共计 4213 个字符,预计需要花费 11 分钟才能阅读完成。
抖音数据采集教程,逆向钻研 X -Gorgon,X-Khronos 算法协定
抖音的接口中,通过抓包抖音申请时,能够发现 x -gorgon 和 xlog 两大参数是必备的,尽管说目前有些接口不通过这两个参数还是能够拿到数据,然而我感觉抖音曾经预留显示了这两大申请的参数,只会逐步提高要求,用于服务器验证,不然日后都无奈申请到数据,通过工具逆向反编译出了抖音 app 的源码,发现下列这个位于类 com.ss.sys.ces.gg.tt 中,有这样一个函数用于生成 x -gorgon 的值。
public static void init_gorgon()
{com.bytedance.frameworks.baselib.network.http.e.j = new e.a()
{public final Map<String, String> a(String paramAnonymousString, Map<String, List<String>> paramAnonymousMap)
{HashMap localHashMap = new HashMap();
for (;;)
{
try
{if ((!paramAnonymousString.toLowerCase().contains("http")) && (!paramAnonymousString.toLowerCase().contains("https"))) {throw new NullPointerException("nein http/https");
}
if ((paramAnonymousString.toLowerCase().contains("X-Khronos")) && (paramAnonymousString.toLowerCase().contains("X-Gorgon"))) {throw new NullPointerException("it was");
}
if (!tt.a(paramAnonymousString))
{int i = (int)(System.currentTimeMillis() / 1000L);
paramAnonymousString = tt.b(paramAnonymousString);
localObject2 = null;
if ((paramAnonymousString != null) && (paramAnonymousString.length() > 0))
{localObject1 = d.a(paramAnonymousString);
Iterator localIterator = paramAnonymousMap.entrySet().iterator();
paramAnonymousMap = null;
paramAnonymousString = paramAnonymousMap;
if (localIterator.hasNext())
{Object localObject4 = (Map.Entry)localIterator.next();
localObject3 = localObject2;
if (((String)((Map.Entry)localObject4).getKey()).toUpperCase().contains("X-SS-STUB")) {localObject3 = (String)((List)((Map.Entry)localObject4).getValue()).get(0);
}
localObject2 = localObject3;
if (!((String)((Map.Entry)localObject4).getKey()).toUpperCase().contains("COOKIE")) {continue;}
String str = (String)((List)((Map.Entry)localObject4).getValue()).get(0);
localObject2 = localObject3;
if (str == null) {continue;}
localObject2 = localObject3;
if (str.length() <= 0) {continue;}
localObject4 = d.a(str);
str = tt.c(str);
localObject2 = localObject3;
paramAnonymousMap = (Map<String, List<String>>)localObject4;
if (str == null) {continue;}
localObject2 = localObject3;
paramAnonymousMap = (Map<String, List<String>>)localObject4;
if (str.length() <= 0) {continue;}
paramAnonymousString = d.a(str);
StcSDKFactory.getInstance().setSession(str);
localObject2 = localObject3;
paramAnonymousMap = (Map<String, List<String>>)localObject4;
continue;
}
localObject3 = new StringBuilder();
((StringBuilder)localObject3).append(i);
localHashMap.put("X-Khronos", ((StringBuilder)localObject3).toString());
if (localObject1 == null) {break label572;}
localObject3 = localObject1;
if (((String)localObject1).length() == 0) {break label572;}
if (localObject2 == null) {break label579;}
localObject1 = localObject2;
if (((String)localObject2).length() == 0) {break label579;}
if (paramAnonymousMap == null) {break label586;}
localObject2 = paramAnonymousMap;
if (paramAnonymousMap.length() == 0) {break label586;}
if (paramAnonymousString == null) {break label593;}
paramAnonymousMap = paramAnonymousString;
if (paramAnonymousString.length() == 0) {break label593;}
if (b.a().a) {Calendar.getInstance().getTimeInMillis();}
paramAnonymousString = new StringBuilder();
paramAnonymousString.append((String)localObject3);
paramAnonymousString.append((String)localObject1);
paramAnonymousString.append((String)localObject2);
paramAnonymousString.append(paramAnonymousMap);
paramAnonymousString = com.ss.a.b.a.a(com.ss.sys.ces.a.leviathan(i, com.ss.a.b.a.a(paramAnonymousString.toString())));
if (b.a().a) {Calendar.getInstance().getTimeInMillis();}
localHashMap.put("X-Gorgon", paramAnonymousString);
return localHashMap;
}
}
else
{throw new NullPointerException("filter_1");
}
}
catch (Throwable paramAnonymousString)
{paramAnonymousString.getMessage().contains("filter_1");
return localHashMap;
}
Object localObject1 = null;
continue;
label572:
Object localObject3 = "00000000000000000000000000000000";
continue;
label579:
localObject1 = "00000000000000000000000000000000";
continue;
label586:
Object localObject2 = "00000000000000000000000000000000";
continue;
label593:
paramAnonymousMap = "00000000000000000000000000000000";
}
}
};
}
对应的就是底层.so 文件了
通过剖析晓得,最终的 x -gorgon 的生成,是调用 com.ss.sys.ces.a.leviathan 函数,所以咱们只有利用这个函数就能帮咱们解决 x -gorgon 的生成,他外面的参数有两个
public static native byte[] leviathan(int paramInt, byte[] paramArrayOfByte);
第一个是以后的工夫戳,也就是 X -Khronos
第二个字节组就一串字符串,由 Url、postdata、cookies 和 sesseionid 别离进行 MD5 加密组成的字串,做的二次申请。
所以也就发现了 X -SS-STUB 的值是将要 post 的数据做 md5 计算的值,如果是要做 post 的话,那这个值就须要带上。就能失常申请到数据了。目前有了点小成绩,具体细节就不公开了。
更多抖音,快手,小红书数据实时采集接口,请查看文档:TiToData
免责申明:本文档仅供学习与参考,请勿用于非法用处!否则所有后果自负。
正文完
