Comments (9)
mkdir700
commented on August 26, 2024
等我重新抓包看看
from chaoxing_auto_sign.
pppunpkin
commented on August 26, 2024
等我重新抓包看看
谢谢大佬,辛苦了
from chaoxing_auto_sign.
husky105
commented on August 26, 2024
超星的表单多了个验证,提交的表单中checkCode原来是空的,现在不是了
from chaoxing_auto_sign.
pppunpkin
commented on August 26, 2024
超星的表单多了个验证,提交的表单中checkCode原来是空的,现在不是了
能问下怎么绕过验证吗..小白不懂
from chaoxing_auto_sign.
mkdir700
commented on August 26, 2024
超星的表单多了个验证,提交的表单中checkCode原来是空的,现在不是了
可以给个抓包信息吗,换了手机没有root权限,模拟器抓包也有问题。
from chaoxing_auto_sign.
pppunpkin
commented on August 26, 2024
超星的表单多了个验证,提交的表单中checkCode原来是空的,现在不是了
可以给个抓包信息吗,换了手机没有root权限,模拟器抓包也有问题。
不好意思不会抓包…我去学习一下。。。
from chaoxing_auto_sign.
mkdir700
commented on August 26, 2024
我把手机root了,终于可以抓这个ssl pinning的数据包,和我猜想的一样。app没有更新,直接就新增了一个checkOut的字段,很有可能就是在js中添加了代码,抓包就看到了。checkOut字段是在后端生成后,随着响应来到前端,前端拿到之后再携带着相关参数请求提交日报的接口。
这就很明了了,
- 在已登录的情况下
Get请求http://office.chaoxing.com/front/web/apps/forms/fore/apply?uid=127973604&code=l5RJsW2w&mappId=4545821&appId=1e354ddb52a743e88ed19a3704b1cf1a&appKey=127G2jhIhl05mw3S&id=7185&enc=f837c93e0de9d9ad82db707b2c27241e&state=39037&formAppId=&fidEnc=b06cba4a51ac2253 - 通过正则表达式提取
checkout关键字
- 然后
post请求提交健康日报的接口即可
from chaoxing_auto_sign.
pppunpkin
commented on August 26, 2024
我把手机root了,终于可以抓这个ssl pinning的数据包,和我猜想的一样。app没有更新,直接就新增了一个
checkOut的字段,很有可能就是在js中添加了代码,抓包就看到了。checkOut字段是在后端生成后,随着响应来到前端,前端拿到之后再携带着相关参数请求提交日报的接口。
这就很明了了,
- 在已登录的情况下
Get请求http://office.chaoxing.com/front/web/apps/forms/fore/apply?uid=127973604&code=l5RJsW2w&mappId=4545821&appId=1e354ddb52a743e88ed19a3704b1cf1a&appKey=127G2jhIhl05mw3S&id=7185&enc=f837c93e0de9d9ad82db707b2c27241e&state=39037&formAppId=&fidEnc=b06cba4a51ac2253- 通过正则表达式提取
checkout关键字
- 然后
post请求提交健康日报的接口即可
谢谢大佬,已经可用了,不过最后要注释掉才能执行,不太懂哈
def main_handler(event=None, context=None):
# if event is not None:
# query: dict = event.get("queryString", "")
# if query:
# username, password, schoolid = query.get("name", ''), query.get("pwd", ''), query.get("schoolid", "")
# if not username or not password:
# return {
# "message": "账号密码不能为空"
# }
# h = HeathReport(username=username, password=password, schoolid=schoolid)
# return h.daily_report()
# h = HeathReport(username=USER_INFO['username'], password=USER_INFO['password'], schoolid=USER_INFO['schoolid'])
h = HeathReport()
return h.daily_report()
if name == 'main':
print(main_handler())
from chaoxing_auto_sign.
mkdir700
commented on August 26, 2024
我把手机root了,终于可以抓这个ssl pinning的数据包,和我猜想的一样。app没有更新,直接就新增了一个
checkOut的字段,很有可能就是在js中添加了代码,抓包就看到了。checkOut字段是在后端生成后,随着响应来到前端,前端拿到之后再携带着相关参数请求提交日报的接口。
这就很明了了,
- 在已登录的情况下
Get请求http://office.chaoxing.com/front/web/apps/forms/fore/apply?uid=127973604&code=l5RJsW2w&mappId=4545821&appId=1e354ddb52a743e88ed19a3704b1cf1a&appKey=127G2jhIhl05mw3S&id=7185&enc=f837c93e0de9d9ad82db707b2c27241e&state=39037&formAppId=&fidEnc=b06cba4a51ac2253- 通过正则表达式提取
checkout关键字
- 然后
post请求提交健康日报的接口即可谢谢大佬,已经可用了,不过最后要注释掉才能执行,不太懂哈
def main_handler(event=None, context=None):if event is not None:
query: dict = event.get("queryString", "")
if query:
username, password, schoolid = query.get("name", ''), query.get("pwd", ''), query.get("schoolid", "")
# if not username or not password: # return { # "message": "账号密码不能为空" # } # h = HeathReport(username=username, password=password, schoolid=schoolid) # return h.daily_report() # h = HeathReport(username=USER_INFO['username'], password=USER_INFO['password'], schoolid=USER_INFO['schoolid']) h = HeathReport() return h.daily_report()if name == 'main':
print(main_handler())
嗯 删掉就可以了,那个是给腾讯云函数用的
from chaoxing_auto_sign.
Related Issues (20)
- 二维码签到失败
- 位置签到照片签到失效 HOT 1
- API 失效
- 手势签到,位置签到均无法使用
- 位置签到已失效
- 关于穷举时间种子实现无二维码签到 HOT 1
- 找到了循环报错打开过多文件的原因 HOT 1
- 本地版签到报错,但是能签到成功的解决办法
- api签到版本获取不到课程列表
- 指定位置签到还是签不上
- 不知道怎么在Mac上运行 HOT 4
- 腾讯云函数部署失败
- 所有签到都签不了了
- [Feature Request] 增加只在上课时段监控签到的功能 增加只签到指定课程的功能
- [Feature Request] 增加可配置日至输出的功能
- 签到的课堂本地部署可以部署到腾讯云吗 HOT 2
- api使用失败
- 请问这些协议是怎么分析的? HOT 1
- 请问怎么才能设置更多的运行规则? HOT 2
- 在获取到课程并且正常定时运行情况下,无视签到任务,result中一直为空,无法完成签到
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chaoxing_auto_sign.