12306购票抓包分析以及任务分解
12306购票抓包分析以及任务分解
学习目标:
- 了解 12306抓包过程
1.1 抓包分析
使用谷歌浏览器或fiddler等抓包工具完成登陆以及购票操作,进行抓包,根据
具有业务作用
或被set-cookie
确定以下内容:
- url
- query
- method
- data
- Referer
- response.text / response.json()
1.1.1 https://www.12306.cn/index/
作用:获取cookies
- GET
1.1.2 https://kyfw.12306.cn/otn/login/conf
作用:获取cookies
- POST
- data 无
- Referer
https://kyfw.12306.cn/otn/resources/login.html
1.1.3 https://kyfw.12306.cn/otn/index12306/getLoginBanner
作用:获取cookies
GET
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":...
1.1.4 https://kyfw.12306.cn/passport/web/auth/uamtk-static
作用:获取cookies,检查用户是否登录
POST
data
{'appid': 'otn'}
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"result_message":"用户未登录","result_code":1}
1.1.5 https://kyfw.12306.cn/passport/web/create-qr64
作用:获取cookies,获取登录二维码
POST
data
{'appid': 'otn'}
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"result_message":"生成二维码成功","result_code":"0","image":"iVBO...","uuid":"..."}
- uuid
1.1.6 https://kyfw.12306.cn/passport/web/checkqr
作用:获取cookies,查询二维码状态
POST
data
{'appid': 'otn', 'uuid': uuid}
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"result_message":"二维码状态查询成功","result_code":"0"}
1.1.7 https://kyfw.12306.cn/passport/captcha/captcha-image64?login_site=E&module=login&rand=sjrand&_={}
作用:获取验证码图片
GET
query
str(time.time() * 1000)[:-5]
13位时间戳
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"result_message":"生成验证码成功","result_code":"0","image":"/9j..."}
- image:base64 图片编码
1.1.8 https://kyfw.12306.cn/passport/captcha/captcha-check?answer={}&rand=sjrand&login_site=E&_={}
作用:验证图片验证码
GET
query
- answer 图片验证码坐标
str(time.time() * 1000)[:-5]
13位时间戳
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{'result_message': '验证码校验成功', 'result_code': '4'}
1.1.9 https://kyfw.12306.cn/passport/web/login
作用:登录
POST
data
{'username': username, 'password': password, 'appid': 'otn', 'answer': answer} # 图片验证码坐标 1.8小结
Referer
https://kyfw.12306.cn/otn/resources/login.html
response.json()
{"result_message":"登录成功","result_code":0,"uamtk":"mZflRtMjLW9f7tIDMvjiZR0qp5uuO3zJQBHeCHvMrxssd1210"}
1.1.10 https://kyfw.12306.cn/otn/login/userLogin
作用:302跳转
- GET
- Referer
https://kyfw.12306.cn/otn/resources/login.html
1.1.11 https://kyfw.12306.cn/otn/passport?redirect=/otn/login/userLogin
作用:进入登陆页,获取cookie或行为验证
- GET
- Referer
https://kyfw.12306.cn/otn/resources/login.html
1.1.12 https://kyfw.12306.cn/passport/web/auth/uamtk
作用:获取newapptk
POST
data
{'appid': 'otn'}
Referer
https://kyfw.12306.cn/otn/passport?redirect=/otn/login/userLogin
response.json()
{'result_message': '验证通过', 'result_code': 0, 'apptk': None, 'newapptk': '9pHw2HZlkEEoUm_Nc4DJxl1QUk6NdAZqz4DXs3B2mHAga1210'}
- newapptk
1.1.13 https://kyfw.12306.cn/otn/uamauthclient
作用:登录后验证
POST
data
{'tk': newapptk}
Referer
https://kyfw.12306.cn/otn/passport?redirect=/otn/login/userLogin
response.json()
{'apptk': '9pHw2HZlkEEoUm_Nc4DJxl1QUk6NdAZqz4DXs3B2mHAga1210', 'result_code': 0, 'result_message': '验证通过', 'username': '赵艳秋'}
1.1.14 https://kyfw.12306.cn/otn/resources/js/framework/station_name.js?station_version=1.9076
作用:解析获取车站/城市信息字典
- GET
- query
- station_version=1.9076 # 随着国家的发展,新增车站/城市,会新增版本号
1.1.15 https://kyfw.12306.cn/otn/leftTicket/log?leftTicketDTO.train_date=%s&leftTicketDTO.from_station=%s&leftTicketDTO.to_station=%s&purpose_codes=ADULT
作用:查询车量信息前置操作
GET
query
- train_data 出行时间 固定格式
2018-12-03
- from_station_code 出行车站/城市编码
- to_station_code 到达车站/城市编码
- train_data 出行时间 固定格式
Referer
https://kyfw.12306.cn/otn/leftTicket/init
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"messages":[],"validateMessages":{}}
1.1.16 https://kyfw.12306.cn/otn/leftTicket/query?leftTicketDTO.train_date=%s&leftTicketDTO.from_station=%s&leftTicketDTO.to_station=%s&purpose_codes=ADULT
作用:查询车量信息
GET
query
- train_data 出行时间 固定格式
2018-12-03
- from_station_code 出行车站/城市编码 from 车站/城市信息字典[from_station]
- to_station_code 到达车站/城市编码 from 车站/城市信息字典[to_station]
- train_data 出行时间 固定格式
Referer
https://kyfw.12306.cn/otn/leftTicket/init
response.json()
- 此处需要解析车辆信息
- secretStr
- leftTicket
- train_location
1.1.17 https://kyfw.12306.cn/otn/login/checkUser
作用:检查用户是否保持登录状态
POST
data
{'_json_att': ''}
Referer
https://kyfw.12306.cn/otn/leftTicket/init
response.json()
{'validateMessagesShowId': '_validatorMessage', 'status': True, 'httpstatus': 200, 'data': {'flag': True}, 'messages': [], 'validateMessages': {}}
1.1.18 https://kyfw.12306.cn/otn/leftTicket/submitOrderRequest
作用:点击预定车票
POST
data
{'secretStr': secretStr, 'train_date': train_date, 'back_train_date': train_date, 'tour_flag': 'dc', # dc 单程 wf 往返 'purpose_codes': 'ADULT', # 成人 'query_from_station_name': from_station, # 车站/城市信息字典[from_station] 'query_to_station_name': to_station, # 车站/城市信息字典[to_station] 'undefined': '' }
Referer
https://kyfw.12306.cn/otn/leftTicket/init
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":"N","messages":[],"validateMessages":{}}
1.1.19 https://kyfw.12306.cn/otn/confirmPassenger/initDc
作用:订单初始化 获取REPEAT_SUBMIT_TOKEN 和 key_check_isChange
POST
data
{'_json_att': ''}
Referer
https://kyfw.12306.cn/otn/leftTicket/init
response.text
- repeat_submit_token 正则获取
- key_check_isChange 正则获取
1.1.20 https://kyfw.12306.cn/otn/confirmPassenger/getPassengerDTOs
作用:获取用户信息
POST
data
{'_json_att': '', 'REPEAT_SUBMIT_TOKEN': repeat_submit_token} # 1.1.19获取
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
需要解析并构造乘客信息
需要解析坐席编码
seat_type
passengerTicketStr
passengerTicketStr = '%s,0,1,%s,%s,%s,%s,N' % (seat_type, passenger_info_dict['passenger_name'],passenger_info_dict['passenger_id_type_code'],passenger_info_dict['passenger_id_no'],passenger_info_dict['passenger_mobile_no'])
oldPassengerStr
oldPassengerStr = '%s,%s,%s,1_' % (passenger_info_dict['passenger_name'],passenger_info_dict['passenger_id_type_code'],passenger_info_dict['passenger_id_no'])
1.1.21 https://kyfw.12306.cn/otn/confirmPassenger/checkOrderInfo
作用:检查选票人信息
POST
data
{'cancel_flag': '2', # 未知 'bed_level_order_num': '000000000000000000000000000000', # 未知 'passengerTicketStr': passengerTicketStr.encode('utf-8'), # O,0,1,靳文强,1,142303199512240614,18335456020,N 'oldPassengerStr': oldPassengerStr.encode('utf-8'), # 靳文强,1,142303199512240614,1_ 'tour_flag': 'dc', # 单程 'randCode': '', 'whatsSelect': '1', '_json_att': '', 'REPEAT_SUBMIT_TOKEN': repeat_submit_token # 1.1.19获取 }
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":{"ifShowPassCode":"N","canChooseBeds":"N","canChooseSeats":"N","choose_Seats":"MOP9","isCanChooseMid":"N","ifShowPassCodeTime":"1","submitStatus":true,"smokeStr":""},"messages":[],"validateMessages":{}}
1.1.22 https://kyfw.12306.cn/otn/confirmPassenger/getQueueCount
作用:提交订单,并获取持票未付款的人数,和车票的真实余数
POST
data
{'train_date': parseDate(train_date), # Fri Nov 24 2017 00:00:00 GMT+0800 (中国标准时间) 'train_no': train_info_dict['train_no'], # 6c0000G31205 'stationTrainCode': train_info_dict['stationTrainCode'], # G312 'seatType': seat_type, # 席别 'fromStationTelecode': train_info_dict['from_station'], # one_train[6] 'toStationTelecode': train_info_dict['to_station'], # ? one_train[7] 'leftTicket': train_info_dict['leftTicket'], # one_train[12] 'purpose_codes': '00', 'train_location': train_info_dict['train_location'], # one_train[15] '_json_att': '', 'REPEAT_SUBMIT_TOKEN': repeat_submit_token # 1.1.19获取 }
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":{"count":"0","ticket":"20,100","op_2":"false","countT":"0","op_1":"false"},"messages":[],"validateMessages":{}}
- count 持票未付款的人数
- ticket 车票的真实余数
1.1.23 https://kyfw.12306.cn/otn/confirmPassenger/confirmSingleForQueue
作用:确认订单,进行扣票
POST
data
{'passengerTicketStr': passengerTicketStr.encode('utf-8'), 'oldPassengerStr': oldPassengerStr.encode('utf-8'), 'randCode': '', 'purpose_codes': '00', 'key_check_isChange': key_check_isChange, 'leftTicketStr': leftTicket, 'train_location': train_location, # one_train[15] 'choose_seats': '', # 选择坐席 ABCDEF 上中下铺 默认为空不选 'seatDetailType': '000', 'whatsSelect': '1', 'roomType': '00', 'dwAll': 'N', # ? '_json_att': '', 'REPEAT_SUBMIT_TOKEN': repeat_submit_token # 1.1.19获取 }
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
{'validateMessagesShowId': '_validatorMessage', 'status': True, 'httpstatus': 200, 'data': {'submitStatus': True}, 'messages': [], 'validateMessages': {}}
1.1.24 https://kyfw.12306.cn/otn/confirmPassenger/queryOrderWaitTime?random=%s&tourFlag=dc&_json_att=&REPEAT_SUBMIT_TOKEN=%s
作用:排队等待 返回waittime(下次发送重复请求所需要的等待时间) 重复发送请求直到获取 requestID 和 orderID
GET
query
- str(int(time.time() * 1000))
- repeat_submit_token # 1.1.19获取
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":{"queryOrderWaitTimeStatus":true,"count":0,"waitTime":4,"requestId":6478994818521140385,"waitCount":1,"tourFlag":"dc","orderId":null},"messages":[],"validateMessages":{}}
1.1.25 https://kyfw.12306.cn/otn/confirmPassenger/resultOrderForDcQueue
作用:获取订单结果,如果提示“网络传输过程中数据丢失,请查看未完成订单,继续支付!”则购票成功!
POST
data
{ 'orderSequence_no': orderID, # 1.1.24获取 '_json_att': '', 'REPEAT_SUBMIT_TOKEN': repeat_submit_token # 1.1.24获取 }
Referer
https://kyfw.12306.cn/otn/confirmPassenger/initDc
response.json()
{"validateMessagesShowId":"_validatorMessage","status":true,"httpstatus":200,"data":{"errMsg":"网络传输过程中数据丢失,请查看未完成订单,继续支付!","submitStatus":false},"messages":[],"validateMessages":{}}
1.2 项目任务分解
12306购票抓包分析以及任务分解相关推荐
- 【爬虫实战】12306购票抓包分析以及任务分解
12306购票抓包分析以及任务分解 前言 1. 抓包分析 1.1 `https://www.12306.cn/index/` 1.2 `https://kyfw.12306.cn/otn/login/ ...
- 网络:抓包分析ping的原理
控制报文协议(Internet Control Message Protocol,ICMP)是 TCP/IP 协议族的一个子协议.ICMP 协议用于在 IP 主机和路由器之间传递控制消息,描述网络是否 ...
- hls二次加密 m3u8_HLS实战之Wireshark抓包分析
0.引言 Wireshark(前称Ethereal)是一个网络封包分析软件.网络封包分析软件的功能是撷取网络封包,并尽可能显示出最为详细的网络封包资料.Wireshark使用WinPCAP作为接口,直 ...
- Wireshark数据抓包分析(网络协议篇)1.2安装Wireshark
Wireshark数据抓包分析(网络协议篇)1.2安装Wireshark Wireshark(前称Ethereal)是一个网络包分析工具.该工具主要是用来捕获网络包,并显示包的详细情况.本节将分别介绍 ...
- Wireshark数据抓包分析(网络协议篇)第1章网络协议抓包概述
Wireshark数据抓包分析(网络协议篇)第1章网络协议抓包概述 网络协议是用于不同计算机之间进行网络通信的.网络协议是网络上所有设备(如网络服务器.计算机.交换机.路由器等)之间通信规则的集合,它 ...
- Wireshark数据抓包分析——网络协议篇
Wireshark数据抓包分析--网络协议篇 Wireshark是目前最受欢迎的抓包工具.它可以运行在Windows.Linux及MAC OS X操作系统中,并提供了友好的图形界面.同时,Wiresh ...
- 转 Wireshark和TcpDump抓包分析心得
1. Wireshark与tcpdump介绍 Wireshark是一个网络协议检测工具,支持Windows平台和Unix平台,我一般只在Windows平台下使用Wireshark,如果是Linux的话 ...
- Linux服务器下的HTTP抓包分析
2019独角兽企业重金招聘Python工程师标准>>> 说到抓包分析,最简单的办法莫过于在客户端直接安装一个Wireshark或者Fiddler了,但是有时候由于客户端开发人员(可能 ...
- DNS抓包分析--wireshark
DNS抓包分析–wireshark DNS-(Domain Name System,域名系统),是因特网上作为余名和IP地址相互映射的一个分布式数据库,能够使用户更加方便地访问互联网,而不是去记住能够 ...
最新文章
- 超级计算机为什么快,演讲视频_为什么这台超级计算机如此快? (有声) _沪江英语...
- php 图片上传 水印,PHP - 图片上传并添加水印
- 设计模式-单件模式(Singleton pattern)
- java 异常堆栈日志分析_Java 进阶之路:深入解读 Java 异常堆栈丢失原因
- MySQL-01-linux安装MySQL的两种方式及其遇到的问题
- 论文笔记:Semantic Relation Reasoning for Shot-Stable Few-Shot Object Detection
- LeetCode 简单等级
- Rootkit检测技术发展现状
- wmic java_wmic 命令用法及实例
- python怎么爬取电影海报_Python3 爬取时光网电影海报和电影数据
- php js广告,JavaScript_用JS调用谷歌 AdSense广告的方法, 具体的google广告的js文件做 - phpStudy...
- P8814 [CSP-J 2022] 解密(民间数据)——数学思维 韦达定理
- PS抠图之单色背景图片
- mac 文字识别软件ocr_Mac上那些好用的文字识别工具
- 移动端使用fiddler抓包步骤
- 微软官方Windows 7 USB/DVD Download Tool下载
- canvas + JavaScript实现幸运大转盘
- Python实现计算圆周率π的值到任意位的方法示例
- IBM公布了量子计算机,IBM公布量子计算巨大进展 模拟宇宙不再是梦想
- 实分析斯坦恩中文版_如何评价Stein的实分析以及复分析翻译版本?