url=http://www.gd.chinamobile.com/image?sds=0.372007395458
headers={
      'Host':'',
      'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN;rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
      'Accept':'image/png,image/*;q=0.8,*/*;q=0.5',
      'Accept-Language':'zh-cn,zh;q=0.5',
      'Accept-Encoding':'gzip,deflate',
      'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
      'Keep-Alive':'300',
      'Connection':'keep-alive',
       'Referer':'https:///e100/index.jsp'
       }

Date: Tue, 13 Apr 2010 14:08:31 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000NwDmmJzmpn-0tP5N1cGHatr:126o3oeor; Path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Language: zh-CN


url="http:///ServicesServlet/LOGIN"
data = """_request_json=%257B%2522operation%2522%253A%2522login%2522%252C%2522isProtocol%2522%253Atrue%252C%2522_dl100Mobile%2522%253A%2522%2522%252C%2522_loginInfo%2522%253A%2522%257B%255C%2522_loginType%255C%2522%253A%255C%25222%255C%2522%252C%255C%2522_logonName%255C%2522%253A%255C%2522%s"""% cellphone+""" %255C%2522%252C%255C%2522_password%255C%2522%253A%255C%2522%s"""% passwd+"""%255C%2522%252C%255C%2522_smsRND%255C%2522%253A%255C%2522%255C%2522%252C%255C%2522isProtocol%255C%2522%253Atrue%252C%255C%2522_login_backurl%255C%2522%253A%255C%2522%252Fe100%252Findex.jsp%255C%2522%252C%255C%2522_channel%255C%2522%253A8%252C%255C%2522_imageCode%255C%2522%253A%255C%2522%s"""% verifyCode+"""%255C%2522%257D%2522%257D&_channel=8"""

"""其实上面的是通过抓包到的，复制到urllib.unquote一下就出现下面的request_json了。"""

request_json="""{"operation":"login","isProtocol":true,"_dl100Mobile":"","_loginInfo":"{\\"_loginType\\":\\"2\\",\\"_logonName\\":\\"%s"""% cellphone +"""\\",\\"_password\\":\\"%s"""% passwd+"""\\",\\"_smsRND\\":\\"\\",\\"isProtocol\\":true,\\"_login_backurl\\":\\"/e100/index.jsp\\",\\"_channel\\":8,\\"_imageCode\\":\\"%s"""% verifyCode +"""\\"}"}"""data = urllib.urlencode([('_request_json','%s'% request_json),('_channel', '8')])

headers={
  'Host':'',
  'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
  'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
   'Accept-Language':'zh-cn,zh;q=0.5',
   'Accept-Encoding':'gzip,deflate',
  'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
   'Keep-Alive':'300',
  'Connection':'keep-alive',
 'Referer':'https:///e100/index.jsp',
 'Cookie':'JSESSIONID=%s' % self.JSESSIONID,#这里就是第一次获取验证码的cookie
 'Content-Type':'application/x-www-form-urlencoded',
 }

Date: Tue, 13 Apr 2010 14:21:53 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 97
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN





<script>
window.location="http://:80/e100/index.jsp";
</script>


url="http:///login/sendSMSRND.jsp?_logonName=E100_USER&_r=0.432117305347


Date: Tue, 13 Apr 2010 14:21:55 GMT
Server: IBM_HTTP_Server
Content-Length: 39
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN
















OK
##超sb的yd，竟然返回的内容加了那么多个\r\n

url="http:///e100/SMS/Send?timeStamp=12711916544"
request_json="""{"operation":"SMS_SEND","smsMessage":"{\\"person\\":\\"%s"""% to +"""\\",\\"content\\":\\"%s"""% msg+"""\\",\\"type\\":\\"0\\",\\"time\\":\\"%s"""% sendTime+"""\\",\\"payment\\":\\"0\\",\\"logoCode\\":\\"%s"""% logoCode +"""\\"}"}""" 同样这是我用urllib.unquote得出来的。


Date: Tue, 13 Apr 2010 14:22:24 GMT
Server: IBM_HTTP_Server
Content-Length: 445
Connection: close
Content-Type: text/xml;charset=UTF-8
Content-Language: zh-CN

{"resultObject":{"e_send_num":0,"money_sms_one":0.15,"e_leva_count":0,"money_send_count":0,"free_leva_count":186,"day_send_num":50,"day_send_sms":1,"free_month_num":200,"sms_schd_date":"72","month_send_sms":14,"result":true,"write_count":350,"toget_person":10,"money_count":0.15,"user_e_num":0,"user_e_sends":0,"sms_over_date":"2010年12月31日","month_send_num":1000},"login_type":3,"resultCode":105,"message":"您的信息已提交发送！"}