简介
通过小黄鸟抓包Fa米家App,发现没有什么校验,用模拟请求直接可以重发。。。
- 账号验证是通过token字段;
- 设备标识用deviceId;
等等...
基本上必须的几个参数就:{ "blackbox": "tdfpeyxxxx", "device_id": "2f35xxxx", "fmversion": "3.0.2", "os": "android", "token": "eyneWxxxx", "useragent": "okhttp/4.7.2" }
代码
这就好办了,可以做一个自动Fa米粒签到(可以换商品),或者其他好玩的功能。
提供几个粗糙的函数:
import requests
class Fmapp:
def __init__(self) -> None:
self.base_headers = {
'Host': 'fmapp.chinafamilymart.com.cn',
'blackBox': '',
'token': '',
'deviceId': '',
'User-Agent': 'okhttp/4.7.2',
'Content-Type': 'application/json',
'loginChannel': 'app',
'channel': '333',
'fmVersion': '3.0.2',
'os': 'android',
}
def check_in(self):
'''
签到
'''
url = 'https://fmapp.chinafamilymart.com.cn/api/app/market/member/signin/sign'
headers = self.base_headers.copy()
res = requests.post(url=url, headers=headers).json()
print(res)
def verify_code(self, mobile, distinctId):
'''
请求发送短信验证码
'''
url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/verifyCode'
headers = self.base_headers.copy()
data = {
"mobile": mobile,
"firstSend": True,
"distinctId": distinctId,
"newVersion": True
}
res = requests.post(url=url, json=data, headers=headers).json()
print(res)
if res['code'] == '200':
return res['data']
return None
def login(self, mobile, code, distinctId):
'''
短信验证码登录
'''
url = 'https://fmapp.chinafamilymart.com.cn/api/app/login'
headers = self.base_headers.copy()
data = {
"mobile": mobile,
"verifyCode": code,
"openId": "",
"openChannelCd": "1",
"grantTypeCd": "1",
"distinctId": distinctId,
"newVersion": True,
"unionId": "",
"jpushId": "120c83f760da1764565"
}
res = requests.post(url=url, json=data, headers=headers).json()
print(res)
if res['res'] == '200':
return res['data']['token']
return None
def member_info(self):
'''
获取用户详情
'''
url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/info'
headers = self.base_headers.copy()
res = requests.post(url=url, headers=headers).json()
print(res)
if res['code'] == '200':
return True
return False
def mili_detail(self):
'''
获取Fa米粒详情
'''
url = 'https://fmapp.chinafamilymart.com.cn/api/app/member/v2/mili/detail'
headers = self.base_headers.copy()
data = {"pageNo":1, "pageSize":10}
res = requests.post(url=url, json=data, headers=headers).json()
print(res)
total = -1
if res['code'] == '200':
total = res['data']['total']
return total
def process(self):
# 需要抓包补全
blackBox = 'tdfp'
# 需要抓包补全
deviceId = '2f356'
# 需要抓包补全
distinctId = "cb19df02c32d2079"
# 可用手机验证码登录获取,或者手动抓包补全
token = 'eyJhbG'
self.base_headers['token'] = token
self.base_headers['blackBox'] = blackBox
self.base_headers['deviceId'] = deviceId
# # 手机号
# mobile = ""
# # 收到的验证码
# code = self.verify_code(mobile, distinctId)
# if not code:
# return
# token = self.login(mobile, code, distinctId)
# if not token:
# return
# self.base_headers['token'] = token
if self.member_info():
self.check_in()
self.mili_detail()
Fmapp().process()
效果
签到:
个人资料:
米粒信息:
没有小黄鸟的童鞋看这里:https://sxf1024.lanzouv.com/iCbux09zoera
没有Fa米家的童鞋看这里:https://sxf1024.lanzouv.com/iCbKv09zoetc
福利
然后就可以在挂载服务器上每天自动运行了。
没有服务器的可以看看这个腾讯云的ECS,很便宜,一年只需65元,它不香吗?:
详情:https://curl.qcloud.com/fnG9lyjo
评论 (0)