mitmproxy抓包 | Python篡改请求参数实战（五）

抓包工具mitmproxy环境配置使用（一）

抓包工具mitmproxy | mitmweb基本用法（二）

mitmproxy抓包 | Python实时生成接口自动化用例（三）

mitmproxy抓包 | Python实时生成接口自动化用例

mitmproxy抓包 | Python疑难测试场景mock实战（四）

篡改GET请求参数，实例一：

拉钩app，我的页面，显示推荐banner为8点一课

抓包信息如下，参数type=1

GET https://gate.lagou.com/v1/neirong/edu/ads/ad?type=1 HTTP/2.0{"content": {"adAppHref": "https://kaiwu.lagou.com/course/courseInfo.htm?courseId=1405&decorateId=13c247ae6d4845708fb582f6ad3ab8d6&utm_source=lagouedu&utm_medium=wode&utm_campaign=8%E7%82%B9%E4%B8%80%E8%AF%BE&_channel_track_key=fdgm67Bq&lgec_type=website&lgec_sign=9A0FAD8D532161C641529DEDC5C30AFC","adAppImage": "https://s0.lgstatic.com/i/image6/M00/66/58/CioPOWGwda-AVSDaAAB4wgdnzvg703.png","adId": 170,"adName": "8点一课","adPcHref": "","adPcImage": "","adType": null},"message": "操作成功","state": 1,"uiMessage": null
}

我们想篡改GET请求参数type=2，代码如下，看看什么效果？

class Demo:def request(self, flow):# 匹配指定的urlif 'https://gate.lagou.com/v1/neirong/edu/ads/ad' in flow.request.url:keyword = flow.request.query.get ( "type" )print(keyword)if keyword == "1":flow.request.query.set_all ( "type", ["2"] )addons = [Demo()
]

启动mitmproxy服务，再次在app刷新请求此页面，页面显示推荐banner为大数据训练营，抓包请求参数也是篡改后的数据，说明篡改生效了

GET https://gate.lagou.com/v1/neirong/edu/ads/ad?type=2 HTTP/2.0{"content": {"adAppHref": "https://edu.lagou.com/growth/sem/data_enhancement.html?utm_campaign=%E5%A4%A7%E6%95%B0%E6%8D%AE%E9%AB%98%E8%96%AA&utm_medium=xuexibanner&_channel_track_key=zaqT1dVC&utm_source=lagouedu&lgec_type=website&lgec_sign=A321FD5BDD413A5BC4B9AA31E61DCED2","adAppImage": "https://s0.lgstatic.com/i/image/M00/8F/E6/Ciqc1GAJYdOAFnqRAABV2-XV0hA152.png","adId": 11,"adName": "大数据训练营","adPcHref": "","adPcImage": "","adType": null},"message": "操作成功","state": 1,"uiMessage": null
}

篡改POST请求参数，实例二：

花生app，本地生活页面，搜索面，页面显示面相关的商品

抓包信息如下：

POST 
https:/ /hsrj-api.huashengjia100.com/general-rest/life/searchcontent-type:  application/x-www-form-urlencoded
accept-language:  zh-Hans-CN;q=1
appinfo:  PeanutHot_50109
accept:  */ *
content-length:  143
appversion:  50109
deviceidfa:  DA568519-790F-4FE3-A744-36F3B7CF4877
accept-encoding:  gzip
regid:  18171adc03a77f73a9d
osinfo:  iOS_15.1
token:  c2ab281bc23e458fa585eb108e5fad06_15320861_2
actime:  1639016889000
deviceinfo:  DeviceName_iPhone13,3
user-agent:  Mozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2014_4%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F15E148
platforms:  iOS
nettype:  1
deviceuuid:  84964BB5-8897-4717-9AA8-487059D2D8F1channelId: 28
cityId:    306
keyWords:  面
lat:       31.228150
lng:       121.512936
pageNum:   1
pageSize:  20
token:     c2ab281bc23e458fa585eb108e5fad06_15320861_2{"code": null,"data": [{"address": "浦东新区中国（上海）自由贸易试验区浦东南路1271-1289号（单）1层107、108室","cateName": "小吃快餐","cityName": "上海","dealsList": [{"dealGroupId": null,"description": "","discountRatio": 6.3,"discountRatioText": "6.3折","earnSum": 0.28,"earnSumText": "返￥0.28元","halfYearSale": -1,"orgPrice": 24.0,"pic": "https://p0.meituan.net/320.0/merchant/9cd2c719178ae2191b93bcd09f231d312409890.png%40320w_240h_1e_1c_1l%7Cwatermark%3D0","price": 15.0,"receiveUrl": null,"savePrice": 9.0,"title": "牛肉凉皮1份，可免费使用包间","type": 1}],"detailUrl": "https://hsrjh5.huashengjia100.com/page/localStore/#/index?shopId=161953838&channelId=28","distance": 39,"distanceToShow": "39m","maxSavePrice": 9.0,"regionName": "八佰伴","shopId": "161953838","shopName": "蔡记热干面（美克店）","shopPic": "https://p0.meituan.net/320.0/merchant/9cd2c719178ae2191b93bcd09f231d312409890.png%40320w_240h_1e_1c_1l%7Cwatermark%3D0","shopPower": 44,"sort": 0},{"address": "浦东新区张杨路500号华润时代广场6楼608A","cateName": "小吃快餐","cityName": "上海","dealsList": [{"dealGroupId": null,"description": "","discountRatio": 4.7,"discountRatioText": "4.7折","earnSum": 0.47,"earnSumText": "返￥0.47元","halfYearSale": -1,"orgPrice": 53.0,"pic": "https://p0.meituan.net/320.0/deal/8014afffd3f8ece057b7dafcf0a133101791008.png%40320w_240h_1e_1c_1l%7Cwatermark%3D0","price": 25.0,"receiveUrl": null,"savePrice": 28.0,"title": "葱油蛤蜊拌面单人套餐","type": 1}],"detailUrl": "https://hsrjh5.huashengjia100.com/page/localStore/#/index?shopId=1592150348&channelId=28","distance": 108,"distanceToShow": "108m","maxSavePrice": 28.0,"regionName": "八佰伴","shopId": "1592150348","shopName": "心樂麵館XINLE NOODLES（华润店）","shopPic": "https://p0.meituan.net/320.0/deal/8014afffd3f8ece057b7dafcf0a133101791008.png%40320w_240h_1e_1c_1l%7Cwatermark%3D0","shopPower": 38,"sort": 4}

篡改POST请求参数为搜索米，代码如下，看看什么效果？

class Demo:def request(self, flow):# 匹配指定的urlif 'https://hsrj-api.huashengjia100.com' in flow.request.url:flow.request.urlencoded_form = [("keyWords", "米"),("channelId","28"),("cityId","306")]addons = [Demo()
]

启动mitmproxy服务，再次在app刷新请求此页面，页面显示为米相关的商品，抓包请求参数也是篡改后的数据，说明篡改生效了

POST https://hsrj-api.huashengjia100.com/general-rest/life/search HTTP/2.0content-type:  application/x-www-form-urlencoded
accept-language:  zh-Hans-CN;q=1
appinfo:  PeanutHot_50109
accept:  */*
content-length:  42
appversion:  50109
deviceidfa:  DA568519-790F-4FE3-A744-36F3B7CF4877
accept-encoding:  gzip
regid:  18171adc03a77f73a9d
osinfo:  iOS_15.1
token:  c2ab281bc23e458fa585eb108e5fad06_15320861_2
actime:  1639017504000
deviceinfo:  DeviceName_iPhone13,3
user-agent:  Mozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2014_4%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F15E148
platforms:  iOS
nettype:  1
deviceuuid:  84964BB5-8897-4717-9AA8-487059D2D8F1keyWords:  米
channelId: 28
cityId:    306{"code": null,"data": [{"address": "宝山区上大路680号—6","cateName": "面包甜点","cityName": "上海","dealsList": [{"dealGroupId": null,"description": "","discountRatio": 6.9,"discountRatioText": "6.9折","earnSum": null,"earnSumText": "","halfYearSale": -1,"orgPrice": 268.0,"pic": "https://p1.meituan.net/320.0/deal/6b189ad0db0ba7fbe8414797c75b8d71103091.jpg%40320w_240h_1e_1c_1l%7Cwatermark%3D0","price": 184.0,"receiveUrl": null,"savePrice": 84.0,"title": "12英寸卡奇创意双层卡通1个，约12英寸，圆形","type": 1}],"detailUrl": "https://hsrjh5.huashengjia100.com/page/localStore/#/index?shopId=571123170&channelId=28","distance": null,"distanceToShow": null,"maxSavePrice": 84.0,"regionName": "上海大学","shopId": "571123170","shopName": "卡奇米酥（上海总店）","shopPic": "https://p1.meituan.net/320.0/deal/6b189ad0db0ba7fbe8414797c75b8d71103091.jpg%40320w_240h_1e_1c_1l%7Cwatermark%3D0","shopPower": 41,"sort": 0},{"address": "浦东新区川周公路4399号蚂蚁美食城","cateName": "粤菜","cityName": "上海","dealsList": [{"dealGroupId": null,"description": "","discountRatio": 6.8,"discountRatioText": "6.8折","earnSum": null,"earnSumText": "","halfYearSale": -1,"orgPrice": 54.0,"pic": "https://p0.meituan.net/320.0/deal/02f5b3d62f81bc881fb04b59ee362fa162918.jpg%40320w_240h_1e_1c_1l%7Cwatermark%3D0","price": 36.8,"receiveUrl": null,"savePrice": 17.2,"title": "双人套餐，包间免费","type": 1}],"detailUrl": "https://hsrjh5.huashengjia100.com/page/localStore/#/index?shopId=1653182204&channelId=28","distance": null,"distanceToShow": null,"maxSavePrice": 17.2,"regionName": "迪士尼","shopId": "1653182204","shopName": "香港九咔米澜（周浦店）","shopPic": "https://p0.meituan.net/320.0/deal/02f5b3d62f81bc881fb04b59ee362fa162918.jpg%40320w_240h_1e_1c_1l%7Cwatermark%3D0","shopPower": 0,"sort": 1}