网络爬虫(又被称为网页蜘蛛,网络机器人,在FOAF社区中间,更经常的称为网页追逐者),是一种按照一定的规则,自动地抓取万维网信息的程序或者脚本。另外一些不常使用的名字还有蚂蚁、自动索引、模拟程序或者蠕虫。
目录
一、Requests
二、BeautifulSoup
三、自动登陆抽屉并点赞
四、“破解”微信公众号
五、自动登陆示例
一、Requests
Python标准库中提供了:urllib、urllib2、httplib等模块以供Http请求,但是,它的 API 太渣了。它是为另一个时代、另一个互联网所创建的。它需要巨量的工作,甚至包括各种方法覆盖,来完成最简单的任务。
- 封装urllib请求
import urllib2
import json
import cookielib def urllib2_request(url, method="GET", cookie="", headers={}, data=None):
"""
:param url: 要请求的url
:param cookie: 请求方式,GET、POST、DELETE、PUT..
:param cookie: 要传入的cookie,cookie= 'k1=v1;k1=v2'
:param headers: 发送数据时携带的请求头,headers = {'ContentType':'application/json; charset=UTF-8'}
:param data: 要发送的数据GET方式需要传入参数,data={'d1': 'v1'}
:return: 返回元祖,响应的字符串内容 和 cookiejar对象
对于cookiejar对象,可以使用for循环访问:
for item in cookiejar:
print item.name,item.value
"""
if data:
data = json.dumps(data) cookie_jar = cookielib.CookieJar()
handler = urllib2.HTTPCookieProcessor(cookie_jar)
opener = urllib2.build_opener(handler)
opener.addheaders.append(['Cookie', 'k1=v1;k1=v2'])
request = urllib2.Request(url=url, data=data, headers=headers)
request.get_method = lambda: method response = opener.open(request)
origin = response.read() return origin, cookie_jar # GET
result = urllib2_request('http://127.0.0.1:8001/index/', method="GET") # POST
result = urllib2_request('http://127.0.0.1:8001/index/', method="POST", data= {'k1': 'v1'}) # PUT
result = urllib2_request('http://127.0.0.1:8001/index/', method="PUT", data= {'k1': 'v1'})
Requests 是使用 Apache2 Licensed 许可证的 基于Python开发的HTTP 库,其在Python内置模块的基础上进行了高度的封装,从而使得Pythoner进行网络请求时,变得美好了许多,使用Requests可以轻而易举的完成浏览器可有的任何操作。
1、GET请求
# 1、无参数实例
import requests
ret = requests.get('https://github.com/timeline.json')
print ret.url
print ret.text
# 2、有参数实例
import requests
payload = {'key1': 'value1', 'key2': 'value2'}
ret = requests.get("http://httpbin.org/get", params=payload)
print ret.url
print ret.text
向 https://github.com/timeline.json 发送一个GET请求,将请求和响应相关均封装在 ret 对象中。
实例:爬取汽车之家新闻标题、链接和图片
import requests
import scrapy
from bs4 import BeautifulSoup
import os
import uuid response = requests.get(url='https://www.autohome.com.cn/news/',)
# 用下载自带的编码规则解析
# 也可以指定response.encoding = 'utf-8'
response.encoding = response.apparent_encoding
# response.status_code 返回的状态码
# lxml性能更好,但需要安装,html.parser是Python内置的
soup = BeautifulSoup(response.text,features='html.parser')
tag1 = soup.find(id='auto-channel-lazyload-article')
# tag2 = tag1.find('li') # 只找到第一个
tag_list = tag1.find_all('li') # 找到全部,以列表形式输出
for tag in tag_list:
tag_a = tag.find('a')
if tag_a: # 有a标签的才拿属性
# print(tag_a.attrs.get('href')) # 新闻链接
h3_text = tag_a.find('h3') # 其实是一个对象,只是打印的时候显示文本
# text和string都是获取标签对象的文本
# print(h3_text.string,'*****') # 新闻标题
# print(h3_text.text,'----') # 新闻标题
img_url = tag_a.find('img').attrs.get('src')
# print(img_url) # 新闻图片
# 下载图片,.text返回的是文本,.content返回的是字节
# 如果直接写url=img_url,最后会出现http:////p9.pstatp.com/list/pgc-image/153838020
img_response = requests.get("http:" + img_url).content
file_name = 'imgs/' + str(uuid.uuid4()) + '.jpg'
# with open(file_name,'wb') as f:
# f.write(img_response)
2、POST请求
# 1、基本POST实例
import requests
payload = {'key1': 'value1', 'key2': 'value2'}
ret = requests.post("http://httpbin.org/post", data=payload)
print ret.text
# 2、发送请求头和数据实例
import requests
import json
url = 'https://api.github.com/some/endpoint'
payload = {'some': 'data'}
headers = {'content-type': 'application/json'}
ret = requests.post(url, data=json.dumps(payload), headers=headers)
print ret.text
print ret.cookies
向https://api.github.com/some/endpoint发送一个POST请求,将请求和相应相关的内容封装在 ret 对象中。
3、其他请求
requests.get(url, params=None, **kwargs)
requests.post(url, data=None, json=None, **kwargs)
requests.put(url, data=None, **kwargs)
requests.head(url, **kwargs)
requests.delete(url, **kwargs)
requests.patch(url, data=None, **kwargs)
requests.options(url, **kwargs) # 以上方法均是在此方法的基础上构建
requests.request(method, url, **kwargs)
params={'k1':'v1'} 以GET形式放入URL传到后台的参数
requests模块已经将常用的Http请求方法为用户封装完成,用户直接调用其提供的相应方法即可,其中方法的所有参数有:
def request(method, url, **kwargs):
"""Constructs and sends a :class:`Request <Request>`. :param method: method for the new :class:`Request` object.
:param url: URL for the new :class:`Request` object.
:param params: (optional) Dictionary or bytes to be sent in the query string for the :class:`Request`.
:param data: (optional) Dictionary, bytes, or file-like object to send in the body of the :class:`Request`.
:param json: (optional) json data to send in the body of the :class:`Request`.
:param headers: (optional) Dictionary of HTTP Headers to send with the :class:`Request`.
:param cookies: (optional) Dict or CookieJar object to send with the :class:`Request`.
:param files: (optional) Dictionary of ``'name': file-like-objects`` (or ``{'name': ('filename', fileobj)}``) for multipart encoding upload.
:param auth: (optional) Auth tuple to enable Basic/Digest/Custom HTTP Auth.
:param timeout: (optional) How long to wait for the server to send data
before giving up, as a float, or a :ref:`(connect timeout, read
timeout) <timeouts>` tuple.
:type timeout: float or tuple
:param allow_redirects: (optional) Boolean. Set to True if POST/PUT/DELETE redirect following is allowed.
:type allow_redirects: bool
:param proxies: (optional) Dictionary mapping protocol to the URL of the proxy.
:param verify: (optional) whether the SSL cert will be verified. A CA_BUNDLE path can also be provided. Defaults to ``True``.
:param stream: (optional) if ``False``, the response content will be immediately downloaded.
:param cert: (optional) if String, path to ssl client cert file (.pem). If Tuple, ('cert', 'key') pair.
:return: :class:`Response <Response>` object
:rtype: requests.Response Usage:: >>> import requests
>>> req = requests.request('GET', 'http://httpbin.org/get')
<Response [200]>
""" # By using the 'with' statement we are sure the session is closed, thus we
# avoid leaving sockets open which can trigger a ResourceWarning in some
# cases, and look like a memory leak in others.
with sessions.Session() as session:
return session.request(method=method, url=url, **kwargs)
参数示例:
def param_method_url():
requests.request(method='get', url='http://127.0.0.1:8000/test/')
requests.request(method='post', url='http://127.0.0.1:8000/test/') def param_param():
# - 可以是字典
# - 可以是字符串
# - 可以是字节(ascii编码以内) requests.request(method='get',
url='http://127.0.0.1:8000/test/',
params={'k1': 'v1', 'k2': '水电费'}) requests.request(method='get',
url='http://127.0.0.1:8000/test/',
params="k1=v1&k2=水电费&k3=v3&k3=vv3") requests.request(method='get',
url='http://127.0.0.1:8000/test/',
params=bytes("k1=v1&k2=k2&k3=v3&k3=vv3", encoding='utf8')) # 错误
requests.request(method='get',
url='http://127.0.0.1:8000/test/',
params=bytes("k1=v1&k2=水电费&k3=v3&k3=vv3", encoding='utf8')) def param_data():
# 可以是字典
# 可以是字符串
# 可以是字节
# 可以是文件对象 requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data={'k1': 'v1', 'k2': '水电费'}) requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data="k1=v1; k2=v2; k3=v3; k3=v4"
) requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data="k1=v1;k2=v2;k3=v3;k3=v4",
headers={'Content-Type': 'application/x-www-form-urlencoded'}
) requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data=open('data_file.py', mode='r', encoding='utf-8'), # 文件内容是:k1=v1;k2=v2;k3=v3;k3=v4
headers={'Content-Type': 'application/x-www-form-urlencoded'}
) def param_json():
# 将json中对应的数据进行序列化成一个字符串,json.dumps(...)
# 然后发送到服务器端的body中,并且Content-Type是 {'Content-Type': 'application/json'}
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
json={'k1': 'v1', 'k2': '水电费'}) def param_headers():
# 发送请求头到服务器端
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
json={'k1': 'v1', 'k2': '水电费'},
headers={'Content-Type': 'application/x-www-form-urlencoded'}
) def param_cookies():
# 发送Cookie到服务器端
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data={'k1': 'v1', 'k2': 'v2'},
cookies={'cook1': 'value1'},
)
# 也可以使用CookieJar(字典形式就是在此基础上封装)
from http.cookiejar import CookieJar
from http.cookiejar import Cookie obj = CookieJar()
obj.set_cookie(Cookie(version=0, name='c1', value='v1', port=None, domain='', path='/', secure=False, expires=None,
discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False,
port_specified=False, domain_specified=False, domain_initial_dot=False, path_specified=False)
)
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
data={'k1': 'v1', 'k2': 'v2'},
cookies=obj) def param_files():
# 发送文件
file_dict = {
'f1': open('readme', 'rb')
}
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
files=file_dict) # 发送文件,定制文件名
file_dict = {
'f1': ('test.txt', open('readme', 'rb'))
}
requests.request(method='POST',
url='http://127.0.0.1:8000/test/',
files=file_dict) # 发送文件,定制文件名,文件内容自己写
# file_dict = {
# 'f1': ('test.txt', "hahsfaksfa9kasdjflaksdjf")
# }
# requests.request(method='POST',
# url='http://127.0.0.1:8000/test/',
# files=file_dict) def param_auth():
# 基本认证(原理:在headers中加入加密的用户名和密码)
from requests.auth import HTTPBasicAuth, HTTPDigestAuth ret = requests.get('https://api.github.com/user', auth=HTTPBasicAuth('wupeiqi', 'sdfasdfasdf'))
print(ret.text) ret = requests.get('http://192.168.1.1',
auth=HTTPBasicAuth('admin', 'admin'))
ret.encoding = 'gbk'
print(ret.text) ret = requests.get('http://httpbin.org/digest-auth/auth/user/pass', auth=HTTPDigestAuth('user', 'pass'))
print(ret) def param_timeout():
# 超时时间
ret = requests.get('http://google.com/', timeout=1)
print(ret) ret = requests.get('http://google.com/', timeout=(5, 1))
print(ret) def param_allow_redirects():
# 是否允许重定向
ret = requests.get('http://127.0.0.1:8000/test/', allow_redirects=False)
print(ret.text) def param_proxies():
# 代理
proxies = {
"http": "61.172.249.96:80",
"https": "http://61.185.219.126:3128",
} proxies = {'http://10.20.1.128': 'http://10.10.1.10:5323'} ret = requests.get("http://www.proxy360.cn/Proxy", proxies=proxies)
print(ret.headers) from requests.auth import HTTPProxyAuth proxyDict = {
'http': '77.75.105.165',
'https': '77.75.105.165'
}
auth = HTTPProxyAuth('username', 'mypassword') r = requests.get("http://www.google.com", proxies=proxyDict, auth=auth)
print(r.text) pass def param_stream():
#流的形式下载文件
ret = requests.get('http://127.0.0.1:8000/test/', stream=True)
print(ret.content)
ret.close() from contextlib import closing
with closing(requests.get('http://httpbin.org/get', stream=True)) as r:
# 在此处理响应。
for i in r.iter_content():
print(i) def requests_session():
# 用于保存客户端的历史访问信息
import requests session = requests.Session() ### 1、首先登陆任何页面,获取cookie i1 = session.get(url="http://dig.chouti.com/help/service") ### 2、用户登陆,携带上一次的cookie,后台对cookie中的 gpsd 进行授权
i2 = session.post(
url="http://dig.chouti.com/login",
data={
'phone': "",
'password': "xxxxxx",
'oneMonth': ""
}
) i3 = session.post(
url="http://dig.chouti.com/link/vote?linksId=8589623",
)
print(i3.text) # 补充
# param verify: 是否忽略证书,直接进行访问;verify=False, # 忽略证书
# param cert:证书文件;# cert='xx.pem', # pem类型证书,cert = ('xx.crt','oo.key'),# 组合证书,功能一样 # Referer: https://www.baidu.com/ 请求头里记录上一次的访问地址
# User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
# 请求头里表示你当前访问用的客户端类型
更多requests模块相关的文档见:http://cn.python-requests.org/zh_CN/latest/
二、BeautifulSoup
BeautifulSoup是一个模块,该模块用于接收一个HTML或XML字符串,然后将其进行格式化,之后遍可以使用他提供的方法进行快速查找指定元素,从而使得在HTML或XML中查找指定元素变得简单。
- 安装:pip install beautifulsoup4
- 调用:from bs4 import BeautifulSoup
简单实例:
from bs4 import BeautifulSoup html_doc = """
<html><head><title>The Dormouse's story</title></head>
<body>
asdf
<div class="title">
<b>The Dormouse's story总共</b>
<h1>f</h1>
</div>
<div class="story">Once upon a time there were three little sisters; and their names were
<a class="sister0" id="link1">Els<span>f</span>ie</a>,
<a href="http://example.com/lacie" class="sister" id="link2">Lacie</a> and
<a href="http://example.com/tillie" class="sister" id="link3">Tillie</a>;
and they lived at the bottom of a well.</div>
ad<br/>sf
<p class="story">...</p>
</body>
</html>
""" soup = BeautifulSoup(html_doc, features="lxml")
# 找到第一个a标签
tag1 = soup.find(name='a')
# 找到所有的a标签
tag2 = soup.find_all(name='a')
# 找到id=link2的标签
tag3 = soup.select('#link2')
1. name,标签名称
# tag = soup.find('a')
# name = tag.name # 获取
# print(name)
# tag.name = 'span' # 设置
# print(soup)
2. attr,标签属性
# tag = soup.find('a')
# attrs = tag.attrs # 获取
# print(attrs)
# tag.attrs = {'ik':123} # 设置
# tag.attrs['id'] = 'iiiii' # 设置
# print(soup)
3. children,所有子标签
# body = soup.find('body')
# v = body.children
4.descendants,所有子子孙孙标签,得到一个迭代器,可list()转换成列表,它内部帮我们做迭代;它会先找到标签,再找到标签内部的所有内容,包括文本,一条线走到底;
body = soup.find('body').descendants
5. clear,将标签的所有子标签全部清空(保留标签名)
# tag = soup.find('body')
# tag.clear()
# print(soup)
6. decompose,递归的删除所有的标签
# body = soup.find('body')
# body.decompose()
# print(soup)
7. extract,递归的删除所有的标签,并获取删除的标签
# body = soup.find('body')
# v = body.extract()
# print(soup)
8. decode,转换为字符串(含当前标签);decode_contents(不含当前标签)
# body = soup.find('body')
# v = body.decode()
# v = body.decode_contents()
# print(v)
9. encode,转换为字节(含当前标签);encode_contents(不含当前标签)
# body = soup.find('body')
# v = body.encode()
# v = body.encode_contents()
# print(v)
10. find,获取匹配的第一个标签
# tag = soup.find('a')
# print(tag)
# 组合使用
tag = soup.find(id='c1')
tag = soup.find('div',id='c1')
# tag = soup.find(name='a', attrs={'class': 'sister'}, recursive=True, text='Lacie')
# tag = soup.find(name='a', class_='sister', recursive=True, text='Lacie')
# print(tag)
11. find_all,获取匹配的所有标签,以列表形式输出
# tags = soup.find_all('a')
# print(tags)
# tags = soup.find_all('a',limit=1)
# print(tags)
# tags = soup.find_all(name='a', attrs={'class': 'sister'}, recursive=True, text='Lacie')
# # tags = soup.find(name='a', class_='sister', recursive=True, text='Lacie')
# print(tags)
# ####### 列表 #######
# v = soup.find_all(name=['a','div'])
# print(v)
# v = soup.find_all(class_=['sister0', 'sister'])
# print(v)
# v = soup.find_all(text=['Tillie'])
# print(v, type(v[0]))
# v = soup.find_all(id=['link1','link2'])
# print(v)
# v = soup.find_all(href=['link1','link2'])
# print(v)
# ####### 正则 #######
import re
# rep = re.compile('p')
# rep = re.compile('^p')
# v = soup.find_all(name=rep)
# print(v)
# rep = re.compile('sister.*')
# v = soup.find_all(class_=rep)
# print(v)
# rep = re.compile('http://www.oldboy.com/static/.*')
# v = soup.find_all(href=rep)
# print(v)
# ####### 方法筛选 #######
# def func(tag):
# return tag.has_attr('class') and tag.has_attr('id')
# v = soup.find_all(name=func)
# print(v)
# ## get,获取标签属性
# tag = soup.find('a')
# v = tag.get('id')
# print(v)
12. has_attr,检查标签是否具有该属性
# tag = soup.find('a')
# v = tag.has_attr('id')
# print(v)
13. get_text,获取标签内部文本内容
# tag = soup.find('a')
# v = tag.get_text()
# print(v)
14. index,检查标签在某标签中的索引位置
# tag = soup.find('body')
# v = tag.index(tag.find('div'))
# print(v)
# tag = soup.find('body')
# for i,v in enumerate(tag):
# print(i,v)
15. is_empty_element,是否是空标签(是否可以是空)或者自闭合标签,
判断是否是如下标签:'br' , 'hr', 'input', 'img', 'meta','spacer', 'link', 'frame', 'base'
# tag = soup.find('br')
# v = tag.is_empty_element
# print(v)
16. 当前的关联标签
# soup.next
# soup.next_element
# soup.next_elements
# soup.next_sibling
# soup.next_siblings #
# tag.previous
# tag.previous_element
# tag.previous_elements
# tag.previous_sibling
# tag.previous_siblings #
# tag.parent
# tag.parents
17. 查找某标签的关联标签
# tag.find_next(...)
# tag.find_all_next(...)
# tag.find_next_sibling(...)
# tag.find_next_siblings(...) # tag.find_previous(...)
# tag.find_all_previous(...)
# tag.find_previous_sibling(...)
# tag.find_previous_siblings(...) # tag.find_parent(...)
# tag.find_parents(...) # 参数同find_all
18. select,select_one, CSS选择器
soup.select("title")
soup.select("p nth-of-type(3)")
soup.select("body a")
soup.select("html head title")
tag = soup.select("span,a")
soup.select("head > title")
soup.select("p > a")
soup.select("p > a:nth-of-type(2)")
soup.select("p > #link1")
soup.select("body > a")
soup.select("#link1 ~ .sister")
soup.select("#link1 + .sister")
soup.select(".sister")
soup.select("[class~=sister]")
soup.select("#link1")
soup.select("a#link2")
soup.select('a[href]')
soup.select('a[href="http://example.com/elsie"]')
soup.select('a[href^="http://example.com/"]')
soup.select('a[href$="tillie"]')
soup.select('a[href*=".com/el"]')
from bs4.element import Tag
def default_candidate_generator(tag):
for child in tag.descendants:
if not isinstance(child, Tag):
continue
if not child.has_attr('href'):
continue
yield child
tags = soup.find('body').select("a", _candidate_generator=default_candidate_generator)
print(type(tags), tags)
from bs4.element import Tag
def default_candidate_generator(tag):
for child in tag.descendants:
if not isinstance(child, Tag):
continue
if not child.has_attr('href'):
continue
yield child
tags = soup.find('body').select("a", _candidate_generator=default_candidate_generator, limit=1)
print(type(tags), tags)
19. 标签的内容,response.text和response.string结果一样
# tag = soup.find('span')
# print(tag.string) # 获取
# tag.string = 'new content' # 设置
# print(soup)
# tag = soup.find('body')
# print(tag.string)
# tag.string = 'xxx'
# print(soup)
# tag = soup.find('body')
# v = tag.stripped_strings # 递归内部获取所有标签的文本
# print(v)
20.append在当前标签内部追加一个标签
# tag = soup.find('body')
# tag.append(soup.find('a'))
# print(soup)
#
# from bs4.element import Tag
# obj = Tag(name='i',attrs={'id': 'it'})
# obj.string = '我是一个新来的'
# tag = soup.find('body')
# tag.append(obj)
# print(soup)
21.insert在当前标签内部指定位置插入一个标签
# from bs4.element import Tag
# obj = Tag(name='i', attrs={'id': 'it'})
# obj.string = '我是一个新来的'
# tag = soup.find('body')
# tag.insert(2, obj)
# print(soup)
22. insert_after,insert_before 在当前标签后面或前面插入
# from bs4.element import Tag
# obj = Tag(name='i', attrs={'id': 'it'})
# obj.string = '我是一个新来的'
# tag = soup.find('body')
# # tag.insert_before(obj)
# tag.insert_after(obj)
# print(soup)
23. replace_with 在当前标签替换为指定标签
# from bs4.element import Tag
# obj = Tag(name='i', attrs={'id': 'it'})
# obj.string = '我是一个新来的'
# tag = soup.find('div')
# tag.replace_with(obj)
# print(soup)
24. 创建标签之间的关系
# tag = soup.find('div')
# a = soup.find('a')
# tag.setup(previous_sibling=a)
# print(tag.previous_sibling)
25. wrap,用指定标签把当前标签包裹起来,括号内的标签放在当前标签的外面
# from bs4.element import Tag
# obj1 = Tag(name='div', attrs={'id': 'it'})
# obj1.string = '我是一个新来的'
#
# tag = soup.find('a')
# v = tag.wrap(obj1)
# print(soup) # tag = soup.find('a')
# v = tag.wrap(soup.find('p'))
# print(soup)
26. unwrap,去掉当前标签,将保留其包裹的标签
# tag = soup.find('a')
# v = tag.unwrap()
# print(soup)
更多参数官方:http://beautifulsoup.readthedocs.io/zh_CN/v4.4.0/
三、自动登陆抽屉并点赞
import requests ### 发送请求时,带上headers,否则会遇到防火墙,一定要访问:https://
# headers={'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0'}
headers={
'user-agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36',
'referer':'https://dig.chouti.com/', # 表示上一次访问的地址,有些网站需要你先访问一次才能知道你不是通过request发送的请求
} # 先访问主页
response1 = requests.get(
url= "https://dig.chouti.com/",
headers=headers,
)
cookie1 = response1.cookies.get_dict()
print(cookie1)
#{'gpsd': '160d28d416d222dcd6eeb1c1d5ebd268', 'JSESSIONID': 'aaahlyoDbL5GQfrqjq2Lw'} # 登陆,携带第一次访问网站时返回的cookies
response2 = requests.post(
url="https://dig.chouti.com/login",
data={
'phone': "",
'password': "",
'oneMonth': ''
},
cookies=cookie1,
headers=headers,
)
print(response2.status_code)
cookie2 = response2.cookies.get_dict()
print(cookie2) # 登陆后又返回一个gpsd,但是这个没有用,第一个才是验证身份用的 # 访问自己的设置页面
response3 = requests.get(
url='https://dig.chouti.com/profile',
cookies={'gpsd':cookie1.get('gpsd')},
headers=headers,
)
print(response3.text) # 点赞 ,只需要携带已经被授权的gpsd即可,第一次的是被授权的
response4 = requests.post(
url='https://dig.chouti.com/link/vote?linksId=25263971',
cookies={'gpsd':cookie1.get('gpsd')},
headers=headers,
)
print(response4.text)
# {"result":{"code":"9999", "message":"推荐成功",
# "data":{"jid":"cdu_55306581825","likedTime":"1553068537532000",
# "lvCount":"8","nick":"查理大夫","uvCount":"1","voteTime":"小于1分钟前"}}}
四、“破解”微信公众号
“破解”微信公众号其实就是使用Python代码自动实现【登陆公众号】->【获取观众用户】-> 【向关注用户发送消息】。
注:只能向48小时内有互动的粉丝主动推送消息
1、自动登陆
分析对于Web登陆页面,用户登陆验证时仅做了如下操作:
- 登陆的URL:https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN
- POST的数据为:
{
'username': 用户名,
'pwd': 密码的MD5值,
'imgcode': "",
'f': 'json'
}
注:imgcode是需要提供的验证码,默认无需验证码,只有在多次登陆未成功时,才需要用户提供验证码才能登陆 - POST的请求头的Referer值,微信后台用次来检查是谁发送来的请求
- 请求发送并登陆成功后,获取用户响应的cookie,以后操作其他页面时需要携带此cookie
- 请求发送并登陆成功后,获取用户相应的内容中的token
登陆代码:
import requests
import time
import hashlib def _password(pwd):
ha = hashlib.md5()
ha.update(pwd)
return ha.hexdigest() def login(): login_dict = {
'username': "用户名",
'pwd': _password("密码"),
'imgcode': "",
'f': 'json'
} login_res = requests.post(
url= "https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN",
data=login_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}) # 登陆成功之后获取服务器响应的cookie
resp_cookies_dict = login_res.cookies.get_dict()
# 登陆成功后,获取服务器响应的内容
resp_text = login_res.text
# 登陆成功后,获取token
token = re.findall(".*token=(\d+)", resp_text)[0] print resp_text
print token
print resp_cookies_dict login()
登陆成功获取的相应内容如下:
响应内容:
{"base_resp":{"ret":0,"err_msg":"ok"},"redirect_url":"\/cgi-bin\/home?t=home\/index&lang=zh_CN&token=537908795"} 响应cookie:
{'data_bizuin': '3016804678', 'bizuin': '3016804678', 'data_ticket': 'CaoX+QA0ZA9LRZ4YM3zZkvedyCY8mZi0XlLonPwvBGkX0/jY/FZgmGTq6xGuQk4H', 'slave_user': 'gh_5abeaed48d10', 'slave_sid': 'elNLbU1TZHRPWDNXSWdNc2FjckUxalM0Y000amtTamlJOUliSnRnWGRCdjFseV9uQkl5cUpHYkxqaGJNcERtYnM2WjdFT1pQckNwMFNfUW5fUzVZZnFlWGpSRFlVRF9obThtZlBwYnRIVGt6cnNGbUJsNTNIdTlIc2JJU29QM2FPaHZjcTcya0F6UWRhQkhO'}
2、访问其他页面获取用户信息
分析用户管理页面,通过Pyhton代码以Get方式访问此页面,分析响应到的 HTML 代码,从中获取用户信息:
- 获取用户的URL:https://mp.weixin.qq.com/cgi-bin/user_tag?action=get_all_data&lang=zh_CN&token=登陆时获取的token
- 发送GET请求时,需要携带登陆成功后获取的cookie
{'data_bizuin': '3016804678', 'bizuin': '3016804678', 'data_ticket': 'C4YM3zZ...
- 获取当前请求的响应的html代码
- 通过正则表达式获取html中的指定内容(Python的模块Beautiful Soup)
- 获取html中每个用户的 data-fakeid属性,该值是用户的唯一标识,通过它可向用户推送消息
代码实现:
import requests
import time
import hashlib
import json
import re LOGIN_COOKIES_DICT = {} def _password(pwd):
ha = hashlib.md5()
ha.update(pwd)
return ha.hexdigest() def login(): login_dict = {
'username': "用户名",
'pwd': _password("密码"),
'imgcode': "",
'f': 'json'
} login_res = requests.post(
url= "https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN",
data=login_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}) # 登陆成功之后获取服务器响应的cookie
resp_cookies_dict = login_res.cookies.get_dict()
# 登陆成功后,获取服务器响应的内容
resp_text = login_res.text
# 登陆成功后,获取token
token = re.findall(".*token=(\d+)", resp_text)[0] return {'token': token, 'cookies': resp_cookies_dict} def standard_user_list(content):
content = re.sub('\s*', '', content)
content = re.sub('\n*', '', content)
data = re.findall("""cgiData=(.*);seajs""", content)[0]
data = data.strip()
while True:
temp = re.split('({)(\w+)(:)', data, 1)
if len(temp) == 5:
temp[2] = '"' + temp[2] + '"'
data = ''.join(temp)
else:
break while True:
temp = re.split('(,)(\w+)(:)', data, 1)
if len(temp) == 5:
temp[2] = '"' + temp[2] + '"'
data = ''.join(temp)
else:
break data = re.sub('\*\d+', "", data)
ret = json.loads(data)
return ret def get_user_list(): login_dict = login()
LOGIN_COOKIES_DICT.update(login_dict) login_cookie_dict = login_dict['cookies']
res_user_list = requests.get(
url= "https://mp.weixin.qq.com/cgi-bin/user_tag",
params = {"action": "get_all_data", "lang": "zh_CN", "token": login_dict['token']},
cookies = login_cookie_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}
)
user_info = standard_user_list(res_user_list.text)
for item in user_info['user_list']:
print "%s %s " % (item['nick_name'],item['id'],) get_user_list()
3、发送消息
分析给用户发送消息的页面,从网络请求中剖析得到发送消息的URL,从而使用Python代码发送消息:
- 发送消息的URL:https://mp.weixin.qq.com/cgi-bin/singlesend?t=ajax-response&f=json&token=登陆时获取的token放在此处&lang=zh_CN
- 从登陆时相应的内容中获取:token和cookie
- 从用户列表中获取某个用户唯一标识: fake_id
- 封装消息,并发送POST请求
send_dict = {
'token': 登陆时获取的token,
'lang': "zh_CN",
'f': 'json',
'ajax': 1,
'random': "0.5322618900912392",
'type': 1,
'content': 要发送的内容,
'tofakeid': 用户列表中获取的用户的ID,
'imgcode': ''
}
import requests
import time
import hashlib
import json
import re LOGIN_COOKIES_DICT = {} def _password(pwd):
ha = hashlib.md5()
ha.update(pwd)
return ha.hexdigest() def login(): login_dict = {
'username': "用户名",
'pwd': _password("密码"),
'imgcode': "",
'f': 'json'
} login_res = requests.post(
url= "https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN",
data=login_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}) # 登陆成功之后获取服务器响应的cookie
resp_cookies_dict = login_res.cookies.get_dict()
# 登陆成功后,获取服务器响应的内容
resp_text = login_res.text
# 登陆成功后,获取token
token = re.findall(".*token=(\d+)", resp_text)[0] return {'token': token, 'cookies': resp_cookies_dict} def standard_user_list(content):
content = re.sub('\s*', '', content)
content = re.sub('\n*', '', content)
data = re.findall("""cgiData=(.*);seajs""", content)[0]
data = data.strip()
while True:
temp = re.split('({)(\w+)(:)', data, 1)
if len(temp) == 5:
temp[2] = '"' + temp[2] + '"'
data = ''.join(temp)
else:
break while True:
temp = re.split('(,)(\w+)(:)', data, 1)
if len(temp) == 5:
temp[2] = '"' + temp[2] + '"'
data = ''.join(temp)
else:
break data = re.sub('\*\d+', "", data)
ret = json.loads(data)
return ret def get_user_list(): login_dict = login()
LOGIN_COOKIES_DICT.update(login_dict) login_cookie_dict = login_dict['cookies']
res_user_list = requests.get(
url= "https://mp.weixin.qq.com/cgi-bin/user_tag",
params = {"action": "get_all_data", "lang": "zh_CN", "token": login_dict['token']},
cookies = login_cookie_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}
)
user_info = standard_user_list(res_user_list.text)
for item in user_info['user_list']:
print "%s %s " % (item['nick_name'],item['id'],) def send_msg(user_fake_id, content='啥也没发'): login_dict = LOGIN_COOKIES_DICT token = login_dict['token']
login_cookie_dict = login_dict['cookies'] send_dict = {
'token': token,
'lang': "zh_CN",
'f': 'json',
'ajax': 1,
'random': "0.5322618900912392",
'type': 1,
'content': content,
'tofakeid': user_fake_id,
'imgcode': ''
} send_url = "https://mp.weixin.qq.com/cgi-bin/singlesend?t=ajax-response&f=json&token=%s&lang=zh_CN" % (token,)
message_list = requests.post(
url=send_url,
data=send_dict,
cookies=login_cookie_dict,
headers={'Referer': 'https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN'}
) get_user_list()
fake_id = raw_input('请输入用户ID:')
content = raw_input('请输入消息内容:')
send_msg(fake_id, content)
发送消息代码
以上就是“破解”微信公众号的整个过程,通过Python代码实现了自动【登陆微信公众号平台】【获取用户列表】【指定用户发送消息】。
五、自动登陆示例
import requests
from bs4 import BeautifulSoup ############## 方式一 ############## # 1. 访问登陆页面,获取 authenticity_token
i1 = requests.get('https://github.com/login')
soup1 = BeautifulSoup(i1.text, features='lxml')
tag = soup1.find(name='input', attrs={'name': 'authenticity_token'})
authenticity_token = tag.get('value')
c1 = i1.cookies.get_dict()
i1.close() # 1. 携带authenticity_token和用户名密码等信息,发送用户验证
form_data = {
"authenticity_token": authenticity_token,
"utf8": "",
"commit": "Sign in",
"login": "charliedaifu",
'password': 'xxxx'
} i2 = requests.post('https://github.com/session', data=form_data, cookies=c1)
c2 = i2.cookies.get_dict()
print(c2)
print(i2.status_code) c1.update(c2)
i3 = requests.get('https://github.com/settings/repositories', cookies=c1) soup3 = BeautifulSoup(i3.text, features='lxml')
list_group = soup3.find(name='div', class_='listgroup') from bs4.element import Tag for child in list_group.children:
if isinstance(child, Tag):
project_tag = child.find(name='a', class_='mr-1')
size_tag = child.find(name='small')
temp = "项目:%s(%s); 项目路径:%s" % (project_tag.get('href'), size_tag.string if size_tag else '', project_tag.string, )
print(temp) """
############## 方式二 ##############
session = requests.Session()
# 1. 访问登陆页面,获取 authenticity_token
i1 = session.get('https://github.com/login')
soup1 = BeautifulSoup(i1.text, features='lxml')
tag = soup1.find(name='input', attrs={'name': 'authenticity_token'})
authenticity_token = tag.get('value')
c1 = i1.cookies.get_dict()
i1.close() # 1. 携带authenticity_token和用户名密码等信息,发送用户验证
form_data = {
"authenticity_token": authenticity_token,
"utf8": "",
"commit": "Sign in",
"login": "wupeiqi@live.com",
'password': 'xxoo'
} i2 = session.post('https://github.com/session', data=form_data)
c2 = i2.cookies.get_dict()
c1.update(c2)
i3 = session.get('https://github.com/settings/repositories') soup3 = BeautifulSoup(i3.text, features='lxml')
list_group = soup3.find(name='div', class_='listgroup') from bs4.element import Tag for child in list_group.children:
if isinstance(child, Tag):
project_tag = child.find(name='a', class_='mr-1')
size_tag = child.find(name='small')
temp = "项目:%s(%s); 项目路径:%s" % (project_tag.get('href'), size_tag.string if size_tag else '', project_tag.string, )
print(temp)
"""
GitHub
import time import requests
from bs4 import BeautifulSoup session = requests.Session() i1 = session.get(
url='https://www.zhihu.com/#signin',
headers={
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
}
) soup1 = BeautifulSoup(i1.text, 'lxml')
xsrf_tag = soup1.find(name='input', attrs={'name': '_xsrf'})
xsrf = xsrf_tag.get('value') current_time = time.time()
i2 = session.get(
url='https://www.zhihu.com/captcha.gif',
params={'r': current_time, 'type': 'login'},
headers={
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
}) with open('zhihu.gif', 'wb') as f:
f.write(i2.content) captcha = input('请打开zhihu.gif文件,查看并输入验证码:')
form_data = {
"_xsrf": xsrf,
'password': 'xxooxxoo',
"captcha": 'captcha',
'email': '424662508@qq.com'
}
i3 = session.post(
url='https://www.zhihu.com/login/email',
data=form_data,
headers={
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
}
) i4 = session.get(
url='https://www.zhihu.com/settings/profile',
headers={
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
}
) soup4 = BeautifulSoup(i4.text, 'lxml')
tag = soup4.find(id='rename-section')
nick_name = tag.find('span',class_='name').string
print(nick_name)
知乎
import re
import json
import base64 import rsa
import requests def js_encrypt(text):
b64der = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp0wHYbg/NOPO3nzMD3dndwS0MccuMeXCHgVlGOoYyFwLdS24Im2e7YyhB0wrUsyYf0/nhzCzBK8ZC9eCWqd0aHbdgOQT6CuFQBMjbyGYvlVYU2ZP7kG9Ft6YV6oc9ambuO7nPZh+bvXH0zDKfi02prknrScAKC0XhadTHT3Al0QIDAQAB'
der = base64.standard_b64decode(b64der) pk = rsa.PublicKey.load_pkcs1_openssl_der(der)
v1 = rsa.encrypt(bytes(text, 'utf8'), pk)
value = base64.encodebytes(v1).replace(b'\n', b'')
value = value.decode('utf8') return value session = requests.Session() i1 = session.get('https://passport.cnblogs.com/user/signin')
rep = re.compile("'VerificationToken': '(.*)'")
v = re.search(rep, i1.text)
verification_token = v.group(1) form_data = {
'input1': js_encrypt('wptawy'),
'input2': js_encrypt('asdfasdf'),
'remember': False
} i2 = session.post(url='https://passport.cnblogs.com/user/signin',
data=json.dumps(form_data),
headers={
'Content-Type': 'application/json; charset=UTF-8',
'X-Requested-With': 'XMLHttpRequest',
'VerificationToken': verification_token}
) i3 = session.get(url='https://i.cnblogs.com/EditDiary.aspx') print(i3.text)
博客园
import requests # 第一步:访问登陆页,拿到X_Anti_Forge_Token,X_Anti_Forge_Code
# 1、请求url:https://passport.lagou.com/login/login.html
# 2、请求方法:GET
# 3、请求头:
# User-agent
r1 = requests.get('https://passport.lagou.com/login/login.html',
headers={
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
},
) X_Anti_Forge_Token = re.findall("X_Anti_Forge_Token = '(.*?)'", r1.text, re.S)[0]
X_Anti_Forge_Code = re.findall("X_Anti_Forge_Code = '(.*?)'", r1.text, re.S)[0]
print(X_Anti_Forge_Token, X_Anti_Forge_Code)
# print(r1.cookies.get_dict())
# 第二步:登陆
# 1、请求url:https://passport.lagou.com/login/login.json
# 2、请求方法:POST
# 3、请求头:
# cookie
# User-agent
# Referer:https://passport.lagou.com/login/login.html
# X-Anit-Forge-Code:53165984
# X-Anit-Forge-Token:3b6a2f62-80f0-428b-8efb-ef72fc100d78
# X-Requested-With:XMLHttpRequest
# 4、请求体:
# isValidate:true
# username:15131252215
# password:ab18d270d7126ea65915c50288c22c0d
# request_form_verifyCode:''
# submit:''
r2 = requests.post(
'https://passport.lagou.com/login/login.json',
headers={
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Referer': 'https://passport.lagou.com/login/login.html',
'X-Anit-Forge-Code': X_Anti_Forge_Code,
'X-Anit-Forge-Token': X_Anti_Forge_Token,
'X-Requested-With': 'XMLHttpRequest'
},
data={
"isValidate": True,
'username': '',
'password': 'ab18d270d7126ea65915c50288c22c0d',
'request_form_verifyCode': '',
'submit': ''
},
cookies=r1.cookies.get_dict()
)
print(r2.text)
拉勾网
文章转载自http://www.cnblogs.com/wupeiqi/articles/5354900.html