破解百度翻译页面api参数加密
程序员文章站
2022-05-14 09:50:44
我们的目标 https://fanyi.baidu.com/ 找到获取翻译的请求 是这个 https://fanyi.baidu.com/v2transapi 查看一下post提交的表单,是这个 其中的en表示英文,zh表示中文,query是我们输入的,transtype与semple_means_ ......
我们的目标 https://fanyi.baidu.com/ 找到获取翻译的请求
是这个 https://fanyi.baidu.com/v2transapi
查看一下post提交的表单,是这个
其中的en表示英文,zh表示中文,query是我们输入的,transtype与semple_means_flag的内容是固定的。现在就是差sign和token。
首先查找sign,在全局搜索搜索sign。出现这样
可以发现里面有很多,找到正确的那个,像下面
我们发现这个可能就是我们要找的,点击进去。
可以看出来这是应该ajax请求,p里面的参数就是我们要找的参数。在5828和5831序号哪里点一下,然后打开断点。刷新页面,输入一个字母,就会和下面一样。
这样然后鼠标放在m上面悬停一下会出现一个跳转,点击可以跳转到他的函数哪里。跳转过后我们看到m函数是
1 function n(r, o) {
2 for (var t = 0; t < o.length - 2; t += 3) {
3 var a = o.charat(t + 2);
4 a = a >= "a" ? a.charcodeat(0) - 87 : number(a),
5 a = "+" === o.charat(t + 1) ? r >>> a : r << a,
6 r = "+" === o.charat(t) ? r + a & 4294967295 : r ^ a
7 }
8 return r
9 }
10 function e(r) {
11 var o = r.match(/[\ud800-\udbff][\udc00-\udfff]/g);
12 if (null === o) {
13 var t = r.length;
14 t > 30 && (r = "" + r.substr(0, 10) + r.substr(math.floor(t / 2) - 5, 10) + r.substr(-10, 10))
15 } else {
16 for (var e = r.split(/[\ud800-\udbff][\udc00-\udfff]/), c = 0, h = e.length, f = []; h > c; c++)
17 "" !== e[c] && f.push.apply(f, a(e[c].split(""))),
18 c !== h - 1 && f.push(o[c]);
19 var g = f.length;
20 g > 30 && (r = f.slice(0, 10).join("") + f.slice(math.floor(g / 2) - 5, math.floor(g / 2) + 5).join("") + f.slice(-10).join(""))
21 }
22 var u = void 0
23 , l = "" + string.fromcharcode(103) + string.fromcharcode(116) + string.fromcharcode(107);
24 u = null !== i ? i : (i = window[l] || "") || "";
25 for (var d = u.split("."), m = number(d[0]) || 0, s = number(d[1]) || 0, s = [], c = 0, v = 0; v < r.length; v++) {
26 var a = r.charcodeat(v);
27 128 > a ? s[c++] = a : (2048 > a ? s[c++] = a >> 6 | 192 : (55296 === (64512 & a) && v + 1 < r.length && 56320 === (64512 & r.charcodeat(v + 1)) ? (a = 65536 + ((1023 & a) << 10) + (1023 & r.charcodeat(++v)),
28 s[c++] = a >> 18 | 240,
29 s[c++] = a >> 12 & 63 | 128) : s[c++] = a >> 12 | 224,
30 s[c++] = a >> 6 & 63 | 128),
31 s[c++] = 63 & a | 128)
32 }
33 for (var p = m, f = "" + string.fromcharcode(43) + string.fromcharcode(45) + string.fromcharcode(97) + ("" + string.fromcharcode(94) + string.fromcharcode(43) + string.fromcharcode(54)), d = "" + string.fromcharcode(43) + string.fromcharcode(45) + string.fromcharcode(51) + ("" + string.fromcharcode(94) + string.fromcharcode(43) + string.fromcharcode(98)) + ("" + string.fromcharcode(43) + string.fromcharcode(45) + string.fromcharcode(102)), b = 0; b < s.length; b++)
34 p += s[b],
35 p = n(p, f);
36 return p = n(p, d),
37 p ^= s,
38 0 > p && (p = (2147483647 & p) + 2147483648),
39 p %= 1e6,
40 p.tostring() + "." + (p ^ m)
41 }
这是sign的加密函数,我们可以发现传的值就是我们在输入框输入的值。
把这些保存在一个.js的文件保持起来。里面的i = window[l] 这个window对象是浏览器才有的,如果我们使用python的js2py或者execjs会报错
我们查看到这个值是320305.131321201
var u = void 0
, l = "" + string.fromcharcode(103) + string.fromcharcode(116) + string.fromcharcode(107);
u = null !== i ? i : (i = window[l] || "") || "";
修改为
var u = void 0, i = null;
u = null !== i ? i : (i = "320305.131321201" || "") || "";
这样执行就不会出错
接下来还差token值了,我们搜索token发现如下
发现就在第一个,点进去
就在请求的html里面。现在需要的参数都找到了。
1 import requests
2 import js2py
3 import re
4
5
6 class baidutranslateapi(object):
7 headers = {
8 'user-agent': 'mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/65.0.3325.181 safari/537.36'
9 }
10 def __init__(self):
11 super(baidutranslateapi).__init__()
12 self.getready()
13 def getready(self):
14 url_index = 'https://www.baidu.com'
15 self.session = requests.session()
16 self.session.get(url=url_index, headers=self.headers)
17 self.headers['referer'] = url_index
18 url_html = 'https://fanyi.baidu.com/translate?aldtype=16047&query=&keyfrom=baidu&smartresult=dict&lang=auto2zh'
19 html = self.session.get(url=url_html, headers=self.headers)
20 comm = re.compile('token: \'(\w+)\'')
21 self.token = comm.search(html.text).group(1)
22 self.headers['referer'] = url_html
23
24 def get_js(self):
25 with open(r'd:\vim\hello_data(1)\panyi.js', 'r', encoding='utf-8') as f:
26 return f.read()
27 def translate(self,file):
28 files = false
29 file = str(file)
30 for i in file:
31 if '\u4e00' <= i.encode().decode('utf-8') <= '\u9fff':
32 files = true
33 else:
34 files = false
35 if files == false:
36 break
37 return files
38
39 def baidu(self,file):
40 run_js = js2py.evaljs({})
41 run_js.execute(self.get_js())
42 sign = run_js.e(file)
43 url_api = 'https://fanyi.baidu.com/v2transapi'
44 is_it = self.translate(file)
45 if is_it:
46 iia = 'zh'
47 iib = 'en'
48 else:
49 iia = 'en'
50 iib = 'zh'
51 data = {
52 'from': iia,
53 'to': iib,
54 'query': file,
55 'transtype': 'realtime',
56 'simple_means_flag': '3',
57 'sign': sign,
58 'token': self.token
59 }
60 html = self.session.post(url=url_api, headers=self.headers, data=data).json()
61 return (html['trans_result']['data'][0]['dst'])
62 def start(self,file='i'):
63 try:
64 int(file)
65 return file
66 except:
67 # self.zhunbei()
68 files = self.baidu(file)
69 return files
70
71 if __name__ == '__main__':
72 a = baidutranslateapi()
73 print(a.start('i'))
74 print(a.start('love'))
75 print(a.start('you'))
运行结果