抖音反編譯學習(記錄草稿)

參考:http://www.520monkey.com/archives/1085

//1.點贊
GET /aweme/v1/commit/item/digg/?
aweme_id=6524544208643034381
&type=1
&channel_id=3
&os_api=22
&device_type=SM-G955F
&device_platform=android
&ssmix=a
&iid=90213556637
&manifest_version_code=840
&dpi=320
&uuid=355757010121578
&version_code=840
&app_name=aweme
&version_name=8.4.0
&ts=1572010230
&openudid=0c9d92bd84d19636
&device_id=68869262492
&resolution=1080*1920
&os_version=5.1.1
&language=zh
&device_brand=samsung
&app_type=normal
&ac=wifi
&update_version_code=8402
&aid=1128
&channel=tengxun_new
&_rticket=1572010231535
&mcc_mnc=46007 HTTP/1.1

GET https://api.amemv.com/aweme/v1/commit/item/digg/?aweme_id=6524544208643034381&type=1&channel_id=3&os_api=22&
device_type=SM-G955F&device_platform=android&ssmix=a&iid=90390281806&manifest_version_code=840&dpi=320&uuid=355757010121578&
version_code=840&app_name=aweme&version_name=8.4.0&ts=1572080665&openudid=0c9d92bd84d19636&device_id=68869262492&resolution=1920*1080&
os_version=5.1.1&language=zh&device_brand=samsung&app_type=normal&ac=wifi&update_version_code=8402&aid=1128&channel=aweGW&_rticket=1572080662010&mcc_mnc=46007 HTTP/1.1
Host: api.amemv.com
Connection: keep-alive
Cookie: d_ticket=df9fb123f64347132fc18e8e54200227ea643; odin_tt=e7e934b099d1c2890197a5f7d9aa3263be96a543ce0575f2b99503c77cac16c6cf6d32c241771173922b61168afc5876;
 sid_guard=4ff1165727e3bc69634de631f5c04462%7C1572009808%7C5184000%7CTue%2C+24-Dec-2019+13%3A23%3A28+GMT; uid_tt=fcda429bfa1e694eb158384cb820770e; sid_tt=4ff1165727e3bc69634de631f5c04462;
 sessionid=4ff1165727e3bc69634de631f5c04462; install_id=90390281806; ttreq=1$4b40f267787a9b81514b63ee8a518d91aec2e903
Accept-Encoding: gzip
X-SS-REQ-TICKET: 1572080662007
X-Tt-Token: 004ff1165727e3bc69634de631f5c0446253e4a0f1d2b21c3766ca9beb6787f817ac5f556f6eaa17764ddee292e1ad11303c
sdk-version: 1
X-SS-DP: 1128
x-tt-trace-id: 00-98d3c43df91c019bdf0d508485048c4c-98d3c43df91c019b-01
User-Agent: com.ss.android.ugc.aweme/840 (Linux; U; Android 5.1.1; zh_CN; SM-G955F; Build/JLS36C; Cronet/58.0.2991.0)
X-Gorgon: 030000004001acb829c6b68de05d0cacf8ede47ce4cb20103637
X-Khronos: 1572080662


GET https://api.amemv.com/aweme/v1/commit/item/digg/?aweme_id=6524544208643034381&type=1&channel_id=3&os_api=22&
device_type=SM-G955F&device_platform=android&ssmix=a&iid=90390281806&manifest_version_code=840&dpi=320&uuid=355757010121578&
version_code=840&app_name=aweme&version_name=8.4.0&ts=1572081108&openudid=0c9d92bd84d19636&device_id=68869262492&resolution=1920*1080&
os_version=5.1.1&language=zh&device_brand=samsung&app_type=normal&ac=wifi&update_version_code=8402&aid=1128&channel=aweGW&_rticket=1572081105049&mcc_mnc=46007 HTTP/1.1
Host: api.amemv.com
Connection: keep-alive
Cookie: d_ticket=df9fb123f64347132fc18e8e54200227ea643; odin_tt=e7e934b099d1c2890197a5f7d9aa3263be96a543ce0575f2b99503c77cac16c6cf6d32c241771173922b61168afc5876;
 sid_guard=4ff1165727e3bc69634de631f5c04462%7C1572009808%7C5184000%7CTue%2C+24-Dec-2019+13%3A23%3A28+GMT; uid_tt=fcda429bfa1e694eb158384cb820770e; sid_tt=4ff1165727e3bc69634de631f5c04462;
 sessionid=4ff1165727e3bc69634de631f5c04462; install_id=90390281806; ttreq=1$4b40f267787a9b81514b63ee8a518d91aec2e903
Accept-Encoding: gzip
X-SS-REQ-TICKET: 1572081105048
X-Tt-Token: 004ff1165727e3bc69634de631f5c0446253e4a0f1d2b21c3766ca9beb6787f817ac5f556f6eaa17764ddee292e1ad11303c
sdk-version: 1
X-SS-DP: 1128
x-tt-trace-id: 00-a77c64227e911ee70811198281710139-a77c64227e911ee7-01
User-Agent: com.ss.android.ugc.aweme/840 (Linux; U; Android 5.1.1; zh_CN; SM-G955F; Build/JLS36C; Cronet/58.0.2991.0)
X-Gorgon: 0300dc7640014dc061cd4eebeb6b312612b4e1a1fdfcf443c781
X-Khronos: 1572081105

每次請求變化的參數:
ts
_rticket
X-SS-REQ-TICKET
x-tt-trace-id: 00-98d3c43df91c019bdf0d508485048c4c-98d3c43df91c019b-01
X-Gorgon: 030000004001acb829c6b68de05d0cacf8ede47ce4cb20103637

抖音as、mas、X-Gorgon解密算法

研究過dy的,或者截獲過他的接口的人都曉得,他在請求數據的時候需要在header中帶上X-Gorgon,和X-Khronos,不然會無法返回數據,
通過逆向分析,曉得,他是通過將url中的參數與cookies,sessionid和stub組成四個參數結合算出來的數值,用於服務器驗證,
如果沒有,自然就無法通過服務器的驗證。


//2.滑動視頻
POST /aweme/v1/aweme/stats/?
os_api=22
&device_type=SM-G955F
&device_platform=android
&ssmix=a&
iid=90213556637
&manifest_version_code=840
&dpi=320
&uuid=355757010121578
&version_code=840
&app_name=aweme
&version_name=8.4.0
&ts=1572017660
&openudid=0c9d92bd84d19636
&device_id=68869262492
&resolution=1080*1920
&os_version=5.1.1
&language=zh
&device_brand=samsung
&app_type=normal
&ac=wifi
&update_version_code=8402
&aid=1128
&channel=aweGW
&_rticket=1572017660342
&mcc_mnc=46007 HTTP/1.1

//3.獲取首頁數據
GET /aweme/v2/feed/?
type=0
&max_cursor=0
&min_cursor=0
&count=6
&volume=0.8666666666666667
&pull_type=0
&need_relieve_aweme=0
&filter_warn=0
&req_from
&is_cold_start=0
&longitude=104.56598090277778
&latitude=30.998700358072917
&address_book_access=1
&gps_access=1
&cached_item_num=0
&last_ad_show_interval=-1
&mac_address=0C%3A9D%3A92%3ABD%3A84%3AD1
&os_api=22
&device_type=SM-G955F
&device_platform=android
&ssmix=a
&iid=90320494175
&manifest_version_code=840
&dpi=320
&uuid=355757010121578
&version_code=840
&app_name=aweme
&version_name=8.4.0
&ts=1572078347
&openudid=0c9d92bd84d19636
&device_id=68869262492
&resolution=1920*1080
&os_version=5.1.1
&language=zh
&device_brand=samsung
&app_type=normal
&ac=wifi
&update_version_code=8402
&aid=1128
&channel=aweGW
&_rticket=1572078343869
&mcc_mnc=46007 HTTP/1.1


GET https://aweme-eagle.snssdk.com/aweme/v2/feed/?type=0&max_cursor=0&min_cursor=0&count=6&volume=0.8666666666666667&pull_type=0&need_relieve_aweme=0&filter_warn=0&req_from&is_cold_start=0&longitude=104.56598090277778&latitude=30.998700358072917&address_book_access=1&gps_access=1&cached_item_num=0&last_ad_show_interval=-1&mac_address=0C%3A9D%3A92%3ABD%3A84%3AD1&os_api=22&device_type=SM-G955F&device_platform=android&ssmix=a&iid=90320494175&manifest_version_code=840&dpi=320&uuid=355757010121578&version_code=840&app_name=aweme&version_name=8.4.0&ts=1572078347&openudid=0c9d92bd84d19636&device_id=68869262492&resolution=1920*1080&os_version=5.1.1&language=zh&device_brand=samsung&app_type=normal&ac=wifi&update_version_code=8402&aid=1128&channel=aweGW&_rticket=1572078343869&mcc_mnc=46007 HTTP/1.1
Host: aweme-eagle.snssdk.com
Connection: keep-alive
Cookie: d_ticket=df9fb123f64347132fc18e8e54200227ea643; odin_tt=e7e934b099d1c2890197a5f7d9aa3263be96a543ce0575f2b99503c77cac16c6cf6d32c241771173922b61168afc5876; sid_guard=4ff1165727e3bc69634de631f5c04462%7C1572009808%7C5184000%7CTue%2C+24-Dec-2019+13%3A23%3A28+GMT; uid_tt=fcda429bfa1e694eb158384cb820770e; sid_tt=4ff1165727e3bc69634de631f5c04462; sessionid=4ff1165727e3bc69634de631f5c04462; install_id=90320494175; ttreq=1$7e034f43db97bf9027594566e72694e4376f93ef
Accept-Encoding: gzip
X-SS-REQ-TICKET: 1572078343853
X-Tt-Token: 004ff1165727e3bc69634de631f5c0446253e4a0f1d2b21c3766ca9beb6787f817ac5f556f6eaa17764ddee292e1ad11303c
sdk-version: 1
X-SS-DP: 1128
x-tt-trace-id: 00-354016da2d2a9c3b31f771521b8c3316-354016da2d2a9c3b-01
User-Agent: com.ss.android.ugc.aweme/840 (Linux; U; Android 5.1.1; zh_CN; SM-G955F; Build/JLS36C; Cronet/58.0.2991.0)
X-Gorgon: 0300000040012bbebe2db68de0ca2279b26082506ae020e0b15e
X-Khronos: 1572078343

 

 

 

 

 

 

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章