-
-
[分享]分享一次使用python自动打卡上报体温
-
发表于: 2021-8-30 16:51
-
因为学校每天都需要在小北同学上面进行打卡上报体温,我现在已经实习了,每天上班经常忘记,思来想去,最近刚好在学python的request模块,想着可不可以用python实现自动打卡。
说干就干,先找到了小北同学APP的包,准备在模拟器上运行,然后用burp抓包看看请求地址和数据,然后用python模拟的,结果发现APP居然做了防护,在模拟器上根本就没法登录。然后我又想到在实体机上运行,这次可以登录了,但是又因为我的手机没有ROOT,抓不到数据。。。
一时间我竟毫无办法,就在我要放弃的时候,突然看到我们的程序居然还有IOS版本的,于是我让同事下载这次用Charles抓到了数据。
知道了请求地址和数据,事情就变得简单了。首先需要登录才可以进行打卡操作,所以先模拟请求登录。登录的时候需要发送4个数据,code、账号密码和uuid。账号密码这两个简单,code和uuid得找一下在哪快获取。在F12控制台network处我发现登录时会向03dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6U0j5i4m8@1j5$3S2S2d9h3#2S2k6$3g2Q4c8e0g2Q4z5p5k6Q4z5e0q4Q4c8e0W2Q4z5o6m8Q4z5o6q4Q4c8e0c8Q4b7U0S2Q4z5o6m8Q4c8e0c8Q4b7U0S2Q4b7f1q4s2c8g2c8Q4c8e0S2Q4b7f1k6Q4b7U0N6Q4c8e0k6Q4b7U0q4Q4z5o6u0Q4c8f1k6Q4b7V1y4Q4z5p5y4Q4c8e0k6Q4z5o6W2Q4z5e0y4Q4c8e0g2Q4b7V1y4Q4z5o6m8Q4c8e0c8Q4b7U0W2Q4z5p5u0Q4c8e0g2Q4z5e0m8Q4z5p5g2Q4c8e0c8Q4b7V1y4Q4z5f1q4Q4c8e0g2Q4z5p5k6Q4z5e0q4Q4c8e0N6Q4z5p5g2Q4b7U0m8Q4c8e0W2Q4z5o6N6Q4z5p5y4Q4c8e0W2Q4z5f1c8Q4b7e0u0Q4c8e0g2Q4b7U0m8Q4b7U0q4Q4c8e0k6Q4z5e0N6Q4b7U0k6U0L8$3c8W2i4@1f1#2i4K6S2r3i4K6R3J5i4@1f1$3i4K6V1#2i4@1t1H3i4@1f1#2i4K6V1J5i4K6S2o6N6i4g2A6k6q4!0q4c8W2!0n7b7#2)9^5b7#2!0q4y4q4!0n7z5q4)9^5c8q4!0q4y4g2!0n7c8g2)9&6y4#2!0q4y4q4!0n7z5q4)9^5c8q4!0q4z5q4!0m8c8W2!0n7y4q4!0q4z5q4!0n7c8W2)9&6z5q4!0q4y4W2)9&6z5q4!0m8c8W2!0q4y4g2!0n7c8g2)9^5z5q4!0q4y4g2!0n7z5g2!0n7z5q4!0q4z5q4!0n7c8W2)9&6x3q4!0q4y4#2)9&6b7g2)9^5y4q4!0q4x3#2)9^5x3q4)9^5x3W2!0q4y4#2)9&6z5g2!0n7b7W2!0q4y4g2!0n7c8q4)9&6y4g2!0q4y4#2)9&6b7g2)9^5y4q4!0q4y4g2)9^5c8W2)9^5x3W2!0q4y4W2)9&6y4g2!0n7x3q4!0q4z5g2)9^5x3#2!0n7c8q4!0q4y4W2)9&6b7#2)9^5z5g2!0q4y4q4!0n7b7g2)9^5y4W2!0q4c8W2!0n7b7#2)9^5b7#2!0q4y4#2)9&6b7W2!0n7y4q4!0q4y4W2)9^5c8g2!0m8y4g2!0q4y4g2)9^5y4W2)9&6z5g2!0q4y4q4!0n7b7W2!0m8x3#2!0q4y4#2!0m8x3q4)9^5x3g2!0q4z5q4!0n7c8W2)9&6b7W2!0q4z5q4!0m8x3g2)9^5b7#2!0q4y4#2)9&6z5g2!0n7b7W2!0q4y4g2!0n7c8q4)9&6y4g2!0q4x3#2)9^5x3q4)9^5x3R3`.`.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | import requestsimport jsonimport timedef login(): session = requests.session() url_get = 'f1eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6U0j5i4m8@1j5$3S2S2d9h3#2S2k6$3g2Q4x3U0M7`. response = session.get(url_get) uuid = response.json()['uuid'] showcode = response.json()['showCode'] url_post = '9b9K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6D9L8$3N6A6L8W2)9J5y4H3`.`. # 构建登录字典 data = { "username": "", "password": "", "code": showcode, "uuid": uuid } response = session.post(url=url_post, json=data) print(response.text)if __name__ == '__main__': login() |
这段代码主要是为了获取登录后的token值,因为必须有token才可以进行打卡。
获得了token直接请求打卡地址发送数据即可
最后贴上完整代码
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | import requestsimport jsonimport timedef login(): session = requests.session() url_get = '482K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6U0j5i4m8@1j5$3S2S2d9h3#2S2k6$3g2Q4x3U0M7`. response = session.get(url_get) uuid = response.json()['uuid'] showcode = response.json()['showCode'] url_post = '80eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6D9L8$3N6A6L8W2)9J5y4H3`.`. # 构建登录字典 data = { "username": "", "password": "", "code": showcode, "uuid": uuid } response = session.post(url=url_post, json=data) token_xiaobei = response.json()['token'] url_tiwen = "748K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6^5K9h3q4G2j5X3g2A6i4K6u0W2P5h3W2F1k6$3S2#2j5h3!0F1L8r3W2F1k6g2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3c8Q4x3X3c8S2M7r3W2Q4x3V1k6K6N6s2g2V1k6h3&6@1i4K6u0r3K9r3g2S2L8s2c8Z5" headers = { # ':method':'POST', # ':scheme':'https', # ':path':'/prod-api/student/health', # ':authority':'xiaobei.yinghuaonline.com', # 'accept':'*/*', # 'ontent-type':'application/json', # 'content-length':'280', # 'accept-language':'zh-cn', 'user-agent': 'iPhone10,6(iOS/13.5.1) Uninview(Uninview/1.0.0) Weex/0.26.0 1125x2436', 'authorization': token_xiaobei, 'accept-encoding': 'gzip, deflate, br' } data = { "temperature": "36.3", "coordinates": "undefined-陕西省-西安市-雁塔区", "location": "108.8814949544271,34.21714735243056", "healthState": "1", "dangerousRegion": "2", "dangerousRegionRemark": "", "contactSituation": "2", "goOut": "1", "goOutRemark": "", "remark": "", "familySituation": "1" } response = requests.post(url=url_tiwen, headers=headers, json=data) print(response.text)if __name__ == '__main__': login() |
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
