背景
在某宝上看到一个药品管理系统,他有一个云药品库。用扫码枪一扫,就可用获取到药品的详细信息。能够在增加药品根底材料的时候,免去输出文字的麻烦,而我在上家公司的时候,也是做药品 ERP 的,客户拿着咱们的 ERP 增加药品等根底材料的时候很麻烦,我就提倡做这样一个货色在 erp 中,因为种种原因未能遍及。其中重要起因就是用户想用,然而材料太少,于是我抓包这个软件,看看是否获取到他的资料库,有机会能够爬下来,用在相似零碎中。这个过程中遇到了一些问题,我记录了下来。
第一抓包
找到软件入口,输出条码,搜寻看看网卡中的包信息,应用 wireshark
很显著 http 协定的,通过调节能够抓取到信息的,然而返回值 应该是“加密”的,为啥加密呢?是避免他人抓取?我一开始认为是,看这样子是用的 base64 加密的。我先在网址上找了一个在线解密 base64 的,果然能够解密。然而中文有乱码,看乱码的样子应该是字符编码的问题。
要想看到具体的中文内容,只能用 java 来写一个抓取数据和解码 Base64 还要转字符编码的事件了。
第二 java 爬取数据,解码 Base64
java 解码 c ++,base64 编码的数据,
从 base64 解码到数据原本的样子,这个过程中遇到了一点小麻烦,就是 jdk1.8 外面 base64 编码解码器,都是不带 换行合乎的,而这个爬取下来的数据都是有换行符号的。通过查找材料得悉上面的不可用,
java.util.Base64.getDecoder();
得用 jdk1.7 或 第三方 commons-codec
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.14</version>
</dependency>
org.apache.commons.codec.binary.Base64
用这个是能够解码 Base64
String url="http://116.255.186.7:9000";
HashMap<String, String> hashMap = new HashMap<>();
hashMap.put("Content-Type", "application/x-www-form-urlencoded");
hashMap.put("Accept", "text/html, */*");
hashMap.put("User-Agent", "Mozilla/3.0 (compatible; Indy Library)");
Map map =new HashMap();
map.put("YPACT", "YPGET");
map.put("barcode", "12343");
try {byte rs[]= OkHttpUtil.postb(url, map,hashMap);
JSONObject jsonObject =JSON.parseObject(new String(rs));
String encode = jsonObject.getString("rmtdset");
System.out.println(encode);
byte []xm =encode.getBytes();
byte[] dbm= Base64.decodeBase64(xm);
String dcodeg=new String(dbm);
System.out.println(dcodeg);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();}
然而中文乱码
第三 剖析为什么中文乱码
为什么从 Base64 解码,java 打印进去是乱码呢?
因为 c ++、c# 或者更精确的说,win 零碎里进去的货色,默认是 GBK,java 这边默认是 UTF-8
。也就是说 在 win 零碎中 base64 编码的时候,是将 GBK 编码的字符串,变成 byte 数组, 再变成 base64 字符串 'base64String'
在网络中传送的是 ‘base64String’,java 这边收到后,用 Base64 解码 base64String,解码成 byte 数组,那这数组,对应的编码就是 GBK。所以解码进去的要用 GBK 的形式来构建字符串,
就是这样的代码。
剖析到这就明确了,为啥他这个零碎中不间接用字符串传送,而是要 base64 加密后的字符串传送,就是因为 Base64 加密后的全是 ASC 码串,不会呈现编码谬误。而解码,只需将返回的 byte 数组解析为 GBK 的字符串,就可用正确应用。所以可用得出结论,上的 base64 加密,并非真正的加密,只是为了传递数据的不便。
最初看一下正确的数据的样子
[{
"id": "248727",
"c1_id": "0",
"c2_id": "","c1":" 糖果系列 ","c2":"",
"name": "长干棒棒糖",
"pinyin": "ZGBBT",
"spec": "","unit":" 支 ","approval_number":"",
"location": "晨光文具专营店",
"barcode": "091361712343",
"zhuzhi": "","explain_book":"(Memo)","replenish":"",
"logo": "","is_otc":"",
"is_del": "","c_time":"",
"datasource": "内部",
"storename": "维康堂大药房",
"oper": "超级用户",
"uploadipaddr": "116.255.186.7",
"inserttime": "2019-08-30 0:30:01",
"rows": "1"
}, {
"id": "280240",
"c1_id": "0",
"c2_id": "","c1":"",
"c2": "","name":"2000","pinyin":"2000","spec":"",
"unit": "","approval_number":"",
"location": "无",
"barcode": "12343",
"zhuzhi": "","explain_book":"(Memo)","replenish":"",
"logo": "","is_otc":"",
"is_del": "","c_time":"",
"datasource": "内部",
"storename": "滦南县坨里镇康诚大药房",
"oper": "超级用户",
"uploadipaddr": "116.255.186.7",
"inserttime": "2020-02-03 2:03:45",
"rows": "2"
}, {
"id": "222533",
"c1_id": "0",
"c2_id": "","c1":" 电器 ","c2":"",
"name": "电脑电源线 5m 250v",
"pinyin": "DNDYX 5M 250V",
"spec": "5m",
"unit": "根",
"approval_number": "","location":" 超五类 ","barcode":"1234356574543","zhuzhi":"",
"explain_book": "(Memo)",
"replenish": "","logo":"",
"is_otc": "","is_del":"",
"c_time": "","datasource":" 内部 ","storename":" 冠县回春堂大药店二分店 ","oper":" 超级用户 ","uploadipaddr":"116.255.186.7","inserttime":"2019-06-11 4:58:50","rows":"3"}, {"id":"78460","c1_id":"0","c2_id":"",
"c1": "","c2":"",
"name": "卫康 2000(125)",
"pinyin": "WK2000(125)",
"spec": "125ml",
"unit": "盒",
"approval_number": "","location":" 卫康 ","barcode":"6919021123435","zhuzhi":"",
"explain_book": "(Memo)",
"replenish": "","logo":"",
"is_otc": "","is_del":"",
"c_time": "","datasource":" 内部 ","storename":" 东隆重药房 ","oper":" 超级用户 ","uploadipaddr":"61.237.136.125","inserttime":"2018-11-01 17:21:48","rows":"4"}, {"id":"322118","c1_id":"0","c2_id":"",
"c1": "7001",
"c2": "","name":" 淘乡甜(熟)咸鸭蛋 ","pinyin":"TXT(S)XYD","spec":"65g","unit":" 包 ","approval_number":"",
"location": "","barcode":"6921234300855","zhuzhi":"",
"explain_book": "(Memo)",
"replenish": "","logo":"",
"is_otc": "","is_del":"",
"c_time": "","datasource":" 内部 ","storename":" 串业药店 ","oper":" 超级用户 ","uploadipaddr":"116.255.186.7","inserttime":"2020-06-06 14:01:48","rows":"5"}, {"id":"343515","c1_id":"0","c2_id":"",
"c1": "","c2":"",
"name": "酒精",
"pinyin": "JJ",
"spec": "","unit":"",
"approval_number": "","location":"",
"barcode": "6921723712343",
"zhuzhi": "","explain_book":"(Memo)","replenish":"",
"logo": "","is_otc":"",
"is_del": "","c_time":"",
"datasource": "内部",
"storename": "梧州长洲福膳诊所",
"oper": "超级用户",
"uploadipaddr": "116.255.186.7",
"inserttime": "2020-07-07 1:50:34",
"rows": "6"
}, {
"id": "54075",
"c1_id": "0",
"c2_id": "","c1":"0203 保健 ","c2":"",
"name": "专利品决明子茶",
"pinyin": "ZLPJMZC",
"spec": "240g",
"unit": "盒",
"approval_number": "","location":" 宁夏 ","barcode":"6924564712343","zhuzhi":"",
"explain_book": "(Memo)",
"replenish": "","logo":"",
"is_otc": "","is_del":"",
"c_time": "","datasource":" 内部 ","storename":"XXXXX 大药房 ","oper":" 超级用户 ","uploadipaddr":"61.237.136.147","inserttime":"2018-10-12 1:49:14","rows":"7"}, {"id":"189861","c1_id":"3","c2_id":"",
"c1": "中药饮片",
"c2": "","name":" 黑枸杞(药知源)","pinyin":"HGQ(YZY)","spec":"80g","unit":" 桶 ","approval_number":"",
"location": "安徽药知源",
"barcode": "6926919123439",
"zhuzhi": "","explain_book":"(Memo)","replenish":"",
"logo": "","is_otc":"",
"is_del": "","c_time":"",
"datasource": "内部",
"storename": "长坂坡大药房干溪店",
"oper": "超级用户",
"uploadipaddr": "116.255.186.7",
"inserttime": "2019-02-28 2:11:23",
"rows": "8"
}, {
"id": "155311",
"c1_id": "0",
"c2_id": "","c1":" 新药 ","c2":"",
"name": "番泻叶",
"pinyin": "FXY",
"spec": "40 克",
"unit": "","approval_number":"",
"location": "安徽",
"barcode": "6933371234375",
"zhuzhi": "","explain_book":"(Memo)","replenish":"",
"logo": "","is_otc":"",
"is_del": "","c_time":"",
"datasource": "内部",
"storename": "开元大药房",
"oper": "超级用户",
"uploadipaddr": "61.237.136.98",
"inserttime": "2018-12-13 13:24:16",
"rows": "9"
}]
我就是我,一名技术爱好者!