抓包
看到很多小伙伴弄了安全网址检测的api或者功能,我也想弄一个,可是遇到了一个问题:
抓包抓取到的api,打开竟然是空白的!!
这原来是小伎俩,我猜腾讯是为了防止API被滥用做的Referer检测,那,用curl模拟Referer网址不就得了么?
成品
这里就为大家制作了一个二次腾讯检测网址的api成品
代码语言:php复制<?php
header('Content-Type:application/json; charset=utf-8');
function doCurl($url, $data=array(), $header=array(), $referer='', $timeout=30){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_REFERER, $referer);
$response = curl_exec($ch);
if($error=curl_error($ch)){
die($error);
}
curl_close($ch);
return $response;
}
// 调用
$url = 'https://cgi.urlsec.qq.com/index.php?m=check&a=check&url='.$_GET["url"];
$data = array();
// 设置IP
$header = array(
'CLIENT-IP: 192.168.1.100',
'X-FORWARDED-FOR: 192.168.1.100'
);
$referer = 'https://urlsec.qq.com/';
$response = doCurl($url, $data, $header, $referer, 5);
$data = substr($response, 1, -1);
$data = json_decode($data, true);
$url = $data['data']['results']['url'];
$type = $data['data']['results']['whitetype'];
$beian = $data['data']['results']['isDomainICPOk'];
$icpdode = $data['data']['results']['ICPSerial'];
$icporg = $data['data']['results']['Orgnization'];
$word = $data['data']['results']['Wording'];
$wordtit = $data['data']['results']['WordingTitle'];
$json = [
'url' => $url,
'type' => $type,
'beian' => $beian,
'icpdode' => $icpdode,
'icporg' => $icporg,
'word' => $word,
'wordtit' => $wordtit,
];
exit(json_encode($json));
?>将api搭建好后,变量url就为检测的网址,如(example.com/index.php?url=xxx.com):
json解析出来的参数结果解释如下:
参数 | 说明 |
|---|---|
url | 检测的网址 |
type | 网址类型:为"1",则网址未知(包括腾讯云绿标)为"2",则网址报毒为"3",则网址安全(即有付费的绿标) |
beian | 是否备案:为"1",则已经备案为"0",则未备案 |
beiancode | 备案号,未备案则空 |
beianorg | 备案主体,未备案则空 |
word | 报毒原因,未报毒则空 |
wordtit | 报毒原因标题,未报毒则空 |
希望对一些人有帮助!
