如何绕过微信图片的防盗链

具体实现原来可以参考这个链接: https://www.zhihu.com/question/35044484

下面给个Django下的实现代码:

@csrf_exempt
def image_proxy(request):
    img = request.GET.get('img')
    headers = {
        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
    }
    status = 0
    try:
        r = requests.get(
            img,
            headers=headers)
    except ConnectionError, ConnectTimeout:
        status = 1
    if status == 1:
        return ''
    response = HttpResponse(r.content, content_type='image/jpeg')
    return response

url.py

url(r'^spider-api/image-proxy/$', image_proxy),

访问方法,url:

http://127.0.0.1:8001/spider-api/image-proxy/?img=https://mmbiz.qpic.cn/mmbiz_png/WliaoSKPrpSPqGrhMmQK8MwKR6AZ7qDDy2JtSxRjk3ZUke41PUGP6RoaibzIgxw8ey5cejb5FzkplhgGd48oOxAg/640
Continue Reading

获取网页中所有的文字

# encoding=utf8
 
import sys
 
reload(sys)
 
sys.setdefaultencoding('utf8')
 
import re
import requests
from bs4 import BeautifulSoup
 
 
html = requests.get('https://mp.weixin.qq.com/s?src=11&timestamp=1533887718&ver=1051&signature=Xszdx5nmmHyebcH0MXxyHi7-jDwGoNDUDXCHJzPVic68tXGRSTiM3CStUDfSR*aALaC3nK3Ez4e33uLR5ir1pLgy3vEvWXWOvVXgAbsXMn5fB-HWboOW26GH*KMRVhgX&new=1')
soup = BeautifulSoup(html.text, "html5lib")
data = soup.findAll(text=True)
 
 
def visible(element):
    if element.parent.name in ['style', 'script', '[document]', 'head', 'title']:
        return False
    elif re.match('<!--.*-->', str(element.encode('utf-8'))):
        return False
    return True
 
 
result = filter(visible, data)
 
with open('res.txt', "w+") as p:
    for i in result:
        print(str(i))
        p.write(str(i))
 
 
print list(result)
Continue Reading

CommentView Plugin for IDAPro7.0

自从ida升级7.0 之后,hexrays做了很多的改动,以前的插件基本都废掉了。于是想要找个插件就变得很困难,最近分析一个文件需要获取所有的注释,但是那个针对低版本开发的commentview已经无力回天了。虽然晚上有开源的代码,但是实际修改起来比较蛋疼,不知道是不是ida的问题,编译的插件获取的地址基本都是错误的。还是按照以前的使用区段枚举,和inf信息获取的方法获取到的地址都错了,着tm就很尴尬了,测试代码如下:

for (int i = 0; i &lt; get_segm_qty(); i++) {
        segment_t *seg = getnseg(i);
        qstring segname;
        get_segm_name( &amp;segname,seg, 1024);
        msg("segname: %s, start_ea= %08x, end_ea= %08x , size=%08x \n", segname.c_str(), seg-&gt;start_ea, seg-&gt;end_ea, seg-&gt;size());
    }
msg("Database Info: start_ea= %08x, min_ea= %08x, max_ea= %08x, omin_ea= %08x, omax_ea= %08x \n", inf.start_ea, inf.min_ea, inf.max_ea, inf.omin_ea, inf.omax_ea);
    msg("lowoff= %08x, highoff= %08x, main= %08x \n", inf.lowoff, inf.highoff, inf.main);

实际获取到的数据如下,测试环境为OSX + IDA 7.0,如果谁看到了这篇文章还获取到了正确的地址麻烦通知我一声(感谢匿名用户的评论反馈:那个基址问题应该是IDA的BUG,在新的IDA 7.0.171130 (SP1)里已经修正了的,如果是正版的话就升级一下吧。)。

segname: .text, start_ea= 10001000, end_ea= 00000001 , size=effff001 
segname: .idata, start_ea= 10005000, end_ea= 00000006 , size=efffb006 
segname: .rdata, start_ea= 1000513c, end_ea= 00000003 , size=efffaec7 
segname: .data, start_ea= 10006000, end_ea= 00000005 , size=efffa005 
Database Info: start_ea= 10007000, min_ea= ff000000, max_ea= 00000000, omin_ea= 0006000f, omax_ea= 06400007 
lowoff= 00500046, highoff= 00000301, main= 10007000

获取到的end_ea都是错的。

Continue Reading