e100发短信http包

时间：2010-04-13 来源：yorks

e100那里有每个月200条免费短信可以使用。但是它的网址的广告太多，每次登录上去都不爽它，于是就写了一个e100发短信python程序。 e100是通过浏览器发送包出去了，那应该是http包了，而且没有通过ssl层发送，打开wireshark抓包，下面将找到的包分析如下： 1、首先是打开http://www.gd.chinamobile.com/e100/sms/index.jsp会探出登录框登录，这个时候就已经下载好图形验证码了。所以登录的第一步是下载验证码。其http包如下：发送：

url=http://www.gd.chinamobile.com/image?sds=0.372007395458
headers={
   'Host':'www.gd.chinamobile.com',
   'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN;rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
   'Accept':'image/png,image/*;q=0.8,*/*;q=0.5',
      'Accept-Language':'zh-cn,zh;q=0.5',
      'Accept-Encoding':'gzip,deflate',
      'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
      'Keep-Alive':'300',
      'Connection':'keep-alive',
       'Referer':'https://www.gd.chinamobile.com/e100/index.jsp'
       }

接收:

Date: Tue, 13 Apr 2010 14:08:31 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000NwDmmJzmpn-0tP5N1cGHatr:126o3oeor; Path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: image/jpeg
Content-Language: zh-CN

注意上面的set-cookie,登录的时候要用到。获取到验证码后，下一步就是登录了。 2、登录发送:

url="http://www.gd.chinamobile.com/ServicesServlet/LOGIN"
data = """_request_json=%257B%2522operation%2522%253A%2522login%2522%252C%2522isProtocol%2522%253Atrue%252C%2522_dl100Mobile%2522%253A%2522%2522%252C%2522_loginInfo%2522%253A%2522%257B%255C%2522_loginType%255C%2522%253A%255C%25222%255C%2522%252C%255C%2522_logonName%255C%2522%253A%255C%2522%s"""% cellphone+""" %255C%2522%252C%255C%2522_password%255C%2522%253A%255C%2522%s"""% passwd+"""%255C%2522%252C%255C%2522_smsRND%255C%2522%253A%255C%2522%255C%2522%252C%255C%2522isProtocol%255C%2522%253Atrue%252C%255C%2522_login_backurl%255C%2522%253A%255C%2522%252Fe100%252Findex.jsp%255C%2522%252C%255C%2522_channel%255C%2522%253A8%252C%255C%2522_imageCode%255C%2522%253A%255C%2522%s"""% verifyCode+"""%255C%2522%257D%2522%257D&_channel=8"""

"""其实上面的是通过抓包到的，复制到urllib.unquote一下就出现下面的request_json了。"""

request_json="""{"operation":"login","isProtocol":true,"_dl100Mobile":"","_loginInfo":"{\\"_loginType\\":\\"2\\",\\"_logonName\\":\\"%s"""% cellphone +"""\\",\\"_password\\":\\"%s"""% passwd+"""\\",\\"_smsRND\\":\\"\\",\\"isProtocol\\":true,\\"_login_backurl\\":\\"/e100/index.jsp\\",\\"_channel\\":8,\\"_imageCode\\":\\"%s"""% verifyCode +"""\\"}"}"""data = urllib.urlencode([('_request_json','%s'% request_json),('_channel', '8')])

headers={
  'Host':'www.gd.chinamobile.com',
  'User-Agent':'Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8',
  'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
   'Accept-Language':'zh-cn,zh;q=0.5',
   'Accept-Encoding':'gzip,deflate',
  'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
   'Keep-Alive':'300',
  'Connection':'keep-alive',
'Referer':'https://www.gd.chinamobile.com/e100/index.jsp',
'Cookie':'JSESSIONID=%s' % self.JSESSIONID,#这里就是第一次获取验证码的cookie
'Content-Type':'application/x-www-form-urlencoded',
}

接收:

Date: Tue, 13 Apr 2010 14:21:53 GMT
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 97
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN

<script>
window.location="http://www.gd.chinamobile.com:80/e100/index.jsp";
</script>

3、获取随机短信验证码发送：

url="http://www.gd.chinamobile.com/login/sendSMSRND.jsp?_logonName=E100_USER&_r=0.432117305347

headers={'Content-Length': '0', 'Accept-Language': 'zh-cn,zh;q=0.5', 'Accept-Encoding': 'gzip,deflate', 'Connection': 'keep-alive', 'Keep-Alive': '300', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; zh-CN; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8', 'Accept-Charset': 'GB2312,utf-8;q=0.7,*;q=0.7', 'Host': 'www.gd.chinamobile.com', 'Referer': 'https://www.gd.chinamobile.com/e100/index.jsp', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Cookie': 'JSESSIONID=0000Oq1mZ79-3TmoXCitxF4kaoW:126o3ohcr'}

接收

Date: Tue, 13 Apr 2010 14:21:55 GMT
Server: IBM_HTTP_Server
Content-Length: 39
Connection: close
Content-Type: text/html;charset=GBK
Content-Language: zh-CN

OK
##超sb的yd，竟然返回的内容加了那么多个\r\n

发送短信: 发送:

url="http://www.gd.chinamobile.com/e100/SMS/Send?timeStamp=12711916544"
request_json="""{"operation":"SMS_SEND","smsMessage":"{\\"person\\":\\"%s"""% to +"""\\",\\"content\\":\\"%s"""% msg+"""\\",\\"type\\":\\"0\\",\\"time\\":\\"%s"""% sendTime+"""\\",\\"payment\\":\\"0\\",\\"logoCode\\":\\"%s"""% logoCode +"""\\"}"}""" 同样这是我用urllib.unquote得出来的。

接收:

Date: Tue, 13 Apr 2010 14:22:24 GMT
Server: IBM_HTTP_Server
Content-Length: 445
Connection: close
Content-Type: text/xml;charset=UTF-8
Content-Language: zh-CN

{"resultObject":{"e_send_num":0,"money_sms_one":0.15,"e_leva_count":0,"money_send_count":0,"free_leva_count":186,"day_send_num":50,"day_send_sms":1,"free_month_num":200,"sms_schd_date":"72","month_send_sms":14,"result":true,"write_count":350,"toget_person":10,"money_count":0.15,"user_e_num":0,"user_e_sends":0,"sms_over_date":"2010年12月31日","month_send_num":1000},"login_type":3,"resultCode":105,"message":"您的信息已提交发送！"}

还有就是第一次发短信要先获取随机验证码，第二次.第三次....都是用图像验证码. 所以出来登录的时候需要验证码，就是第二次,第三次....发短信也需要图形验证码.这个的http包和第一个差不多，就是headers里面多了一个cookie的值.JSESSIONID...