gaolei
/
api_py
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
算法暴露接口(xhs、dy、ks、wx、hnw)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
459 KiB
Tree: 8441f09ae5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8441f09ae5'
${ noResults }
api_py/xhs/shield.py

132 lines
4.8 KiB
Raw Normal View History

initial
7 months ago
  1. import base64
  3. from xhs.shield_aes import get_key
  4. from xhs.shield_md5 import md5sum
  5. from xhs.shield_rc4 import RC4
  8. def hex_string(num, step=2):
  9. """
  10. step
  11. """
  12. tmp_string = hex(num)[2:]
  14. if len(tmp_string) < step:
  15. tmp_string = '0' + tmp_string
  17. return tmp_string
  20. def expand_keys(keys, m):
  21. md5_str1_list = [hex_string(int(keys[i] + keys[i + 1], 16) ^ m) for i in range(0, len(keys), 2)]
  22. md5_str1 = "".join(md5_str1_list)
  23. return md5_str1
  26. def char2hex(char):
  27. return hex_string(ord(char))
  30. def get_md5(keys, params):
  31. """
  32. hmac
  33. :param keys:
  34. :param params:
  35. :return:
  36. """
  38. # 拓展key1 0x36
  39. md5_str1 = expand_keys(keys, 54)
  40. # 拓展key2 0x5c
  41. md5_str2 = expand_keys(keys, 92)
  43. data = bytes.fromhex(md5_str1) + params.encode("utf-8")
  44. md1 = md5sum(data)
  46. data1 = bytes.fromhex(md5_str2 + md1)
  47. md2 = md5sum(data1) # 获得最终结果
  49. return md2
  52. def get_rc4(params):
  53. """
  54. rc4运算
  55. :param params:
  56. :return:
  57. """
  58. key = "std::abort();"
  59. result = RC4(key.encode("utf-8"), bytes.fromhex(params))
  60. return result.hex()
  63. def get_shield(keys, params, deviceId):
  64. """
  65. shield生成核心部分
  66. app_id
  67. :param keys:
  68. :param params:
  69. :param deviceId:
  70. :return:
  71. """
  72. version = "6970181"
  73. app_id = "ecfaaf01"
  74. p7 = "".join([char2hex(m) for m in version])
  75. p8 = "".join([char2hex(m) for m in deviceId])
  76. p9 = get_md5(keys, params) # 魔改md5 16位md5
  77. rc4_plaintext = f"00000001{app_id}00000002000000{hex_string(len(version))}000000{hex_string(len(deviceId))}000000{hex_string(len(p9) // 2)}{p7}{p8}{p9}"
  78. result = get_rc4(rc4_plaintext)
  79. _tmp = len(version) + len(deviceId) + len(p9) // 2 + 24
  80. tmp = f"0000000100000001000000{hex_string(_tmp)}000000{hex_string(_tmp)}" # 固定 0x53是上述 几个固定的值算出来的
  81. _shield = "XY" + base64.b64encode(bytes.fromhex(tmp + result)).decode()
  82. return _shield
  85. def shield(node_id, xy_common_params, xy_platform_info):
  86. """
  88. """
  89. # 设备一
  90. deviceId = "2fe75062-a528-3340-bed3-220a67f7f240"
  91. keys = "aa82da57410dddd5b2860e534f7c0602f589c20ec8e8830baa239360c89cce62bdc304d8a1aa988d620917dbefc2a1154692fad24294f4419ea19c7dc069897b"
  93. api = "/api/sns/v1/note/feed"
  94. param = f"note_id={node_id}&page=1&num=5&fetch_mode=1&source=&ads_track_id="
  95. plaintext = api + param + xy_common_params + xy_platform_info
  96. return get_shield(keys, plaintext, deviceId)
  99. def shield_run(url, keys, xy_common_params, deviceId, api="/api/sns/v1/note/feed"):
  100. """
  102. :param url:
  103. :param keys: hmac_main
  104. :param xy_common_params: header中字段
  105. :param deviceId:
  106. :param api: feed流接口
  107. :return:
  108. """
  109. param = url[url.index("?") + 1:]
  110. xy_platform_info = f"platform=android&build=6970181&deviceId={deviceId}"
  111. plaintext = api + param + xy_common_params + xy_platform_info
  112. # print(plaintext)
  113. return get_shield(keys, plaintext, deviceId)
  116. if __name__ == '__main__':
  117. # 先获得 main_hmac 处理后的key
  118. # XYAAAAAQAAAAEAAABTAAAAUzUWEe0xG1IbD9/c+qCLOlKGmTtFa+lG43AHe+FXTKxDxI2yn7IxH534qbVaz8N7icV+2KNmRAwcQDSAZrqn3SpjhOCLuaGTuDRgbpA0sNhU/xUP 结果
  119. # XYAAAAAQAAAAEAAABTAAAAUzUWEe0xG1IbD9/c+qCLOlKGmTtFa+lG43AHe+FXTKxDxI2yn7IxH534qbVaz8N7icV+2KNmRAwcQDSAZrqn3SpjhOCLuaGTuDRgbpA0sNhU/xUP
  120. # keys = "aa82da57410dddd5b2860e534f7c0602f589c20ec8e8830baa239360c89cce62bdc304d8a1aa988d620917dbefc2a1154692fad24294f4419ea19c7dc069897b"
  121. # get_shield(keys)
  122. url = "https://edith.xiaohongshu.com/api/sns/v1/note/feed?note_id=66ceeabe000000001d03b546&page=1&num=5&fetch_mode=1&source=&ads_track_id="
  124. hmac = "NqLx0YFKNb4KraYq524SgzVpepYQ0SwhZLRs7eyxe6A26c/b1b+d6OU2LfAPwh8zpt3fkR/jsR5yzVzIqXe66EWhGJ8iWV36KKSIz0mVt436sTqt3eUYUZwb5TzpSYDa"
  125. deviceId = "119214fc-0fe5-3ae8-91dd-baa821c11324"
  126. xy_platform_info = "platform=android&build=6970181&deviceId=119214fc-0fe5-3ae8-91dd-baa821c11324"
  127. xy_common_params = "fid=1721639154103483c0daaace2ca9266cba37ac9fe114&device_fingerprint=202407221758192809006e7e334e46628620f6768bcf3b0153b1977b9f6cd6&device_fingerprint1=202407221758192809006e7e334e46628620f6768bcf3b0153b1977b9f6cd6&cpu_name=Qualcomm+Technologies%2C+Inc+SM8150&device_model=phone&launch_id=1727578036&tz=Asia%2FShanghai&channel=CPA-3DSP-N3-ZSKJ&versionName=6.97.0.1&overseas_channel=0&deviceId=119214fc-0fe5-3ae8-91dd-baa821c11324&platform=android&sid=session.1721639201142076381131&identifier_flag=4&t=1727590998&project_id=ECFAAF&build=6970181&lang=zh-Hans&app_id=ECFAAF01&uis=dark&teenager=0"
  129. keys = get_key(deviceId, hmac)
  131. result = sheild_run(url, keys, xy_common_params, deviceId)
  132. print(result)