从业务开发,了解http本质。
问卷星代刷方法:
- python+selenium 通过自动化测试工具正常填写,方法低效,容易出现安全检测(本文不讲)。
- post请求,模拟包发送,简单快捷,跳过安全检测,缺点:需要对http协议有所了解,对请求包进行分析。
开始
设计问卷,我将从测试简单的单选,多选,填空上进行请求包分析。
选择一款带有右键检查的浏览器,本文采用google浏览器。
测试开始,准备对请求包进行解析,此处点击提交按钮后,需要在反应过程快速停止抓包,否则会被响应包覆盖:
接下来我们点击请求包,查看请求包内容将有惊人发现:
我们讲解一些内容,为python模拟post请求提供支撑。
Request URL:实际提交的URL路径
Status Code:状态码 和原因
Cookie:小甜饼 记录浏览器与服务器交互的状态信息
Host:主机 域名或者地址
Referer:引用地址 防盗链
User-Agent:代理主机(模仿)
下拉到页尾,我们将看到最重要的部分-请求内容
我们仔细看会发现,与我们在填写问卷时,所选择,多选,填空内容似乎有所联系。因此,这里便是我们对post请求的切入点。我们也很容易发现其中规律 :
题号x后面+$+选项y+结尾}
接下来我们模拟代码
import requests
import time
from random import randint
import random
from fake_useragent import UserAgent
from time import sleep
import urllib3
urllib3.disable_warnings()def Headers(UserAgent, Virtual_ip):#用户代理 虚拟地址(防止同ip被检测)header = {'host': 'www.wjx.cn','User-Agent': UserAgent,'Content-type': 'application/x-www-form-urlencoded; ','Referer': 'https://www.wjx.cn/jq/63984870.aspx',#刚才引用拷贝过来 'Cookie': "acw_tc=2f624a7115838432797021174e32b93dcaafa9d93ef3d6a56dccffb876a493; .ASPXANONYMOUS=Xu1oLGkt1gEkAAAAODgyOTdjNjQtY2Y2OS00NGZjLWEzMWQtYTFkN2NhMTM5ZGFl3VCUr3-1EJezxhzcyPqUlgTUv8s1; UM_distinctid=170c46a85383d5-0205e032eac378-4313f6a-144000-170c46a8539419; CNZZDATA4478442=cnzz_eid%3D1774923139-1583839423-%26ntime%3D1584027209; crudat=2019-10-17 09:15:37; ConnectQQ=1; SojumpSurvey=01028F271B4FA5C6D708FE8FC72CD6C6C6D70800237100710024006600340037003700340064006400320063006500640036006300610034006400360065003300330038003300620065006200310037006400360063006600650000012F00FF89C3A346804DF45AB44E10AF5D7E5CA287281866; LastCheckUpdateDate=1; Hm_lvt_21be24c80829bd7a683b2c536fcf520b=1583843280,1584031760; _cnzz_CV4478442=%E7%94%A8%E6%88%B7%E7%89%88%E6%9C%AC%7C%E5%85%8D%E8%B4%B9%E7%89%88%7C1584031770893; csrfck=40de0e62-bfc0-4961-9b38-ee69c334ac91; LastActivityJoin=63984870,104777950441; join_63984870=1; SERVERID=0f3eb8fcde19feef85b46d49c555413b|1584032313|1584031739; Hm_lpvt_21be24c80829bd7a683b2c536fcf520b=1584032314", #cooie拷贝过来'X-Forwarded-For': Virtual_ip #虚拟地址 这里涉及代理服务器转发}return header
引用包(代码注释部分需要注意 host,Referer,Cookie):
- requests:网络库,进行网络请求
- random:随机数算法库,进行随机选择
- fake_useragent:虚拟用户代理,模仿浏览器请求
- urllib3:网络库
模仿随机选择代码
def Auto(headers):#url地址url = 'https://www.wjx.cn/joinnew/processjq.ashx?submittype=1&curID=63984870&t=1584032334860&starttime=2020%2F3%2F13%200%3A58%3A33&ktimes=92&rn=3065474660&hlv=1&sd=http%3a%2f%2fwww.wjx.cn%2f&jqnonce=f77e224b-3796-47ba-acff-fab242a6fea5&jqsign=d55g006%60%2F15%3B4%2F65%60c%2Fcadd%2Fdc%60060c4dgc7'lists = [] #答案数组for _ in range(1, 4):#循环 从1题到3题if _==1: #如果第一题 随机选第一还是第二temp = randint(1, 2) s = str(_)+'$'+str(temp)lists.append(s) elif _==2: #多选题n = randint(1, 2) #选择数目ns = random.sample(range(1,3), n) #1,3之间随机选择n个数字 ns.sort();#排序s='|'.join(str(num) for num in ns) #多选模式s =str(_)+'$'+slists.append(s);elif _==3:s = str(_)+'$'+"无"lists.append(s) #将无添加至末尾data = "submitdata="+"}".join(lists) #模仿请求体中结构data =data.encode('utf-8').decode("latin1")print(data); r = requests.post(url, headers=headers, data=data, verify=False)result = r.text[:] #打印结果return result
此处我们更改url地址为request请求地址,其余根据设置内容,对下面循环进行定制
运行代码10表示正确
几秒后
完整代码
import requests
import time
from random import randint
import random
from fake_useragent import UserAgent
from time import sleep
import urllib3
urllib3.disable_warnings()def Headers(UserAgent, Virtual_ip):header = {'host': 'www.wjx.cn','User-Agent': UserAgent,'Content-type': 'application/x-www-form-urlencoded; ','Referer': 'https://www.wjx.cn/jq/63984870.aspx','Cookie': "acw_tc=2f624a7115838432797021174e32b93dcaafa9d93ef3d6a56dccffb876a493; .ASPXANONYMOUS=Xu1oLGkt1gEkAAAAODgyOTdjNjQtY2Y2OS00NGZjLWEzMWQtYTFkN2NhMTM5ZGFl3VCUr3-1EJezxhzcyPqUlgTUv8s1; UM_distinctid=170c46a85383d5-0205e032eac378-4313f6a-144000-170c46a8539419; CNZZDATA4478442=cnzz_eid%3D1774923139-1583839423-%26ntime%3D1584027209; crudat=2019-10-17 09:15:37; ConnectQQ=1; SojumpSurvey=01028F271B4FA5C6D708FE8FC72CD6C6C6D70800237100710024006600340037003700340064006400320063006500640036006300610034006400360065003300330038003300620065006200310037006400360063006600650000012F00FF89C3A346804DF45AB44E10AF5D7E5CA287281866; LastCheckUpdateDate=1; Hm_lvt_21be24c80829bd7a683b2c536fcf520b=1583843280,1584031760; _cnzz_CV4478442=%E7%94%A8%E6%88%B7%E7%89%88%E6%9C%AC%7C%E5%85%8D%E8%B4%B9%E7%89%88%7C1584031770893; csrfck=40de0e62-bfc0-4961-9b38-ee69c334ac91; LastActivityJoin=63984870,104777950441; join_63984870=1; SERVERID=0f3eb8fcde19feef85b46d49c555413b|1584032313|1584031739; Hm_lpvt_21be24c80829bd7a683b2c536fcf520b=1584032314",'X-Forwarded-For': Virtual_ip}return headerdef Auto(headers):#url地址url = 'https://www.wjx.cn/joinnew/processjq.ashx?submittype=1&curID=63984870&t=1584032334860&starttime=2020%2F3%2F13%200%3A58%3A33&ktimes=92&rn=3065474660&hlv=1&sd=http%3a%2f%2fwww.wjx.cn%2f&jqnonce=f77e224b-3796-47ba-acff-fab242a6fea5&jqsign=d55g006%60%2F15%3B4%2F65%60c%2Fcadd%2Fdc%60060c4dgc7'lists = [] #答案数组for _ in range(1, 4):#循环 从1题到3题if _==1: #如果第一题 随机选第一还是第二temp = randint(1, 2) s = str(_)+'$'+str(temp)lists.append(s) elif _==2: #多选题n = randint(1, 2) #选择数目ns = random.sample(range(1,3), n) #1,3之间随机选择n个数字 ns.sort();#排序s='|'.join(str(num) for num in ns) #多选模式s =str(_)+'$'+slists.append(s);elif _==3:s = str(_)+'$'+"无"lists.append(s) #将无添加至末尾data = "submitdata="+"}".join(lists) #模仿请求体中结构data =data.encode('utf-8').decode("latin1")print(data); r = requests.post(url, headers=headers, data=data, verify=False)result = r.text[:] #打印结果return result
while True:User_Agent=UserAgent().random; #随机代理Virtual_ip=str(randint(1,254))+'.'+str(randint(0,254))+'.'+str(randint(0,254))+'.'+str(randint(0,254)) #随机ip格式 xxx.xxx.xxx.xxxprint(User_Agent,Virtual_ip)header=Headers(User_Agent,Virtual_ip)print(header)result=Auto(header)print(result)sleep(1);
结尾:
本文通过post请求介绍http协议内容与请求方式,学艺不精,有错误请指出。谢谢。