2025-04-12
首先打开开发者调试工具,没有该环境的具体可以参考:
https://github.com/JaveleyQAQ/WeChatOpenDevTools-Python
请求接口:aHR0cHM6Ly82Nm1pbmlhcHAtYXBpLjY2emhpenUuY29tL2NsaWVudC9zZWFyY2gvaG91c2U=
找到对应的接口:
https://66miniapp-api.66zhizu.com/client/search/house
请求的参数为
sequence:1744274642.198%3B1744424408.118
city:%E4%B8%8A%E6%B5%B7
region:
distance:
longitude:
latitude:
stations:
bed_count:
rent_type:
sort:
cost1:
cost2:
请求方式为GET
请求参数没有加密,观察一下,发现请求头中有一个Authorization参数是加密的
然后全局搜索一下Authorization,并在可疑的位置打下断点.然后往下滑动,请求新的数据
断点断在了:
header: {
Authorization: r.generate(t + n, i, u),
Terminal: __wxConfig.platform,
Version: __wxConfig.envVersion
},
这一行代码就是参数的生成位置
Authorization: r.generate(t + n, i, u),
跟栈进去:
function(e, t) {
var n = r()
, s = this.token.getToken(“secret”) ? this.token.getToken(“secret”) : (0,
o.default)(n)
, a = this.token.getToken(“token”) ? this.token.getToken(“token”) : (0,
o.default)(n)
, c = t ? t.toLowerCase() : “get”
, i = this._version ? this._version + e : e.substring(1)
, u = “request_url=”.concat(i, “&content=”).concat(n, “&request_method=”).concat(c, “×tamp=”).concat(n, “&secret=”).concat(s)
, l = (0,
o.default)(u);
return “timestamp=”.concat(n, “;oauth2=”).concat(a, “;signature=”).concat(l, “;secret=”).concat(s)
}
然后仔细分析这个代码,在调试的时候发现,当n=1744426918的时候,执行得到的s的值是"089de10b39e1ebb753379f2b651d2ae4",然后找一个在线的加解密的网站对比发现,这个其实就是一个标准的MD5加密,因此不需要扣这个代码,直接利用crypto-js这个库来实现即可
js还原后的结果如下:
然后其实请求传参中还有一个参数:sequence,经过测试发现这个参数并不需要传递,因此可以直接固定死就好了.最终的结果如下:
python完整代码如下:
import requests
headers = {
"Accept": "*/*",
"Accept-Language": "zh-CN,zh;q=0.9",
"Authorization": "timestamp=1744426124;oauth2=646024e1cf4c9ebc51c07aaeb4247990;signature=d8d16a7f0cd9fdf7ed8a80492f2e8211;secret=646024e1cf4c9ebc51c07aaeb4247990",
"Connection": "keep-alive",
"Content-Type": "application/json",
"Referer": "https://servicewechat.com/wxa0545fcd02d93b5d/194/page-frame.html",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "cross-site",
"Terminal": "windows",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 MicroMessenger/7.0.20.1781(0x6700143B) NetType/WIFI MiniProgramEnv/Windows WindowsWechat/WMPF WindowsWechat(0x63090a13) XWEB/8555",
"xweb_xhr": "1"
}
url = "https://66miniapp-api.66zhizu.com/client/search/house"
def get_authorization():
# 利用execjs调用js
import execjs
with open("./09_六六找房/main.js", "r", encoding="utf-8") as f:
js_code = f.read()
ctx = execjs.compile(js_code)
result = ctx.call("generate_Authorization")
return result
def parse_data(data):
items = data["result"]["items"]
for item in items:
title = item["title"]
sub_title_1 = item["sub_title_1"]
price_label = item["price_label"]
view_number_label = item["view_number_label"]
time_label = item["time_label"]
print(f"标题: {title}, 子标题: {sub_title_1}, 价格: {price_label}, 浏览量: {view_number_label}, 发布时间: {time_label}")
if __name__ == "__main__":
params = {
# 经过测试发现sequence没有检测
"sequence": "1744274642.398;1744424408.118",
"city": "广州",
"region": "",
"distance": "",
"longitude": "",
"latitude": "",
"stations": "",
"bed_count": "",
"rent_type": "",
"sort": "",
"cost1": "",
"cost2": ""
}
authorization = get_authorization()
headers["Authorization"] = authorization
response = requests.get(url, headers=headers, params=params)
parse_data(response.json())