Wechat interception detection

Posted by EXiT on Thu, 05 Dec 2019 03:59:47 +0100

background

Due to the strict restrictions on wechat, domain names are inadvertently determined to be induced to share. Therefore, the company decided to investigate a set of stable, fast and high accuracy wechat domain name interception detection query interface.

The development team tried Google search for a while and found that they rarely shared the source code and principle. Then we fumbled for a few days and finally solved the problem.

Source code

The source code is open source in GitHub. You can learn about it if you are interested.
Address:
Wechat domain name detection source - gt9000k

principle

Use Wireshark to capture the domain name interception query interface of wechat.

The domain name has the following states:

  • Domain name can be accessed normally (not blocked by wechat)

  • Domain name blocked by wechat

    • The non WeChat official website will continue to be translated into the mobile preview mode (adding the domain name to the business domain name in the background of the public address can solve this problem).
    • According to user complaints and Tencent security website security center detection, the page contains malicious fraud content, in order to maintain a green online environment, has stopped visiting
    • The webpage contains induced behaviors such as induced sharing and attention, which have been complained by many people. In order to maintain a green online environment, the website has stopped visiting

Demo

PHP version

<?php
// Your API Token can be found in the user center
$apiToken = "********************************";
// Address or domain name to be detected
$reqUrl = "www.qq.com";
$url = sprintf("https://wx.horocn.com/api/v1/wxUrlCheck?api_token=%s&req_url=%s", $apiToken, $reqUrl);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
$responseBody = curl_exec($ch);
$responseArr = json_decode($responseBody, true);
if (json_last_error() != JSON_ERROR_NONE) {
    echo "JSON Error parsing interface result\n";
    return;
}
if (isset($responseArr['code']) && $responseArr['code'] == 0) {
    // Interface returns correctly
    // Value range of $responseArr['data']['status']: ok, blocked
    // ok indicates normal, blocked indicates blocked
    printf("Test address(%s)The status of is:%s\n", $reqUrl, $responseArr['data']['status']);
} else {
    printf("Interface exception:%s\n", var_export($responseArr, true));
}

Python version

# -*- coding: utf-8 -*-

import json, urllib
from urllib import urlencode

def main():
    # Your API Token can be found in the user center
    apiToken = "*********************"

    url = "https://wx.horocn.com/api/v1/wxUrlCheck"
    params = {
        "req_url" : "www.qq.com", #Address or domain name to be detected
        "api_token" : apiToken,

    }
    params = urlencode(params)
    f = urllib.urlopen("%s?%s" % (url, params))

    content = f.read()
    res = json.loads(content)
    if res:
        code = res["code"]
        if code == 0:
            #Successful request
            print res["result"]
        else:
            print "%s: %s" % (res["code"],res["msg"])
    else:
        print "request api error"

if __name__ == '__main__':
    main()

Topics: PHP JSON Google github

Hot Topics

©2024 Programmer Think