主体步骤:
- 笔记本装fiddler,开热点;
- 手机连接,设置代理为fiddler监听的8888端口;
- 抓app的包。注意导入fiddler 的证书到手机,否则app是不给联网的。
- 分析app登录、签到时都干了什么。
更多关于fiddller参考:
http://chessman-126-com.iteye.com/blog/2001501
http://www.cnphp6.com/archives/97865
http://www.cnblogs.com/mfryf/p/5028010.html
好,假设你已经做好了准备工作。
当有道云笔记app打开时,fiddler抓到的包:
(1)注意返回的delusers数组,删除用户?怪吓人的。
上图是POST请求,下图是服务器返回(下同)。
(2)如图,重点是请求时发送的usertoken,这个是app内部产生的。这个token变化的频率是?
经测试,退出app后再次打开,此token没有变化。或许是每天变化一次。后面测试。
服务器返回的就是set-cookie了。usertoken不变,cookie就不用变。
(3)在这之后app的自动请求已有LOGIN=true的cookie了。
(4)点击签到按钮,请求checkin method
返回签到是否成功,签到得到的空间等等。
2016/05/10 09:50
今天打开笔记签到,user token 没变,cookie也没变。
2016/05/11 13:44
user token 和 cookie 依旧没变。
由此推论,只要app运行的环境不改变,发送给server的token不会变,返回的cookie不会变。
退出账号后再次登录,user token会改变。仅退出app(登录状态是保留的),下次打开app自动登录,user token 不改变。
好,下面上代码。关键是main函数中的三个方法,模拟了你打开app-点击签到按钮的这个过程。
程序中有的参数需要自己抓包然后放进去。
1 import java.io.BufferedReader;
2 import java.io.IOException;
3 import java.io.InputStreamReader;
4 import java.io.OutputStream;
5 import java.net.HttpURLConnection;
6 import java.net.MalformedURLException;
7 import java.net.URL;
8
9
10 import java.io.PrintWriter;
11 import java.net.URLConnection;
12 import java.util.*;
13 import java.io.*;
14 import java.util.zip.GZIPInputStream;
15 import java.io.UnsupportedEncodingException;
16
17 public class Signin {
18 public static String seesion_cookie = null;
19
20 public static void main(String[] args) throws IOException {
21 /*
22 * set proxy so that fiddler
23 * can capture packages sent by this program
24 System.setProperty("http.proxyHost", "127.0.0.1");
25 System.setProperty("https.proxyHost", "127.0.0.1");
26 System.setProperty("http.proxyPort", "8888");
27 System.setProperty("https.proxyPort", "8888");
28 System.setProperty("javax.net.ssl.trustStore",
29 "D:\\Program Files\\Java\\jre1.8.0_25\\lib\\security\\FiddleKeystore");
30 System.setProperty("javax.net.ssl.trustStorePassword", "your_passwd");
31 */
32
33 System.out.println("deviceOpen:" + deviceOpen());
34 System.out.println("login:" + login());
35 System.out.println("checkIn:" + checkIn());
36
37 }
38
39 public static String deviceOpen() {
40 String url = "http://note.youdao.com/yws/device_open/poll";
41 String arg = "your_arg";
42 Map<String, String> headers = new HashMap<String, String>();
43 headers.put("Content-Length", "481");
44 headers.put("Content-Type", "application/x-www-form-urlencoded");
45
46 return sendPost(url, arg, headers);
47 }
48
49 public static String login() {
50 String url = "http://note.youdao.com/login/acc/co/cq?product=YNOTE&cf=7&userid=.......";
51 String arg = null;
52 Map<String, String> headers = new HashMap<String, String>();
53 headers.put("Content-Length", "0");
54 headers.put("YNOTE-PC", "v2|urstoken||YNOTE|......");
55
56 return sendPost(url, arg, headers);
57 }
58
59 public static String checkIn() {
60 String url = "https://note.youdao.com/yws/mapi/user?method=checkin";
61 String arg = "your_arg";
62 Map<String, String> headers = new HashMap<String, String>();
63 headers.put("Cookie", "YNOTE_LOGIN=true;" + seesion_cookie);
64 headers.put("Content-Length", "481");
65 headers.put("Content-Type", "application/x-www-form-urlencoded");
66
67 return sendPost(url, arg, headers);
68 }
69
70
71
72 public static String sendPost(String url, String param, Map<String, String> headers) {
73 PrintWriter out = null;
74 BufferedReader in = null;
75 StringBuilder result = new StringBuilder();
76 try {
77 URL realUrl = new URL(url);
78
79 HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection();
80 conn.setRequestMethod("POST");
81
82 conn.setRequestProperty("Accept-Encoding", "gzip");
83 conn.setRequestProperty("Accept-Charset", "GBK,utf-8;q=0.7,*;q=0.3");
84 for (String key : headers.keySet())
85 conn.setRequestProperty(key, headers.get(key));
86 conn.setRequestProperty("Host", "note.youdao.com");
87 conn.setRequestProperty("Connection", "Keep-Alive");
88 conn.setRequestProperty("User-Agent", "ynote-android");
89
90 conn.setDoOutput(true);
91 conn.setDoInput(true);
92
93 out = new PrintWriter(conn.getOutputStream());
94 if (param != null) out.print(param);
95 out.flush();
96 System.out.println(conn.getResponseCode() + " " + conn.getResponseMessage());
97
98 for (int i = 1; conn.getHeaderFieldKey(i) != null; ++i) {
99 if (conn.getHeaderFieldKey(i).equals("Set-Cookie") &&
100 conn.getHeaderField(i).contains("YNOTE_SESS=v2")) {
101 seesion_cookie = conn.getHeaderField(i).split(";")[0];
102 System.out.println("seesion_cookie:" + seesion_cookie);
103 break;
104 }
105 }
106
107 Reader reader = null;
108 if ("gzip".equals(conn.getContentEncoding())) {
109 System.out.println("Response body is encoded in gzip.");
110 reader = new InputStreamReader(new GZIPInputStream(conn.getInputStream()));
111 } else {
112 reader = new InputStreamReader(conn.getInputStream());
113 }
114
115 in = new BufferedReader(reader);
116 String line;
117 while ((line = in.readLine()) != null) {
118 result.append(line);
119 }
120 } catch (Exception e) {
121 System.out.println("sendPost Exception !!! " + e);
122 e.printStackTrace();
123 }
124
125 finally {
126 try {
127 if (out != null) out.close();
128 if (in != null) in.close();
129 } catch (IOException ex) {
130 ex.printStackTrace();
131 }
132 }
133
134 return result.toString();
135 }
136 }
Java Code
2016/05/12 00:53
把程序放在服务器上:
设置crontab例行任务
# signin.sh cd /home/whuliss/Documents/ date >> signin_log java SignIn >> signin_log
log:
Fri Jun 3 00:37:01 CST 2016
checkIn:{"total":830472192,"time":1464885510110,"space":6291456,"success":1}
Sat Jun 4 00:37:01 CST 2016
checkIn:{"total":834666496,"time":1464971913651,"space":4194304,"success":1}
Sun Jun 5 00:37:02 CST 2016
checkIn:{"total":840957952,"time":1465058318146,"space":6291456,"success":1}
Mon Jun 6 00:37:01 CST 2016
checkIn:{"total":842006528,"time":1465144721286,"space":1048576,"success":1}
Tue Jun 7 00:37:01 CST 2016
checkIn:{"total":847249408,"time":1465231125472,"space":5242880,"success":1}
Wed Jun 8 00:37:01 CST 2016
checkIn:{"total":852492288,"time":1465317528907,"space":5242880,"success":1}
时间: 2024-11-15 07:49:59