Chinaunix首页 | 论坛 | 博客
  • 博客访问: 163106
  • 博文数量: 27
  • 博客积分: 2179
  • 博客等级: 大尉
  • 技术积分: 335
  • 用 户 组: 普通用户
  • 注册时间: 2008-03-21 12:53
文章分类

全部博文(27)

文章存档

2012年(1)

2010年(9)

2009年(7)

2008年(10)

我的朋友

分类: LINUX

2010-04-13 22:45:17

e100那里有每个月200条免费短信可以使用。但是它的网址的广告太多,每次登录上去都不爽它,于是就写了一个。
e100是通过浏览器发送包出去了,那应该是http包了,而且没有通过ssl层发送,打开wireshark抓包,下面将找到的包分析如下:
1、首先是打开会探出登录框登录,这个时候就已经下载好图形验证码了。所以登录的第一步是下载验证码。其http包如下:
发送:

url=http://www.gd.chinamobile.com/image?sds=0.372007395458
headers={
      'Host':'',
      'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN;rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
      'Accept':'image/png,image/*;q=0.8,*/*;q=0.5',
      'Accept-Language':'zh-cn,zh;q=0.5',
      'Accept-Encoding':'gzip,deflate',
      'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
      'Keep-Alive':'300',
      'Connection':'keep-alive',
       'Referer':'https:///e100/index.jsp'
       }

接收:

Date: Tue, 13 Apr 2010 14:08:31 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000NwDmmJzmpn-0tP5N1cGHatr:126o3oeor; Path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Language: zh-CN

   注意上面的set-cookie,登录的时候要用到。
获取到验证码后,下一步就是登录了。
2、登录
发送:

url="http:///ServicesServlet/LOGIN"
data = """_request_json=%257B%2522operation%2522%253A%2522login%2522%252C%2522isProtocol%2522%253Atrue%252C%2522_dl100Mobile%2522%253A%2522%2522%252C%2522_loginInfo%2522%253A%2522%257B%255C%2522_loginType%255C%2522%253A%255C%25222%255C%2522%252C%255C%2522_logonName%255C%2522%253A%255C%2522%s"""% cellphone+""" %255C%2522%252C%255C%2522_password%255C%2522%253A%255C%2522%s"""% passwd+"""%255C%2522%252C%255C%2522_smsRND%255C%2522%253A%255C%2522%255C%2522%252C%255C%2522isProtocol%255C%2522%253Atrue%252C%255C%2522_login_backurl%255C%2522%253A%255C%2522%252Fe100%252Findex.jsp%255C%2522%252C%255C%2522_channel%255C%2522%253A8%252C%255C%2522_imageCode%255C%2522%253A%255C%2522%s"""% verifyCode+"""%255C%2522%257D%2522%257D&_channel=8"""

"""其实上面的是通过抓包到的,复制到urllib.unquote一下就出现下面的request_json了。"""

request_json="""{"operation":"login","isProtocol":true,"_dl100Mobile":"","_loginInfo":"{\\"_loginType\\":\\"2\\",\\"_logonName\\":\\"%s"""% cellphone +"""\\",\\"_password\\":\\"%s"""% passwd+"""\\",\\"_smsRND\\":\\"\\",\\"isProtocol\\":true,\\"_login_backurl\\":\\"/e100/index.jsp\\",\\"_channel\\":8,\\"_imageCode\\":\\"%s"""% verifyCode +"""\\"}"}"""data = urllib.urlencode([('_request_json','%s'% request_json),('_channel', '8')])

headers={
  'Host':'',
  'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
  'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
   'Accept-Language':'zh-cn,zh;q=0.5',
   'Accept-Encoding':'gzip,deflate',
  'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
   'Keep-Alive':'300',
  'Connection':'keep-alive',
 'Referer':'https:///e100/index.jsp',
 'Cookie':'JSESSIONID=%s' % self.JSESSIONID,#这里就是第一次获取验证码的cookie
 'Content-Type':'application/x-www-form-urlencoded',
 }

接收:

Date: Tue, 13 Apr 2010 14:21:53 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 97
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN





<script>
window.location="http://:80/e100/index.jsp";
</script>

3、获取随机短信验证码
发送:

url="http:///login/sendSMSRND.jsp?_logonName=E100_USER&_r=0.432117305347

headers={'Content-Length': '0', 'Accept-Language': 'zh-cn,zh;q=0.5', 'Accept-Encoding': 'gzip,deflate', 'Connection': 'keep-alive', 'Keep-Alive': '300', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8', 'Accept-Charset': 'GB2312,utf-8;q=0.7,*;q=0.7', 'Host': '', 'Referer': 'https:///e100/index.jsp', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Cookie': 'JSESSIONID=0000Oq1mZ79-3TmoXCitxF4kaoW:126o3ohcr'}


接收

Date: Tue, 13 Apr 2010 14:21:55 GMT
Server: IBM_HTTP_Server
Content-Length: 39
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN
















OK
##超sb的yd,竟然返回的内容加了那么多个\r\n

发送短信:
发送:

url="http:///e100/SMS/Send?timeStamp=12711916544"
request_json="""{"operation":"SMS_SEND","smsMessage":"{\\"person\\":\\"%s"""% to +"""\\",\\"content\\":\\"%s"""% msg+"""\\",\\"type\\":\\"0\\",\\"time\\":\\"%s"""% sendTime+"""\\",\\"payment\\":\\"0\\",\\"logoCode\\":\\"%s"""% logoCode +"""\\"}"}""" 同样这是我用urllib.unquote得出来的。

接收:

Date: Tue, 13 Apr 2010 14:22:24 GMT
Server: IBM_HTTP_Server
Content-Length: 445
Connection: close
Content-Type: text/xml;charset=UTF-8
Content-Language: zh-CN

{"resultObject":{"e_send_num":0,"money_sms_one":0.15,"e_leva_count":0,"money_send_count":0,"free_leva_count":186,"day_send_num":50,"day_send_sms":1,"free_month_num":200,"sms_schd_date":"72","month_send_sms":14,"result":true,"write_count":350,"toget_person":10,"money_count":0.15,"user_e_num":0,"user_e_sends":0,"sms_over_date":"2010年12月31日","month_send_num":1000},"login_type":3,"resultCode":105,"message":"您的信息已提交发送!"}


还有就是第一次发短信要先获取随机验证码,第二次.第三次....都是用图像验证码.
所以出来登录的时候需要验证码,就是第二次,第三次....发短信也需要图形验证码.这个的http包和第一个差不多,就是headers里面多了一个cookie的值.JSESSIONID...

阅读(2793) | 评论(1) | 转发(0) |
给主人留下些什么吧!~~

chinaunix网友2010-08-03 05:08:49

心灵感觉