日常NaN
Posted 囚生CY
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了日常NaN相关的知识,希望对你有一定的参考价值。
文章原标题:【日常】论如何在91flac上优雅地白嫖
原文章没有过审,我觉得网站存在漏洞,就算我找不到,也有别人能找到,发现问题最终也是为了解决问题,如果只是一味的掩盖问题,不过是自欺欺人,千里之堤,溃于蚁穴罢了。
既然如此,我就把原文章图片和代码放在这里,每张图片和代码都有标题,文字部分挂在GitHub上,大家想看的自取好了
或者可以移步https://blog.csdn.net/CY19980216/article/details/104033618,我想了一种很贱的方法,就直接把原博客的页面源代码复制下来发布就完事了。
而且我今天测试了网易云网页版的,依然可以有类似的操作,我觉得事情真的很可怕,也许所谓的音乐版权不过是一句空谈。
图1 《金榜外·纸上尘埃》歌曲页面截图(上半部分)👆
图2 《金榜外·纸上尘埃》歌曲页面截图(下半部分)👆
图3 《金榜外·纸上尘埃》歌曲页面刷新后监听抓包截图(下半部分)👆
图4 《金榜外·纸上尘埃》歌曲页面刷新后唯一POST请求响应结果(下半部分)👆
图5 失败的尝试👆
# -*- coding: UTF-8 -*-
# Author: 囚生
# 时间:20200118
# 创作不易, 仅供分享, 勿传播
import os
import time
from requests import Session
from bs4 import BeautifulSoup
class Flac():
def __init__(self,
email="<您的注册邮箱>",
password="<您的登陆密码>",
user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0",
):
""" 类构造参数 """
self.email = email
self.password = password
self.user_agent = user_agent
""" 类常用参数 """
self.workspace = os.getcwd()
self.date = time.strftime("%Y%m%d")
self.mainURL = "https://www.91flac.com"
self.loginURL = self.mainURL + "/login"
self.musicURL = self.mainURL + "/song/"
self.linkURL = self.mainURL + "/song//link"
self.session = Session()
""" 类初始化 """
self.session.headers = "User-Agent":self.user_agent
print("正在访问首页...")
self.session.get(self.mainURL) # 访问首页
r = self.session.get("https://www.91flac.com/song_file?token=eyJpdiI6IlVHWDZQNkxsQ1NyNFV5bGViZjl2S2c9PSIsInZhbHVlIjoiQmZnZXZXMzB5cjRFbFYrZWUzMXhYaXAzUStTNngxV2tnSDhiUUZtQ1orVjlYSklHZ1ZwYnNkdmZ2ZnVIWGU4XC82ekNaeFpFU3FJS0ZyTXRkZ0tDOGhPMGJOanRoc094M2dBdVRmRjVNMDNJPSIsIm1hYyI6IjFiZDFkYWE1MjUwYTMxNWMxYTBlMTM0M2U0OGYzYTE0YTIyMTI5ODdmZTY3NWM1NTkwMDVkZWEzN2Y4ZGU4YWMifQ%3D%3D")
print(r.text)
if __name__ == "__main__":
f = Flac()
代码区块1 👆
图6 模拟登录测试抓包结果👆
图7 登录页面源代码👆
# -*- coding: UTF-8 -*-
# Author: 囚生
# 时间:20200118
# 创作不易, 仅供分享, 勿传播
import os
import time
from requests import Session
from bs4 import BeautifulSoup
class Flac():
def __init__(self,
email="<您的注册邮箱>",
password="<您的登录密码>",
user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0",
):
""" 类构造参数 """
self.email = email
self.password = password
self.user_agent = user_agent
""" 类常用参数 """
self.workspace = os.getcwd()
self.date = time.strftime("%Y%m%d")
self.mainURL = "https://www.91flac.com"
self.loginURL = self.mainURL + "/login"
self.musicURL = self.mainURL + "/song/"
self.linkURL = self.mainURL + "/song//link"
self.session = Session()
""" 类初始化 """
self.session.headers = "User-Agent":self.user_agent
print("正在访问首页...")
self.session.get(self.mainURL) # 访问首页
def login(self):
print("正在访问登录页面...")
html = self.session.get(self.loginURL).text # GET访问登录页面
soup = BeautifulSoup(html,"lxml")
csrf_token = soup.find("meta",attrs="name":"csrf-token").attrs["content"]
print("csrf-token为: ".format(csrf_token))
formdata = # 建议不要改字段顺序, 就我WEB开发的经验来看, csrf-token总是是作为第一个参数, 所以后端一般会选择过滤掉第一个字段
"_token": csrf_token,
"email": self.email,
"password": self.password,
r = self.session.post(self.loginURL,data=formdata) # POST提交登录字段
""" 判断登录是否成功: 目前简单根据title字段来判断 """
html = r.text
soup = BeautifulSoup(html,"lxml")
title = str(soup.find("title").string)
if "登录" in title: return False # 20200117登录失败的title为: <title>登录_91flac.com无损音乐网</title>
else: return True # 20200117登录成功的title为: <title>我的资料_13856244865_91flac.com无损音乐网</title>
if __name__ == "__main__":
f = Flac()
flag = f.login()
if flag: print("登陆成功")
else: print("登陆失败")
代码区块2:模拟登录👆
图8 《金榜外·纸上尘埃》歌曲页面点击播放按钮后监听抓包情况👆
图9 《金榜外·纸上尘埃》歌曲页面点击播放按钮后监听抓包:第二个包的响应结果👆
urls = [
"http://mobileoc.music.tc.qq.com/C400001dyoiE0eCdgK.m4a?guid=FA&vkey=E7EF3A574783636B3E9F4A75C819810AB7F230CF819A76C044746BBB16A07A9169242B5EF3960A1DBEFE1FB47F27B490577AFB8B2ECD3989&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400004D66CL3XaKNU.m4a?guid=FA&vkey=3DD5852551E8778622E753569E02ACA04E6B11FDCCD1231A7DE2FE1F54A675740C91472E7318D5305E71A4611354139396B816CDD738D2C1&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400002u6wBM0LSG0Q.m4a?guid=FA&vkey=B9EA91CCCB41BC9E158DFA518E16CF78EE556AD2567C2CECB787E6FB1442DAC0106BF2BAE27D5809FEB9F1EEBBA76326B1E088DAE132D782&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400000NXIup1NeWNq.m4a?guid=FA&vkey=4B8094605617C0A65DB19F664466B5555967F4259C6835A474A69C51C99F1A36C961C2806F8916A65DAC8BDF4BB945CC50155D972E246182&uin=0&fromtag=8",
]
# 这些URL在不同时间段复制都是不一样的(即"?"后面的查询字符串都是有差异的),但是我试下来这些URL并非阅后即焚,是可以重复使用的,至于多久失效,我没有做测试,总之能用就行了。
# -*- coding: UTF-8 -*-
# Author: 囚生
# 时间:20200118
# 创作不易, 仅供分享, 勿传播
import os
import time
from requests import Session
from bs4 import BeautifulSoup
class Flac():
def __init__(self,
email="1299868821@qq.com",
password="123456",
user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0",
):
""" 类构造参数 """
self.email = email
self.password = password
self.user_agent = user_agent
""" 类常用参数 """
self.workspace = os.getcwd()
self.date = time.strftime("%Y%m%d")
self.mainURL = "https://www.91flac.com"
self.loginURL = self.mainURL + "/login"
self.musicURL = self.mainURL + "/song/"
self.linkURL = self.mainURL + "/song//link"
self.session = Session()
""" 类初始化 """
self.session.headers = "User-Agent":self.user_agent
print("正在访问首页...")
self.session.get(self.mainURL) # 访问首页
def login(self):
print("正在访问登录页面...")
html = self.session.get(self.loginURL).text # GET访问登录页面
soup = BeautifulSoup(html,"lxml")
csrf_token = soup.find("meta",attrs="name":"csrf-token").attrs["content"]
print("csrf-token为: ".format(csrf_token))
formdata = # 建议不要改字段顺序, 就我WEB开发的经验来看, csrf-token总是是作为第一个参数, 所以后端一般会选择过滤掉第一个字段
"_token": csrf_token,
"email": self.email,
"password": self.password,
r = self.session.post(self.loginURL,data=formdata) # POST提交登录字段
""" 判断登录是否成功: 目前简单根据title字段来判断 """
html = r.text
soup = BeautifulSoup(html,"lxml")
title = str(soup.find("title").string)
if "登录" in title: return False # 20200117登录失败的title为: <title>登录_91flac.com无损音乐网</title>
else: return True # 20200117登录成功的title为: <title>我的资料_13856244865_91flac.com无损音乐网</title>
def download(self):
flag = self.login()
if flag: print("登录成功!")
else:
return False
print("登陆失败!")
urls = [
"http://mobileoc.music.tc.qq.com/C400001dyoiE0eCdgK.m4a?guid=FA&vkey=E7EF3A574783636B3E9F4A75C819810AB7F230CF819A76C044746BBB16A07A9169242B5EF3960A1DBEFE1FB47F27B490577AFB8B2ECD3989&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400004D66CL3XaKNU.m4a?guid=FA&vkey=3DD5852551E8778622E753569E02ACA04E6B11FDCCD1231A7DE2FE1F54A675740C91472E7318D5305E71A4611354139396B816CDD738D2C1&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400002u6wBM0LSG0Q.m4a?guid=FA&vkey=B9EA91CCCB41BC9E158DFA518E16CF78EE556AD2567C2CECB787E6FB1442DAC0106BF2BAE27D5809FEB9F1EEBBA76326B1E088DAE132D782&uin=0&fromtag=8",
"http://mobileoc.music.tc.qq.com/C400000NXIup1NeWNq.m4a?guid=FA&vkey=4B8094605617C0A65DB19F664466B5555967F4259C6835A474A69C51C99F1A36C961C2806F8916A65DAC8BDF4BB945CC50155D972E246182&uin=0&fromtag=8",
]
for i in range(len(urls)):
r = self.session.get(urls[i])
with open("test.mp3".format(i),"wb") as f:
f.write(r.content)
if __name__ == "__main__":
f = Flac()
f.download()
图10 运行后工作目录下的文件结果👆
图11 👆
图12 👆
以上是关于日常NaN的主要内容,如果未能解决你的问题,请参考以下文章