有道翻译破解案例(post)

目标

破解有道翻译接口，抓取翻译结果

结果展示
请输入要翻译的词语: elephant
翻译结果: 大象

请输入要翻译的词语: 喵喵叫
翻译结果: mews

实现步骤

1、浏览器F12开启网络抓包,Network-All,页面翻译单词后找Form表单数据
2、在页面中多翻译几个单词，观察Form表单数据变化（有数据是加密字符串）
3、刷新有道翻译页面，抓取并分析JS代码（本地JS加密）
4、找到JS加密算法，用Python按同样方式加密生成加密数据
5、将Form表单数据处理为字典，通过requests.post()的data参数发送

具体实现

1、开启F12抓包，找到Form表单数据如下:

i: 喵喵叫
from: AUTO
to: AUTO
smartresult: dict
client: fanyideskweb
salt: 15614112641250 # 加盐
sign: 94008208919faa19bd531acde36aac5d # 签名
ts: 1561411264125
bv: f4d62a2579ebb44874d7ef93ba47e822
doctype: json
version: 2.1
keyfrom: fanyi.web
action: FY_BY_REALTlME
2、在页面中多翻译几个单词，观察Form表单数据变化

salt: 15614112641250
sign: 94008208919faa19bd531acde36aac5d
ts: 1561411264125
bv: f4d62a2579ebb44874d7ef93ba47e822

但是bv的值不变
3、一般为本地js文件加密，刷新页面，找到js文件并分析JS代码

方法1
Network - JS选项 - 搜索关键词salt

方法2
控制台右上角 - Search - 搜索salt - 查看文件 - 格式化输出

最终找到相关JS文件 : fanyi.min.js
4、打开JS文件，分析加密算法，用Python实现

ts : 经过分析为13位的时间戳，字符串类型
js代码实现: “” + (new Date).getTime()
python实现: str(int(time.time()*1000))

salt
js代码实现: r+parseInt(10 * Math.random(), 10);
python实现: ts + str(random.randint(0,9))

sign（设置断点调试，来查看 e 的值，发现 e 为要翻译的单词）在js代码最前面点击一下
js代码实现: n.md5(“fanyideskweb” + e + salt + “n%A-rKaT5fb[Gy?;N5@Tj”)
python实现:
from hashlib import md5
s = md5()
s.update(“fanyideskweb” + e + salt + “n%A-rKaT5fb[Gy?;N5@Tj”.encode())
sign = s.hexdigest()

5、代码实现

import requests
import time
from hashlib import md5
import random

获取相关加密算法的结果

def get_salt_sign_ts(word):

# salt
salt = str(int(time.time()*1000)) + str(random.randint(0,9))
# sign
string = "fanyideskweb" + word + salt + "n%A-rKaT5fb[Gy?;N5@Tj"
s = md5()
s.update(string.encode())
sign = s.hexdigest()
# ts
ts = str(int(time.time()*1000))
return salt,sign,ts

攻克有道

def attack_yd(word):

salt,sign,ts = get_salt_sign_ts(word)
# url为抓包抓到的地址 F12 -> translate_o -> post
url = 'http://fanyi.youdao.com/translate_o?smartresult=dict&smartresult=rule'
headers = { 
    "Accept": "application/json, text/javascript, */*; q=0.01",
    "Accept-Encoding": "gzip, deflate",
    "Accept-Language": "zh-CN,zh;q=0.9",
    "Connection": "keep-alive",
    "Content-Length": "238",
    "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
    "Cookie": "OUTFOX_SEARCH_USER_ID=-1449945727@10.169.0.82; OUTFOX_SEARCH_USER_ID_NCOO=1492587933.976261; JSESSIONID=aaa5_Lj5jzfQZ_IPPuaSw; ___rl__test__cookies=1559193524685",
    "Host": "fanyi.youdao.com",
    "Origin": "http://fanyi.youdao.com",
    "Referer": "http://fanyi.youdao.com/",
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36",
    "X-Requested-With": "XMLHttpRequest",
}
# Form表单数据
data = { 
    'i': word,
    'from': 'AUTO',
    'to': 'AUTO',
    'smartresult': 'dict',
    'client': 'fanyideskweb',
    'salt': salt,
    'sign': sign,
    'ts': ts,
    'bv': 'cf156b581152bd0b259b90070b1120e6',
    'doctype': 'json',
    'version': '2.1',
    'keyfrom': 'fanyi.web',
    'action': 'FY_BY_REALTlME'
}
json_html = requests.post(url,data=data,headers=headers).json()
result = json_html['translateResult'][0][0]['tgt']
return result

if name == ‘main‘:

word = input('请输入要翻译的单词：')
result = attack_yd(word)
print(result)

百度翻译抓取

实现步骤

1、浏览器F12开启网络抓包,Network-All,页面翻译单词后找Form表单数据
2、在页面中多翻译几个单词，观察Form表单数据变化（有数据是加密字符串）
3、刷新百度翻译页面，抓取并分析JS代码(sign是由js生成的)
4、找到JS代码，在pycharm中新建js文件,将js代码复制到文件中
5、将js生成的sign返回给py文件,请求访问

方法

1.Network - JS选项 - 搜索关键词sign,找到sign:m(a)
2.在sign:m(a)处打断点调试,鼠标放在m处会有e(a)js函数,点击进入找到响应的js代码

JS代码(在pycharm中新建js文件,将js代码复制到文件中)

function n(r, o) { 
    for (var t = 0; t < o.length - 2; t += 3) { 
        var a = o.charAt(t + 2);
        a = a >= "a" ? a.charCodeAt(0) - 87 : Number(a),
            a = "+" === o.charAt(t + 1) ? r >>> a : r << a,
            r = "+" === o.charAt(t) ? r + a & 4294967295 : r ^ a
    }
    return r
}
var i = "320305.131321201"
function e(r) { 
    var o = r.match(/[\uD800-\uDBFF][\uDC00-\uDFFF]/g);
    if (null === o) { 
        var t = r.length;
        t > 30 && (r = "" + r.substr(0, 10) + r.substr(Math.floor(t / 2) - 5, 10) + r.substr(-10, 10))
    } else { 
        for (var e = r.split(/[\uD800-\uDBFF][\uDC00-\uDFFF]/), C = 0, h = e.length, f = []; h > C; C++)
            "" !== e[C] && f.push.apply(f, a(e[C].split(""))),
            C !== h - 1 && f.push(o[C]);
        var g = f.length;
        g > 30 && (r = f.slice(0, 10).join("") + f.slice(Math.floor(g / 2) - 5, Math.floor(g / 2) + 5).join("") + f.slice(-10).join(""))
    }
    var u = void 0
        , l = "" + String.fromCharCode(103) + String.fromCharCode(116) + String.fromCharCode(107);
    u = null !== i ? i : (i = window[l] || "") || "";
    for (var d = u.split("."), m = Number(d[0]) || 0, s = Number(d[1]) || 0, S = [], c = 0, v = 0; v < r.length; v++) { 
        var A = r.charCodeAt(v);
        128 > A ? S[c++] = A : (2048 > A ? S[c++] = A >> 6 | 192 : (55296 === (64512 & A) && v + 1 < r.length && 56320 === (64512 & r.charCodeAt(v + 1)) ? (A = 65536 + ((1023 & A) << 10) + (1023 & r.charCodeAt(++v)),
            S[c++] = A >> 18 | 240,
            S[c++] = A >> 12 & 63 | 128) : S[c++] = A >> 12 | 224,
            S[c++] = A >> 6 & 63 | 128),
            S[c++] = 63 & A | 128)
    }
    for (var p = m, F = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(97) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(54)), D = "" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(51) + ("" + String.fromCharCode(94) + String.fromCharCode(43) + String.fromCharCode(98)) + ("" + String.fromCharCode(43) + String.fromCharCode(45) + String.fromCharCode(102)), b = 0; b < S.length; b++)
        p += S[b],
            p = n(p, F);
    return p = n(p, D),
        p ^= s,
    0 > p && (p = (2147483647 & p) + 2147483648),
        p %= 1e6,
    p.toString() + "." + (p ^ m)
}

新建py文件,代码实现
安装执行js代码的库

pip install PyExecJS
''' 百度翻译数据抓取 '''
# 用来执行js代码
import execjs
import requests
class BaiduTranslateJS(object):
    ''' 百度翻译数据抓取 '''
    def __init__(self, query):
        """ :param query: 待翻译的内容 cookie 值 可能会影响到翻译结果，可以将未登陆情况下百度翻译的cookie填写。 """
        self.query = query
        self.url = "https://fanyi.baidu.com/v2transapi"
        self.headers = { 
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0",
            "Cookie": "BAIDUID=AFB6E3FB47D3EEA8C525D02E728E0991:FG=1; BIDUPSID=AFB6E3FB47D3EEA8C525D02E728E0991; PSTM=1556177968; REALTIME_TRANS_SWITCH=1; FANYI_WORD_SWITCH=1; HISTORY_SWITCH=1; SOUND_SPD_SWITCH=1; SOUND_PREFER_SWITCH=1; MCITY=-131%3A; Hm_lvt_64ecd82404c51e03dc91cb9e8c025574=1556507678,1557287607,1557714510,1557972796; BDSFRCVID=xr-sJeCCxG3twro9YX2saOEfCZPT14fNd2s33J; H_BDCLCKID_SF=tR3fL-08abrqqbRGKITjhPrM2hKLbMT-027OKKO2b-oobfTyDRbHXULELn6TLT_J5eobot8bthF0HPonHj85j6bQ3J; PSINO=2; delPer=0; H_PS_PSSID=1450_28937_21095_18560_29064_28518_29098_28722_28963_28836_28584_26350; locale=zh; yjs_js_security_passport=5b9f340d92cf7400bd5ba82b49a65bc0520935cc_1558490261_js; Hm_lpvt_64ecd82404c51e03dc91cb9e8c025574=1558493551; to_lang_often=%5B%7B%22value%22%3A%22jp%22%2C%22text%22%3A%22%u65E5%u8BED%22%7D%2C%7B%22value%22%3A%22en%22%2C%22text%22%3A%22%u82F1%u8BED%22%7D%2C%7B%22value%22%3A%22zh%22%2C%22text%22%3A%22%u4E2D%u6587%22%7D%5D; from_lang_often=%5B%7B%22value%22%3A%22jp%22%2C%22text%22%3A%22%u65E5%u8BED%22%7D%2C%7B%22value%22%3A%22zh%22%2C%22text%22%3A%22%u4E2D%u6587%22%7D%2C%7B%22value%22%3A%22en%22%2C%22text%22%3A%22%u82F1%u8BED%22%7D%5D"
        }
        self.data = { 
            "from": "en",
            "to": "zh",
            "query": self.query,  # query 即我们要翻译的的内容
            "transtype": "translang",
            "simple_means_flag": "3",
            "sign": "",  # sign 是变化的需要我们执行js代码得到
            "token": "13508e550366f3004701d561721e12bd"  # token没有变化
        }
    def structure_form(self):
        """ 读取js文件 执行js代码得到我们苦求的sign值 构造新的表单 :return: """
        with open('baidu_translate_js.js', 'r', encoding='utf-8') as f:
            ctx = execjs.compile(f.read())
        sign = ctx.call('e', self.query)  # e为js代码里的函数名 # self.query为要查的单词,也就是e函数需要填写的参数 sign为js代码执行的返回的结果
        # print(sign)
        # sign成功获取，写入date
        self.data['sign'] = sign
    def get_response(self):
        """ 通过构造的新的表单数据，访问api，获取翻译内容 :return: 翻译结果 """
        self.structure_form()
        response = requests.post(self.url, headers=self.headers, data=self.data).json()
        # print(response)
        r = response['trans_result']['data'][0]['dst']
        return r
if __name__ == '__main__':
    while True:
        word = input('请输入要查的单词:')
        baidu_translate_spider = BaiduTranslateJS(word)
        result = baidu_translate_spider.get_response()
        print(result)

附git地址：https://github.com/RyanLove1/spider\_code

有道翻译流程梳理

1. 打开首页
2. 准备抓包: F12开启控制台
3. 寻找地址
   页面中输入翻译单词，控制台中抓取到网络数据包，查找并分析返回翻译数据的地址
4. 发现规律
   找到返回具体数据的地址，在页面中多输入几个单词，找到对应URL地址，分析对比 Network - All(或者XHR) - Form Data，发现对应的规律
5. 寻找JS文件
   右上角 ... -> Search -> 搜索关键字 -> 单击 -> 跳转到Sources，左下角格式化符号{ }
6、查看JS代码
   搜索关键字，找到相关加密方法，分析并用python实现
7、断点调试
8、完善程序