Shulou(Shulou.com)06/01 Report--

This article is about how to get HifJzoc9 and 80T. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

The idea of obtaining HifJzoc9 and HM4hUBT0dDOn80T

First

If you go directly to the console request, you will find the following request, which returns the contents of the list

But you can't find HifJzoc9 directly. It means it was added later. By intercepting XMLHttpRequest, the generated parameters are added to the request parameters. And on this site, the name of this parameter is also js dynamic generation.

The following figure shows where the name of 80T is generated in cookie. Look, that's the name. Don't think too much. The specific cracking has not been completed yet.

So one is to increase the XHR breakpoint, and the other is to use the following function. I use this function in the form of Google plug-ins.

Share a hook function

Var code = function () {var open = window.XMLHttpRequest.prototype.open; window.XMLHttpRequest.prototype.open = function open (method, url, async) {if (url.indexOf ("HifJzoc9") >-1) {debugger;}}; var script = document.createElement ('script'); script.textContent =' ('+ code +') ()'; (document.head | document.documentElement) .appendChild (script) Script [XSS _ clean] .removeChild (script)

This function can intercept the request before it is sent.

Now that the request can be intercepted, it means that you can get the encryption parameters generated in the current environment.

If you look at this website often, you will notice that he will make such a request every few seconds.

So my intercept code can be used all the time, blocking him from making a request. As you can see from the picture below, the request has not been sent.

Cancel the request

Window.XMLHttpRequest.abort ()

If you get the url parameter, all you need is cookie.

The second one.

Print cookie directly to the console

In fact, there is only 80T printed out like this, and there is no 80s.

This is because of HTTPOnly. Specifically, you can check it out at Baidu. Now all major websites have this, and it's also for security.

This can be solved using Google plug-ins, and you can take a look at Google documentation.

The Google plug-in provides a way. Of course, this method needs to be used in the background page. After filling in URL, you can get all his cookies.

Chrome.cookies.getAll ({url: "http://*.cn/"}, function (cookies) {})

80T is also being refreshed all the time, so just keep getting and submitting to your crawler.

Summary

1. Intercept XMLHTTPRequest requests

2. Get the url after the encrypted parameters have been generated

3. Cancel the request

Window.XMLHttpRequest.abort ()

4. Obtain cookie

Send the acquired cookie and url to the crawler. (this is all done through the background page of the plug-in. The site has cross-domain restrictions, so the final send operation is on the background page. For details, please take a look at the plug-ins, which is very simple.)

6. Crawler requests data.

Complete process

Google plug-in sends encrypted url and cookie to the interface, and the crawler gets the value through the interface for data crawling. It's simple.

And this site as long as you can get these two things, the rest is easy to say, too many requests so far found that there is only a picture verification code.

The disadvantages are:

If you need a lot of crawling, you need a lot of browsers.

The advantages are:

You don't have to crack js.

Another idea is to execute js through selenium, pyppeteer, and puppeteer, generate encryption parameters, and then cancel the request. This will generate what you want more quickly. It's pretty cool, too.

But in this case, I don't know how to cancel the request and intercept the parameters.

Thank you for reading! This is the end of the article on "how to get HifJzoc9 and 80T". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.