对全民K歌签到接口报文分析:修订间差异

来自三线的随记
(创建页面,内容为“=== 敏感变量 === {$variable1}->g_tk_openkey {$variable2}->openkey {$variable3}->uid {$variable4}->openid === Request URL === <nowiki>http://node.kg.qq.com/we…”)
 
无编辑摘要
 
第78行: 第78行:


[[分类:Other]]
[[分类:Other]]
[[分类:Tcpdump]]

2019年8月1日 (四) 01:27的最新版本

敏感变量

{$variable1}->g_tk_openkey

{$variable2}->openkey

{$variable3}->uid

{$variable4}->openid

Request URL

http://node.kg.qq.com/webapp/proxy?format=json&outCharset=utf-8&g_tk={$variable1}&g_tk_openkey={$variable1}

Request header

Cookie: openkey={$variable2}; uid={$variable3}; openid={$variable4}; extroInfo=1|0|2|0|0; opentype=1

referer: http://kg.qq.com/vMission/index.html?hippy=vMission

User-Agent: *****************************

Connection: keep-alive

No-Chunked: true

Content-Type: application/x-www-form-urlencoded

Content-Length: 1038

Host: node.kg.qq.com

Accept-Encoding: gzip

Post Data (URL encoded)

g_tk_openkey={$variable1}&t_vecReportItem:array=%7B%22mData%22%3A%7B%22uid%22%3A%22{$variable3}%22%2C%22openid%22%3A%22{$variable4}%22%2C%22opentype%22%3A%221%22%2C%22act_id%22%3A%22{$variable3}_1564587566429_83931731%22%2C%22opertime%22%3A%221564587566%22%2C%22platform%22%3A%2211%22%2C%22app_version%22%3A%225.2.7.278%22%2C%22key%22%3A%22assignment%23register_module%23register%23click%230%22%7D%7D&ns=app_dcreport&cmd=extra.data_report&ns_inbuf=&mapExt=JTdCJTIyZmlsZSUyMiUzQSUyMmFwcF9kY3JlcG9ydEpjZSUyMiUyQyUyMmNtZE5hbWUlMjIlM0ElMjJEYXRhUmVwb3J0JTIyJTJDJTIyZGNhcGklMjIlM0ElN0IlMjJpbnRlcmZhY2VJZCUyMiUzQTExMzkwMDA2MSU3RCUyQyUyMmlwJTIyJTNBJTIyMTAwLjk1LjEzOC4xOCUyMiUyQyUyMnBvcnQlMjIlM0ExMjQwNiUyQyUyMmw1YXBpX2V4cDElMjIlM0ElN0IlMjJtb2RpZCUyMiUzQTgyMDg2NSUyQyUyMmNtZCUyMiUzQTUyNDI4OCU3RCUyQyUyMmw1YXBpX3Rlc3QxJTIyJTNBJTdCJTIybW9kaWQlMjIlM0E4MjA4NjUlMkMlMjJjbWQlMjIlM0E1MjQyODglN0QlMkMlMjJvdXRwdXQlMjIlM0F0cnVlJTdE

g_tk_openkey={$variable1}&t_vecReportItem:array=%7B%22mData%22%3A%7B%22uid%22%3A%22{$variable3}%22%2C%22openid%22%3A%22{$variable4}%22%2C%22opentype%22%3A%221%22%2C%22act_id%22%3A%22{$variable3}_1564589297921_63176483%22%2C%22opertime%22%3A%221564589297%22%2C%22platform%22%3A%2211%22%2C%22app_version%22%3A%225.2.7.278%22%2C%22key%22%3A%22assignment%23register_module%23register%23click%230%22%7D%7D&ns=app_dcreport&cmd=extra.data_report&ns_inbuf=&mapExt=JTdCJTIyZmlsZSUyMiUzQSUyMmFwcF9kY3JlcG9ydEpjZSUyMiUyQyUyMmNtZE5hbWUlMjIlM0ElMjJEYXRhUmVwb3J0JTIyJTJDJTIyZGNhcGklMjIlM0ElN0IlMjJpbnRlcmZhY2VJZCUyMiUzQTExMzkwMDA2MSU3RCUyQyUyMmlwJTIyJTNBJTIyMTAwLjk1LjEzOC4xOCUyMiUyQyUyMnBvcnQlMjIlM0ExMjQwNiUyQyUyMmw1YXBpX2V4cDElMjIlM0ElN0IlMjJtb2RpZCUyMiUzQTgyMDg2NSUyQyUyMmNtZCUyMiUzQTUyNDI4OCU3RCUyQyUyMmw1YXBpX3Rlc3QxJTIyJTNBJTdCJTIybW9kaWQlMjIlM0E4MjA4NjUlMkMlMjJjbWQlMjIlM0E1MjQyODglN0QlMkMlMjJvdXRwdXQlMjIlM0F0cnVlJTdE

Post Data Variables

  1. g_tk_openkey
  2. t_vecReportItem:array
  3. ns [ 固定, app_dcreport]
  4. cmd [ 固定, extra.data_report]
  5. ns_inbuf [ 固定, 空 ]
  6. mapExt [ 固定 ]

POST DATA关键变量

t_vecReportItem:array

{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}_1564587566429_83931731","opertime":"1564587566","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}

{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}_1564589297921_63176483","opertime":"1564589297","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}

{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}_{时间戳}_{不知道什么鬼东西}","opertime":"{时间戳}","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}

response data [签到成不成功都这样]

HTTP/1.1 200 OK

Date: Wed, 31 Jul 2019 16:19:52 GMT

Content-Type: application/x-javascript

Content-Length: 88

Connection: keep-alive

X-Powered-By: TSW/Node.js

Server: TSW/1.2.4

Cache-Control: no-cache

Content-Security-Policy: script-src https://wesingapp.com http://wesingapp.com  https://*.wesingapp.com http://*.wesingapp.com https://*.qq.com http://*.qq.com https://*.gtimg.cn http://*.gtimg.cn https://*.tenpay.com https://*.idqqimg.com http://*.idqqimg.com https://*.gtimg.com http://*.gtimg.com 'unsafe-inline' 'unsafe-eval'; report-uri https://stat.y.qq.com/monitor/report_csp

Cache-Offline: false

{"code":0,"subcode":0,"msg":"","data":{"extra.data_report":{"iCode":0,"strErrInfo":""}}}

未完待续