遵纪守法
任何个人和组织使用网络应当遵守宪法法律,遵守公共秩序,尊重社会公德,不得危害网络安全,不得利用网络从事危害国家安全、荣誉和利益。
目标:羊了个羊小程序
使用工具:http debugger pro 9.11(公众号回复0916获取)
环境:微信任意版本
思路
点击开始游戏后用http debugger pro 9.11抓取数据包,发现特别的两个请求文件分析了一下这是请求关卡数据,得到关卡id分别为80001和90016,分析了一下确定90016是第二关也就是难度比较高的关卡
数据包抓取,这里使用http debugger pro 9.11可轻松抓取
获取token
第一关数据包
get /sheep/v1/game/map_info?map_id=80001 http/2
host: cat-match.easygame2021.com
xweb_xhr: 1
t: token
user-agent: mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko)chrome/81.0.4044.138 safari/537.36 micromessenger/7.0.4.501 nettype/wifi miniprogramenv/windows windowswechat/wmpf
content-type: application/json
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://servicewechat.com/wx141bfb9b73c970a9/15/index.html
accept-encoding: gzip, deflate
accept-language: en-us,en
返回数据包
http/2 200 ok
date: fri, 16 sep 2022 00:20:54 gmt
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept
access-control-allow-methods: get, post
{"err_code":0,"err_msg":"","data":{"id":"62ccde7d3dd1931da84a84e2","created_at":"2022-07-12t02:37:49.515z","updated_at":"2022-09-
14t15:53:23.508z","map_option":2,"map_id":80001,"map_data":"{\"widthnum\":8,\"heightnum\":10,\"levelkey\":80001,\"blocktypedata\":{\"1\":2,\"4\":1,\"13\":2},\"leveldata\":{\"1\":[{\"id\":\"1-16-16\",\"type\":0,\"rolnum\":16,\"rownum\":16,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-28-16\",\"type\":0,\"rolnum\":28,\"rownum\":16,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-40-16\",\"type\":0,\"rolnum\":40,\"rownum\":16,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-16-32\",\"type\":0,\"rolnum\":16,\"rownum\":32,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-28-32\",\"type\":0,\"rolnum\":28,\"rownum\":32,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-40-32\",\"type\":0,\"rolnum\":40,\"rownum\":32,\"layernum\":1,\"moldtype\":1,\"blocknode\":null},{\"id\":\"1-16-48\",\"type\":0,\"rolnum\":16,\"rownum\":48,\"layernum\":1,\"moldtype\":2,\"blocknode\":null},{\"id\":\"1-28-48\",\"type\":0,\"rolnum\":28,\"rownum\":48,\"layernum\":1,\"moldtype\":2,\"blocknode\":null},{\"id\":\"1-40-48\",\"type\":0,\"rolnum\":40,\"rownum\":48,\"layernum\":1,\"moldtype\":2,\"blocknode\":null}],\"2\":[{\"id\":\"2-16-49\",\"type\":0,\"rolnum\":16,\"rownum\":49,\"layernum\":2,\"moldtype\":2,\"blocknode\":null},{\"id\":\"2-28-49\",\"type\":0,\"rolnum\":28,\"rownum\":49,\"layernum\":2,\"moldtype\":2,\"blocknode\":null},{\"id\":\"2-40-49\",\"type\":0,\"rolnum\":40,\"rownum\":49,\"layernum\":2,\"moldtype\":2,\"blocknode\":null},{\"id\":\"2-16-20\",\"type\":1,\"rolnum\":16,\"rownum\":20,\"layernum\":2,\"moldtype\":1,\"blocknode\":null},{\"id\":\"2-28-20\",\"type\":1,\"rolnum\":28,\"rownum\":20,\"layernum\":2,\"moldtype\":1,\"blocknode\":null},{\"id\":\"2-40-20\",\"type\":1,\"rolnum\":40,\"rownum\":20,\"layernum\":2,\"moldtype\":1,\"blocknode\":null},{\"id\":\"2-16-36\",\"type\":0,\"rolnum\":16,\"rownum\":36,\"layernum\":2,\"moldtype\":1,\"blocknode\":null},{\"id\":\"2-28-36\",\"type\":0,\"rolnum\":28,\"rownum\":36,\"layernum\":2,\"moldtype\":1,\"blocknode\":null},{\"id\":\"2-40-36\",\"type\":0,\"rolnum\":40,\"rownum\":36,\"layernum\":2,\"moldtype\":1,\"blocknode\":null}]}}"}}
第二关请求包
get /sheep/v1/game/game_over?rank_score=1&rank_state=1&rank_time=24&rank_role=1&skin=1 http/2
host: cat-match.easygame2021.com
xweb_xhr: 1
t: token
user-agent: mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/81.0.4044.138 safari/537.36 micromessenger/7.0.4.501 nettype/wifi miniprogramenv/windows windowswechat/wmpf
content-type: application/json
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://servicewechat.com/wx141bfb9b73c970a9/15/index.html
accept-encoding: gzip, deflate
accept-language: en-us,en
poc&exp
「python」
import requests
headers = {
"accept-encoding": "gzip,compress,br,deflate",
"accept": "*/*",
"connection": "keep-alive",
"t": "你的token",
'user-agent': "mozilla/5.0 (iphone; cpu iphone os 15_6 like mac os x) applewebkit/605.1.15 (khtml, like gecko) mobile/15e148 micromessenger/8.0.26(0x18001a34) nettype/wifi language/zh_cn"
}
cookies = {}
def testrequest():
url = 'https://cat-match.easygame2021.com/sheep/v1/game/game_over?rank_score=1&rank_state=1&rank_time=0&rank_role=1&skin=1'
wb_data = requests.get(url, headers=headers)
print("code:", wb_data.status_code)
if __name__ == '__main__':
for lp in range(520):
testrequest()
「易语言」
来自神奇的论坛
https://wwi.lanzoup.com/b00q4pgif 密码:5ajq
想刷多少次就多次
- 关键词标签:
- 天融信 小程序抓包工具 网络安全