├── img.png ├── README.md ├── socket_message.py ├── shield-518.py ├── shield-630.py └── shield-660.py /img.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bluehock/shield/HEAD/img.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # shield 2 | 3 | ![图1](https://github.com/bluehock/shield/blob/master/img.png?raw=true) 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /socket_message.py: -------------------------------------------------------------------------------- 1 | # coding=utf-8 2 | import requests 3 | import json 4 | import time 5 | import socket 6 | import base64 7 | import socks 8 | 9 | base_url = "http://127.0.0.1:18080" 10 | # proxies = {"http": "127.0.0.1:8888", "https": "127.0.0.1:8888"} 11 | proxies = None 12 | 13 | 14 | class XhsSocketClient: 15 | def __init__(self): 16 | self.client = None 17 | 18 | def connect(self): 19 | if self.client is not None: 20 | return 21 | HOST = 'apppush.xiaohongshu.com' 22 | PORT = 5333 23 | socket.socket = socks.socksocket 24 | self.client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 25 | self.client.connect((HOST, PORT)) 26 | 27 | def send(self, based64ed): 28 | if self.client is None: 29 | self.connect() 30 | content = base64.b64decode(based64ed) 31 | user_input = content 32 | print content 33 | print "================= sent ==========================" 34 | self.client.sendall(user_input) 35 | 36 | def close(self): 37 | if self.client is not None: 38 | self.client.close() 39 | print "================= close ==========================" 40 | 41 | def __del__(self): 42 | self.close() 43 | 44 | 45 | def test(): 46 | url = base_url + "/s/login" 47 | params = { 48 | "uid": "60ddb0d10000000001015f01", 49 | "sid": "session.1594515706332388740313", 50 | "deviceId": "353CE2F-0131-474E-A093-DF39D12E4515", 51 | "fingerprint": "202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883", 52 | 53 | } 54 | text = requests.get(url, params=params, proxies=proxies).json() 55 | 56 | print json.dumps(text, ensure_ascii=False) 57 | 58 | client = XhsSocketClient() 59 | client.connect() 60 | client.send(text.get("data").get("body")) 61 | 62 | url = base_url + "/s/send" 63 | params = { 64 | "receiver": "9f775f5f3cf7000000000100", 65 | "sender": "60ddb0d10000000001015f01", 66 | "content": "hi", 67 | } 68 | 69 | text = requests.get(url, params=params, proxies=proxies).json() 70 | client.send(text.get("data").get("body")) 71 | 72 | print json.dumps(text, ensure_ascii=False) 73 | 74 | 75 | if __name__ == '__main__': 76 | test() 77 | -------------------------------------------------------------------------------- /shield-518.py: -------------------------------------------------------------------------------- 1 | # coding=utf-8 2 | import requests 3 | import json 4 | 5 | # proxies = {"http": "127.0.0.1:8888", "https": "127.0.0.1:8888"} 6 | proxies = None 7 | 8 | ENCRYPT_HOST = "" 9 | ENCRYPT_URL = ENCRYPT_HOST + "/518" 10 | RID_URL = ENCRYPT_HOST + "/rid" 11 | 12 | USER_AGENT = "Dalvik/2.1.0 (Linux; U; Android 5.0.2; Samsung Note3 Build/LMY47X) Resolution/1080*1920 Version/5.18.0 Build/5180007 Device/(samsung;Samsung Note3)" 13 | 14 | 15 | def test_get(): 16 | data = { 17 | "url": "https://www.xiaohongshu.com/api/sns/v6/homefeed?deviceId=353CE2F-0131-474E-A093-DF39D12E4515&platform=android&sid=session.1593665994331207470119&oid=homefeed_recommend&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883", 18 | } 19 | 20 | ret = requests.post(ENCRYPT_URL, data=data, proxies=proxies).json() 21 | if ret["code"] == 1000: 22 | header = { 23 | "User-Agent": USER_AGENT, 24 | "shield": ret["data"]["shield"] 25 | } 26 | url = ret["data"]["url"] 27 | ret = requests.get(url, headers=header, proxies=proxies, verify=False).json() 28 | print json.dumps(ret, ensure_ascii=False) 29 | else: 30 | print json.dumps(ret, ensure_ascii=False) 31 | 32 | 33 | def test_post_rid(rid): 34 | url = "https://www.xiaohongshu.com/api/sns/v1/system_service/slide_captcha_check" 35 | 36 | data = { 37 | "url": url, 38 | "body": "from=native&pass=true&rid=" + rid + "&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&identifier_flag=0&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&uis=light&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&versionName=5.18.0&platform=android&sid=session.1593665994331207470119&t=1600185507&x_trace_page_current=login_full_screen_pwd_page&lang=zh-Hans&channel=BaiduPinzhuan" 39 | } 40 | ret = requests.post(ENCRYPT_URL, data=data, proxies=proxies).json() 41 | 42 | if ret["code"] == 1000: 43 | header = { 44 | "User-Agent": USER_AGENT, 45 | "shield": ret["data"]["shield"], 46 | "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", 'Connection': 'close' 47 | } 48 | 49 | body = ret["data"]["body"] 50 | ret = requests.post(url, data=body, headers=header, proxies=proxies, verify=False).json() 51 | 52 | print json.dumps(ret, ensure_ascii=False) 53 | 54 | else: 55 | print json.dumps(ret, ensure_ascii=False) 56 | 57 | 58 | def test_post(): 59 | url = "https://www.xiaohongshu.com/api/sns/v1/note/collect" 60 | body = "board_id=5ee61000000000000102f11d&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&lang=zh¬e_id=5ee369b4000000000100772a&platform=android&sid=session.1593665994331207470119&sign=e99c45fe4d81b98fc5f3ebd7f89dc781&t=1592224068" 61 | 62 | data = { 63 | "url": url, 64 | "body": body 65 | } 66 | 67 | ret = requests.post(ENCRYPT_URL, data=data, proxies=None, verify=False).json() 68 | 69 | if ret["code"] == 1000: 70 | header = { 71 | "User-Agent": USER_AGENT, 72 | "shield": ret["data"]["shield"], 73 | "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", 'Connection': 'close' 74 | } 75 | body = ret["data"]["body"] 76 | ret = requests.post(url, data=body, headers=header, proxies=proxies, verify=False).json() 77 | 78 | print json.dumps(ret, ensure_ascii=False) 79 | 80 | else: 81 | print json.dumps(ret, ensure_ascii=False) 82 | 83 | 84 | def rid(): 85 | url = RID_URL 86 | ret = requests.get(url, proxies=proxies, verify=False).json() 87 | print json.dumps(ret, ensure_ascii=False) 88 | rid = ret["data"]["rid"] 89 | print rid 90 | test_post_rid(rid) 91 | 92 | 93 | if __name__ == '__main__': 94 | # test_get() 95 | test_post() 96 | -------------------------------------------------------------------------------- /shield-630.py: -------------------------------------------------------------------------------- 1 | # coding=utf-8 2 | import requests 3 | import json 4 | 5 | # proxies = {"http": "127.0.0.1:8888", "https": "127.0.0.1:8888"} 6 | proxies = None 7 | 8 | ENCRYPT_HOST = "http://127.0.0.1" 9 | ENCRYPT_URL = ENCRYPT_HOST + "/630" 10 | RID_URL = ENCRYPT_HOST + "/rid" 11 | 12 | USER_AGENT = "Dalvik/2.1.0 (Linux; U; Android 5.0.2; Samsung Note3 Build/LMY47X) Resolution/1080*1920 Version/6.30.0 Build/6300132 Device/(samsung;Samsung Note3)" 13 | 14 | 15 | def test_get(): 16 | xy_platform_info = "platform=android&build=6300132&deviceId=353CE2F-0131-474E-A093-DF39D12E4515" 17 | xy_common_params = "platform=android&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&versionName=6.30.0&channel=Store360&sid=session.1585660985001435804941&t=1592219866&uis=light&identifier_flag=2" 18 | data = { 19 | "url": "https://www.xiaohongshu.com/api/sns/v6/homefeed?deviceId=353CE2F-0131-474E-A093-DF39D12E4515&platform=android&sid=session.1593665994331207470119&oid=homefeed_recommend&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883", 20 | "xy-platform-info": xy_platform_info, 21 | "xy-common-params": xy_common_params} 22 | 23 | ret = requests.post(ENCRYPT_URL, data=data, proxies=proxies).json() 24 | if ret["code"] == 1000: 25 | header = { 26 | "User-Agent": USER_AGENT, 27 | "xy-platform-info": xy_platform_info, 28 | "xy-common-params": xy_common_params, 29 | "shield": ret["data"]["shield"] 30 | } 31 | url = ret["data"]["url"] 32 | ret = requests.get(url, headers=header, proxies=proxies, verify=False).json() 33 | print json.dumps(ret, ensure_ascii=False) 34 | else: 35 | print json.dumps(ret, ensure_ascii=False) 36 | 37 | 38 | def test_post_rid(rid): 39 | url = "https://www.xiaohongshu.com/api/sns/v1/system_service/slide_captcha_check" 40 | xy_platform_info = "platform=android&build=6300132&deviceId=353CE2F-0131-474E-A093-DF39D12E4515" 41 | xy_common_params = "platform=android&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&versionName=6.30.0&channel=Store360&sid=session.1593665994331207470119&t=1592219866&uis=light&identifier_flag=2" 42 | 43 | data = { 44 | "url": url, 45 | "xy-platform-info": xy_platform_info, 46 | "xy-common-params": xy_common_params, 47 | "body": "from=native&pass=true&rid=" + rid + "&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&identifier_flag=0&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&uis=light&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&versionName=6.30.0&platform=android&sid=session.1593665994331207470119&t=1600185507&x_trace_page_current=login_full_screen_pwd_page&lang=zh-Hans&channel=BaiduPinzhuan" 48 | } 49 | ret = requests.post(ENCRYPT_URL, data=data, proxies=proxies).json() 50 | 51 | if ret["code"] == 1000: 52 | header = { 53 | "User-Agent": USER_AGENT, 54 | "xy-platform-info": xy_platform_info, 55 | "xy-common-params": xy_common_params, 56 | "shield": ret["data"]["shield"], 57 | "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", 'Connection': 'close' 58 | } 59 | 60 | body = ret["data"]["body"] 61 | ret = requests.post(url, data=body, headers=header, proxies=proxies, verify=False).json() 62 | 63 | print json.dumps(ret, ensure_ascii=False) 64 | 65 | else: 66 | print json.dumps(ret, ensure_ascii=False) 67 | 68 | 69 | def rid(): 70 | ret = requests.get(RID_URL, proxies=proxies, verify=False).json() 71 | print json.dumps(ret, ensure_ascii=False) 72 | rid = ret["data"]["rid"] 73 | # test_post_encoded(rid) 74 | print rid 75 | test_post_rid(rid) 76 | 77 | 78 | if __name__ == '__main__': 79 | test_get() 80 | rid() 81 | test_get() 82 | 83 | # test_post_encoded() 84 | -------------------------------------------------------------------------------- /shield-660.py: -------------------------------------------------------------------------------- 1 | # coding=utf-8 2 | import requests 3 | import json 4 | 5 | ENCRYPT_HOST = "http://127.0.0.1" 6 | ENCRYPT_URL = ENCRYPT_HOST + "/660" 7 | 8 | # proxies = {"http": "127.0.0.1:8888", "https": "127.0.0.1:8888"} 9 | proxies = None 10 | 11 | USER_AGENT = "Dalvik/2.1.0 (Linux; U; Android 5.0.2; Samsung Note3 Build/LMY47X) Resolution/1080*1920 Version/6.60.0 Build/6600125 Device/(samsung;Samsung Note3)" 12 | 13 | xy_common_params = "platform=android&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&version=6.60&build=6600125&t=1592222248&identifier_flag=1&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&sid=session.1593665994331207470119" 14 | xy_platform_info = "platform=android&version=6.60&build=6600125&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&bundle=com.xingin.discover" 15 | 16 | 17 | def get_ter_str(): 18 | url = "https://www.xiaohongshu.com/api/sns/v3/user/me?deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&lang=zh&platform=android&sid=session.1593665994331207470119&t=1592222248" 19 | header = { 20 | "User-Agent": USER_AGENT, 21 | "xy-common-params": "platform=android&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&version=6.60&build=6600125&t=1592222248&identifier_flag=1&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&sid=session.1593665994331207470119", 22 | "xy-platform-info": "platform=android&version=6.60&build=6600125&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&bundle=com.xingin.discover", 23 | "shield": "" 24 | } 25 | 26 | response = requests.get(url, headers=header, proxies=proxies, verify=False) 27 | 28 | xy_ter_str = response.headers["xy-ter-str"] 29 | return xy_ter_str 30 | # ret = res.json() 31 | # print json.dumps(ret, ensure_ascii=False) 32 | 33 | 34 | def test_get(xy_ter_str): 35 | url = "https://www.xiaohongshu.com/api/sns/v3/user/me?deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&lang=zh&platform=android&sid=session.1593665994331207470119&t=1592222248" 36 | data = { 37 | "url": url, 38 | "xy-common-params": xy_common_params, 39 | "xy-platform-info": xy_platform_info, 40 | "xy-ter-str": xy_ter_str, 41 | "body": "" # GET 请求不需要 body 参数 42 | } 43 | 44 | ret = requests.post(ENCRYPT_URL, data=data, proxies=proxies).json() 45 | if ret["code"] == 1000: 46 | header = { 47 | "User-Agent": USER_AGENT, 48 | "xy-common-params": xy_common_params, 49 | "xy-platform-info": xy_platform_info, 50 | "shield": ret["data"]["shield"] 51 | } 52 | ret = requests.get(url, headers=header, proxies=proxies, verify=False).json() 53 | print json.dumps(ret, ensure_ascii=False) 54 | else: 55 | print json.dumps(ret, ensure_ascii=False) 56 | 57 | 58 | def test_post(xy_ter_str): 59 | url = "https://www.xiaohongshu.com/api/sns/v4/user/login/password" 60 | body = "password=14f6099edf2cc94cb206710c716260ec&deviceId=353CE2F-0131-474E-A093-DF39D12E4515&device_fingerprint=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&device_fingerprint1=202006261454019d1b1a0db8172b59cbe25925c1c3900001ab4b27b14c4883&fid=1595172589-0-0-2de0b0d2666328142e712e63c19fad35&lang=zh¬e_id=5ee369b4000000000100772a&platform=android&sid=session.1593665994331207470119&t=1592224068" 61 | 62 | data = { 63 | "url": url, 64 | "xy-common-params": xy_common_params, 65 | "xy-platform-info": xy_platform_info, 66 | "xy-ter-str": xy_ter_str, 67 | "body": body # POST 请求需要 body 参数 68 | } 69 | 70 | ret = requests.post(ENCRYPT_URL, data=data, proxies=None, verify=False).json() 71 | 72 | if ret["code"] == 1000: 73 | header = { 74 | "User-Agent": USER_AGENT, 75 | "xy-common-params": xy_common_params, 76 | "xy-platform-info": xy_platform_info, 77 | "shield": ret["data"]["shield"], 78 | "content-type": "application/x-www-form-urlencoded" 79 | } 80 | ret = requests.post(url, data=body, headers=header, proxies=proxies, verify=False).json() 81 | 82 | print json.dumps(ret, ensure_ascii=False) 83 | 84 | else: 85 | print json.dumps(ret, ensure_ascii=False) 86 | 87 | 88 | if __name__ == '__main__': 89 | xy_ter_str = get_ter_str() 90 | test_get(xy_ter_str) 91 | # test_post(xy_ter_str) 92 | # me() 93 | --------------------------------------------------------------------------------