网页代码可否利用脚本拦截替换
本帖最后由 Tandent 于 2023-9-8 10:58 编辑最近在自己学习编写刷课的学习脚本,同查找网页代码发现课程学习是利用按钮跳转到Javascript代码来进行的。
!(data/attachment/forum/202309/08/102117i4ffec7gixxeyim7.png)
但是该代码利用账号权限设置了屏蔽。
!(data/attachment/forum/202309/08/102241x4u0zibuma3w0ilw.png)
因为发现点击课程学习后会打开一个全屏弹窗,通过查找找到了这个弹窗代码
`<script>
/* 为了给trainClass.js传值 */
var trainclassId4Ajax = "***";
var trainStatus = 1;
var basePath = "https://www.***.***.cn:443/";
var userName = '***;
var progress = '12';
/* end */
/* 打开一个可设置滚动条的全屏窗口 可以回调刷新窗口*/
function _openFullWindowCenter(url, winName, scrollbars, title, lessonId, type) {
if (typeof (classroomWin) != 'undefined') {
classroomWin.close();
}
var width = window.screen.availWidth;
var height = window.screen.availHeight;
var xposition = 0;
var yposition = 0;
xposition = (window.screen.availWidth - width) / 2;
yposition = (window.screen.availHeight - height) / 2;
if (yposition > 30) yposition = 30;
theproperty = "width=" + width + ","
+ "height=" + height + ","
+ "location=no,"
+ "menubar=0,"
+ "resizable=no,"
+ "status=0,"
+ "titlebar=0,"
+ "toolbar=no,"
+ "hotkeys=0,Direction=no,Resizeable=no"
+ "screenx=" + xposition + ","
+ "screeny=" + yposition + ","
+ "left=" + xposition + ","
+ "top=" + yposition;
if (scrollbars == 'false')
theproperty += ",scrollbars=no";
else
theproperty += ",scrollbars=yes";
classroomWin = window.open(url, winName, theproperty);
if (typeof (title) != 'undefined') {
$.confirm({
'title': '请确认',
'message': title,
'buttons': {
'确定': {
'class': 'blue',
'action': function () {
if (type == 1) {
$.ajax({
type: "get",
async: false,
url: "https://www.***.***.cn:443/app/zwy/api/Api/updateLearnProgress.do?lessonId=" + lessonId,
success: function (res) {
if (res.success) {
//alert(res.msg);
} else {
//alert(res.msg);
}
},
error: function () {
}
});
}
window.location.reload();
}
}
}
});
}
}
function startLesson(lessonId, coursewareId, lessonkey, tclessonId, type) {
if (type == 0 || type == 1) {
$.ajax({
type: "post",
url: 'https://www.***.***.cn:443/app/tms/tclesson/Tclesson/learnOrder.do',
async: false, // 同步调用
dataType: 'json',
data: {'tclessonId': tclessonId, 'trainclassId':29101},
success: function (data) {
if (data["success"] == 1) {
alert('请先学习' + data["lessonName"] + '后再学习该门课程');
} else {
var winName = 'classroomWin';
var url = "https://www.***a.***.cn:443/app/lms/student/Learn/enter.do?lessonId=" + lessonId + "&coursewareId=" + coursewareId + "&lessonGkey=" + lessonkey + "&tclessonId=" + tclessonId + "&lessonOrigin=trainclass";
_openFullWindowCenter(url, winName, 'true', '您正在学习,请在学习结束后,点击[确认]按钮,刷新本页面', lessonId, type);
}
},
error: function () {
$.unblockUI();
alert('error');
}
});
} else if (type == 2) {
$.ajax({
type: "get",
url: "https://www.***.***.cn:443/app/zwy/api/Api/takeZwyLessonUrl.do?lessonId=" + lessonId + "&trainclassId=" + trainclassId4Ajax,
success: function (res) {
if (res.success) {
//window.open(res.url, "_blank");
_openFullWindowCenter(res.url, 'classroomWin', 'true', '您正在学习,请在学习结束后,点击[确认]按钮,刷新本页面', lessonId, type);
} else {
//alert(res.msg);
}
},
error: function () {
alert('error');
}
});
}
}
function _submitexperience(o) {
//document.forms.xiangqing.action="https://www.***.***.cn:443/app/tms/trainexperience/Trainexperience/insertexperience.do";
//document.forms.xiangqing.submit();
var trainexperienceId = document.forms.form1.trainexperienceId.value;
var experience = document.forms.form1.experience.value;
$.blockUI({message: "正在保存..."});
$.ajax({
type: "post",
url: 'https://www.***.***.cn:443/app/tms/trainexperience/Trainexperience/insertexperience.do',
async: false, // 同步调用
dataType: 'json',
data: {
'trainexperienceId': trainexperienceId,
'experience': experience,
'trainclassId':29101
},
success: function (data) {
var flag = data["success"];
if (flag == "true") {
$.unblockUI();
$(o).attr("disabled", true);
}
},
error: function () {
$.unblockUI();
alert('error');
}
});
}
function showLesson(lessonId, tclessonId) {
document.forms.form1.lessonId.value = lessonId;
document.forms.form1.tclessonId.value = tclessonId;
document.forms.form1.action = "https://www.***.***.cn:443/app/lms/student/Userselectlesson/tclessonshow.do"
document.forms.form1.target = "_content";
document.forms.form1.submit();
document.forms.form1.target = "";
}
function _showtrainclassuser(tclessonId) {
window.open("https://www.***.***.cn:443/app/tms/tcuser/Tcuser/showtrainclassuser.do?trainclassId=" + tclessonId);
}
function lookOrPrint(param1, param2) {
if(false){
window.open("https://www.***.***.cn:443//app/cert/certificate/CertCertificate/show.do?certId=");
}else if(false){
window.open("https://www.***.***.cn:443//app/cert/certificate/CertCertificate/show.do?certId=");
}else if(false){
window.open("https://www.***.***.cn:443//app/cert/certificate/CertCertificate/show.do?certId=");
}else{
window.open("https://www.***.***.cn:443/app/ctf/certificate/Certifimangr/print.do?stuFlag=1&certificateId=&stuHour=" + param1 + "&flag=" + param2);
}
}
function printcert() {
window.open("https://www.***.***.cn:443/app/cert/award/CertAwarduser/printshow.do?awarduserId=");
}
function certPrint(exa_batch) {
if (exa_batch == '' || exa_batch == null) {
return;
}
window.open("https://www.***.***.cn:443/app/ctf/certificate/Certifimangr/cert.do?exa_batch=" + exa_batch + "&flag=1");
}
function _enterspecialclass(param) {
var temp = true;
var urlAction = "https://www.***.***.cn:443/portal/j_spring_security_check";
var j_username = "1100977";
var j_password = "123456";
var newWin = window.open();
newWin.location = "http://202.103.252.140/portal/j_spring_security_check?j_username=" + j_username + "&j_password=" + j_password + "&j_page=/portal/student/practice-list?fieldId=" + param;
/**
$.ajax({
type: "post", //提交的类型
url: urlAction, //提交地址
dataType: "json",
data:{j_username:j_username,j_password:j_password},
success: function(data){},
complete: function(event,xhr,options){
if(temp == true){
//window.location.reload();
//window.location.;
newWin.location="https://www.***.***.cn:443/portal/student/practice-list?fieldId="+param;
}
}
})
*/
}
function _updatePracticeTime() {
var temp = true;
var urlAction = "https://www.***.***.cn:443/app/tms/trainclass/Trainclass/updatePracticeTime.do?";
$.ajax({
type: "post", //提交的类型
url: urlAction, //提交地址
dataType: "json",
data: {'trainclassId':29101},
success: function (data) {
},
complete: function (event, xhr, options) {
}
})
}
function _updateEvaluate(e, tcId, url) {
var trainclassId = tcId;
var urlAction = "https://www.***.***.cn:443/app/tms/trainclass/Trainclass/updateEvaluate.do?evl=" + e + "&classid=" + trainclassId;
$.ajax({
type: "post", //提交的类型
url: urlAction, //提交地址
dataType: "json",
…
</script>`
想问可否通过脚本对上面的代码进行拦截替换,实现在新标签页打开弹窗,以及实现多开?
油猴脚本是没法拦截函数的
如果追寻自动化的话应该追寻CDP
油猴的角度来说可以做xhr拦截或者自己实现xhr然后直接打开窗口
关于多账号的问题可以考虑nodejs或者油猴自己写xhr做封包通信
然后使用cookies-jar做cookie隔离操作 绝了,我感觉好多刷课都是用的这一套jq
页:
[1]