后关也说是强度相对比较高的冒险模式
数据信息包提取,在此利用HTTP Debugger Pro 9.11可便捷提取
抓取token
一号关统计数据包下载
GET /sheep/v1/game/map_info?map_id=80001 HTTP/2
Host: cat-match.easygame2021.com
Xweb_xhr: 1
T: TOKEN
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)Chrome/81.0.4044.138 Safari/537.36 MicroMessenger/7.0.4.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF
Content-Type: application/json
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: //servicewechat.com/wx141bfb9b73c970a9/15/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-us,en
跳到统计数据包下载
HTTP/2 200 OK
Date: Fri, 16 Sep 2022 00:20:54 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST
{"err_code":0,"err_msg":"","data":{"id":"62ccde7d3dd1931da84a84e2","created_at":"2022-07-12T02:37:49.515Z","updated_at":"2022-09-
14T15:53:23.508Z","map_option":2,"map_id":80001,"map_data":"{\"widthNum\":8,\"heightNum\":10,\"levelKey\":80001,\"blockTypeData\":{\"1\":2,\"4\":1,\"13\":2},\"levelData\":{\"1\":[{\"id\":\"1-16-16\",\"type\":0,\"rolNum\":16,\"rowNum\":16,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-28-16\",\"type\":0,\"rolNum\":28,\"rowNum\":16,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-40-16\",\"type\":0,\"rolNum\":40,\"rowNum\":16,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-16-32\",\"type\":0,\"rolNum\":16,\"rowNum\":32,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-28-32\",\"type\":0,\"rolNum\":28,\"rowNum\":32,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-40-32\",\"type\":0,\"rolNum\":40,\"rowNum\":32,\"layerNum\":1,\"moldType\":1,\"blockNode\":null},{\"id\":\"1-16-48\",\"type\":0,\"rolNum\":16,\"rowNum\":48,\"layerNum\":1,\"moldType\":2,\"blockNode\":null},{\"id\":\"1-28-48\",\"type\":0,\"rolNum\":28,\"rowNum\":48,\"layerNum\":1,\"moldType\":2,\"blockNode\":null},{\"id\":\"1-40-48\",\"type\":0,\"rolNum\":40,\"rowNum\":48,\"layerNum\":1,\"moldType\":2,\"blockNode\":null}],\"2\":[{\"id\":\"2-16-49\",\"type\":0,\"rolNum\":16,\"rowNum\":49,\"layerNum\":2,\"moldType\":2,\"blockNode\":null},{\"id\":\"2-28-49\",\"type\":0,\"rolNum\":28,\"rowNum\":49,\"layerNum\":2,\"moldType\":2,\"blockNode\":null},{\"id\":\"2-40-49\",\"type\":0,\"rolNum\":40,\"rowNum\":49,\"layerNum\":2,\"moldType\":2,\"blockNode\":null},{\"id\":\"2-16-20\",\"type\":1,\"rolNum\":16,\"rowNum\":20,\"layerNum\":2,\"moldType\":1,\"blockNode\":null},{\"id\":\"2-28-20\",\"type\":1,\"rolNum\":28,\"rowNum\":20,\"layerNum\":2,\"moldType\":1,\"blockNode\":null},{\"id\":\"2-40-20\",\"type\":1,\"rolNum\":40,\"rowNum\":20,\"layerNum\":2,\"moldType\":1,\"blockNode\":null},{\"id\":\"2-16-36\",\"type\":0,\"rolNum\":16,\"rowNum\":36,\"layerNum\":2,\"moldType\":1,\"blockNode\":null},{\"id\":\"2-28-36\",\"type\":0,\"rolNum\":28,\"rowNum\":36,\"layerNum\":2,\"moldType\":1,\"blockNode\":null},{\"id\":\"2-40-36\",\"type\":0,\"rolNum\":40,\"rowNum\":36,\"layerNum\":2,\"moldType\":1,\"blockNode\":null}]}}"}}
第二步关請求包
GET /sheep/v1/game/game_over?rank_score=1&rank_state=1&rank_time=24&rank_role=1&skin=1 HTTP/2
Host: cat-match.easygame2021.com
Xweb_xhr: 1
T: token
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 MicroMessenger/7.0.4.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF
Content-Type: application/json
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: //servicewechat.com/wx141bfb9b73c970a9/15/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-us,en
POC&EXP
「python」
import requests
headers = {
"Accept-Encoding": "gzip,compress,br,deflate",
"Accept": "*/*",
"Connection": "keep-alive",
"t": "你的token",
'User-Agent': "Mozilla/5.0 (iPhone; CPU iPhone OS 15_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 MicroMessenger/8.0.26(0x18001a34) NetType/WIFI Language/zh_CN"
}
cookies = {}
def testRequest():
url = '//cat-match.easygame2021.com/sheep/v1/game/game_over?rank_score=1&rank_state=1&rank_time=0&rank_role=1&skin=1'
wb_data = requests.get(url, headers=headers)
print("code:", wb_data.status_code)
if __name__ == '__main__':
for lp in range(520):
testRequest()
「易语言表达」
来自于神奇的植物的論壇
//wwi.lanzoup.com/b00q4pgif 管理员密码:5ajq
想刷许屡次就屡次
- 关键词标签:
- CQ9电子 小程序抓包工具 网络安全
