├── .gitignore ├── b.stripe.py ├── b.stripecdn.com.py ├── p-bandai.com.py ├── shop.lululemon.com.no.py ├── sonic_game.py ├── testnet.lenscan.io.py ├── testnet.monad.xyz.py ├── www.eurowings.com.no.py ├── www.jetstar.com.no.py ├── www.sephora.com.no.py ├── www.westjet.com.no.py └── xarctery.com.py /.gitignore: -------------------------------------------------------------------------------- 1 | utils.py 2 | __pycache__/ 3 | .idea 4 | *.pyc 5 | -------------------------------------------------------------------------------- /b.stripe.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Time : 2024/7/15 19:02 3 | # @Author : Chris 4 | # @Email : 10512@qq.com 5 | # @File : b.stripe.com.py 6 | # @Software: PyCharm 7 | import requests 8 | import base64 9 | from urllib.parse import quote 10 | import warnings 11 | from utils import __TOKEN__, __PROXY__starry_keep 12 | 13 | warnings.filterwarnings("ignore") 14 | 15 | 16 | class HcaptchaTester: 17 | def __init__(self, opts): 18 | self.opts = opts 19 | 20 | def run(self): 21 | resp = requests.post( 22 | "http://api.nocaptcha.io/api/wanda/hcaptcha/universal", 23 | headers={ 24 | "User-Token": __TOKEN__ 25 | }, 26 | json=self.opts 27 | ) 28 | json_resp = resp.json() 29 | return { 30 | "success": json_resp["status"] == 1, 31 | "data": json_resp["data"] 32 | } 33 | 34 | 35 | def a1(e, t): 36 | return ''.join([chr(((ord(char) - 32 + t) % 95) + 32) for char in e]) 37 | 38 | 39 | def a2(e): 40 | def r(e): 41 | return ''.join([chr(5 ^ ord(char)) for char in e]) 42 | 43 | t = e 44 | n = 3 - (len(t) % 3) 45 | i = ' ' * n 46 | encoded = base64.b64encode(r(t + i).encode()).decode() 47 | return quote(encoded) 48 | 49 | 50 | def a3(e): 51 | return a1(a2('{"id":"' + e + '"}'), 11) 52 | 53 | 54 | for i in range(1): 55 | try: 56 | proxy = __PROXY__starry_keep() 57 | 58 | session = requests.Session() 59 | session.verify = False 60 | session.proxies = { 61 | 'http': f'http://{proxy}', 62 | 'https': f'http://{proxy}' 63 | } 64 | session.headers.update({ 65 | "accept": "application/json", 66 | "accept-encoding": "gzip, deflate, br, zstd", 67 | "accept-language": "zh-CN,zh;q=0.9", 68 | "origin": "https://js.stripe.com", 69 | "priority": "u=1, i", 70 | "referer": "https://js.stripe.com/", 71 | "sec-ch-ua": '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"', 72 | "sec-ch-ua-mobile": "?0", 73 | "sec-ch-ua-platform": '"Windows"', 74 | "sec-fetch-dest": "empty", 75 | "sec-fetch-mode": "cors", 76 | "sec-fetch-site": "same-site", 77 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 78 | }) 79 | 80 | link = "00geVV063fdN1LGaEJ" 81 | resp = session.post( 82 | f"https://merchant-ui-api.stripe.com/payment-links/{link}", 83 | data="eid=NA&browser_locale=zh-CN&referrer_origin=https%3A%2F%2Ft.co", 84 | verify=False 85 | ) 86 | 87 | session_id = resp.json()["session_id"] 88 | guid, muid, sid = [ 89 | "edd5d662-3e64-4a3e-8c92-7f4e39d95b9ed664c7", 90 | "8b28984d-5ed3-4261-8ee1-2b528b8f3fb467280f", 91 | "2168d691-30fa-4d08-bff9-b1a29f7c4990f6105e" 92 | ] 93 | resp = session.get(f"https://merchant-ui-api.stripe.com/payment-links/{link}") 94 | key = resp.json()["key"] 95 | 96 | resp = session.post( 97 | f"https://api.stripe.com/v1/payment_pages/{session_id}/init", 98 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 99 | data=f"key={key}&eid=NA&browser_locale=zh-CN&redirect_type=url" 100 | ) 101 | init_checksum = resp.json()["init_checksum"] 102 | 103 | resp = session.post( 104 | f"https://api.stripe.com/v1/payment_pages/{session_id}", 105 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 106 | data=f"eid=NA&tax_region[country]=JP&key={key}" 107 | ) 108 | json_resp = resp.json() 109 | unit_amount = json_resp["line_item_group"]["line_items"][0]["price"]["unit_amount"] 110 | rqdata1 = json_resp["rqdata"] 111 | site_key1 = json_resp["site_key"] 112 | 113 | t = None 114 | while True: 115 | t = HcaptchaTester({ 116 | "sitekey": site_key1, 117 | "referer": "https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=e116ac03-cb9a-4809-b411-7964413501cd&origin=https%3A%2F%2Fjs.stripe.com", 118 | "rqdata": rqdata1, 119 | "proxy": proxy, 120 | "deviceHash": "7462ae5e0370097537112553f7c1cbfe", 121 | "internal": False, 122 | "local": False, 123 | "need_ekey": True 124 | }).run() 125 | if t["success"]: 126 | break 127 | 128 | resp = session.post( 129 | f"https://api.stripe.com/v1/consumers/sessions/lookup", 130 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 131 | data=f"request_surface=web_checkout&amount=15935¤cy=hkd&email_address=icloud%40wkchi.com&email_source=user_action&session_id={session_id}&key={key}" 132 | ) 133 | resp = session.get(f"https://api.stripe.com/edge-internal/card-metadata?key={key}&bin_prefix=518868") 134 | 135 | resp = session.post( 136 | f"https://api.stripe.com/v1/payment_methods", 137 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 138 | data=f"type=card&card[number]=1111110437556804&card[cvc]=222&card[exp_month]=04&card[exp_year]=28&billing_details[name]=Mildred%C2%A0M%C2%A0Hollifield&billing_details[email]=icloud%40wkchi.com&billing_details[address][country]=HK&guid={guid}&muid={muid}&sid={sid}&key={key}&payment_user_agent=stripe.js%2Fdb3292dc43%3B+stripe-js-v3%2Fdb3292dc43%3B+payment-link%3B+checkout" 139 | ) 140 | pm_id = resp.json()["id"] 141 | 142 | resp = session.post( 143 | f"https://api.stripe.com/v1/payment_pages/{session_id}/confirm", 144 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 145 | data=f"eid=NA&payment_method={pm_id}&expected_amount={unit_amount}&last_displayed_line_item_group_details[subtotal]={unit_amount}&last_displayed_line_item_group_details[total_exclusive_tax]=0&last_displayed_line_item_group_details[total_inclusive_tax]=0&last_displayed_line_item_group_details[total_discount_amount]=0&last_displayed_line_item_group_details[shipping_rate_amount]=0&expected_payment_method_type=card&guid={guid}&muid={muid}&sid={sid}&key={key}&version=db3292dc43&init_checksum={init_checksum}&js_checksum={quote(a3(pm_id))}&passive_captcha_token={t['data']['generated_pass_UUID']}&passive_captcha_ekey={t['data'].get('ekey', '')}&rv_timestamp=qto%3En%3CQ%3DU%26CyY%26%60%3EX%5Er%3CYNr%3CYN%60%3CY_C%3CY_C%3CY%5E%60zY_%60%3CY%5En%7BU%3Eo%26U%26Cydbn%3DY%26%23%3Edbd%24Yu%60%3CYRosdRL%3CXOn%24Y%26Qveu%60%3EY_%60%24XbLCXbP%24X%26%23%25Ytn%7BU%3Ee%26U%26CyYu%5CCdRYxX_%3B%23%5B_%5C%3CY%3DQrXu%3B%3Be%26oy%5B_Uy%5BO%3B%3CY%26%60%26d%3DMrXxeu%5B_esd_X%23d%26YsdOT%3EeOQre%26%23%3D%5B_%5CCX_UuX%26%24yYNo%3FU%5E%60w" 146 | ) 147 | if "error" in resp.json(): 148 | print(resp.json()["error"]) 149 | continue 150 | 151 | json_resp = resp.json() 152 | payment_intent = json_resp["payment_intent"] 153 | id = payment_intent["id"] 154 | client_secret = payment_intent["client_secret"] 155 | rqdata = payment_intent["next_action"]["use_stripe_sdk"]["stripe_js"]["rqdata"] 156 | 157 | t = None 158 | while True: 159 | t = HcaptchaTester({ 160 | "sitekey": "c7faac4c-1cd7-4b1b-b2d4-42ba98d09c7a", 161 | "referer": "https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=e116ac03-cb9a-4809-b411-7964413501cd&origin=https%3A%2F%2Fjs.stripe.com", 162 | "rqdata": rqdata, 163 | "proxy": proxy, 164 | "deviceHash": "7462ae5e0370097537112553f7c1cbfe", 165 | "internal": False, 166 | "local": False, 167 | }).run() 168 | if t["success"]: 169 | break 170 | 171 | resp = requests.post( 172 | f"https://api.stripe.com/v1/payment_intents/{id}/verify_challenge", 173 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 174 | data=f"challenge_response_token={t['data']['generated_pass_UUID']}&challenge_response_ekey=&client_secret={client_secret}&key={key}" 175 | ) 176 | print(resp.text) 177 | 178 | except Exception as error: 179 | print(error) 180 | -------------------------------------------------------------------------------- /b.stripecdn.com.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Time : 2024/7/15 19:02 3 | # @Author : Chris 4 | # @Email : 10512@qq.com 5 | # @File : b.stripecdn.com.py 6 | # @Software: PyCharm 7 | 8 | import requests 9 | import base64 10 | from urllib.parse import quote 11 | import warnings 12 | from utils import __TOKEN__, __PROXY__starry_keep 13 | 14 | warnings.filterwarnings("ignore") 15 | 16 | 17 | class HcaptchaTester: 18 | def __init__(self, opts): 19 | self.opts = opts 20 | 21 | def run(self): 22 | resp = requests.post( 23 | "http://api.nocaptcha.io/api/wanda/hcaptcha/universal", 24 | headers={ 25 | "User-Token": __TOKEN__ 26 | }, 27 | json=self.opts 28 | ) 29 | json_resp = resp.json() 30 | return { 31 | "success": json_resp["status"] == 1, 32 | "data": json_resp["data"] 33 | } 34 | 35 | 36 | def a1(e, t): 37 | return ''.join([chr(((ord(char) - 32 + t) % 95) + 32) for char in e]) 38 | 39 | 40 | def a2(e): 41 | def r(e): 42 | return ''.join([chr(5 ^ ord(char)) for char in e]) 43 | 44 | t = e 45 | n = 3 - (len(t) % 3) 46 | i = ' ' * n 47 | encoded = base64.b64encode(r(t + i).encode()).decode() 48 | return quote(encoded) 49 | 50 | 51 | def a3(e): 52 | return a1(a2('{"id":"' + e + '"}'), 11) 53 | 54 | 55 | for i in range(1): 56 | try: 57 | proxy = __PROXY__starry_keep() 58 | 59 | session = requests.Session() 60 | session.verify = False 61 | session.proxies = { 62 | 'http': f'http://{proxy}', 63 | 'https': f'http://{proxy}' 64 | } 65 | session.headers.update({ 66 | "accept": "application/json", 67 | "accept-encoding": "gzip, deflate, br, zstd", 68 | "accept-language": "zh-CN,zh;q=0.9", 69 | "origin": "https://js.stripe.com", 70 | "priority": "u=1, i", 71 | "referer": "https://js.stripe.com/", 72 | "sec-ch-ua": '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"', 73 | "sec-ch-ua-mobile": "?0", 74 | "sec-ch-ua-platform": '"Windows"', 75 | "sec-fetch-dest": "empty", 76 | "sec-fetch-mode": "cors", 77 | "sec-fetch-site": "same-site", 78 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 79 | }) 80 | 81 | link = "00geVV063fdN1LGaEJ" 82 | resp = session.post( 83 | f"https://merchant-ui-api.stripe.com/payment-links/{link}", 84 | data="eid=NA&browser_locale=zh-CN&referrer_origin=https%3A%2F%2Ft.co", 85 | verify=False 86 | ) 87 | 88 | session_id = resp.json()["session_id"] 89 | guid, muid, sid = [ 90 | "edd5d662-3e64-4a3e-8c92-7f4e39d95b9ed664c7", 91 | "8b28984d-5ed3-4261-8ee1-2b528b8f3fb467280f", 92 | "2168d691-30fa-4d08-bff9-b1a29f7c4990f6105e" 93 | ] 94 | resp = session.get(f"https://merchant-ui-api.stripe.com/payment-links/{link}") 95 | key = resp.json()["key"] 96 | 97 | resp = session.post( 98 | f"https://api.stripe.com/v1/payment_pages/{session_id}/init", 99 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 100 | data=f"key={key}&eid=NA&browser_locale=zh-CN&redirect_type=url" 101 | ) 102 | init_checksum = resp.json()["init_checksum"] 103 | 104 | resp = session.post( 105 | f"https://api.stripe.com/v1/payment_pages/{session_id}", 106 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 107 | data=f"eid=NA&tax_region[country]=JP&key={key}" 108 | ) 109 | json_resp = resp.json() 110 | unit_amount = json_resp["line_item_group"]["line_items"][0]["price"]["unit_amount"] 111 | rqdata1 = json_resp["rqdata"] 112 | site_key1 = json_resp["site_key"] 113 | 114 | t = None 115 | while True: 116 | t = HcaptchaTester({ 117 | "sitekey": site_key1, 118 | "referer": "https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=e116ac03-cb9a-4809-b411-7964413501cd&origin=https%3A%2F%2Fjs.stripe.com", 119 | "rqdata": rqdata1, 120 | "proxy": proxy, 121 | "deviceHash": "7462ae5e0370097537112553f7c1cbfe", 122 | "internal": False, 123 | "local": False, 124 | "need_ekey": True 125 | }).run() 126 | if t["success"]: 127 | break 128 | 129 | resp = session.post( 130 | f"https://api.stripe.com/v1/consumers/sessions/lookup", 131 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 132 | data=f"request_surface=web_checkout&amount=15935¤cy=hkd&email_address=icloud%40wkchi.com&email_source=user_action&session_id={session_id}&key={key}" 133 | ) 134 | resp = session.get(f"https://api.stripe.com/edge-internal/card-metadata?key={key}&bin_prefix=518868") 135 | 136 | resp = session.post( 137 | f"https://api.stripe.com/v1/payment_methods", 138 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 139 | data=f"type=card&card[number]=1111110437556804&card[cvc]=222&card[exp_month]=04&card[exp_year]=28&billing_details[name]=Mildred%C2%A0M%C2%A0Hollifield&billing_details[email]=icloud%40wkchi.com&billing_details[address][country]=HK&guid={guid}&muid={muid}&sid={sid}&key={key}&payment_user_agent=stripe.js%2Fdb3292dc43%3B+stripe-js-v3%2Fdb3292dc43%3B+payment-link%3B+checkout" 140 | ) 141 | pm_id = resp.json()["id"] 142 | 143 | resp = session.post( 144 | f"https://api.stripe.com/v1/payment_pages/{session_id}/confirm", 145 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 146 | data=f"eid=NA&payment_method={pm_id}&expected_amount={unit_amount}&last_displayed_line_item_group_details[subtotal]={unit_amount}&last_displayed_line_item_group_details[total_exclusive_tax]=0&last_displayed_line_item_group_details[total_inclusive_tax]=0&last_displayed_line_item_group_details[total_discount_amount]=0&last_displayed_line_item_group_details[shipping_rate_amount]=0&expected_payment_method_type=card&guid={guid}&muid={muid}&sid={sid}&key={key}&version=db3292dc43&init_checksum={init_checksum}&js_checksum={quote(a3(pm_id))}&passive_captcha_token={t['data']['generated_pass_UUID']}&passive_captcha_ekey={t['data'].get('ekey', '')}&rv_timestamp=qto%3En%3CQ%3DU%26CyY%26%60%3EX%5Er%3CYNr%3CYN%60%3CY_C%3CY_C%3CY%5E%60zY_%60%3CY%5En%7BU%3Eo%26U%26Cydbn%3DY%26%23%3Edbd%24Yu%60%3CYRosdRL%3CXOn%24Y%26Qveu%60%3EY_%60%24XbLCXbP%24X%26%23%25Ytn%7BU%3Ee%26U%26CyYu%5CCdRYxX_%3B%23%5B_%5C%3CY%3DQrXu%3B%3Be%26oy%5B_Uy%5BO%3B%3CY%26%60%26d%3DMrXxeu%5B_esd_X%23d%26YsdOT%3EeOQre%26%23%3D%5B_%5CCX_UuX%26%24yYNo%3FU%5E%60w" 147 | ) 148 | if "error" in resp.json(): 149 | print(resp.json()["error"]) 150 | continue 151 | 152 | json_resp = resp.json() 153 | payment_intent = json_resp["payment_intent"] 154 | id = payment_intent["id"] 155 | client_secret = payment_intent["client_secret"] 156 | rqdata = payment_intent["next_action"]["use_stripe_sdk"]["stripe_js"]["rqdata"] 157 | 158 | t = None 159 | while True: 160 | t = HcaptchaTester({ 161 | "sitekey": "c7faac4c-1cd7-4b1b-b2d4-42ba98d09c7a", 162 | "referer": "https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=e116ac03-cb9a-4809-b411-7964413501cd&origin=https%3A%2F%2Fjs.stripe.com", 163 | "rqdata": rqdata, 164 | "proxy": proxy, 165 | "deviceHash": "7462ae5e0370097537112553f7c1cbfe", 166 | "internal": False, 167 | "local": False, 168 | }).run() 169 | if t["success"]: 170 | break 171 | 172 | resp = requests.post( 173 | f"https://api.stripe.com/v1/payment_intents/{id}/verify_challenge", 174 | headers={"Content-Type": "application/x-www-form-urlencoded"}, 175 | data=f"challenge_response_token={t['data']['generated_pass_UUID']}&challenge_response_ekey=&client_secret={client_secret}&key={key}" 176 | ) 177 | print(resp.text) 178 | 179 | except Exception as error: 180 | print(error) 181 | -------------------------------------------------------------------------------- /p-bandai.com.py: -------------------------------------------------------------------------------- 1 | 2 | 3 | import re 4 | import sys 5 | 6 | sys.path.append(".") 7 | 8 | import asyncio 9 | import random 10 | 11 | from curl_cffi import requests 12 | from pynocaptcha import ShapeV2Cracker 13 | from utils import __TOKEN__ as USER_TOKEN 14 | 15 | 16 | # @vthread.pool(10) 17 | async def demo(href, request, pkey, script_url=None, script_regexp=None, vmp_url=None, vmp_regexp=None, fast=True, verifier=None, cookies={}, proxy=None): 18 | 19 | version = 126 20 | user_agent = f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 21 | 22 | # 自己写跟 ua 匹配的 sec-ch-ua 和 sec-ch-ua-platform, 必须匹配一致, 随机 ua 23 | client_hints = '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"' 24 | platform = '"macOS"' if 'Mac' in user_agent else '"Windows"' 25 | 26 | impersonates = [ 27 | "chrome116", "chrome119", "chrome120", "edge99", "edge101", 28 | ] 29 | if platform == '"macOS"': 30 | impersonates += ["safari15_3", "safari15_5", "safari17_0", "safari17_2_ios"] 31 | 32 | impersonate = random.choice(impersonates) 33 | origin = "/".join(href.split("/")[0:3]) 34 | 35 | session = requests.Session() 36 | if proxy: 37 | session.proxies.update({ 38 | "all": "http://" + proxy 39 | }) 40 | session.cookies.update(cookies) 41 | 42 | try: 43 | resp = session.get("https://ipinfo.io/json", headers={ 44 | "user-agent": f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36', 45 | }, timeout=5).json() 46 | except: 47 | # print('代理失效') 48 | return 49 | 50 | country = resp["country"].lower() 51 | current_ip = resp["ip"] 52 | 53 | headers = { 54 | 'accept': '*/*', 55 | 'accept-language': 'zh-CN,zh;q=0.9', 56 | 'priority': 'u=1', 57 | 'referer': href, 58 | 'sec-ch-ua': client_hints, 59 | 'sec-ch-ua-mobile': '?0', 60 | 'sec-ch-ua-platform': platform, 61 | 'sec-fetch-dest': 'empty', 62 | 'sec-fetch-mode': 'cors', 63 | 'sec-fetch-site': 'same-origin', 64 | 'user-agent': user_agent, 65 | } 66 | if script_regexp: 67 | html = session.get(href, headers=headers, impersonate=impersonate, verify=False).text 68 | script_url = re.search(script_regexp, html)[1] 69 | 70 | if not script_url.startswith('http'): 71 | script_url = origin + script_url 72 | 73 | try: 74 | script = session.get(script_url, headers=headers, impersonate=impersonate, verify=False).text 75 | except: 76 | print("初始脚本获取失败") 77 | return 78 | 79 | if not vmp_url: 80 | if vmp_regexp: 81 | try: 82 | vmp_url = re.search(vmp_regexp, script)[1] 83 | except: 84 | print('vmp 地址获取失败') 85 | return 86 | 87 | vmp_script = None 88 | if vmp_url: 89 | if not vmp_url.startswith("http"): 90 | vmp_url = origin + vmp_url 91 | try: 92 | vmp_resp = session.get(vmp_url, headers=headers, impersonate=impersonate, verify=False) 93 | if vmp_resp.status_code != 200: 94 | raise Warning("vmp 脚本请求失败") 95 | 96 | vmp_script = vmp_resp.text 97 | except: 98 | print("vmp 获取失败") 99 | return 100 | 101 | cracker = ShapeV2Cracker( 102 | user_token=USER_TOKEN, 103 | href=href, 104 | request=request, 105 | script_url=script_url, 106 | script_content=script, 107 | vmp_url=vmp_url, 108 | vmp_content=vmp_script, 109 | pkey=pkey, 110 | user_agent=user_agent, 111 | submit=False, 112 | ip=current_ip, 113 | country=country, 114 | fast=fast, 115 | cookies={ 116 | "dtJ5tPjd": session.cookies.get("dtJ5tPjd") 117 | }, 118 | debug=True 119 | ) 120 | res = cracker.crack() 121 | extra = cracker.extra() 122 | 123 | if res: 124 | if verifier: 125 | try: 126 | shape_headers = res[0] 127 | response = verifier(session, extra, impersonate, shape_headers) 128 | if response: 129 | for k, v in shape_headers.items(): 130 | if '-a' in k.lower(): 131 | a_header_value = v 132 | print(country, current_ip, version, platform, impersonate, len(a_header_value), response.status_code, response.text.replace('\n', '').replace('\t', '').replace(' ', '')[:30]) 133 | # else: 134 | # print('验证错误') 135 | except: 136 | import traceback 137 | traceback.print_exc() 138 | else: 139 | print(res) 140 | 141 | 142 | if __name__ == '__main__': 143 | def baidai_login(session, extra, impersonate, shape_headers): 144 | headers = { 145 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 146 | 'accept-language': extra["accept-language"], 147 | 'content-type': 'application/x-www-form-urlencoded', 148 | # 'cookie': 'OptanonConsent=isGpcEnabled=0&datestamp=Thu+Jul+25+2024+12%3A38%3A18+GMT%2B0800+(%E4%B8%AD%E5%9B%BD%E6%A0%87%E5%87%86%E6%97%B6%E9%97%B4)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&genVendors=&consentId=225446d3-2762-48e7-9a19-424f32f8bc10&interactionCount=1&isAnonUser=1&landingPath=https%3A%2F%2Fp-bandai.com%2Fhk%2Flogin&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1; JSESSIONID=5CC3B1C88629B591E8788FC5F24AD043; defaultSite=hk; ktlvDW7IG5ClOcxYTbmY=a; ABTastySession=mrasn=&lp=https%253A%252F%252Fp-bandai.com%252Fhk%252Flogin; _clck=14kp0wy%7C2%7Cfnr%7C0%7C1667; _gcl_au=1.1.1837661181.1721882142; _gid=GA1.2.1209416569.1721882143; __rtbh.lid=%7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22e0ZvLPeb3kZZVYCqnCs0%22%7D; script_flag=43750084-1903-4af0-9a96-bab2b72038ea; url_flag=https://p-bandai.com/hk/login; pgmodal2=true; __ulfpc=202407251235439653; _fbp=fb.1.1721882144088.50199951674841731; FPID=FPID2.2.zVTZtw%2B9t4eOr3CuLUY2gFYMxdDRQcVwUekxRxIqMH4%3D.1721882143; FPLC=uxqHExcDpq%2FwD5QQKENfebrV2lIIZgYu9FRkq0MDC6DOdCziyxL%2FetGhCX4mphOAPhaQtIGrJ%2FRg6b2XbLcF%2B4H4rS9Kisds%2FU9efvXcKY1BagcBY0369%2Bm0JpJwWA%3D%3D; recommendUser=KW91FssHeiCKbCpB2RtZnmDnkVFDqBWsgcvK88w7GlxTS3e8ui; dtJ5tPjd=A85NLOiQAQAA88OcBPYiml27qfqS0eVsCZqv5zHr0KJdWNq7Pxqx_LVLkWKAAWj5rnuucuopwH9eCOfvosJeCA|1|0|366467f0e913857a136a137049868fa7b92c26a7; AWSALB=1NUE5Y3NzuP6bF/LYyRzqMlCt90WHo12eK7t+yMhUm9orwATnVtf3ra7gUFvELhik4POC5El/u4CXKxJDmqQOimEKV/xNklpUaXz/iLWO4XEbJIOAfika6hZK2h0; AWSALBCORS=1NUE5Y3NzuP6bF/LYyRzqMlCt90WHo12eK7t+yMhUm9orwATnVtf3ra7gUFvELhik4POC5El/u4CXKxJDmqQOimEKV/xNklpUaXz/iLWO4XEbJIOAfika6hZK2h0; ABTasty=uid=vs658zyd0wajeqs7&fst=1721882137721&pst=-1&cst=1721882137721&ns=1&pvt=2&pvis=2&th=; _ga_67MWHF65HK=GS1.1.1721882142.1.1.1721882299.0.0.1341660271; _ga_X05EWL8N9Q=GS1.1.1721882143.1.1.1721882299.54.0.0; FPGSID=1.1721882144.1721882300.G-67MWHF65HK.vNtvP2vzcL3XpA_VZVzcXQ; _uetsid=5a8368104a3f11efb036e9af035388bf; _uetvid=5a838d504a3f11ef8132157f627491a9; _clsk=1r0gaso%7C1721882300631%7C2%7C1%7Cs.clarity.ms%2Fcollect; _ga_X5PY18JBQR=GS1.1.1721882144.1.1.1721882302.51.0.0; _ga=GA1.1.930467927.1721882143', 149 | 'origin': 'https://p-bandai.com', 150 | 'priority': 'u=0, i', 151 | 'referer': 'https://p-bandai.com/hk/login', 152 | 'sec-ch-ua': extra["sec-ch-ua"], 153 | 'sec-ch-ua-mobile': '?0', 154 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 155 | 'sec-fetch-dest': 'document', 156 | 'sec-fetch-mode': 'navigate', 157 | 'sec-fetch-site': 'same-origin', 158 | 'sec-fetch-user': '?1', 159 | 'upgrade-insecure-requests': '1', 160 | 'user-agent': extra['user-agent'], 161 | } 162 | 163 | data = { 164 | # 'p8kOmysnbc-a': 'tqPXwebTB-8dgMZMy5O5K5iWk8yxaEtGkUHa3KQ6FqSRpG28VV9UXk=D36h7XgRx_kKWcSLJLToKHBo0xiaYp2ZJ0XAPzyx=yGVTOpg48YWFElQH0_Zht-B4AdLTYSQbXZclMcK4duXgoabMs_RoYG_9Lwx0ZjMA1ToIP3Hz7WVk6wh8Os=bha2DWr90P7GSrC39NMuxmogYKhfVSr3iETuSMCdJzVHYzb12pwmePNgV_liYxAeps2_tvkiI9Gjh6bsX9C_rCVQIfTuodpO0U=ia1WGOz9RMDZfFJsrJ4YiAGD6tCU8xrZC7_9LNHOoLKRy0Ju2iYBws8gTmzbA=hJ6hKuP2CCks45bsG5saS2pJY62NUs5cMg1HLr8-_xdtvCgwvMaEgUbP3ktER5UeQxqrEcWIgQw2DfCzphKpKoef51Nme8YIHZEZv1Mkft2XB9QJD5_qjSc6zsktW1RPQdwVtHog50MkMjd3fPLb-jL96G=DP8jT9yhJKRgKvwkDyrBQQR08fVsJLtfqT17mvTf7uykFigJT21yy_=MY5QqKTz-dIzdGwiL5l4r6aA7874Lebz8gLkxzuF2_5HrY4Ef_qbyv=WG3DI-YfUa8gP74Vwq13Ap-m0rW-SCHwQ3X7iBONave04J_vGMEfcHkJyHgWfKuKCXAB80tExDGvNoizYePE-ZgFqTaWBCcey=tGu5iJ0_kl6HXBVWs7SrC5=7artWmJDR6sWa-DeQkF1Gfyk8GP8XqCSmRvNBOxFl7_j8uWzmN4dSQSb5dASI40ptV=7gTpme1o-Bw1jUgwCwC-sCVH0d0JO0o3auMAE75LOsgXrWLoEPWO89ucogKiZ91rgxi1a7PlFw_pMWOt=8HdsJKs4qwzXFbLg=6NuVRuCqUxSO3awHQX1EQ8he3Kz3rGz4mpBCfsNxKRZm-1bXoo=aoELG=yK9ueEKV-gZw4GS=GwD7rXqSCOZI6NsMm_mUf-sb_F4dCKk6R3JbQGpDcxZoBza603O5Y5eTB-GhquhSAuYD1WiCIvaZhtdQy=uqkya2tu18_GbaD1dwzF1LATqFRJopQZzI9R-evcOp8by6WAg0rLL0y=uyCOD0LsQW7Qls1Tkwacr3CRp_kp90hTKrw7XgCeiUM_3KzLAHfj=s=iGQ3Sem2byRmAXO3DNVgZMk7mCYxoum=t880o67QhuMqHCkew1OxrGqA9=0U_2gvLNhA-i6bHHeBbrfwsxp8gbIMcWa74k0ov=TB=1=r919ucjqM45C7MtKDdyOXEd-t0Y3j3_UNtMg2QiVIIRrImsM0RVRDcRGWFWHFv7iWc57TKqPCeNBB_iaWbYYix7blLpG0N9kLAdHCEk_tMO9ULHpFjEczD9HScRzX3B8roP7KP4dp6c1i2ytZuCLSW68oB7G85As6SkF5FjzYQlP6LYoNa79y3itHIlM_dN51iZvs-sW_JO=3Dt=8dy_ZIlaDKfRaEL0l5ypvU-UHztvJHuHsVsc1woXhaZu4s5gzf9rxP0wNCqkvfzT_cs7YzDlrlRACljlrySv9MEPurc=ib9WyVw_W1GS=DBk3OSWi__xyKf=LY6xSGXmzkrkj__qCD65AYz0iTz4M5lZ3TiFC5Yz5h7NIoS0s5ERl0QgFIL7MoHaZWC0YSCRQUTO8afNGNyH4aT4GPxp2Rm-N76etwLpWYmVYtE4CrbrNJVotLv6ZCbsc__8UXhRwRXgfGC6ajaqG0SGDgF32Z20P7mUg4gUzmJLVJzE6LhOU-zS76q9k72JVOp7H7hkRUaUmFG7qmdMdTLL2Kizw-j7yigE05odjZcvj-WlGhX2kchxQfyohxUNliAWN=UJ6CFjKiU4TpJ9wMs-Y==53XlUFPk8Bh-_giyGg9DJGKTO0JSHXvFAzkDoWNMoZEJg0f__bN3k6MmQYF_JcK2RNHu8lMlSII-qwQmptoqwYZhibddFOeSfoEt4QXZHUpewwWq3FAW3b2UscjMihRdm6Iy97LpomIJ0-oDiUUWjAGVAuqpv55lUCH25CtqDPKsy4MOAwwQ1yrLtMC4gYP4iS4_EHJ0J9J5z1IB-ql3HZWCoi56tC--MLrTzj1qMAASqSGj6AkuZmJmr4lrLeubeu5WDpelJ6Zw7Y1IxsQm8_3U9ajFgro83QTTGaFLroPzcAb5eoZCdOh2tDf7=jjbzuIPMHa2YiT_7KqPlfB8h5h87cGrfvhbV0_JX3hAIrwA91dXayObkv-RF89SIC0xT9eebsbd37cSmwYMd-Eczx3KCPz6mWO09TmDGd_wH6=ANXO0xVN6haxAS30WlsVXN3XobBWp=y-UD6EMJP=pRsshS9kN4kMM0NHQCzLRl7tYoQ7y==grG2spy1bwyVmTHAAltgDO6l0gwlDx=I0VXJyf5k8FYqgo2wRUKbfOZOeEdMBXXiDkYFez_LUWp9hCHXEwtQQDdgptqzCbDXVYwlTdIT9h=ToPw48fK3SZd4p597XP6TYd5PlJU0ImhCUcbOh_oJyK2RHpoiZaL_=5aT02WKlfiUvjYuC5bpS8-VzXe9Zzk3TD1luw7YkDbVS-8MwUNseF3v8b_7Dktr_jKFHQNBFM5UM4__9eJ55sw8ZTzNNkr1bk-7cUwcafT7aGPd0aRkDPP-d4wawyK8Il6PraKzZi3uMN5pXmddrkv0P3swZVsWbM-ZmB5X7eqFONQE4XcxEOu_UIvbMIVzhYzg1emqeY63yKAYuJuzqjEBAleKSdaT60f1o9-MVG=CmGEViM88V6uDNd7c3_FARkx-fJafyD8HsWqM6B6QRNxbQrOqiNBy8azSUU9AmgH74g8x=MmQyClzEdaZUoCKQ=wTtvQgUg1iEwqhWvwbaf1=HRP7_DCfJKexGqiRa27wWd5-5wSJc8=eBl3ftkp=p-geZEjUeRc1yx4kHtf_Fd5CCg-FsXksEpg8tLOV4WCHpOYgYZ0QKqqHsKD6ONkflJxdMXrjQAWlmkmoNi0UT5gHGIL0zJ12PYiQb_zwfRXfKODx4ROhJzLd1v0ozEIl99PJUMI5ii0z5A-oq0RkGTAkQHA93=-1JySzzDT0Fg1PJ-AjdIsgDmM56QRxxqqtMwR05oGbU24Uc-SW3BqjL1y2glI9_hf2s9uG=yDKxboN6g1NZhrtG54WpLTAeMy1KLUNIv85-Uz6OQLR5cgGA=0JNFa6sBRqCAS4P6LuMXajECUtCzpvjs2ahet4VlwtitQawq2Bx-1FS5dvysaSL9xL42L6dI3bXFHH5Hi6f00Ns5lC=-w3ICxe_pt=AqDpYk_=4dzR0qR3aPSKNl6l28PThl0zs2GP8BiQqGllygJtb8thXINEkD-X_SuYkxveufRxbmzDdfgH5fC43W6jONmFOZ3u-aK_OtEMPS3yoh33OihrkpAE1P7gZAA6daJkfhfExOoAVmF=Xz5vX=3mSD5HT3T__u26xloFDqQ=wUZje8SbiYmgQ7wUBWbi4GAw=YX2vpMKFOQ5CvPg=PUzpBFg5gQmyAxpT_4YMMFMQfdx6e9ygxSsJXkrt1CzV_Ecs6UFMvAGzyHoH0w2ZEK=hNc9jOqIZ6d_E4JjpCObP84Kd1YcFP-=etIvox=8bl=DPvpJTMFo0OWyyMpvGoSx7PLX3PGD41vIzfh8_eLm8kMi-hYaOMoMHSBq3A-p1EtTPFDZVxF93zVNcfhleetQT25rKbVZKeflakD519_rKJ4BrxFZwvlosidG8POlho5aU9VDQivdS7-Ipv=TF-Bl2-7qK6THRkSBQ1HYN0w2kfJgLsNxukV0sc5LyJGYKPBksgDwL4lNZUOAUZipJEVkJdS0gd6b35ACvM7xv1xLyD71kYhtwyBOz6gZgRj-jVtlJlsAXATiXv5ZAtgtQKy9r32EWGBGA1QDO6lchBVyRwypFL7tS6PpWab3vVrNq=R=rmKuvz8xiGpWO9V6-RCK=WYQSlAKDYHh-tDt9CKim8y2x4Si-fVIfMM95_bQHDI4XSmZq0ABqMkEwqT182xKTUV6VIUYsza6fkxg49xOzRALssdyRkUaEWmCTZeDIMUe2ujwkah2RDLb28W5aJ9I4KDo9SEe5LPWhM5dC7tiM4lWoRiroEsmZ7bSO-ZGOfOt8A=s-xlA3rHxphbo9Ql6yZhj60gym9j9pILHsjktrD=wPlNC7_R3EG8gvH6k08uWUAvqEAFdFSQ725atKv0fB1zJD51Upw168-0L9QEB74PAIEx2EMCrLbTi68E3PgiEN1eess-UH1crw4a3jFHv3hcZzz8W0v=vgGFVfmM8Zb=0Xbf8dlzYu6O=tLRzBHMNi9MCzNkpYazw4KUZ2ocdqxQPLG=_iBD-kPguCCgvu-R=Zxz5z9OOu2weAip9lxL9Zq3ChsLgKVNz8fx=8_OjLWC=Cq61eeKJOW_DMr4P7-6UIbuBI88r9T1xBMapJGPYAbMLuWH99HAL9JxNyb2FESUm20bb0u_Tk8t5Nhvdb7d91C=FoQJbrbx48Ts7kxPUfmFvXcH5d89QiY9KZeiq_pmOsrwaDMUezTEbsFtdAmS6Cq34ES6o4JLNocuTaGoWg__hj6Ryt2-9bzaax6fVTgdkjVsbI6Ya=MEBcwFYz6wK-vVqolyWaJEau6Ujqf-1HWX1uqiLK=_cjN3RzStCIg0Xvb5DkDIVY-RWfkB9Sy-62RGop_iiUAxS3VrhZ0B545T3=624qXhtrHHHOqCqkHFoVC=X9tAwLZvSEfYE-6L4Qb7stpeN4Wd-cmQBOwV23osxS04lPy4UT6Ehfqyi8I899R8Glrt-vtZy1Qgq6OMUXCrRoI=DOlW5gkTfzpuTWZBr4b=78xaY9QlmCkbYoai3gYZt0sZYcQR3B5tdHqmLW_3AzdOK4-kz4jOXWdqtw-Mto399S-RG3XSxtJHc8Kl79E8X=xbx00W1YmxNj46tu2VFuBvs0bVTVYWya0eRX-xzh9=cmr4Xp9ZScbOch6=RKyzXwaNCrOxVU5aY9YQduRI_UFM2bDiltk-GlHgJc=jorhw0FDqVGfyrct49UoAgrRhjEPdiyJSo7Xhl1Aa5-kfkPPI8fHZH2JAO5PCtI=fujfZjELNbl7tfEyrrEzdo0Ojmf9psmEFmPho2b_Ge5zlrehXmHFLJXA4VNhoY8RLKTT_Yaa1hfSdRi2KBHKIKplxuXPdw7qVRHaXBjP-yQK8uF9aocv0rMQxPmELXj3qdu9lBg6mUWwig_jczG6sWrijWNqV=KEfyJ9AGwL=sXyUL8GYK-hMyQACiuijbXouH8PrdIDlpmPHMR47xlZ=rbMeoNjrfq1qc-y9Usv7yWQo0-Uzy0NO7O5yY56hY2HrR_1uwQMf2pEHlPBxlPcXaF0YBFtcxi_PuqsZDhB1bRyPuuz9B2bFcRm1NeqX1L1ZqjC_TcakKOo2T7jJZaQbA7zDxMXKmSJptK7hAw3O2csFx446oB4Mz8s3DOVdZxQW6QfKj=jp-fG1kgVug-FWjEzOTNMxxt--NQL6EclKAltkt3xix4_QrvXQ=uTrtVp9f=x=Tv6FVU9CPOh3tUGcLB0cwtr4UmI_IT1TLWJBrxCFP0GXkm3fy-2eKXWjLikILI4OgsmRs=o28qlFO2v0-EjNpE5PTFlbWlyi5SMH0Xck9pUTbQvjiKgyP6J9DP0JKbHCr-hQa3W0p9QRAoFe6WwJPsQqR33V-kWO61gztsRsSOuBr=-XBdLD9EzQhwbSzxES0CRSq1XfA8ZJIJ22BEVmPHBPaB4DJ34CDdF7K1yqdFDpC4eECMf975TmtCJx6RRs30JZ_HtALySxGBt_MB39Yl2hCbHZURgSL=Laou2Xh9fiium6BkQq-A9E=rk1HyQ9qR0FzdFXRy4eTh8E0iYBAcuSNhjKWYTv4w7ejdDO-j7_N13_QjZ-8=g=W_GQ-CsGPAg1r3TcHv=yq-tvASFmBJDp1RiDK572GsSEfqvB09cy35hhZ6aUNt4tWfam9a1M-0OCJutm-P=G1MY681LY2Q4h_tcf8ErxhLhIxsfehb32b043WZxTXx44itNU5PPsfZrqu=QmGbTAJHyek5Wz_DFR2TYBI6sNaBCmWy4P5lg3IWWN=6SpAo_Pz44IzujxAg6VkRSEA8vOuwyF5A3gMdRjxmjigW_33hkZ-8-6cVizN8MTtCjgDEWtG3KSElRINFfMDHJbrjKDLO8Gj5EVNgvQo=DzRUe3tAyrhXS6D9OdOiWAYQdvlLaZGzqrOrIY_OgOsu6-54W17PpzAAVG8z3BYUcK3UduF219bPQb8IJjX_0j8Uk0Vj0aJ=5jc3ZA7NWblhGNgA=IIwHDNjC4tWK3Gei94_pmCIxXdPtyl=TE5paEuYVwetKw0OWNhQ2-3qjxUNP0cU99fjE-fEYJuKVkJDQ1McjZg5K9WuCdsZv_2Cs1LoY=1cgwSc_jJ75QCSgiazDIOjF2VL2mVCAt-wxPhyjWB_d8IqHCO3ytem8lpfO6Yg0i3D6LrqAT_DUkRypvoMxpBU7DcmEtN8Ywt5j1mcrLIxuCu5M--gbIvvN_9W2okVpzFiB8yJ4E5gSmCd2jAo3u3yHbpV0DtGYVEWU2s6q7V3akg1-v6F0V7LF2mAhfMA6D2MC35HdQBYDw0Ww9J2l3asQwgfY6q9e6=PIBAtl1P0WY-ysekQRVLr99V0ZS=l9efdoL3CeG8IQjFR5T5I-vFrdm-J-jqRstj8lDH-LhvNsBXOVIScUwNRUDrqx8ZERJ2GaACAScu7PJYBk41iWJGDdftlJ_QPpJTzsVb0hb3ugqg0H=4lDxh_SL2SOeR5_Vfb29JQsA=JLT=u4PQXCzdSQWaRK-i2ZLXEHuI_FtlsHoOhF0SkOJNp=gx5uvE8rNkq5whrxapBYHHNo0N46Te_8W_fvgyuQhdiFT6kT-SeJYpGxZXbpkeVZjEFt9ffFC_lTOvq9f2ICbvY7h04bBEvz=BhhBS4cEI9yVcQHU9mPqvwhJBeG4r8oj6bbPmdJuVHU8xcQel7q5RpO1UZ56cuG1wLC7m7gw9pDtTv-FzzYCZ-f0em11amSQzT=4zHOKS5WTStMFpdZQpDqoLaN0XioZdVAkGZ7I=oRvX0ta2aPb9288ZA8IXK3QJHF_mkIialEllQ4DlkkrZvJyplUizSeZmeq88W3i2sjyuA384Ax=6UbaZbHQsLRzk0s3msD0=3ZBYDOZPt2u66EOgPN6v_c3kHBrhz9CPKDkPcXQtOu8ZW6Je_D_PyoPYpll0zQRg9JSrIAsOTIjW1HIOLYI-RSaNXuacZWRv3Kquh_90JNyw9h_cLp-CuwkqqrMkVZM9jTCCrharrRbBmr8iNJ2quwYGzRvsBEud_=8613aHzCxSZtfHU0X4e46r7d5FEAxdZ711HMSoW9OUR4XdgbbIv==pNKRPb4KBAklV70sNCjczfujyML4F9DPkrglLjO2rQuGOKxMpe8GNNivTIAoZJma3ML9LjFYpT83xRsGSXo6etzX1POdld4ZaRox7eI-Cw9YZQ1CSHG2y0hMbQVWWSXAi-d5mMJtFTM-o7YP3Bt-wpgl17iHJf09=_9G=LMG-mERkMpyv0-zWWjj4zN4UPezomRjhEKfH9q0_hZFCQLhvdWhd9=6SqNzl03xh3h0p85W27FfkKW5Cm9tm7mkBmOeoqL6JQ_xzD1a4JcbkOjEUV-aOXgWg-z_Am4qVC5qvWNPN-sq8MXGjcUeoVrR==ea77avAQ7EvVgvCzvZos8DgIqsVS_ULS1wOsAt0ge_hsdPI0YujjRaMuovIDDQp2wY7-sJwSfVgFtwKw-Y-v0csaaM8Uw36xAQBFY0iB0fgOs0I7W6ueCk5CpeixvXHj5XWuhiSDsaZxb4RG8bTaKraK5jClUI6d6IrR12mPw3yS6BMdr0-5EUf_sDfwP5G_NOz3pP0FkvXP2v_rzYIA2St5MVGYJ7IOGt9brRdo5BLjuyoasWe5DSVT2gK3lHdk6UhtlNgxWdmjFl0ydVxj8jF8LHEXJtkkZONRPcLRmrhtgAl-Xf_FKwFYEpMdbsRBU9ZVt6u3Xo_gd5tA=I_JFeTIgfpxD82KN5JSumCg=Jf3DxtQRlkFwiSrC06JfgtOQe_UUGaRY9lZ3bQdJE5EsZvI_AATCORbJjc==77-oEXERzQTzuSZzD1VdK5FiQTA-6-sR0J1lCZ0Kmsdqt2Smx=ar4mAZVOa1m-rlOdTzVl5iR', 165 | # 'p8kOmysnbc-z': 'q', 166 | # 'p8kOmysnbc-d': 'ADaAhIDBCKGBgQGAAYIQgISigaIAwBGAzPpCxg_33ocxnsD_CAD25RIviEUIJgAAAAArd0EfAovjArvgdtBMzYMXJCgRsNo', 167 | # 'p8kOmysnbc-c': 'AEAtJ-iQAQAAsdjKVw9fkSsmF1C9QjJjIs02jVnfA_wNKHvQD_blEi-IRQgm', 168 | # 'p8kOmysnbc-b': '-f8k6d2', 169 | # 'p8kOmysnbc-f': 'A8G3LuiQAQAA79vcKkpe7tz8IOa2kVqBna6ucWr-lXzwobkcTTUQNUnsZY9QAWj5rnuucuopwH9eCOfvosJeCA==', 170 | **shape_headers, 171 | 'j_username': 'evfregvg@gmail.com', 172 | 'j_password': 'dfhrtfgjhrfyjn', 173 | 'CSRFToken': '31ec52ca-bae8-4e98-a8e3-1190d049903b', 174 | 'pb_tracking_id': '0f9ec63b-e687-4397-98c2-147326860d91', 175 | } 176 | 177 | response = session.post('https://p-bandai.com/hk/login', headers=headers, data=data, impersonate=impersonate) 178 | return response 179 | 180 | async def main(n): 181 | return await asyncio.gather(*[ 182 | demo( 183 | href="https://p-bandai.com/", 184 | script_url="https://p-bandai.com/_ui/responsive/common/js/common.js?single", 185 | vmp_regexp=r'"(/_ui/responsive/common/js/common.js\?async&seed=.*?&p8kOmysnbc--z=q)"', 186 | request={ 187 | "url": 'https://p-bandai.com/hk/login', 188 | }, 189 | pkey='p8kOmysnbc', 190 | verifier=baidai_login, 191 | # proxy="127.0.0.1:7890" 192 | ) for _ in range(n) 193 | ]) 194 | 195 | for _ in range(1): 196 | asyncio.run(main(1)) 197 | -------------------------------------------------------------------------------- /shop.lululemon.com.no.py: -------------------------------------------------------------------------------- 1 | import re 2 | import sys 3 | 4 | sys.path.append(".") 5 | 6 | import random 7 | 8 | from curl_cffi import requests 9 | from pynocaptcha import ShapeCracker 10 | from utils import __TOKEN__, __PROXY__starry_keep 11 | 12 | 13 | # @vthread.pool(10) 14 | def demo(token, href, request, pkey, script_url=None, script_regexp=None, vmp_url=None, vmp_regexp=None, fast=True, 15 | verifier=None, proxy=None): 16 | version = 126 17 | user_agent = f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 18 | # user_agent = f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36' 19 | 20 | # 自己写跟 ua 匹配的 sec-ch-ua 和 sec-ch-ua-platform, 必须匹配一致, 随机 ua 21 | client_hints = '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"' 22 | platform = '"macOS"' if 'Mac' in user_agent else '"Windows"' 23 | 24 | impersonates = [ 25 | "chrome116", "chrome119", "chrome120", "edge99", "edge101", 26 | ] 27 | if platform == '"macOS"': 28 | impersonates += ["safari15_3", "safari15_5", "safari17_0", "safari17_2_ios"] 29 | 30 | impersonate = random.choice(impersonates) 31 | 32 | origin = "/".join(href.split("/")[0:3]) 33 | 34 | session = requests.Session() 35 | session.proxies.update({ 36 | "all": "http://" + proxy 37 | }) 38 | 39 | try: 40 | resp = session.get("https://ipinfo.io/json", headers={ 41 | "user-agent": user_agent, 42 | }, timeout=5).json() 43 | except: 44 | return 45 | 46 | country = resp["country"].lower() 47 | current_ip = resp["ip"] 48 | 49 | headers = { 50 | 'accept': '*/*', 51 | 'accept-language': 'zh-CN,zh;q=0.9', 52 | 'cache-control': 'no-cache', 53 | 'pragma': 'no-cache', 54 | 'priority': 'u=1', 55 | 'referer': href, 56 | 'sec-ch-ua': client_hints, 57 | 'sec-ch-ua-mobile': '?0', 58 | 'sec-ch-ua-platform': platform, 59 | 'sec-fetch-dest': 'empty', 60 | 'sec-fetch-mode': 'cors', 61 | 'sec-fetch-site': 'same-origin', 62 | 'user-agent': user_agent, 63 | } 64 | if script_regexp: 65 | html = session.get(href, headers=headers, impersonate=impersonate, verify=False).text 66 | script_url = re.search(script_regexp, html)[1] 67 | 68 | if not script_url.startswith('http'): 69 | script_url = origin + script_url 70 | 71 | try: 72 | script = session.get(script_url, headers=headers, impersonate=impersonate, verify=False).text 73 | except: 74 | print("初始脚本获取失败") 75 | return 76 | 77 | if not vmp_url: 78 | if vmp_regexp: 79 | try: 80 | vmp_url = re.search(vmp_regexp, script)[1] 81 | except: 82 | print('vmp 地址获取失败') 83 | return 84 | 85 | vmp_script = None 86 | if vmp_url: 87 | if not vmp_url.startswith("http"): 88 | vmp_url = origin + vmp_url 89 | try: 90 | vmp_resp = session.get(vmp_url, headers=headers, impersonate=impersonate, verify=False) 91 | if vmp_resp.status_code != 200: 92 | raise Warning("vmp 脚本请求失败") 93 | 94 | vmp_script = vmp_resp.text 95 | except: 96 | print("vmp 获取失败") 97 | return 98 | 99 | res = ShapeCracker( 100 | user_token=token, 101 | href=href, 102 | request=request, 103 | script_url=script_url, 104 | script_content=script, 105 | vmp_url=vmp_url, 106 | vmp_content=vmp_script, 107 | pkey=pkey, 108 | user_agent=user_agent, 109 | ip=current_ip, 110 | country=country, 111 | fast=fast, 112 | cookies={ 113 | k: v for k, v in session.cookies.items() 114 | }, 115 | debug=True, 116 | ).crack() 117 | 118 | if res: 119 | if verifier: 120 | try: 121 | shape_headers = res[0] 122 | response = verifier(session, client_hints, platform, user_agent, impersonate, shape_headers) 123 | if response: 124 | for k, v in shape_headers.items(): 125 | if '-a' in k.lower(): 126 | a_header_value = v 127 | print(country, current_ip, version, platform, impersonate, len(a_header_value), 128 | response.status_code, response.text.replace('\n', '').replace('\t', '').replace(' ', '')[:30]) 129 | except: 130 | import traceback 131 | traceback.print_exc() 132 | else: 133 | print(res) 134 | else: 135 | print(res["err"]) 136 | 137 | 138 | if __name__ == '__main__': 139 | 140 | def lululemon_login(session, client_hints, platform, user_agent, impersonate, shape_headers): 141 | headers = { 142 | 'accept': 'application/json', 143 | 'accept-language': 'zh-CN,zh;q=0.9', 144 | 'content-type': 'application/json', 145 | 'origin': 'https://shop.lululemon.com', 146 | 'priority': 'u=1, i', 147 | 'referer': 'https://shop.lululemon.com/', 148 | 'sec-ch-ua': client_hints, 149 | 'sec-ch-ua-mobile': '?0', 150 | 'sec-ch-ua-platform': platform, 151 | 'sec-fetch-dest': 'empty', 152 | 'sec-fetch-mode': 'cors', 153 | 'sec-fetch-site': 'same-site', 154 | 'user-agent': user_agent, 155 | **shape_headers, 156 | 'x-okta-user-agent-extended': 'okta-auth-js/7.4.3', 157 | } 158 | 159 | json_data = { 160 | 'username': f'tabby{random.randint(110, 100000)}@gmial.com', 161 | 'password': 'sadgbergFD4FV.', 162 | } 163 | try: 164 | response = session.post('https://identity.lululemon.com/api/v1/authn', headers=headers, json=json_data, 165 | impersonate=impersonate) 166 | return response 167 | except: 168 | return 169 | 170 | 171 | demo( 172 | href='https://shop.lululemon.com/account/login', 173 | script_url='https://shop.lululemon.com/shared/chunk.273c0224d38f1ad8.js?async', 174 | vmp_regexp=r'"(/shared/chunk\.273c0224d38f1ad8\.js\?seed=.*?)"', 175 | request={ 176 | "url": 'https://identity.lululemon.com/api/v1/authn', 177 | }, 178 | pkey='Dwoclkrx', 179 | verifier=lululemon_login, 180 | 181 | # fast true false 自己调, 风控高了过不去了就改成 false 182 | fast=True, 183 | # 改为自己的token以及代理即可 184 | token=__TOKEN__, 185 | proxy=__PROXY__starry_keep() 186 | ) 187 | -------------------------------------------------------------------------------- /sonic_game.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Time : 2024/7/19 10:40 3 | # @Author : Chris 4 | # @Email : 10512@qq.com 5 | # @File : sonic_game.py 6 | # @Software: PyCharm 7 | import random 8 | 9 | import requests 10 | from loguru import logger 11 | from pynocaptcha import CloudFlareCracker 12 | from utils import __PROXY__starry_keep, __TOKEN__ 13 | 14 | 15 | def claim(address, token, proxy): 16 | headers = { 17 | 'accept': 'application/json, text/plain, */*', 18 | 'accept-language': 'zh-CN,zh;q=0.9', 19 | 'origin': 'https://faucet.sonic.game', 20 | 'priority': 'u=1, i', 21 | 'referer': 'https://faucet.sonic.game/', 22 | 'sec-ch-ua-mobile': '?0', 23 | 'sec-ch-ua-platform': '"windows"', 24 | 'sec-fetch-dest': 'empty', 25 | 'sec-fetch-mode': 'cors', 26 | 'sec-fetch-site': 'same-site', 27 | 'user-agent': f'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{random.randint(80, 126)}.0.0.0 Safari/537.36', 28 | } 29 | response = None 30 | for _ in range(3): 31 | try: 32 | response = requests.get( 33 | f'https://faucet-api.sonic.game/airdrop/{address}/1/{token}', 34 | headers=headers, 35 | proxies={"https": proxy if proxy.startswith( 36 | "http://") else "http://" + proxy}, 37 | verify=False, 38 | timeout=180) 39 | break 40 | except BaseException as e: 41 | logger.error(e.__repr__()) 42 | continue 43 | try: 44 | ret = response.json().get("status", "error") 45 | logger.critical(ret) 46 | return ret 47 | 48 | except requests.exceptions.JSONDecodeError: 49 | ret = response.text 50 | logger.error(ret) 51 | return ret 52 | 53 | 54 | cracker = CloudFlareCracker( 55 | user_token=__TOKEN__, 56 | href="https://faucet.sonic.game", 57 | proxy=__PROXY__starry_keep(), 58 | sitekey="0x4AAAAAAAc6HG1RMG_8EHSC", 59 | timeout=120) 60 | 61 | resp = cracker.crack() 62 | if resp: 63 | t = resp.get("token") 64 | logger.success(claim("5kKwUCMMznyHbJqcNgZy6TsgBdpdiFRXayqhPG9Zw2Uq", t, __PROXY__starry_keep())) 65 | -------------------------------------------------------------------------------- /testnet.lenscan.io.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Time : 2025/3/2 20:46 3 | # @Author : Chris 4 | # @Email : 10512@qq.com 5 | # @File : testnet.lenscan.io.py 6 | # @Software: PyCharm 7 | # -*- coding: UTF-8 -*- 8 | 9 | 10 | import requests 11 | from pynocaptcha import CloudFlareCracker 12 | 13 | # 根据实际情况修改 14 | from utils import __TOKEN__, __PROXY__NST__V6 15 | 16 | # 平台注册地址 https://goo.su/i2dKzY 获取令牌 17 | USER_TOKEN = __TOKEN__ 18 | # cf和这个平台都支持 ipv6代理 注册地址 https://goo.su/wXmzLan 19 | # 我推荐的这个代理平台是 $0.4 1gb,非常便宜,当然如果你有更便宜的也可以直接用。 20 | proxy = __PROXY__NST__V6 21 | 22 | difficulty = "hard" 23 | 24 | session = requests.session() 25 | headers = { 26 | "accept": "*/*", 27 | "accept-language": "zh-CN,zh;q=0.9", 28 | "content-type": "application/json", 29 | "priority": "u=1, i", 30 | "referer": "https://testnet.lenscan.io/faucet", 31 | "sec-ch-ua": "\"Not(A:Brand\";v=\"99\", \"Google Chrome\";v=\"133\", \"Chromium\";v=\"133\"", 32 | "sec-ch-ua-mobile": "?0", 33 | "sec-ch-ua-platform": "\"Windows\"", 34 | "sec-fetch-dest": "empty", 35 | "sec-fetch-mode": "cors", 36 | "sec-fetch-site": "same-origin", 37 | "trpc-accept": "application/jsonl", 38 | "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36", 39 | "x-trpc-source": "nextjs-react" 40 | } 41 | 42 | resp = requests.post("http://api.nocaptcha.cn/api/wanda/lenscan/universal", headers={ 43 | "User-Token": USER_TOKEN 44 | }, json={ 45 | "difficulty": difficulty, 46 | }).json() 47 | print(resp) 48 | 49 | data = resp["data"] 50 | sessionId = data["sessionId"] 51 | moves = data["moves"] 52 | 53 | cracker = CloudFlareCracker( 54 | internal_host=True, 55 | user_token=USER_TOKEN, 56 | href="https://testnet.lenscan.io/faucet", 57 | sitekey="0x4AAAAAAA1z6BHznYZc0TNL", 58 | debug=False, 59 | show_ad=False, 60 | proxy=proxy, 61 | timeout=60 62 | ) 63 | ret = cracker.crack() 64 | print(ret) 65 | token = ret.get("token") 66 | 67 | url = "https://testnet.lenscan.io/api/trpc/faucet.claim" 68 | 69 | params = {"batch": "1"} 70 | 71 | data = { 72 | "0": { 73 | "json": { 74 | "address": "0x1e778b081e145228f6de493ef51b13e3075efee2", 75 | "cfToken": token, 76 | "gameChallenge": { 77 | "sessionId": sessionId, 78 | "moves": moves 79 | } 80 | } 81 | } 82 | } 83 | 84 | response = session.post(url, json=data, headers=headers, params=params, proxies={ 85 | "all": proxy 86 | }) 87 | 88 | print(response.text) 89 | -------------------------------------------------------------------------------- /testnet.monad.xyz.py: -------------------------------------------------------------------------------- 1 | import hashlib 2 | import random 3 | import requests 4 | from pynocaptcha import CloudFlareCracker, TlsV1Cracker 5 | 6 | # 平台注册地址 https://www.nocaptcha.io/register?c=qZBx3e 7 | # 新人注册后加QQ群:120639 找管理领取10000点测试点数 8 | # 平台令牌 9 | USER_TOKEN = "" 10 | 11 | # 长效(5分钟及以上) 账密代理 12 | proxy = "usr:pwd@ip:port" 13 | 14 | user_agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 15 | 16 | href = "https://testnet.monad.xyz/" 17 | 18 | resp = requests.post("http://api.nocaptcha.cn/api/wanda/vercel/universal", headers={ 19 | "User-Token": USER_TOKEN 20 | }, json={ 21 | "href": href, 22 | "user_agent": user_agent, 23 | "proxy": proxy, 24 | "timeout": 30, 25 | }).json() 26 | print(resp) 27 | 28 | extra = resp["extra"] 29 | 30 | headers = { 31 | 'sec-ch-ua': extra['sec-ch-ua'], 32 | 'sec-ch-ua-mobile': '?0', 33 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 34 | 'upgrade-insecure-requests': '1', 35 | 'user-agent': extra['user-agent'], 36 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 37 | 'sec-fetch-site': 'same-origin', 38 | 'sec-fetch-mode': 'navigate', 39 | 'sec-fetch-dest': 'document', 40 | 'referer': href, 41 | 'accept-encoding': 'gzip, deflate, br, zstd', 42 | 'accept-language': extra['accept-language'], 43 | 'cookie': '_vcrcs=' + resp["data"]["_vcrcs"], 44 | 'priority': 'u=0, i' 45 | } 46 | 47 | cracker = CloudFlareCracker( 48 | internal_host=True, 49 | user_token=USER_TOKEN, 50 | href="https://testnet.monad.xyz/", 51 | sitekey="0x4AAAAAAA-3X4Nd7hf3mNGx", 52 | proxy=proxy, 53 | debug=True, 54 | show_ad=False, 55 | timeout=60 56 | ) 57 | ret = cracker.crack() 58 | 59 | token = ret.get("token") 60 | a = hashlib.md5(str(random.random()).encode()).hexdigest() 61 | b = hashlib.md5(str(random.random()).encode()).hexdigest() 62 | json_data = { 63 | 'address': f'0x{a}{b[:8]}', 64 | 'visitorId': 'd0455ad5556bab526918e1bd302ac253', 65 | 'cloudFlareResponseToken': token, 66 | } 67 | print(json_data) 68 | 69 | res = TlsV1Cracker( 70 | show_ad=False, 71 | user_token=USER_TOKEN, 72 | url="https://testnet.monad.xyz/api/claim", 73 | method="post", 74 | headers=headers, 75 | json=json_data, 76 | http2=True, 77 | proxy=proxy, 78 | debug=True 79 | ).crack() 80 | -------------------------------------------------------------------------------- /www.eurowings.com.no.py: -------------------------------------------------------------------------------- 1 | import sys 2 | 3 | sys.path.append(".") 4 | 5 | from curl_cffi import requests 6 | from pynocaptcha import AkamaiV2Cracker 7 | from utils import USER_TOKEN 8 | 9 | # proxy = "127.0.0.1:7890" 10 | 11 | session = requests.Session() 12 | session.proxies.update({ 13 | # "all": "http://" + proxy 14 | }) 15 | 16 | headers = { 17 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 18 | 'accept-language': 'zh-CN,zh;q=0.9', 19 | 'priority': 'u=0, i', 20 | 'sec-ch-ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"', 21 | 'sec-ch-ua-mobile': '?0', 22 | 'sec-ch-ua-platform': '"macOS"', 23 | 'sec-fetch-dest': 'document', 24 | 'sec-fetch-mode': 'navigate', 25 | 'sec-fetch-site': 'none', 26 | 'sec-fetch-user': '?1', 27 | 'upgrade-insecure-requests': '1', 28 | 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36', 29 | } 30 | 31 | href = 'https://www.eurowings.com/en/booking/flights/flight-search.html?isReward=false&destination=ALC&origin=BHX&source=web&triptype=r&origins=BHX&fromdate=2024-08-12&todate=2024-09-10&adults=1&children=0&infants=0&lng=en-GB' 32 | response = session.get(href, headers=headers) 33 | print(response.status_code, response.text) 34 | 35 | if 'sec-cpt' in response.text: 36 | res = AkamaiV2Cracker( 37 | user_token=USER_TOKEN, 38 | href=href, 39 | sec_cpt_html=response.text, 40 | cookies={ 41 | "sec_cpt": session.cookies.get("sec_cpt") 42 | }, 43 | debug=True, 44 | ).crack() 45 | 46 | session.cookies.clear() 47 | session.cookies.update(res) 48 | 49 | cracker = AkamaiV2Cracker( 50 | user_token=USER_TOKEN, 51 | href=href, 52 | cookies={ 53 | k: v for k, v in session.cookies.items() 54 | }, 55 | telemetry=True, 56 | debug=True 57 | ) 58 | 59 | ret = cracker.crack() 60 | 61 | extra = cracker.extra() 62 | headers = { 63 | 'accept': 'application/json, text/plain, */*', 64 | 'accept-language': 'en-GB,en;q=0.9', 65 | 'akamai-bm-telemetry': ret["telemetry"], 66 | 'content-type': 'text/plain;charset=UTF-8', 67 | 'origin': 'https://www.eurowings.com', 68 | 'priority': 'u=1, i', 69 | 'referer': 'https://www.eurowings.com/en/booking/flights/flight-search.html?isReward=false&destination=ALC&origin=BHX&source=web&triptype=r&origins=BHX&fromdate=2024-08-12&todate=2024-09-10&adults=1&children=0&infants=0&lng=en-GB', 70 | 'sec-ch-ua': extra["sec-ch-ua"], 71 | 'sec-ch-ua-mobile': '?0', 72 | 'sec-ch-ua-platform': extra["sec-ch-ua-platform"], 73 | 'sec-fetch-dest': 'empty', 74 | 'sec-fetch-mode': 'cors', 75 | 'sec-fetch-site': 'same-origin', 76 | 'user-agent': extra["user-agent"], 77 | 'x-csrf-token': '{683fc78c93555ed7a6a26af204cb44ab8754c3b61145e284f6901941582a46291490c75bcc7a365f4f58cd87fbbd3736db3b7cb8b6b5894e23b22db9e3d320f89aa2c74de3c43219b50582ffd4692c36ce79a9b460d3f12ac01f63ce84cc9960}', 78 | } 79 | 80 | params = { 81 | 'action': 'QUERY_FLIGHT_DATA', 82 | } 83 | 84 | data = '{"_payload":{"_type":"UPDATE_COMPONENT","_updates":[{"_type":"ew/components/booking/flightselect","_path":"/content/eurowings/en/booking/flights/flight-search/book-flights/select/jcr:content/main/flightselect","_action":"QUERY_FLIGHT_DATA","_parameters":{"origin":"BHX","destination":"ALC","outwardDate":"2024-08-12","adultCount":1,"returnDate":"2024-09-10","tripType":"ROUND_TRIP"}}]}}' 85 | 86 | response = session.post( 87 | 'https://www.eurowings.com/en/booking/flights/flight-search/book-flights/select.booking.json', 88 | params=params, 89 | headers=headers, 90 | data=data, 91 | ) 92 | print(response.status_code, response.text) 93 | -------------------------------------------------------------------------------- /www.jetstar.com.no.py: -------------------------------------------------------------------------------- 1 | import sys 2 | 3 | sys.path.append(".") 4 | 5 | import random 6 | from curl_cffi import requests 7 | 8 | from pynocaptcha import AkamaiV2Cracker 9 | from utils import __TOKEN__ as USER_TOKEN, __PROXY__starry_keep 10 | 11 | version = random.randint(123, 127) 12 | user_agent = random.choice([ 13 | f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36', 14 | f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 15 | ]) 16 | 17 | proxy = __PROXY__starry_keep() 18 | 19 | session = requests.Session() 20 | session.proxies.update({ 21 | "all": "http://" + proxy 22 | }) 23 | 24 | resp = session.get("https://ipinfo.io/json", headers={ 25 | "user-agent": f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36', 26 | }, timeout=5).json() 27 | 28 | country = resp["country"].lower() 29 | current_ip = resp["ip"] 30 | 31 | print(country, current_ip) 32 | 33 | cracker = AkamaiV2Cracker( 34 | show_ad=False, 35 | user_token=USER_TOKEN, 36 | href="https://www.jetstar.com/", 37 | # 这个 api 会换, 传不传都行, 传的话要记得每次自己去取最新的, 不然传旧的会过不去 38 | user_agent=user_agent, 39 | country=country, 40 | ip=current_ip, 41 | proxy=proxy, 42 | debug=True 43 | ) 44 | 45 | ret = cracker.crack() 46 | 47 | if ret: 48 | extra = cracker.extra() 49 | 50 | session.cookies.update(ret) 51 | 52 | headers = { 53 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 54 | 'accept-language': extra['accept-language'], 55 | 'priority': 'u=0, i', 56 | 'referer': 'https://www.jetstar.com/', 57 | 'sec-ch-ua': extra['sec-ch-ua'], 58 | 'sec-ch-ua-mobile': '?0', 59 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 60 | 'sec-fetch-dest': 'document', 61 | 'sec-fetch-mode': 'navigate', 62 | 'sec-fetch-site': 'same-site', 63 | 'sec-fetch-user': '?1', 64 | 'upgrade-insecure-requests': '1', 65 | 'user-agent': extra['user-agent'], 66 | } 67 | 68 | params = { 69 | 'Currency': 'TWD', 70 | 'adults': '1', 71 | 'children': '0', 72 | 'departuredate1': '2024-08-13', 73 | 'departuredate2': '2024-08-15', 74 | 'destination1': 'CBR', 75 | 'destination2': 'TPE', 76 | 'dotcomFCOutboundArrivalTime': '2024-08-14T15:40:00', 77 | 'dotcomFCOutboundCorrelationId': 'e1e6aa63-8fec-4f76-b044-b52240f87322', 78 | 'dotcomFCOutboundDepartureTime': '2024-08-13T02:40:00', 79 | 'dotcomFCOutboundFare': '15513.23', 80 | 'dotcomFCOutboundFlightId': '161309528', 81 | 'dotcomFCOutboundIncludeMember': 'False', 82 | 'dotcomFCOutboundMemberArrivalTime': '2024-08-14T15:40:00', 83 | 'dotcomFCOutboundMemberCorrelationId': 'd41a3224-1750-4d5f-8bbe-fe76dbc16eea', 84 | 'dotcomFCOutboundMemberDepartureTime': '2024-08-13T02:40:00', 85 | 'dotcomFCOutboundMemberFare': '0', 86 | 'dotcomFCOutboundMemberFlightId': '161309528', 87 | 'dotcomFCOutboundMemberIncludeMember': 'Only', 88 | 'dotcomFCOutboundMemberPriceShown': 'false', 89 | 'dotcomFCOutboundPriceShown': 'true', 90 | 'dotcomFCPricesHidden': 'false', 91 | 'dotcomFCReturnMemberPriceShown': 'false', 92 | 'dotcomFCReturnPriceShown': 'false', 93 | 'infants': '0', 94 | 'origin1': 'TPE', 95 | 'origin2': 'CBR', 96 | } 97 | 98 | response = session.get( 99 | 'https://booking.jetstar.com/hk/zh/booking/search-flights', 100 | params=params, 101 | headers=headers, 102 | ) 103 | print(response.status_code, response.text) 104 | -------------------------------------------------------------------------------- /www.sephora.com.no.py: -------------------------------------------------------------------------------- 1 | import sys 2 | 3 | sys.path.append(".") 4 | 5 | import random 6 | import re 7 | from curl_cffi import requests 8 | from pynocaptcha import AkamaiV2Cracker, ReCaptchaUniversalCracker, KasadaCtCracker, KasadaCdCracker 9 | from utils import USER_TOKEN, __PROXY__starry_keep 10 | 11 | version = 127 12 | user_agent = random.choice([ 13 | f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36', 14 | # f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 15 | ]) 16 | 17 | proxy = __PROXY__starry_keep() 18 | 19 | session = requests.Session() 20 | session.proxies.update({ 21 | "all": "http://" + proxy 22 | }) 23 | 24 | resp = session.get("https://ipinfo.io/json", headers={ 25 | "user-agent": f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36', 26 | }, timeout=5).json() 27 | 28 | country = resp["country"].lower() 29 | current_ip = resp["ip"] 30 | 31 | print(country, current_ip) 32 | 33 | cracker = AkamaiV2Cracker( 34 | user_token=USER_TOKEN, 35 | href="https://www.sephora.com/", 36 | # 这个东西会变化, 可以不传, 但是传一定要传最新的正确的 37 | # api="https://www.sephora.com/Px5zZo/uDDY/6v/-p3x/hVchxgWqOlM/f13OpGa9aODrY9/FB0BajANQQk/WnR/BcDx-Cms", 38 | user_agent=user_agent, 39 | country=country, 40 | ip=current_ip, 41 | proxy=proxy, 42 | debug=True, 43 | ) 44 | ret = cracker.crack() 45 | if ret: 46 | session.cookies.update(ret) 47 | extra = cracker.extra() 48 | 49 | headers = { 50 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 51 | 'accept-language': extra['accept-language'], 52 | 'priority': 'u=0, i', 53 | 'referer': 'https://www.sephora.com/', 54 | 'sec-ch-ua': extra['sec-ch-ua'], 55 | 'sec-ch-ua-mobile': '?0', 56 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 57 | 'sec-fetch-dest': 'iframe', 58 | 'sec-fetch-mode': 'navigate', 59 | 'sec-fetch-site': 'same-site', 60 | 'sec-fetch-user': '?1', 61 | 'upgrade-insecure-requests': '1', 62 | 'user-agent': extra['user-agent'], 63 | } 64 | 65 | fp_url = 'https://www.sephora.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0' 66 | response = session.get( 67 | fp_url, 68 | headers=headers, 69 | ) 70 | if response.status_code not in [429, 200]: 71 | raise Exception(f"fp status code: {response.status_code}") 72 | 73 | fp_script = response.text 74 | 75 | headers = { 76 | 'accept': '*/*', 77 | 'accept-language': extra['accept-language'], 78 | 'priority': 'u=1', 79 | 'referer': fp_url, 80 | 'sec-ch-ua': extra['sec-ch-ua'], 81 | 'sec-ch-ua-mobile': '?0', 82 | 'sec-fetch-dest': 'script', 83 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 84 | 'sec-fetch-mode': 'no-cors', 85 | 'sec-fetch-site': 'same-origin', 86 | 'user-agent': extra['user-agent'], 87 | } 88 | 89 | uidz = session.cookies.get('ak_bmsc-kp') 90 | im = re.search(r'x-kpsdk-im=(.*?)"', fp_script)[1] 91 | 92 | params = { 93 | 'ak_bmsc-kp': uidz, 94 | 'x-kpsdk-v': 'j-0.0.0', 95 | 'x-kpsdk-im': im, 96 | } 97 | 98 | from urllib.parse import urlencode 99 | 100 | ips_url = 'https://www.sephora.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?' + urlencode( 101 | params) 102 | ips_resp = session.get(ips_url, headers=headers) 103 | 104 | ret = KasadaCtCracker( 105 | user_token=USER_TOKEN, 106 | href='https://www.sephora.com/', 107 | ips_url=ips_url, 108 | ips_script=ips_resp.text, 109 | ips_headers={ 110 | k: v for k, v in ips_resp.headers.items() 111 | }, 112 | user_agent=user_agent, 113 | submit=False, 114 | debug=True, 115 | ).crack() 116 | 117 | headers = { 118 | 'accept': '*/*', 119 | 'accept-language': extra['accept-language'], 120 | 'content-type': 'application/octet-stream', 121 | 'origin': 'https://www.sephora.com', 122 | 'priority': 'u=1, i', 123 | 'referer': fp_url, 124 | 'sec-ch-ua': extra['sec-ch-ua'], 125 | 'sec-ch-ua-mobile': '?0', 126 | 'sec-fetch-dest': 'empty', 127 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 128 | 'sec-fetch-mode': 'cors', 129 | 'sec-fetch-site': 'same-origin', 130 | 'user-agent': extra['user-agent'], 131 | **ret["headers"] 132 | } 133 | import base64 134 | 135 | response = session.post( 136 | 'https://www.sephora.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl', 137 | headers=headers, 138 | data=base64.b64decode(ret["post_data"].encode()), 139 | ) 140 | print(response.status_code, response.text) 141 | if 'reload' not in response.text: 142 | raise Exception("kasada 验证失败") 143 | 144 | kpsdk_ct = response.headers.get('x-kpsdk-ct') 145 | kpsdk_st = int(response.headers.get('x-kpsdk-st')) 146 | kpsdk_cd = KasadaCdCracker( 147 | user_token=USER_TOKEN, 148 | href='https://www.sephora.com/', 149 | st=kpsdk_st, 150 | debug=True, 151 | ).crack()["x-kpsdk-cd"] 152 | 153 | headers = { 154 | 'accept': '*/*', 155 | 'accept-language': extra["accept-language"], 156 | 'content-type': 'text/plain;charset=UTF-8', 157 | 'origin': 'https://www.sephora.com', 158 | 'priority': 'u=1, i', 159 | 'referer': 'https://www.sephora.com/beauty/giftcards', 160 | 'sec-ch-ua': extra['sec-ch-ua'], 161 | 'sec-ch-ua-mobile': '?0', 162 | 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 163 | 'sec-fetch-dest': 'empty', 164 | 'sec-fetch-mode': 'cors', 165 | 'sec-fetch-site': 'same-origin', 166 | 'user-agent': extra["user-agent"], 167 | 'x-kpsdk-cd': kpsdk_cd, 168 | 'x-kpsdk-ct': kpsdk_ct, 169 | 'x-kpsdk-v': 'j-0.0.0', 170 | } 171 | 172 | recaptcha_token = ReCaptchaUniversalCracker( 173 | user_token=USER_TOKEN, 174 | sitekey='6LdPdW0UAAAAAHNh5_q7pTCQS1lxzqmZ8-k3NDvb', 175 | referer="https://www.sephora.com/", 176 | size="invisible", 177 | title='Gift Cards & eGift Cards | Sephora', 178 | debug=True, 179 | ).crack()["token"] 180 | 181 | import json 182 | 183 | data = json.dumps({ 184 | "gcNumber": "6010425892798679", 185 | "gcPin": "41827169", 186 | "captchaToken": recaptcha_token 187 | # "03AFcWeA64nznPWoIWof_zxrvi01PSjkHIkqBPA9EoFNLaxfe5_lg4mj0gdyC7Cu6-pQ_bKF4rgJL35Ej_Uv_DXFjZgIlvYoYVtXheuvq2lg080hYO46Npjh3-PMGoXjJ4AWiLV78_9T_g2B0C9w1hP8lS69a_3EIk_X2ybSWDvL0VMmmHmFfgP03SjRq8Ap0XeDdARVIWbjO2OerrB2uVInnVTz5_LbyyoTX-5BzK9t41TBXGxxj_x_cA1qUigzMMcXQC9Y8P9XOOt5TiUtGgD9DVT3un8sxc4hn4ah1BEsXngkamSQkDA-bdH8iM2GQ2Yrq5mn60TQvEi0dautnL45_uaOhnz1cXRZLTn_0CjlTWxeZ06OV-RUEeEr-RfLxRQnD9UnFhxQ9DPYF5qQClALWJqCikKGgRmCLcp5hlo1ndsZfsGwaSz3FF-f-7bDYDVTUa4hz2tpitgruYJlWAStzZm_UJ5nKUc2FbojhJiXCYF_8GnfLcCExHZ0CRx0bJgTcgige0_he9QhAKAK9HK5bmwZTsvtr7GCUpFRyXJ8LQP85OtL_VEmEbZ0dIwihamcNSS0rn9nqxFwWI332IpAClen2pKmYNJoVSRy50WWLhIQ30E2KgTETDwNFmeoSjT08oiXzX0MsYgL1ntmqXTd4Iqwy6IbtLQdY6pbn1ItvAPndEINI31qcK6V8GjkcpTD3OU_v1qjVwcPuL0QjoFpKwjhpgMmP_p2vKesEJdR6pyRRHPuPZru2hRD1C2mWplprXpEQJkG5u-YWc_0CjwM5HtbS8dRWIE3hglvn6kA64m1aYlQcWjGZw305aer-hzomfMuM1Mm7-1Qb2tumlcLh1WEx_HcPEYj9UL-APNd_nz0J2Vqbz044" 188 | }, separators=(",", ":")) 189 | response = session.post('https://www.sephora.com/api/giftcard/balance', headers=headers, data=data) 190 | print(response.status_code, response.text) 191 | -------------------------------------------------------------------------------- /www.westjet.com.no.py: -------------------------------------------------------------------------------- 1 | import re 2 | import sys 3 | 4 | sys.path.append(".") 5 | 6 | import random 7 | 8 | import vthread 9 | from curl_cffi import requests 10 | from pynocaptcha import ShapeV2Cracker 11 | from utils import __TOKEN__, __PROXY__starry_keep 12 | 13 | 14 | @vthread.pool(3) 15 | def demo(href, request, pkey, script_url=None, script_regexp=None, vmp_url=None, vmp_regexp=None, fast=True, 16 | verifier=None, proxy=None): 17 | version = random.randint(123, 126) 18 | user_agent = f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 19 | 20 | platform = '"macOS"' if 'Mac' in user_agent else '"Windows"' 21 | 22 | impersonates = [ 23 | "chrome116", "chrome119", "chrome120", 24 | "edge99", "edge101", 25 | ] 26 | if platform == '"macOS"': 27 | impersonates += ["safari15_3", "safari15_5", "safari17_0", "safari17_2_ios"] 28 | 29 | impersonate = random.choice(impersonates) 30 | 31 | origin = "/".join(href.split("/")[0:3]) 32 | 33 | session = requests.Session() 34 | session.proxies.update({ 35 | "all": "http://" + proxy 36 | }) 37 | 38 | try: 39 | resp = session.get("https://ipinfo.io/json", headers={ 40 | "user-agent": user_agent, 41 | }, timeout=5).json() 42 | except: 43 | return 44 | 45 | country = resp["country"].lower() 46 | current_ip = resp["ip"] 47 | 48 | headers = { 49 | 'accept': '*/*', 50 | 'accept-language': 'zh-CN,zh;q=0.9', 51 | 'cache-control': 'no-cache', 52 | 'pragma': 'no-cache', 53 | 'priority': 'u=1', 54 | 'referer': href, 55 | # 'sec-ch-ua': client_hints, 56 | 'sec-ch-ua-mobile': '?0', 57 | 'sec-ch-ua-platform': platform, 58 | 'sec-fetch-dest': 'empty', 59 | 'sec-fetch-mode': 'cors', 60 | 'sec-fetch-site': 'same-origin', 61 | 'user-agent': user_agent, 62 | } 63 | 64 | if script_regexp: 65 | html = session.get(href, headers=headers, verify=False).text 66 | script_url = re.search(script_regexp, html)[1] 67 | 68 | if not script_url.startswith('http'): 69 | script_url = origin + script_url 70 | 71 | try: 72 | script = session.get(script_url, headers=headers, verify=False).text 73 | except: 74 | print("初始脚本获取失败") 75 | return 76 | 77 | if not vmp_url: 78 | try: 79 | vmp_url = re.search(vmp_regexp, script)[1] 80 | except: 81 | print('vmp 地址获取失败') 82 | return 83 | 84 | if not vmp_url.startswith('http'): 85 | vmp_url = origin + vmp_url 86 | 87 | try: 88 | vmp_script = session.get(vmp_url, headers=headers, verify=False).text 89 | except: 90 | print("vmp 获取失败") 91 | return 92 | 93 | cracker = ShapeV2Cracker( 94 | user_token=__TOKEN__, 95 | href=href, 96 | request=request, 97 | script_url=script_url, 98 | script_content=script, 99 | vmp_url=vmp_url, 100 | vmp_content=vmp_script, 101 | pkey=pkey, 102 | user_agent=user_agent, 103 | country=country, 104 | ip=current_ip, 105 | fast=fast, 106 | cookies={ 107 | k: v for k, v in session.cookies.items() 108 | }, 109 | debug=True 110 | ) 111 | res = cracker.crack() 112 | # print(res) 113 | 114 | if res: 115 | if verifier: 116 | try: 117 | shape_headers = res[0] 118 | response = verifier(session, cracker.extra()["sec-ch-ua"], platform, user_agent, impersonate, 119 | shape_headers) 120 | if response: 121 | for k, v in shape_headers.items(): 122 | if '-a' in k.lower(): 123 | a_header_value = v 124 | print(version, platform, impersonate, country, len(a_header_value), response.status_code, 125 | response.text.replace('\n', '').replace('\t', '').replace(' ', '')[:50]) 126 | except: 127 | import traceback 128 | traceback.print_exc() 129 | else: 130 | print(res) 131 | 132 | 133 | if __name__ == '__main__': 134 | def westjet_search(session, client_hints, platform, user_agent, impersonate, shape_headers): 135 | headers = { 136 | 'Accept': 'application/json, text/plain, */*', 137 | 'Accept-Language': 'zh-CN,zh;q=0.9', 138 | 'Cache-Control': 'no-cache', 139 | 'Connection': 'keep-alive', 140 | 'Content-Type': 'application/json', 141 | 'Origin': 'https://www.westjet.com', 142 | 'Pragma': 'no-cache', 143 | 'Referer': 'https://www.westjet.com/', 144 | 'Sec-Fetch-Dest': 'empty', 145 | 'Sec-Fetch-Mode': 'cors', 146 | 'Sec-Fetch-Site': 'same-site', 147 | 'User-Agent': user_agent, 148 | **shape_headers, 149 | 'sec-ch-ua': client_hints, 150 | 'sec-ch-ua-mobile': '?0', 151 | 'sec-ch-ua-platform': platform, 152 | } 153 | 154 | json_data = { 155 | 'appSource': 'widgetRT', 156 | 'bookId': '18-6-2024-1-27-23-95292', 157 | 'currency': 'CAD', 158 | 'currentFlightIndex': 1, 159 | 'guests': [ 160 | { 161 | 'type': 'adult', 162 | 'count': '1', 163 | }, 164 | { 165 | 'type': 'child', 166 | 'count': '0', 167 | }, 168 | { 169 | 'type': 'infant', 170 | 'count': '0', 171 | }, 172 | ], 173 | 'showMemberExclusives': False, 174 | 'trips': [ 175 | { 176 | 'order': 1, 177 | 'departure': 'YYC', 178 | 'arrival': 'ORD', 179 | 'departureDate': '2024-07-18', 180 | }, 181 | { 182 | 'order': 2, 183 | 'departure': 'ORD', 184 | 'arrival': 'YYC', 185 | 'departureDate': '2024-07-25', 186 | }, 187 | ], 188 | 'promoCode': '', 189 | } 190 | try: 191 | return session.post('https://apiw.westjet.com/ecomm/booktrip/flight-search-api/v1', headers=headers, 192 | json=json_data, impersonate=impersonate, verify=False) 193 | except: 194 | # import traceback 195 | # traceback.print_exc() 196 | return 197 | 198 | 199 | for _ in range(1): 200 | demo( 201 | href='https://www.westjet.com/shop/flight/0?bookid=18-6-2024-1-27-23-95292&lang=en-CA&urlRef=flight-search-results', 202 | script_url='https://www.westjet.com/resources/js/wj_common.js', 203 | vmp_regexp=r'"(https://www\.westjet\.com/resources/js/wj_common\.js\?seed=.*?)"', 204 | request={ 205 | "url": 'https://apiw.westjet.com/ecomm/booktrip/flight-search-api/v1', 206 | }, 207 | pkey='Lov30h0l', 208 | verifier=westjet_search, 209 | proxy=__PROXY__starry_keep() 210 | ) 211 | -------------------------------------------------------------------------------- /xarctery.com.py: -------------------------------------------------------------------------------- 1 | import sys 2 | 3 | sys.path.append(".") 4 | 5 | import asyncio 6 | import random 7 | import re 8 | 9 | from curl_cffi import requests 10 | from pynocaptcha import KasadaCdCracker, KasadaCtCracker, PerimeterxCracker 11 | 12 | from utils import __TOKEN__ as USER_TOKEN 13 | from utils import __PROXY__idea 14 | 15 | 16 | async def demo(): 17 | version = 127 18 | user_agent = [ 19 | # f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36', 20 | f"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{version}.0.0.0 Safari/537.36" 21 | ] 22 | href = 'https://arcteryx.com/ca/en/shop/mens/beta-lt-jacket-7301' 23 | 24 | proxy = __PROXY__idea 25 | print(proxy) 26 | 27 | session = requests.AsyncSession() 28 | session.proxies.update({ 29 | "all": proxy 30 | }) 31 | 32 | try: 33 | resp = (await session.get("https://ipinfo.io/json", headers={ 34 | "user-agent": f'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36', 35 | }, timeout=5)).json() 36 | except: 37 | return 38 | 39 | country = resp["country"].lower() 40 | current_ip = resp["ip"] 41 | print(country, current_ip) 42 | # 43 | # px_cracker = PerimeterxCracker( 44 | # user_token=USER_TOKEN, 45 | # app_id='PX943r4Fb8', 46 | # href=href, 47 | # proxy=proxy, 48 | # user_agent=user_agent, 49 | # country=country, 50 | # ip=current_ip, 51 | # debug=True, 52 | # ) 53 | # px_ret = px_cracker.crack() 54 | # 55 | # extra = px_cracker.extra() 56 | # 57 | # cookies = px_ret["cookies"] 58 | # session.cookies.update(cookies) 59 | 60 | headers = { 61 | 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 62 | # 'accept-language': extra["accept-language"], 63 | 'priority': 'u=0, i', 64 | 'referer': 'https://arcteryx.com/', 65 | # 'sec-ch-ua': extra["sec-ch-ua"], 66 | 'sec-ch-ua-mobile': '?0', 67 | 'sec-fetch-dest': 'iframe', 68 | # 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 69 | 'sec-fetch-mode': 'navigate', 70 | 'sec-fetch-site': 'same-site', 71 | 'upgrade-insecure-requests': '1', 72 | 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.3', 73 | } 74 | 75 | response = await session.get( 76 | 'https://mcprod.arcteryx.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0', 77 | headers=headers, 78 | ) 79 | if response.status_code not in [429, 200]: 80 | raise Exception(f"fp status code: {response.status_code}") 81 | 82 | fp_script = response.text 83 | 84 | headers = { 85 | 'accept': '*/*', 86 | # 'accept-language': extra["accept-language"], 87 | 'priority': 'u=1', 88 | 'referer': 'https://mcprod.arcteryx.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0', 89 | # 'sec-ch-ua': extra["sec-ch-ua"], 90 | 'sec-ch-ua-mobile': '?0', 91 | 'sec-fetch-dest': 'script', 92 | # 'sec-ch-ua-platform': extra['sec-ch-ua-platform'], 93 | 'sec-fetch-mode': 'no-cors', 94 | 'sec-fetch-site': 'same-origin', 95 | 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.3', 96 | } 97 | 98 | uidz = session.cookies.get('KP_UIDz') 99 | im = re.search(r'x-kpsdk-im=(.*?)"', fp_script)[1] 100 | 101 | params = { 102 | 'KP_UIDz': uidz, 103 | 'x-kpsdk-v': 'j-0.0.0', 104 | 'x-kpsdk-im': im, 105 | } 106 | 107 | from urllib.parse import urlencode 108 | ips_url = 'https://mcprod.arcteryx.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?' + urlencode( 109 | params) 110 | ips_resp = await session.get(ips_url, headers=headers) 111 | 112 | cracker = KasadaCtCracker( 113 | user_token=USER_TOKEN, 114 | href=href, 115 | ips_url=ips_url, 116 | ips_script=ips_resp.text, 117 | ips_headers={ 118 | k: v for k, v in ips_resp.headers.items() 119 | }, 120 | country=country, 121 | ip=current_ip, 122 | user_agent=user_agent, 123 | cookies={ 124 | k: v for k, v in response.cookies.items() 125 | }, 126 | submit=False, 127 | debug=True, 128 | auth=True 129 | ) 130 | ret = cracker.crack() 131 | 132 | # if "post_data" in ret: 133 | # headers = { 134 | # 'accept': '*/*', 135 | # 'accept-language': extra["accept-language"], 136 | # 'content-type': 'application/octet-stream', 137 | # 'origin': 'https://mcprod.arcteryx.com', 138 | # 'priority': 'u=1, i', 139 | # 'referer': 'https://mcprod.arcteryx.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0', 140 | # 'sec-ch-ua': extra["sec-ch-ua"], 141 | # 'sec-ch-ua-mobile': '?0', 142 | # 'sec-fetch-dest': 'empty', 143 | # 'sec-ch-ua-platform': extra["sec-ch-ua-platform"], 144 | # 'sec-fetch-mode': 'cors', 145 | # 'sec-fetch-site': 'same-origin', 146 | # 'user-agent': extra["user-agent"], 147 | # **ret["headers"] 148 | # } 149 | # import base64 150 | # response = await session.post( 151 | # 'https://mcprod.arcteryx.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl', 152 | # headers=headers, 153 | # data=base64.b64decode(ret["post_data"].encode()), 154 | # ) 155 | # print(response.status_code, response.text) 156 | # 157 | # if 'reload' not in response.text: 158 | # raise Exception('kasada 验证失败') 159 | # 160 | # kpsdk_ct = response.headers.get('x-kpsdk-ct') 161 | # kpsdk_st = int(response.headers.get('x-kpsdk-st')) 162 | # kpsdk_cd = KasadaCdCracker( 163 | # user_token=USER_TOKEN, 164 | # href=href, 165 | # st=kpsdk_st, 166 | # debug=True, 167 | # ).crack()["x-kpsdk-cd"] 168 | # else: 169 | # kpsdk_ct = ret['x-kpsdk-ct'] 170 | # kpsdk_st = int(ret['x-kpsdk-st']) 171 | # kpsdk_cd = ret['x-kpsdk-cd'] 172 | # 173 | # headers = { 174 | # 'accept': '*/*', 175 | # 'accept-language': extra["accept-language"], 176 | # 'content-type': 'application/json', 177 | # 'origin': 'https://arcteryx.com', 178 | # 'referer': 'https://arcteryx.com/', 179 | # 'sec-ch-ua': extra["sec-ch-ua"], 180 | # 'sec-ch-ua-mobile': '?0', 181 | # 'sec-fetch-dest': 'empty', 182 | # 'sec-ch-ua-platform': extra["sec-ch-ua-platform"], 183 | # 'sec-fetch-mode': 'cors', 184 | # 'sec-fetch-site': 'same-site', 185 | # 'store': 'arcteryx_en', 186 | # 'user-agent': extra["user-agent"], 187 | # 'x-country-code': 'ca', 188 | # 'x-is-checkout': 'false', 189 | # 'x-jwt': '', 190 | # 'x-kpsdk-ct': kpsdk_ct, 191 | # 'x-kpsdk-cd': kpsdk_cd, 192 | # 'x-kpsdk-v': "j-0.0.0", 193 | # 'x-px-cookie': '_px2=' + px_ret["cookies"]["_px2"] 194 | # } 195 | # 196 | # json_data = { 197 | # 'query': 'query gqlGetProductInventoryBySkus($productSkus: [String!]) { products(filter: { sku: { in: $productSkus } }, pageSize: 500) { items { name sku ...on ConfigurableProduct { variants { product { sku quantity_available } } } } } }', 198 | # 'variables': { 199 | # 'productSkus': [ 200 | # 'X000007301', 201 | # ], 202 | # }, 203 | # } 204 | # 205 | # response = await session.post('https://mcprod.arcteryx.com/graphql', headers=headers, json=json_data) 206 | # 207 | # if response.status_code == 429: 208 | # print('kasada 验证失败') 209 | # return 210 | # elif response.status_code == 403: 211 | # print('触发 px 验证码') 212 | # captcha = response.json() 213 | # 214 | # captcha.update({ 215 | # "modal": True, 216 | # "blockedUrl": 'https://mcprod.arcteryx.com/graphql' 217 | # }) 218 | # px_ret = PerimeterxCracker( 219 | # user_token=USER_TOKEN, 220 | # href=href, 221 | # proxy=proxy, 222 | # cookies={ 223 | # k: v for k, v in session.cookies.items() if "px" in k 224 | # }, 225 | # did=extra["did"], 226 | # captcha=captcha, 227 | # timeout=120 228 | # ).crack() 229 | # 230 | # print(px_ret) 231 | # headers.update({ 232 | # 'x-px-cookie': '_px2=' + px_ret["cookies"]["_px2"] 233 | # }) 234 | # session.cookies.update(px_ret["cookies"]) 235 | # 236 | # response = await session.post('https://mcprod.arcteryx.com/graphql', headers=headers, json=json_data) 237 | # print(response.status_code, response.text) 238 | # 239 | # if response.status_code == 429: 240 | # print('kasada 验证失败') 241 | # else: 242 | # print(response.status_code, response.text) 243 | # if response.text == '': 244 | # return 245 | # 246 | # kpsdk_cd = KasadaCdCracker( 247 | # user_token=USER_TOKEN, 248 | # href=href, 249 | # st=kpsdk_st, 250 | # debug=True, 251 | # ).crack()["x-kpsdk-cd"] 252 | # headers.update({ 253 | # 'x-kpsdk-cd': kpsdk_cd, 254 | # }) 255 | # response = await session.post('https://mcprod.arcteryx.com/graphql', headers=headers, 256 | # data='{"query":"mutation createEmptyCart { createEmptyCart }","variables":{}}', 257 | # ) 258 | # print(response.status_code, response.text) 259 | # 260 | # if response.status_code == 403: 261 | # print('触发 px 验证码') 262 | # captcha = response.json() 263 | # 264 | # captcha.update({ 265 | # "modal": True, 266 | # "blockedUrl": 'https://mcprod.arcteryx.com/graphql' 267 | # }) 268 | # px_ret = PerimeterxCracker( 269 | # user_token=USER_TOKEN, 270 | # href=href, 271 | # proxy=proxy, 272 | # cookies={ 273 | # k: v for k, v in session.cookies.items() if "px" in k 274 | # }, 275 | # did=extra["did"], 276 | # captcha=captcha, 277 | # timeout=120, 278 | # debug=True 279 | # ).crack() 280 | # 281 | # print(px_ret) 282 | # headers.update({ 283 | # 'x-px-cookie': '_px2=' + px_ret["cookies"]["_px2"] 284 | # }) 285 | # session.cookies.update(px_ret["cookies"]) 286 | # 287 | # response = await session.post('https://mcprod.arcteryx.com/graphql', headers=headers, json=json_data) 288 | # print(response.status_code, response.text) 289 | # 290 | # await session.close() 291 | # 292 | # return response.status_code == 200 and response.text != '' 293 | 294 | 295 | async def main(num): 296 | return await asyncio.gather(*[demo() for _ in range(num)]) 297 | 298 | 299 | if __name__ == '__main__': 300 | 301 | import asyncio 302 | 303 | for _ in range(1): 304 | res = asyncio.run(main(1)) 305 | if not any(res): 306 | break 307 | --------------------------------------------------------------------------------