Capture packets to get the curriculum, test scores, and curriculum of Northeastern University.
I tried to do some different things during my vacation, but I had never been ruined. I suddenly regretted seeing the curtain class. I had to take another vacation and study hard in the curtain class. Reading is much more efficient than yourself!
As a result, it was boring. I spent one night learning about python (only for understanding). I always wanted to do something interesting, and I wanted to get in touch with packet capture.
Since Wireshark is not very useful to me, Charles is the software used to capture packets this time.
Charles is a good packet capture software on Mac, and the operation is really simple. Mom no longer has to worry about not capturing packets. At the same time, the traffic on the mobile phone can also be captured. Connect the mobile phone to the computer in the same LAN, and manually set the Wi-Fi proxy. The address is the Intranet IP address of the computer and port 8888. I love it!
The above is the address. It can be seen that only the user name, md5 encrypted password, and time are submitted.
First, write an md5 encryption function.
1 def md5(str): 2 import hashlib 3 m = hashlib.md5() 4 m.update(str) 5 return m.hexdigest()
I won't say that I am from Baidu...
Next is the submission time, that is, the token, which is based on my current level (quasi-white). This is only used to differentiate users, so I took the random number decisively, however, in order to look like a serious link, we still put the time ahead.
1 def ran(): 2 import random 3 return str(random.randint(1000000000000000000, 2999999999999999999)) 4 5 def tim(): 6 import time 7 day = time.strftime("%Y%m%d") 8 now = time.strftime("%H%M%S") 9 return day+now 10 userName = '20150000' 11 passwd = md5('20150000') 12 token = tim()+ran()13 url = "http://202.118.31.241:8080/api/v1/login?userName="+userName+"&passwd="+passwd+"&token"+token
This completes the submitted link. The following is a network operation that references urllib2.
1 def WebView(urls): 2 import urllib2 3 request=urllib2.Request(urls) 4 web=urllib2.urlopen(request) 5 return web.read().decode('gbk').encode('utf-8')
It is also written as a function.
Based on the captured packets in subsequent operations, the system will return a time string based on which all requests are made.
1 Login = WebView(url)
Run the "made" link in the login function to obtain the returned value.
{"Success": "0", "errCode": "", "errMsg": "", "data": {"token": "201602291749112430008019436", "userName ": "20150000", "realName": "passer-by", "isTeacher": "0 "}}
The above is the returned Login.
We need to get the number next to the token. what we get is in json format. We can get the token value after parsing.
1 import json 2 JsonLogin = json.loads(Login) 3 token = JsonLogin['data']['token'] 4 UrlKeBiao = "http://202.118.31.241:8080/api/v1/courseSchedule2?token="+token
After parsing, JsonLogin becomes the dict type, and JsonLogin ['data'] is the dict in dict. Finally, we can use the obtained token value for various accesses.
For example, UrlKeBiao = "http: // 202.118.31.241: 8080/api/v1/courseSchedule2? Token = "+ token: the address of the requested course list.
UrlKeBiao = "http: // 202.118.31.241: 8080/api/v1/courseSchedule1? Token = "+ token this is the query result address
Any blank classrooms, innovative credits, and so on can be viewed. The content is in json format and can be smoothly read after analysis.
For example, I wrote the code for parsing the curriculum:
1 KeBiao = WebView(UrlKeBiao) 2 JsonKeBiao = json.loads(KeBiao) 3 print type(JsonKeBiao['data']) 4 print type(JsonKeBiao['data'][0]) 5 k=0 6 r=0 7 while r!=6: 8 print "%-25.20s"%(JsonKeBiao['data'][k+r]['name']), 9 k+=6 10 if k==42: 11 k=0 12 r=r+1 13 print '\n'
To display Chinese properly, you need to add the following four lines.
# -*- coding: utf-8 -* import sys reload(sys) sys.setdefaultencoding( "utf-8" )