Basic python and python tutorials
In the previous article, we did not know that there were clues. The comparison between the two photos showed that the first one was very informative, and the second one was garbled.
Why is this happening? Careful kids shoes may find that the connection data we send to the server is different:
The information of the first figure is {"roomid": 98284, "uid": 271298361556770}
The information in the second figure is {"uid": 276194535568357, "protover": 2, "roomid": 98284}
Roomid is the real room number, uid is a random string of numbers, you can directly copy the login.
In comparison, the second one has a "protover": 2 parameter. In fact, the first figure is to capture the data packets of the mobile client, and the second figure is to capture the Web data packets of the computer. So is there any "protover": 2 that can be connected to the bullet screen server.
Therefore, we can infer that the most easily captured data is the mobile phone, the wap, and the computer.
However, many times we capture data in a string of garbled characters, as shown in Figure 2. No matter whether you use utf8 or gbk encoding, the effect of Figure 1 is not achieved.
This type of data is actually a type of compressed data gzip. Currently, wireshark does not support this compression mode.
At present, websites are basically transmitted in compression mode. Therefore, the data you capture is compressed data. In your opinion, the data is completely garbled and cannot be started.
, Visit the homepage of my blog.
Since the analysis of the gzip data transmitted by the server, the solution is simple. Installing a third-party zlib package or gzip package can solve this problem.
Chapter 1: python-bilibili (iii) wireshark Analysis