62骚操作万径人踪灭-websocket-tls指纹识别

2025-04-19 22:49:54 +08:00 · 2023-05-24 10:37:44 +08:00 · 2023-05-24 10:37:44 +08:00 · 3c12265bd9
commit 3c12265bd9
parent 67627e9e2d
2 changed files with 81 additions and 0 deletions
--- a/猿人学练习/62骚操作万径人踪灭-websocket-tls指纹识别/README.md
+++ b/猿人学练习/62骚操作万径人踪灭-websocket-tls指纹识别/README.md
@ -0,0 +1,11 @@
+# 知识点：websocket，tls指纹识别
+
+## 解题思路
+
+查看请求发现websocket请求，并且发送的数据和返回的数据都是明文，那就表明不存在加密，推断可能是tls指纹识别。
+
+![请求](./img/1.png)
+
+参考文章
+
+https://github.com/zero3301/pyhttpx
--- a/猿人学练习/62骚操作万径人踪灭-websocket-tls指纹识别/main.py
+++ b/猿人学练习/62骚操作万径人踪灭-websocket-tls指纹识别/main.py
@ -0,0 +1,70 @@
+import asyncio
+from pyhttpx import WebSocketClient
+import json
+
+
+class WSS:
+    def __init__(self, url=None, headers=None, loop=None):
+        self.url = url
+        self.headers = headers
+        self.loop = loop
+        self.ja3 = '771,19018-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,' \
+                   '0-23-65281-10-11-35-16-5-13-18-51-45-43-27-17513,27242-29-23-24,0'
+        self.exts_payload = {
+            51: bytes.fromhex('00297a7a000100001d0020b63f4893bbdd23302f0c66799d94865ea63555b7d891a70aa65fd0aa0280132b'),
+            45: bytes.fromhex('0101'),
+            43: bytes.fromhex('06fafa03040303'),
+            27: bytes.fromhex('020002')
+        }
+
+    async def connect(self):
+        self.sock = await WebSocketClient(url=self.url, headers=self.headers, loop=self.loop,
+                                          ja3=self.ja3, exts_payload=self.exts_payload
+                                          ).connect()
+
+    async def send(self):
+        page = 1
+        while True:
+            await self.sock.send(str(page), binary=True)
+            page += 1
+            if page == 101:
+                break
+
+    async def recv(self):
+        data_num = 0
+        while True:
+            r = await self.sock.recv()
+            if str(r, encoding="utf-8") == '666':
+                continue
+            data_list = json.loads(r).get('data')
+            for data in data_list:
+                data_num += int(data.get('value'))
+            print(data_num)
+
+
+def main():
+    loop = asyncio.get_event_loop()
+    url = 'wss://www.python-spider.com/api/challenge62'
+    headers = {
+        'Accept-Encoding': 'gzip, deflate, br',
+        'Accept-Language': 'zh,zh-CN;q=0.9,en;q=0.8',
+        'Cache-Control': 'no-cache',
+        'Host': '127.0.0.1',
+        'Pragma': 'no-cache',
+        'Upgrade': 'websocket',
+        'Connection': 'Upgrade',
+        'Sec-WebSocket-Version': '13',
+        'Sec-WebSocket-Extensions': 'permessage-deflate; client_max_window_bits',
+        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 '
+                      '(KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36'
+    }
+
+    wss = WSS(url, headers, loop)
+    loop.run_until_complete(wss.connect())
+    loop.create_task(wss.send())
+    loop.create_task(wss.recv())
+    loop.run_forever()
+
+
+if __name__ == '__main__':
+    main()