CN110351259A - A kind of method and device obtaining APP authentication information based on network packet capturing - Google Patents
A kind of method and device obtaining APP authentication information based on network packet capturing Download PDFInfo
- Publication number
- CN110351259A CN110351259A CN201910576620.2A CN201910576620A CN110351259A CN 110351259 A CN110351259 A CN 110351259A CN 201910576620 A CN201910576620 A CN 201910576620A CN 110351259 A CN110351259 A CN 110351259A
- Authority
- CN
- China
- Prior art keywords
- authentication information
- tool
- acquiring
- app
- app authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 10
- 238000012360 testing method Methods 0.000 claims description 9
- 238000004140 cleaning Methods 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 7
- 238000013515 script Methods 0.000 claims description 6
- 238000000605 extraction Methods 0.000 claims description 3
- 238000004088 simulation Methods 0.000 abstract description 2
- 230000009193 crawling Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000004888 barrier function Effects 0.000 description 1
- 230000006854 communication Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000013024 troubleshooting Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3696—Methods or tools to render software testable
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
- G06F16/9535—Search customisation based on user profiles and personalisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Quality & Reliability (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of method and device for obtaining APP authentication information based on network packet capturing, method includes: that software tool is called to realize APP automated log on and simulation browsing;Packet catcher is obtained, the solicited message that packet catcher code obtains specified request automatically is rewritten;The solicited message intercepted and captured is taken out, the APP authentication information after parsing is obtained after handling solicited message simultaneously saves.The embodiment of the present invention obtains parsing authentication information by program combination packet catcher automatically and is automatically credited database, it can be achieved that whole day 24 hours persistently crawl APP authentication information, and without very important person guard, raising APP authentication information crawls efficiency, reduces human cost.
Description
Technical Field
The invention relates to the technical field of data acquisition, in particular to a method and a device for acquiring APP authentication information based on network packet capturing.
Background
When acquiring app information, authentication information of the app needs to be carried when a request is sent, the authentication information can be acquired through a packet capturing tool, but the authentication information is time-efficient, so that the user needs to manually capture the packet to acquire and analyze the authentication information after a period of time.
And manually logging in the app, arranging the mobile phone and the packet capturing tool in the same network, setting a mobile phone proxy, browsing the content of the mobile phone app, acquiring authentication information through the packet capturing tool, manually analyzing and storing the authentication information to the local.
When acquiring app information in the prior art, the app content needs to be manually refreshed each time, then the information acquired by the packet capturing tool also needs to be analyzed, a person is needed to watch, and if no person exists at night, the program cannot continue to run.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
In view of the foregoing deficiencies of the prior art, an object of the present invention is to provide a method and an apparatus for acquiring APP authentication information based on network packet capturing, which aim to solve the problems that when APP information is acquired in the prior art, the APP content needs to be manually refreshed each time, then information acquired by a packet capturing tool also needs to be analyzed, a person is needed to watch, and if no person is present at night, a program cannot continue to run.
The technical scheme of the invention is as follows:
a method for obtaining APP authentication information based on network packet capturing comprises the following steps:
calling a software tool to realize automatic login and simulated browsing of the APP;
acquiring a packet grabbing tool, rewriting a packet grabbing tool code and automatically acquiring request information of a specified request;
and taking out the intercepted request information, processing the request information, acquiring the analyzed APP authentication information and storing the APP authentication information.
Optionally, the invoking of the software tool realizes APP automatic login and simulated browsing, including:
and (4) pre-installing a virtual machine, calling a UI automatic testing tool to simulate clicking, and realizing APP automatic login and simulated browsing.
Optionally, the obtaining the bale plucking tool rewrites the bale plucking tool code to automatically obtain the request information of the specified request, including:
acquiring a packet grabbing tool, and rewriting a code of the packet grabbing tool;
automatically filtering whether the request passing through the packet capturing tool meets the requirement; and if the request information meets the requirements, acquiring and storing the complete request information.
Optionally, the fetching the intercepted request information, processing the request information, obtaining the analyzed APP authentication information, and storing the analyzed APP authentication information includes:
the intercepted request information is taken out, and the request information is cleaned and extracted;
and storing the analyzed APP authentication information after cleaning and extraction.
Optionally, the invoking of the software tool realizes APP automatic login and simulated browsing, including:
and (3) a virtual machine is pre-installed, an airtest tool or an appnium tool is called to simulate clicking, and automatic login and simulated browsing of the app are realized.
Optionally, the obtaining the bale plucking tool rewrites the bale plucking tool code to automatically obtain the request information of the specified request, including:
acquiring a mismatch tool or a fixdler tool, writing a mismatch code or a fixdler code by js, automatically filtering whether the request passing through the mismatch tool or the fixdler tool meets the requirement, and acquiring and storing complete request information if the request meets the requirement.
Optionally, the fetching the intercepted request information, processing the request information, obtaining the analyzed APP authentication information, and storing the analyzed APP authentication information includes:
and taking out the intercepted request information, cleaning and extracting by using a python script, acquiring the analyzed APP authentication information and storing the APP authentication information in a database.
Another embodiment of the present invention provides an apparatus for acquiring APP authentication information based on network packet capture, where the apparatus includes at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor to enable the at least one processor to execute the above method for obtaining APP authentication information based on network packet capturing.
Another embodiment of the present invention also provides a non-transitory computer-readable storage medium, which stores computer-executable instructions, and when the computer-executable instructions are executed by one or more processors, the one or more processors may be caused to execute the above method for acquiring APP authentication information based on network packet capturing.
Another embodiment of the present invention provides a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a processor, cause the processor to perform the above-mentioned method for obtaining APP authentication information based on network packet capturing.
Has the advantages that: compared with the prior art, the embodiment of the invention can automatically acquire and analyze the authentication information and automatically store the information into the database by combining a program with a packet grabbing tool, can continuously crawl the APP authentication information 24 hours all day without the need of watching by people, improves the crawling efficiency of the APP authentication information and reduces the labor cost.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
fig. 1 is a flowchart of a method for acquiring APP authentication information based on network packet capturing according to a preferred embodiment of the present invention;
fig. 2 is a schematic diagram of a hardware structure of an apparatus for acquiring APP authentication information based on network packet capture according to a preferred embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and effects of the present invention clearer and clearer, the present invention is described in further detail below. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Embodiments of the present invention will be described below with reference to the accompanying drawings.
The embodiment of the invention provides a method for acquiring APP authentication information based on network packet capturing. Referring to fig. 1, fig. 1 is a flowchart illustrating a method for obtaining APP authentication information based on network packet capturing according to a preferred embodiment of the present invention. As shown in fig. 1, it includes the steps of:
step S100, calling a software tool to realize automatic login and simulated browsing of an APP;
s200, acquiring a packet capturing tool, rewriting a packet capturing tool code, and automatically acquiring request information of a specified request;
and step S300, taking out the intercepted request information, processing the request information, acquiring and storing the analyzed APP authentication information.
In specific implementation, the embodiment of the invention mainly realizes continuous crawling of APP authentication information by combining a program with a packet capturing tool to automatically acquire, analyze and store the information into a database, and does not need to be watched by people.
Specifically, automatic login and simulated browsing of the APP are achieved through software tools such as a virtual machine and a UI automatic testing tool. The virtual machine can adopt a night spirit simulator, and other virtual machines can also be adopted according to the requirement.
After automatic login and simulated browsing are realized, a packet capturing tool is obtained, and codes of the packet capturing tool are rewritten, so that the packet capturing tool can automatically obtain request information of a specified request, wherein the specified request refers to an authentication request.
After the request information of the authentication request is obtained, the request information is analyzed, and the APP authentication information in the request information is analyzed, so that the automatic obtaining of the APP authentication information is realized. The scheme of this embodiment realizes automatic log-in app, browses app automatically, snatchs the request information automatically, and the automatic analysis and the authentication information of saving breaks away from artifical manual intervention completely for it is efficient to crawl, saves more time for the people.
In a further embodiment, a software tool is invoked to implement APP automatic login and simulated browsing, including:
and (4) pre-installing a virtual machine, calling a UI automatic testing tool to simulate clicking, and realizing APP automatic login and simulated browsing.
During specific implementation, the virtual machine is installed in advance, the virtual machine is taken as a night spirit simulator as an example, and after the night spirit simulator is installed, a UI automatic testing tool is called to simulate clicking operation, so that manual operation is not needed, APP automatic login can be achieved, and a human simulator can browse.
Further, a software tool is called to realize APP automatic login and simulated browsing, and the method comprises the following steps:
and (3) a virtual machine is pre-installed, an airtest tool or an appnium tool is called to simulate clicking, and automatic login and simulated browsing of the app are realized.
In specific implementation, automatic login and simulated browsing are realized by using an airtest + virtual machine, wherein airtest is a UI automatic test tool based on image recognition and poco control recognition for online commodities; airtest is a UI automation test tool based on image recognition and poco control recognition for online trading. The ancestor of this framework is a novel graphic scripting language Sikuli. The principle of the framework of Sikuli is that the computer user does not need to write a line of code, but uses a screen shot mode to arrange and combine a cut-out figure into a magic program, which is part of Airtest. In addition, Airtest is also based on a poco U control search frame, which is also a cross-platform U test frame of network accessibility, and the principle is similar to appium, and locates a target control by the name, id, and the like of the control, and then calls a function method, such as click (), and a method like skip (), to click or operate the target control.
And installing a night simulator (virtual machine), calling airtest simulation click by writing python code, and realizing automatic login and further browsing operation.
In some other embodiments, login browsing app automation may also be implemented using an appium + virtual machine; applium and airtest are the same type of tool. The appium is an automatic testing open source tool and supports native application, web application and mixed application on an iOS platform and an Android platform.
Further, acquiring a packet capturing tool, rewriting a code of the packet capturing tool, and automatically acquiring request information of a specified request, including:
acquiring a packet grabbing tool, and rewriting a code of the packet grabbing tool;
automatically filtering whether the request passing through the packet capturing tool meets the requirement; and if the request information meets the requirements, acquiring and storing the complete request information.
In specific implementation, a packet capturing tool is obtained, wherein the packet capturing tool is software for intercepting and viewing the content of the network data packet. The packet capturing tool can capture all lP messages in the data communication process and perform layer-by-layer unpacking analysis, and is always a fault troubleshooting tool commonly used in a tank in the traditional fixed network digital maintenance work. And rewriting the code of the packet capturing tool, automatically filtering whether the request passing through the packet capturing tool meets the requirement, if so, indicating that the request is the request information of the specified request, storing the request information, and if not, skipping to be unprocessed and continuously capturing the request passing through the packet capturing tool.
Further, acquiring a packet capturing tool, rewriting a code of the packet capturing tool, and automatically acquiring request information of a specified request, including:
acquiring a mismatch tool or a fixdler tool, writing a mismatch code or a fixdler code by js, automatically filtering whether the request passing through the mismatch tool or the fixdler tool meets the requirement, and acquiring and storing complete request information if the request meets the requirement.
In specific implementation, js is used for writing a fixdler code, whether the request passing through the packet capturing tool is in accordance is automatically filtered, if the request is in accordance, the request is completely stored in a local or database, and if not, the request is skipped. fiddler is a powerful package capture tool whose principle works in the form of a web proxy server, using proxy addresses: 127.0.0.1, port is 8888 by default, and we can also modify by setting. The proxy is to set a barrier between the client and the server, after the client sends out the request data, the proxy server intercepts the data packet, and then the proxy server impersonates the client to send the data to the server; similarly, the server returns the response data, and the proxy server intercepts the data and returns the intercepted data to the client. Fiddler can grab a data packet of any program supporting the http proxy, and if the http session is to be grabbed, a certificate is installed first.
In some other embodiments, miproxy + python is acquired and parsed; the process is the same, except that the tools used are different, and miproxy is also a bale plucking tool. mitmprroxy is a package grabber supporting HTTP and HTTPs, with functions like Fiddler, Charles, but it operates as a console.
mitmprroxy also has two associated components. One is mitmdump, which is a command line interface of mitmprroxy, and by using the interface, Python scripts can be docked, and the processing after monitoring is realized by using Python. The other is mitmweb, which is a Web program through which we can clearly observe the requests that are captured by mitmprox.
Furthermore, the intercepted request information is taken out, the analyzed APP authentication information is obtained and stored after the request information is processed, and the method comprises the following steps:
the intercepted request information is taken out, and the request information is cleaned and extracted;
and storing the analyzed APP authentication information after cleaning and extraction.
When the method is specifically implemented, the request information stored by the packet capturing tool is taken out, the request information is cleaned and extracted, the APP authentication information is obtained, and the APP authentication information is stored.
Furthermore, the intercepted request information is taken out, the analyzed APP authentication information is obtained and stored after the request information is processed, and the method comprises the following steps:
and taking out the intercepted request information, cleaning and extracting by using a python script, acquiring the analyzed APP authentication information and storing the APP authentication information in a database.
When the method is specifically implemented, a python script is used for analyzing and serializing storage; and taking out the intercepted request information, cleaning and extracting by using a python script, and storing the analyzed authentication information into a database.
The invention provides a method and a device for acquiring APP authentication information based on network packet capturing, wherein the method comprises the following steps: calling a software tool to realize automatic login and simulated browsing of the APP; acquiring a packet grabbing tool, rewriting a packet grabbing tool code and automatically acquiring request information of a specified request; and taking out the intercepted request information, processing the request information, acquiring the analyzed APP authentication information and storing the APP authentication information. According to the embodiment of the invention, the program is combined with the packet grabbing tool to automatically acquire the analysis authentication information and automatically store the analysis authentication information into the database, so that the APP authentication information can be continuously crawled 24 hours all day without watching, the crawling efficiency of the APP authentication information is improved, and the labor cost is reduced.
It should be noted that, in the foregoing embodiments, a certain order does not necessarily exist among the steps, and it can be understood by those skilled in the art according to the description of the embodiments of the present invention that, in different embodiments, the steps may have different execution orders, that is, may be executed in parallel, may be executed interchangeably, and the like.
Another embodiment of the present invention provides a device for acquiring APP authentication information based on network packet capture, as shown in fig. 2, the device 10 includes:
one or more processors 110 and a memory 120, where one processor 110 is illustrated in fig. 2, the processor 110 and the memory 120 may be connected by a bus or other means, and the connection by the bus is illustrated in fig. 2.
Processor 110 is used to implement the various control logic of apparatus 10, which may be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a single chip microcomputer, an ARM (Acorn RISCMache) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. Also, the processor 110 may be any conventional processor, microprocessor, or state machine. Processor 110 may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
The memory 120 is used as a non-volatile computer-readable storage medium, and may be used to store a non-volatile software program, a non-volatile computer-executable program, and modules, such as program instructions corresponding to the method for acquiring APP authentication information based on network packet capturing in the embodiment of the present invention. The processor 110 executes various functional applications and data processing of the apparatus 10 by running the nonvolatile software program, instructions and units stored in the memory 120, that is, implements the method for acquiring APP authentication information based on network packet capturing in the above method embodiment.
The memory 120 may include a storage program area and a storage data area, wherein the storage program area may store an application program required for operating the device, at least one function; the storage data area may store data created according to the use of the device 10, and the like. Further, the memory 120 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 120 optionally includes memory located remotely from processor 110, which may be connected to device 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more units are stored in the memory 120, and when executed by the one or more processors 110, perform the method for acquiring APP authentication information based on network packet capturing in any of the above-described method embodiments, for example, perform the above-described method steps S100 to S300 in fig. 1.
Embodiments of the present invention provide a non-transitory computer-readable storage medium storing computer-executable instructions for execution by one or more processors, for example, to perform method steps S100-S300 of fig. 1 described above.
By way of example, non-volatile storage media can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of illustration and not limitation, RAM is available in many forms such as Synchronous RAM (SRAM), dynamic RAM, (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The disclosed memory components or memory of the operating environment described herein are intended to comprise one or more of these and/or any other suitable types of memory.
Another embodiment of the present invention provides a computer program product, which includes a computer program stored on a non-volatile computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a processor, the processor is caused to execute the method for acquiring APP authentication information based on network packet capture of the above method embodiment. For example, the method steps S100 to S300 in fig. 1 described above are performed.
The above-described embodiments are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that the embodiments may be implemented by software plus a general hardware platform, and may also be implemented by hardware. Based on such understanding, the above technical solutions essentially or contributing to the related art can be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes several instructions for enabling a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the methods of the various embodiments or some parts of the embodiments.
Conditional language such as "can," "might," or "may" is generally intended to convey that a particular embodiment can include (yet other embodiments do not include) particular features, elements, and/or operations, among others, unless specifically stated otherwise or otherwise understood within the context as used. Thus, such conditional language is not generally intended to imply that features, elements, and/or operations are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without student input or prompting, whether such features, elements, and/or operations are included or are to be performed in any particular embodiment.
What has been described herein in the specification and drawings includes examples of methods and apparatus that can provide network packet capture based acquisition of APP authentication information. It will, of course, not be possible to describe every conceivable combination of components and/or methodologies for purposes of describing the various features of the disclosure, but it can be appreciated that many further combinations and permutations of the disclosed features are possible. It is therefore evident that various modifications can be made to the disclosure without departing from the scope or spirit thereof. In addition, or in the alternative, other embodiments of the disclosure may be apparent from consideration of the specification and drawings and from practice of the disclosure as presented herein. It is intended that the examples set forth in this specification and the drawings be considered in all respects as illustrative and not restrictive. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
Claims (10)
1. A method for obtaining APP authentication information based on network packet capturing is characterized by comprising the following steps:
calling a software tool to realize automatic login and simulated browsing of the APP;
acquiring a packet grabbing tool, rewriting a packet grabbing tool code and automatically acquiring request information of a specified request;
and taking out the intercepted request information, processing the request information, acquiring the analyzed APP authentication information and storing the APP authentication information.
2. The method for acquiring the APP authentication information based on the network packet capturing according to claim 1, wherein the calling of the software tool to realize the automatic login and the simulated browsing of the APP comprises:
and (4) pre-installing a virtual machine, calling a UI automatic testing tool to simulate clicking, and realizing APP automatic login and simulated browsing.
3. The method for acquiring APP authentication information based on network packet capture according to claim 1, wherein the acquiring packet capture tool rewrites a packet capture tool code to automatically acquire request information of a specified request, comprising:
acquiring a packet grabbing tool, and rewriting a code of the packet grabbing tool;
automatically filtering whether the request passing through the packet capturing tool meets the requirement; and if the request information meets the requirements, acquiring and storing the complete request information.
4. The method for acquiring the APP authentication information based on the network packet capturing according to claim 1, wherein the step of taking out the intercepted request information, processing the request information, acquiring the analyzed APP authentication information, and storing the analyzed APP authentication information comprises the steps of:
the intercepted request information is taken out, and the request information is cleaned and extracted;
and storing the analyzed APP authentication information after cleaning and extraction.
5. The method for acquiring the APP authentication information based on the network packet capturing according to claim 1, wherein the calling of the software tool to realize the automatic login and the simulated browsing of the APP comprises:
and (3) a virtual machine is pre-installed, an airtest tool or an appnium tool is called to simulate clicking, and automatic login and simulated browsing of the app are realized.
6. The method for acquiring APP authentication information based on network packet capture according to claim 1, wherein the acquiring packet capture tool rewrites a packet capture tool code to automatically acquire request information of a specific request, and comprises:
acquiring a mismatch tool or a fixdler tool, writing a mismatch code or a fixdler code by js, automatically filtering whether the request passing through the mismatch tool or the fixdler tool meets the requirement, and acquiring and storing complete request information if the request meets the requirement.
7. The method for acquiring the APP authentication information based on the network packet capturing according to claim 1, wherein the step of taking out the intercepted request information, processing the request information, acquiring the analyzed APP authentication information, and storing the analyzed APP authentication information comprises:
and taking out the intercepted request information, cleaning and extracting by using a python script, acquiring the analyzed APP authentication information and storing the APP authentication information in a database.
8. An apparatus for obtaining APP authentication information based on network packet capture, the apparatus comprising at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of network packet capture based retrieval of APP authentication information as claimed in any one of claims 1 to 7.
9. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by one or more processors, cause the one or more processors to perform the method for obtaining APP authentication information based on network bale plucking of any one of claims 1-7.
10. A computer program product, characterized in that the computer program product comprises a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a processor, cause the processor to perform the method of obtaining APP authentication information based on network bale plucking as claimed in any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910576620.2A CN110351259A (en) | 2019-06-28 | 2019-06-28 | A kind of method and device obtaining APP authentication information based on network packet capturing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910576620.2A CN110351259A (en) | 2019-06-28 | 2019-06-28 | A kind of method and device obtaining APP authentication information based on network packet capturing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110351259A true CN110351259A (en) | 2019-10-18 |
Family
ID=68177059
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910576620.2A Pending CN110351259A (en) | 2019-06-28 | 2019-06-28 | A kind of method and device obtaining APP authentication information based on network packet capturing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110351259A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110888807A (en) * | 2019-11-15 | 2020-03-17 | 苏州金智渠信息技术有限公司 | Automatic android application packet capturing method |
| CN110995538A (en) * | 2019-12-03 | 2020-04-10 | 北京博睿宏远数据科技股份有限公司 | Network data acquisition method, device, system, equipment and storage medium |
| CN111159000A (en) * | 2019-12-30 | 2020-05-15 | 北京明朝万达科技股份有限公司 | Server performance test method, device, equipment and storage medium |
| CN111243116A (en) * | 2020-01-16 | 2020-06-05 | 厦门快商通科技股份有限公司 | Method and system for automatic sign-in of APP application software |
| CN112162974A (en) * | 2020-09-25 | 2021-01-01 | 南京烽火天地通信科技有限公司 | Travel program data fixing method |
| CN112989159A (en) * | 2019-12-16 | 2021-06-18 | 浙江大搜车软件技术有限公司 | Data acquisition method and device, computer equipment and storage medium |
| WO2021136307A1 (en) * | 2019-12-31 | 2021-07-08 | 中移(苏州)软件技术有限公司 | Video data obtaining method and apparatus, electronic device, and storage medium |
| CN114598687A (en) * | 2022-01-19 | 2022-06-07 | 深圳智游网安科技有限公司 | Method, system and terminal for capturing HTTPS data packet |
| CN115052037A (en) * | 2022-08-12 | 2022-09-13 | 北京搜狐新动力信息技术有限公司 | Client detection method, device, storage medium and equipment |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572608A (en) * | 2009-06-17 | 2009-11-04 | 杭州华三通信技术有限公司 | Method and device for acquiring once-login parameters |
| CN102638459A (en) * | 2012-03-23 | 2012-08-15 | 腾讯科技(深圳)有限公司 | Authentication information transmission system, authentication information transmission service platform and authentication information transmission method |
| CN102761576A (en) * | 2011-04-28 | 2012-10-31 | 中兴通讯股份有限公司 | Web system malicious polyphonic ringtone ordering preventing method and server |
| CN102930210A (en) * | 2012-10-14 | 2013-02-13 | 江苏金陵科技集团公司 | System and method for automatically analyzing, detecting and classifying malicious program behavior |
| CN103763150A (en) * | 2014-01-02 | 2014-04-30 | 中国人民解放军装甲兵工程学院 | Data acquisition system |
| CN105468779A (en) * | 2015-12-16 | 2016-04-06 | 中国科学院软件研究所 | Browser compatibility detection oriented client Web application capture and playback system and method |
| CN105824754A (en) * | 2016-03-17 | 2016-08-03 | 广州多益网络股份有限公司 | Method for abnormally capturing and uploading Python of client program |
| CN106131090A (en) * | 2016-08-31 | 2016-11-16 | 北京力鼎创软科技有限公司 | A kind of method and system of the customer access network under web authentication |
| US20170111230A1 (en) * | 2015-10-20 | 2017-04-20 | Vss Monitoring, Inc. | Hybrid control/data plane for packet brokering orchestration |
| CN108521428A (en) * | 2018-04-20 | 2018-09-11 | 武汉极意网络科技有限公司 | A kind of realization method and system of the anti-reptile of public network based on jenkins |
| CN109783357A (en) * | 2018-12-14 | 2019-05-21 | 深圳壹账通智能科技有限公司 | The method and device of test application program, computer equipment, storage medium |
-
2019
- 2019-06-28 CN CN201910576620.2A patent/CN110351259A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572608A (en) * | 2009-06-17 | 2009-11-04 | 杭州华三通信技术有限公司 | Method and device for acquiring once-login parameters |
| CN102761576A (en) * | 2011-04-28 | 2012-10-31 | 中兴通讯股份有限公司 | Web system malicious polyphonic ringtone ordering preventing method and server |
| CN102638459A (en) * | 2012-03-23 | 2012-08-15 | 腾讯科技(深圳)有限公司 | Authentication information transmission system, authentication information transmission service platform and authentication information transmission method |
| CN102930210A (en) * | 2012-10-14 | 2013-02-13 | 江苏金陵科技集团公司 | System and method for automatically analyzing, detecting and classifying malicious program behavior |
| CN103763150A (en) * | 2014-01-02 | 2014-04-30 | 中国人民解放军装甲兵工程学院 | Data acquisition system |
| US20170111230A1 (en) * | 2015-10-20 | 2017-04-20 | Vss Monitoring, Inc. | Hybrid control/data plane for packet brokering orchestration |
| CN105468779A (en) * | 2015-12-16 | 2016-04-06 | 中国科学院软件研究所 | Browser compatibility detection oriented client Web application capture and playback system and method |
| CN105824754A (en) * | 2016-03-17 | 2016-08-03 | 广州多益网络股份有限公司 | Method for abnormally capturing and uploading Python of client program |
| CN106131090A (en) * | 2016-08-31 | 2016-11-16 | 北京力鼎创软科技有限公司 | A kind of method and system of the customer access network under web authentication |
| CN108521428A (en) * | 2018-04-20 | 2018-09-11 | 武汉极意网络科技有限公司 | A kind of realization method and system of the anti-reptile of public network based on jenkins |
| CN109783357A (en) * | 2018-12-14 | 2019-05-21 | 深圳壹账通智能科技有限公司 | The method and device of test application program, computer equipment, storage medium |
Non-Patent Citations (2)
| Title |
|---|
| LOONG_XL: "airtest、mitmproxy,抖音APP自动化模拟抓包", 《CSDN》 * |
| MR.SHAWN: "关于抖音APP爬虫的一些个人想法(以NBA为例记录)", 《CSDN》 * |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110888807A (en) * | 2019-11-15 | 2020-03-17 | 苏州金智渠信息技术有限公司 | Automatic android application packet capturing method |
| CN110888807B (en) * | 2019-11-15 | 2024-04-26 | 苏州金智渠信息技术有限公司 | Automatic packet grabbing method for android application |
| CN110995538A (en) * | 2019-12-03 | 2020-04-10 | 北京博睿宏远数据科技股份有限公司 | Network data acquisition method, device, system, equipment and storage medium |
| CN110995538B (en) * | 2019-12-03 | 2022-01-07 | 北京博睿宏远数据科技股份有限公司 | Network data acquisition method, device, system, equipment and storage medium |
| CN112989159A (en) * | 2019-12-16 | 2021-06-18 | 浙江大搜车软件技术有限公司 | Data acquisition method and device, computer equipment and storage medium |
| CN111159000A (en) * | 2019-12-30 | 2020-05-15 | 北京明朝万达科技股份有限公司 | Server performance test method, device, equipment and storage medium |
| US11812086B2 (en) | 2019-12-31 | 2023-11-07 | China Mobile (Suzhou) Software Technology Co., Ltd. | Video data obtaining method and apparatus, electronic device, and storage medium |
| WO2021136307A1 (en) * | 2019-12-31 | 2021-07-08 | 中移(苏州)软件技术有限公司 | Video data obtaining method and apparatus, electronic device, and storage medium |
| CN111243116A (en) * | 2020-01-16 | 2020-06-05 | 厦门快商通科技股份有限公司 | Method and system for automatic sign-in of APP application software |
| CN112162974A (en) * | 2020-09-25 | 2021-01-01 | 南京烽火天地通信科技有限公司 | Travel program data fixing method |
| CN114598687A (en) * | 2022-01-19 | 2022-06-07 | 深圳智游网安科技有限公司 | Method, system and terminal for capturing HTTPS data packet |
| CN114598687B (en) * | 2022-01-19 | 2024-02-23 | 深圳智游网安科技有限公司 | Grabbing method, system and terminal for HTTPS data packet |
| CN115052037A (en) * | 2022-08-12 | 2022-09-13 | 北京搜狐新动力信息技术有限公司 | Client detection method, device, storage medium and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110351259A (en) | A kind of method and device obtaining APP authentication information based on network packet capturing | |
| US11196820B2 (en) | System and method for main page identification in web decoding | |
| AU2017302249B8 (en) | Visual regression testing tool | |
| US9553918B1 (en) | Stateful and stateless cookie operations servers | |
| US9792365B2 (en) | Method and system for tracking and gathering multivariate testing data | |
| US11765165B2 (en) | Web-browser extension analysis and enhancement | |
| CN105354025B (en) | Business model based on mobile application configures system and method | |
| CN104809062B (en) | A kind of method of testing and system of artificial intelligence response system | |
| CN110516139B (en) | Crawler system and method | |
| US9858094B2 (en) | Monitoring and actuation of view controller parameters to reach deep states without manual developer intervention | |
| CN104035863B (en) | A kind of browser testing method and device | |
| CN101222349A (en) | Method and system for collecting web user action and performance data | |
| US20140325343A1 (en) | Systems and methods for processing web page data | |
| CN106598991A (en) | Web crawler system capable of realizing website interaction and automatic form extraction by conversational mode | |
| CN107766509A (en) | A kind of method and apparatus of webpage static backup | |
| CN111177519A (en) | Webpage content acquisition method and device, storage medium and equipment | |
| CN106960062A (en) | Webpage capture method and system | |
| CN104200157B (en) | A kind of webpage abnormality eliminating method and equipment | |
| EP2972940A2 (en) | Use of method overrides for dynamically changing visible page content | |
| CN109583192A (en) | A kind of fixed safety system of mobile terminal application and method based on emulation | |
| CN114116443A (en) | Page data transmission method, device, system and medium | |
| CN106998255A (en) | A kind of feedback processing server, network system and feedback method for treating | |
| CN105095070B (en) | QQ group's data capture method and system based on browser testing component | |
| US20170132052A1 (en) | Analyzing and automating work-flow in a computerized user-interface | |
| CN114697283A (en) | Message pushing method and device based on enterprise WeChat community and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191018 |