SNS什么的我是一直无爱的,这次蛋疼写了个登录开心网(kaixin001)并向所有好友发送站内消息的脚本。
开心网在登录的时候做了一些处理,并不传原始密码,从js分析到的结果是:登录时会生成一个随机的key,然后用这个key和原始密码进行xxtea加密,把加密后的结果再进行sha1加密。之后post这个key以及加密后的密码进行登录验证。
以下是很简陋的脚本内容:
#coding: utf-8"""开心网操作脚本Author: piglei2007@gmail.comVersion: 1.0"""import reimport urllibimport urllib2import randomimport hashlibimport binasciiimport cookielibimport simplejsonfrom xxtea import encryptLOGIN_URL = "http://www.kaixin001.com/login/login_api.php"LOGIN_KEY_URL = "http://www.kaixin001.com/"FRIEND_LIST_URL = "http://www.kaixin001.com/interface/suggestfriend.php"MESSAGE_SEND_URL = "http://www.kaixin001.com/msg/post.php"LOGIN_KEY_RE = re.compile(r"new/sEnLogin/('(.*?)'")class LoginError(Exception): """ 登录失败抛出异常 """class Kaixin001User(object): """ 操作kaixin001,现有方法: get_login_key - 获得用户访问登录页面时分配的加密key get_rpassword - 获得经过xxtea以及sha1加密后的密码 login - 登录 get_friends_list - 获得所有好友,返回字典格式 send_messages_to_all - 给所有好友发消息 """ def __init__(self, username, password): self.username = username self.password = password self.cj = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(self.cj)) opener.addheaders = [ ("User-agent", "Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1) Gecko/20090704 Firefox/3.5"), ("Accept", "*/*"), ("Host", "www.kaixin001.com") ] urllib2.install_opener(opener) def get_login_key(self): """ 获得登录时候的加密key """ _temp = urllib2.urlopen(LOGIN_KEY_URL).read() key = LOGIN_KEY_RE.search(_temp).group(1) return key def login(self): """ 登录 """ login_key = self.get_login_key() rpassword = self.get_rpassword(self.password, login_key) login_params = { 'email': self.username, 'encypt': login_key, 'rpasswd': rpassword, 'url': '/home/', 'ver': '1' } req = urllib2.Request(LOGIN_URL, urllib.urlencode(login_params), { "Referer": "http://www.kaixin001.com/" }) result = urllib2.urlopen(req).read() # 登录失败 if "errno" in result: raise LoginError("登录失败,请检查用户名或密码") print "用户 %s 登录成功!" % self.username return 'ok' def get_friends_list(self): """ 获得所有好友列表 """ get_friends_params = { 't': str(random.random()), 'type': 'all', } result = urllib2.urlopen(FRIEND_LIST_URL, urllib.urlencode(get_friends_params)).read() friends = simplejson.loads(result) print "你一共有 %s 位好友" % (len(friends) - 1) return friends def send_messages_to_all(self, message=''): """ 给所有好友发消息 """ friends = self.get_friends_list() send_params = { 'attachment_cancel': '', 'attachment_forwarding': '', 'attachment_random': '', 'code': '', 'content': message, 'forward_thread': '', 'rcode': '', 'service': '0', 'texttype': 'html', 'uids': ",".join([str(f['uid']) for f in friends]) } result = urllib2.urlopen(MESSAGE_SEND_URL, urllib.urlencode(send_params)) print result.geturl() print "消息发送成功" return 'ok' def get_rpassword(self, password, key): """ 获得加密后的密码 """ xxtea_pw = binascii.b2a_hex( encrypt(password, key) ) r_password = hashlib.sha1(xxtea_pw).hexdigest() return r_password if __name__ == '__main__': kxu = Kaixin001User( username = 'your_username', password = 'your_password' ) kxu.login() kxu.send_messages_to_all("This message is send by Python.")
新闻热点
疑难解答