完整版 灰机@Lank5735
# -*- coding: UTF-8 -*-
import base64
import binascii
from urllib import parse
from lib.xhs_shield_calc.XYOldShield_706 import get_oldsign
import time
import requests
import string
import random
class IOS:
def get_ter_str(self, device_info, xycommonparams, xyplatforminfo):
ts = int(time.time())
url = "https://www.xiaohongshu.com/api/sns/v3/user/me?deviceId={}&device_fingerprint={}&device_fingerprint1={}&fid=1605335236101e0d28eb076dacfe290f2edc95ed7d21&lang=zh&platform=android&sid={}&sign=b1c352302484d97e6e9c93f7334a2720&t={}".format(
device_info['deviceId'], device_info['device_fingerprint'], device_info['device_fingerprint'],
device_info['sid'], ts)
header = {
"User-Agent": "discover/6.92 (iPhone; iOS 13.6; Scale/2.00) Resolution/828*1792 Version/6.92 Build/6920189 Device/(Apple Inc.;iPhone11,8) NetType/CellNetwork",
"xy-common-params": xycommonparams,
"xy-platform-info": xyplatforminfo,
}
response = requests.get(url, headers=header)
return response.headers["xy-ter-str"]
def getSign(self, url, main_hmac, xycommonparams, xyplatforminfo, device_info, data={}):
parsed = parse.urlparse(url)
path = parsed.path
args = parse.parse_qs(parsed.query, keep_blank_values=True)
params = dict([(k, v[0]) for k, v in args.items()])
# main_hmac = get_ter_str(device_info=device_info, xycommonparams=xycommonparams, xyplatforminfo=xyplatforminfo)
shield = get_oldsign(
path=path,
params=parse.urlencode(params),
xy_common_params=xycommonparams,
xy_platform_info=xyplatforminfo,
data=parse.urlencode(data),
main_hmac=main_hmac,
device_id=device_info['deviceId']
)
return shield
class AndroidShield:
__apk_version_build = "7060192"
__app_id = "ecfaaf01"
def __init__(self):
"""
:param device_key: 小红书返回的x-ter-str
:param device_id: 设备id
:param content: 加密的内容
"""
# self.device_key = device_key
# self.device_id = device_id
# self.content = content
def get_ter_str(self, device_info, xycommonparams, xyplatforminfo):
ts = int(time.time())
url = "https://www.xiaohongshu.com/api/sns/v3/user/me?deviceId={}&device_fingerprint={}&device_fingerprint1={}&fid=1605335236101e0d28eb076dacfe290f2edc95ed7d21&lang=zh&platform=android&sid={}&sign=b1c352302484d97e6e9c93f7334a2720&t={}".format(
device_info['deviceId'], device_info['device_fingerprint'], device_info['device_fingerprint'],
device_info['sid'], ts)
header = {
"User-Agent": "discover/6.92 (iPhone; iOS 13.6; Scale/2.00) Resolution/828*1792 Version/6.92 Build/6920189 Device/(Apple Inc.;iPhone11,8) NetType/CellNetwork",
"xy-common-params": xycommonparams,
"xy-platform-info": xyplatforminfo,
}
response = requests.get(url, headers=header)
return response.headers["xy-ter-str"]
@staticmethod
def strT0Hexstr(str):
return binascii.hexlify(str.encode()).decode('utf-8')
def getSign(self, path='', params='', xy_common_params='', xy_platform_info='', data='', content='',
main_hmac='', device_id=''):
"""
生成签名 根据main_hmac device_id解密出一个key。
"""
_res = get_oldsign(path=path, params=params, xy_common_params=xy_common_params,
xy_platform_info=xy_platform_info, data=data,
content=content, main_hmac=main_hmac, device_id=device_id)
newsign = self.calc_shield(device_id=device_id, oldsign=_res)
return newsign
def init_table(self):
a1 = [0 for i in range(0x102)]
a2 = 13
a3 = [0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b]
a1[0] = 0
a1[1] = 0
v11 = 0
v7 = 0
for i in range(256):
a1[i + 2] = i
for j in range(0, 256, 4):
v15 = a1[j + 2]
v8 = (a3[v11] + v15 + v7) & 0xff
v12 = v11 + 1
if v12 == a2:
v12 = 0
a1[j + 2] = a1[v8 + 2]
a1[v8 + 2] = v15
v16 = a1[j + 3]
v9 = (a3[v12] + v16 + v8) & 0xff
v13 = v12 + 1
if v13 == a2:
v13 = 0
a1[j + 3] = a1[v9 + 2]
a1[v9 + 2] = v16
v17 = a1[j + 4]
v10 = (a3[v13] + v17 + v9) & 0xff
v14 = v13 + 1
if v14 == a2:
v14 = 0
a1[j + 4] = a1[v10 + 2]
a1[v10 + 2] = v17
v18 = a1[j + 5]
v7 = (a3[v14] + v18 + v10) & 0xff
v11 = v14 + 1
if v11 == a2:
v11 = 0
a1[j + 5] = a1[v7 + 2]
a1[2 + v7] = v18
return a1
def init_base64_table(self, input_byte):
input_len = len(input_byte)
output_byte = [0 for i in range(input_len)]
a1 = self.init_table()
a2 = 0x53
a3 = input_byte
a4 = output_byte
v51 = a1[0]
v43 = a1[1]
v59 = a1[2:]
count = 0
i = a2 >> 3
while i > 0:
pass
# 完整算法联系飞机@Lank5735
v6 = a2 & 7
if (v6 != 0):
while v6 > 0:
pass
# 完整算法联系飞机@Lank5735
return output_byte
def shield_init(self, device_id, oldsign):
"version长度7 device_id长度24 旧shield长度10"
appid_hex_str = self.__app_id.lower()
appversion_hex_str = self.strT0Hexstr(self.__apk_version_build)
deviceid_hex_str = self.strT0Hexstr(device_id)
oldshield_hex_str = oldsign
# print(oldshield_hex_str) # dc502860dccd41f99045a6d675ea1e98
# oldshield_hex_str = "a59dd3058d4c90339cf447aedf477864"
# oldshield_hex_str = "cf a0 3f 03 67 87 7f 07 36 75 da 2e f7 5e b3 df".replace(" ","")
calc_str = f"00000001{appid_hex_str}00000002000000070000002400000010{appversion_hex_str}{deviceid_hex_str}{oldshield_hex_str}"
b_res = self.init_base64_table(bytes.fromhex(calc_str))
return b_res
def calc_shield(self, device_id, oldsign):
output2 = [0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 83, 0, 0, 0, 83]
output1 = self.shield_init(device_id, oldsign)
b64_encode_str = output2 + output1
_res = base64.b64encode(bytearray(b64_encode_str))
return "XY" + _res.decode("utf-8")
def get_shield_7_06(url, xycommonparams, xyplatforminfo, device_info, data={}):
parsed = parse.urlparse(url)
path = parsed.path
args = parse.parse_qs(parsed.query, keep_blank_values=True)
params = dict([(k, v[0]) for k, v in args.items()])
s = AndroidShield()
try:
main_hmac = s.get_ter_str(device_info=device_info, xycommonparams=xycommonparams, xyplatforminfo=xyplatforminfo)
except:
rand_str = ''.join(random.sample(string.ascii_uppercase, 24))
main_hmac = "mXtwWNLkY+tzqBSiMdzc87zwuffL+CE9tdMP2mLFEcJI7HE/4Ak6h817k6VPj6iA2yy7RObJhA0pS9HqoxQfoavlomg9AGSA8vg4OEJ/" + rand_str
# 生成签名
shield = s.getSign(
main_hmac=main_hmac,
device_id=device_info['deviceId'],
path=path,
params=parse.urlencode(params),
xy_common_params=xycommonparams,
xy_platform_info=xyplatforminfo,
data=parse.urlencode(data),
)
return shield
if __name__ == '__main__':
qq = AndroidShield()
zz = qq.getSign(path="/api/sns/v1/note/feed",
params="note_id=611e3446000000002103e745&page=1&has_ads_tag=false&num=5&fetch_mode=1&source=explore&ads_track_id=fm_fwfm_ol_30day%4028y6fh5sgzc4a916hbx23",
device_id="879246a0-b385-3400-b59d-76f63fa5baff",
xy_common_params="fid=162925699210bf9c0d3447ec1a57edbfc9b9f44f9625&device_fingerprint=20210810140918508c2ccd6e986960ec8432e9c2edd16b01265a5749ac3489&device_fingerprint1=20210810140918508c2ccd6e986960ec8432e9c2edd16b01265a5749ac3489&launch_id=1629451556&tz=Asia%2FShanghai&channel=YingYongBao&versionName=7.6.0&deviceId=879246a0-b385-3400-b59d-76f63fa5baff&platform=android&sid=session.1629264087421090169948&identifier_flag=4&t=1629451595&project_id=ECFAAF&build=7060188&x_trace_page_current=explore_feed&lang=zh-Hans&app_id=ECFAAF01&uis=light",
xy_platform_info="platform=android&build=7060188&deviceId=879246a0-b385-3400-b59d-76f63fa5baff",
main_hmac="XaiJJLGJna6H3GiOhNxbfAOLFS9Th/7LY7eTl5R9PBsgcyVKtyidl2bSA9ql4RlL5IdgzuWC9XOJQJoIDs5ANDDYtBwFXmO8nzWyO4oIoH2NeTDYmL6YcIQMDTT/di8f")
print(zz)
