标签 抓包 下的文章

简介

通过小黄鸟抓包Fa米家App,发现没有什么校验,用模拟请求直接可以重发。。。

  • 账号验证是通过token字段;
  • 设备标识用deviceId;
  • 等等...
    基本上必须的几个参数就:

    {
      "blackbox": "tdfpeyxxxx",
      "device_id": "2f35xxxx",
      "fmversion": "3.0.2",
      "os": "android",
      "token": "eyneWxxxx",
      "useragent": "okhttp/4.7.2"
    }

代码

这就好办了,可以做一个自动Fa米粒签到(可以换商品),或者其他好玩的功能。
提供几个粗糙的函数:

import requests

class Fmapp:
    def __init__(self) -> None:
        self.base_headers = {
            'Host': 'fmapp.chinafamilymart.com.cn',
            'blackBox': '',
            'token': '',
            'deviceId': '',
            'User-Agent': 'okhttp/4.7.2',
            'Content-Type': 'application/json',
            'loginChannel': 'app',
            'channel': '333',
            'fmVersion': '3.0.2',
            'os': 'android',
        }
 
    def check_in(self):
        '''
        签到
        '''
        url = 'https://fmapp.chinafamilymart.com.cn/api/app/market/member/signin/sign'
        headers = self.base_headers.copy()
        res = requests.post(url=url, headers=headers).json()
        print(res)
 
 
    def verify_code(self, mobile, distinctId):
        '''
        请求发送短信验证码
        '''
        url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/verifyCode'
        headers = self.base_headers.copy()
        data = {
            "mobile": mobile,
            "firstSend": True,
            "distinctId": distinctId,
            "newVersion": True
        }
        res = requests.post(url=url, json=data, headers=headers).json()
        print(res)
        if res['code'] == '200':
            return res['data']
        return None
 
    def login(self, mobile, code, distinctId):
        '''
        短信验证码登录
        '''
        url = 'https://fmapp.chinafamilymart.com.cn/api/app/login'
        headers = self.base_headers.copy()
        data = {
            "mobile": mobile,
            "verifyCode": code,
            "openId": "",
            "openChannelCd": "1",
            "grantTypeCd": "1",
            "distinctId": distinctId,
            "newVersion": True,
            "unionId": "",
            "jpushId": "120c83f760da1764565"
        }
        res = requests.post(url=url, json=data, headers=headers).json()
        print(res)
        if res['res'] == '200':
            return res['data']['token']
        return None
 
 
    def member_info(self):
        '''
        获取用户详情
        '''
        url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/info'
        headers = self.base_headers.copy()
        res = requests.post(url=url, headers=headers).json()
        print(res)
        if res['code'] == '200':
            return True
        return False
 
    def mili_detail(self):
        '''
        获取Fa米粒详情
        '''
        url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/v2/mili/detail'
        headers = self.base_headers.copy()
        data = {"pageNo":1, "pageSize":10}
        res = requests.post(url=url, json=data, headers=headers).json()
        print(res)
        total = -1
        if res['code'] == '200':
            total = res['data']['total']
        return total
 
 
    def process(self):
        # 需要抓包补全
        blackBox = 'tdfp'
        # 需要抓包补全
        deviceId = '2f356'
        # 需要抓包补全
        distinctId = "cb19df02c32d2079"
        # 可用手机验证码登录获取,或者手动抓包补全
        token = 'eyJhbG'
        self.base_headers['token'] = token
        self.base_headers['blackBox'] = blackBox
        self.base_headers['deviceId'] = deviceId
 
        # # 手机号
        # mobile = ""
        # # 收到的验证码
        # code = self.verify_code(mobile, distinctId)
        # if not code:
        #     return
        # token = self.login(mobile, code, distinctId)
        # if not token:
        #     return
        # self.base_headers['token'] = token
         
        if self.member_info():
            self.check_in()
            self.mili_detail()

Fmapp().process()

效果

签到:

个人资料:

米粒信息:

没有小黄鸟的童鞋看这里:https://sxf1024.lanzouv.com/iCbux09zoera
没有Fa米家的童鞋看这里:https://sxf1024.lanzouv.com/iCbKv09zoetc

福利

然后就可以在挂载服务器上每天自动运行了。
没有服务器的可以看看这个腾讯云的ECS,很便宜,一年只需65元,它不香吗?:
详情:https://curl.qcloud.com/fnG9lyjo