背景
最近小编接到一个获取网站请求数据的需求,要求抓取网站某个页面请求的数据。我使用Google Chrome浏览器查看了一下请求链接的传入参数,发现需要传入一个Token值才能获取数据。于是我在Chrome中登录后,通过Postman请求成功,并将Token存储到了Cookie中。然而问题又来了,在代码层面如何获取这个Token呢?.
解决方案
小编在网上查了一圈,发现Chrome浏览器的Cookie存储在本地的sqlite数据库中。在Chrome的安装目录中找到了sqlite的文件,通过读取sqlite数据库即可获得了Cookie值。如下图:
小编继续搜索,发现Chrome浏览器是开源的,算法是公开的,用到的加密算法是aes加密算法。我们不需要知道这个算法,只需要知道此算法需要一个秘钥,通过这个秘钥就可以进行加密和解密,代码如下。
实现代码
关键代码如下:
using (SqliteConnection connection = new SqliteConnection()){//1、获取google Chrome浏览器目录var userprofilePath = Environment.GetEnvironmentVariable("USERPROFILE");var sourceFile= $@"{userprofilePath}\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies";//var sourceFile = $@"{userprofilePath}\Desktop\11111111.txt";var targetFile = $@"{Directory.GetCurrentDirectory()}\GoogleFile\Cookies";//2、拷贝文件到本地目录,防止文件被占用FileInfo file = new FileInfo(sourceFile);if(!Directory.Exists($@"{Directory.GetCurrentDirectory()}\GoogleFile"))Directory.CreateDirectory($@"{Directory.GetCurrentDirectory()}\GoogleFile");if (file.Exists){file.CopyTo(targetFile, true);}//3、链接sqlite数据库connection.ConnectionString = $@"DataSource="+ targetFile;connection.Open();//4、通过select查询相关的语句SqliteCommand command = new SqliteCommand("select host_key,name,encrypted_value from cookies where name='public-token' and host_key='.cponline.cnipa.gov.cn'", connection);SqliteDataReader dataReader = command.ExecuteReader();dataReader.Read();byte[] encryptedValue = (byte[])dataReader["encrypted_value"];//5、解密数据int keyLength = 256 / 8;int nonceLength = 96 / 8;String kEncryptionVersionPrefix = "v10";int GCM_TAG_LENGTH = 16;//字符串内容取自C:\Users\用户名\AppData\Local\Google\Chrome\User Data\Local State文件的encrypted_keybyte[] encryptedKeyBytes = Convert.FromBase64String("RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACVAmSA/y7+TLs+3WWdDv1ZAAAAAAIAAAAAABBmAAAAAQAAIAAAABV7dDMB8p+vKnLEjnrhnWB4DAbB/k5XAtjWGFnci/3qAAAAAA6AAAAAAgAAIAAAAH/pnc+fF6dhG8Fpw6yQezIXtMw48xNvuyRub/cZ62XaMAAAAP1pl5QqRJmd1J4V++dhE63MEA9F4NzCHb1aOMgTnFCo1+xSHYovSTzCoYFvoDfIFUAAAAAZzDzWwwpUm6yZG9tpYu/ioRSO8V16MetQy2s7L9HHO03Q6bO8Nr05Erl1QbjCVoSgSOU4krcerUsngMwIYFyb");encryptedKeyBytes = encryptedKeyBytes.Skip("DPAPI".Length).Take(encryptedKeyBytes.Length - "DPAPI".Length).ToArray();var keyBytes = System.Security.Cryptography.ProtectedData.Unprotect(encryptedKeyBytes, null, System.Security.Cryptography.DataProtectionScope.CurrentUser);var nonce = encryptedValue.Skip(kEncryptionVersionPrefix.Length).Take(nonceLength).ToArray();encryptedValue = encryptedValue.Skip(kEncryptionVersionPrefix.Length + nonceLength).Take(encryptedValue.Length - (kEncryptionVersionPrefix.Length + nonceLength)).ToArray();var str = System.Web.HttpUtility.UrlDecode(AesGcmDecrypt(keyBytes, nonce, encryptedValue));//6、获得值Console.WriteLine($"{dataReader["host_key"]}-{dataReader["name"]}-{str}");//7、关闭数据connection.Close();}
以上代码列出了解密步骤,大家可以根据自己的项目情况调整。
AesGcmDecrypt解密的方法:
public static string AesGcmDecrypt(byte[] keyBytes, byte[] nonce, byte[] encryptedValue){GcmBlockCipher gcmBlockCipher = new GcmBlockCipher(new AesEngine());AeadParameters aeadParameters = new AeadParameters(new KeyParameter(keyBytes),128,nonce);gcmBlockCipher.Init(false, aeadParameters);byte[] plaintext = new byte[gcmBlockCipher.GetOutputSize(encryptedValue.Length)];int length = gcmBlockCipher.ProcessBytes(encryptedValue, 0, encryptedValue.Length, plaintext, 0);gcmBlockCipher.DoFinal(plaintext, length);return Encoding.UTF8.GetString(plaintext);}
