Shulou(Shulou.com)06/01 Report--

This article shows you the use of "man-in-the-middle attack" to crawl official account push based on Anyproxyrhrh, the content is concise and easy to understand, and can definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

In the past, blogs have been using frameworks made by others, such as typecho, WordPress, etc., but because it is someone else's framework, they always do not know the principle of its internal operation. Using Node.js to completely reconstruct this time, it makes me much clearer about the operation principle of the whole blog, and what used to look very complicated (the first impression left by WordPress, although WordPress is not all used for blogging) now looks so simple. If you have friends who use the framework to build a blog, you are advised to try it yourself. Of course, these are not the focus of this push, semi-automatic crawling their own official account push is the key.

The environment and tools needed to crawl:

Backend: Node.js + MongoDB

Proxy server: Anyproxy

An Android simulator

Server environment:

Node.js + MongoDB

First of all, let's introduce Anyproxy, which is a proxy server based on Node.js. In this project, the role of Anyproxy is as follows: if we use this machine as a proxy server and Wechat in the mobile phone simulator as the client, then its operation principle can be shown in the following figure. The mobile client (Client) sends a request to the proxy server (Server, that is, the local machine), and the local machine sends the request to the Wechat server. The information returned by the Wechat server needs to go through the local machine, and then passed to the mobile client by the local machine.

In this process, the local machine acts as a middleman, and after receiving the information returned by Wechat, we can insert a script into that information and send it to the mobile client. This is man-in-the-middle attack.

By the way, another advantage of using Anyproxy is that it supports HTTPS. It can generate certificates so that clients and proxy servers can trust each other so that they can receive HTTPS requests and replies. In official account history messages, many requests are HTTPS.

The steps are as follows (see from: https://zhuanlan.zhihu.com/p/24302048)

1. Create a new Node.js project, a new MongoDB database (you can debug locally first), and a new library called blog, named articles Collections.

two。 Run the terminal to execute the following command to install Anyproxy:

Sudo npm-g install anyproxy

3. Generate a certificate to support https

Sudo anyproxy-root

4. Start Anyproxy, run

Sudo anyproxy-I

5. Install the certificate in the Android simulator:

Start Anyproxy and visit localhost:8002/qr_root in the browser to get the QR code of the certificate path. It is convenient to install on the mobile side. You can complete the installation by using the QR code identified by Wechat.

6. Set up the proxy, open the WiFi of the simulator, and modify the WiFi- to use the proxy. The proxy server address is the ip address of the computer running anyproxy. The default port for the proxy server is 8001.

Now any network operation on Wechat, in the terminal running Anyproxy or opening http://localhost:8002, should be able to see the information returned by the server. As shown in the figure:

In the process, if you have any questions, you can see the article at the top of the thanks.

Next, we populate the script, and we do this by modifying the configuration file.

Profile address:

Mac in / usr/local/lib/node_modules/anyproxy/lib/.

Windows is said to be in APPdata\ Roaming (if not, please find the location of the default global installation of Windows npm).

We only need to modify the replaceServerResDataAsync:function (req,res,serverResData,callback) function in rule_default.js

Because of the large crawler code in that article, I only need to crawl my official account, so I modified it and converted it to js code. The code will not be posted, if you are interested, you can see the GitHub library: https://github.com/Ckend/GzhToBlog, please star it if you like, so that I have the motivation to update it.

The steps are as follows:

1. Start Anyproxy, open the official account's historical message list, and observe in localhost:8002 which of the messages received by Anyproxy belongs to the message list. It turns out that the link with profile-ext is related to the message list.

As a side note, the words in profile-ext are actually right, but it is through this keyword that the official account pushes to check whether other official accounts are quoted in the article. I was shocked to know that I wasted half an hour looking for the fault of this article, and finally found out what the expression looks like here.

two。 So there are two types of responses to links with profile-ext (one is page format, the other is json (after the second page is json). Store all the information returned in the Collections in the previously created MongoDB database blog (see the getToMongodb () function of the GitHubrule _ default.js file. It is recommended to connect to the local MongoDB first and then connect to the server after success).

3. Drag down on the simulator to save all the pushes.

4. Create a new js file, which is responsible for crawling articles through the links in the articles and saving them to the database (corresponding to crawl.js in GitHub).

5. It's done, and then all we need is the front-end rendering data to show the blog.

The above content is based on Anyproxyrhrh using "man-in-the-middle attack" to crawl official account push, have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.