哈哈,Stackoverflow。
我经常遇到 Web 应用程序,并想知道,“我如何编写一个与之交互的脚本/应用程序?” (纯粹是学术性的,不是为了发送垃圾邮件!)。
例如,Omegle 网站;人们已经编写了 Python 脚本来与网站交互并在不打开浏览器的情况下运行聊天......如何?我承认 WEB 编程不是我最擅长的领域,但我真的很想知道如何从此类应用程序中提取正在使用的协议,并使用这些知识来创建自定义应用程序和修补服务。
所以基本上,我怎样才能弄清楚网络应用程序的内部工作原理(即 imeetzu.com 以便我可以编写代码从我的桌面与它交互?
先感谢您!
You'll need a set of tools to start with:
A browser with a debugging window (Chrome is particularly good for this). This will allow you in particular to access the network calls that your browser directly makes (there's a caveat coming), and to see:
A network packet sniffer to trace down anything that goes through Flash (or WebSockets). I'm quite fond of Ethereal (now called Wireshark), though if you're in the US, you could be breaking the law by using it (depends on the use you make of it). This will allow you to see every TCP frame that enters and leaves your network interface.
The knowledge you will need:
In this particular case, looks like you might have to deal with Flash. There are additional resources to help on this, although all of them are non-free. There is one particularly good Flash decompiler called SoThink SWF decompiler, which allows you to turn a SWF into a FLA or a collection of AS sources.
That's all for the tools. The method is easy - look what data comes in/out and figure out by elimination what is what. If it's encrypted, you'll need IVs and samples to hope to break it (or just decompile the code and find how the key/handshake is done). This is a very, very extensive field and I haven't even touched the tip of the iceberg with this - feel free to ask for more info.
(How do I know all this? I was a contributor to the eAthena project, which reverse-engineered a game protocol)