当前位置:首页 > iOS > 正文内容

APPStore协议之下载接口

4年前 (2017-08-29)iOS

两次下载抓包发现所提交参数只有两个地方不一样,一个自然是软件的id,另外一个则是kbsync。

接口地址:

https://buy.itunes.apple.com/WebObjects/MZBuy.woa/wa/buyProduct

cookie:


mz_mt0-11379330482ApP12//wyqkdN0H67hE9ho45tz8TxVfCrbC2/7psJG78BrFWL0V+AN7AZobYdVrOofQRZl+fytBzYwNkMed/fkUcpIrMh425NZRNaun3mAPLeWqT4ADYINGiT+h20uhvcjncrhnkX5NrlLSBNKFi/3Jk8pEIN4M08zrquaDqXIhRcAjv2tGztsLCyEFWvDt27GGNBYo=
ns-mzf-inst36-98-443-109-98-8297-142527-14-st11
session-store-id3741F8DA14D9A87BFF01317FA8408C2D
hsaccnt1
mzf_in142527
wosid-liteq3alZ8ULE3mkcvGTqri6W0
pldfltcida49df753299c44dca8e7cfabdd51c8fc014
mz_at_ssl-11379330482AwUAAAECAAGu3AAAAABZpP3ldwspSXq1qBRfctK+BBaQSn+3APQ=
mz_at0-11379330482AwQAAAECAAGu3AAAAABZpP3lp2KD7tkhp4zIGjkHE869AASRrlw=
X-Dsid11379330482
itspod14

POST内容

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0"> 

<dict> 

<key>buyAndSkipHarvesting</key> 

<string>true</string> 

<key>buyWithoutAuthorization</key> 

<string>true</string> 

<key>creditDisplay</key> 

<string /> 

<key>guid</key> 

<string>************</string> 

<key>hasAskedToFulfillPreorder</key> 

<string>true</string> 

<key>hasDoneAgeCheck</key> 

<string>true</string> 

<key>kbsync</key> 

<data> AAQAAyEjTs7hB0bwNszFiZIlpWv9lDQxSm9+OWDLFwguRmRotHDrQMMpOvs9N5thaJ0e

cOjOt4C/7js3RjGvxqUracTIaD9fbj5nlZV5htvelM0yzuhA3LTg1KQ++t68zfbECEb4 Pz9I6txik4aLG1LfGa/OV2xq63zgRCsKVI8KCMhrYir3cowAmkHEFDwRBtTBrft65s+s

untmsbu2/IKJi2cr5+zJOOnciJwk0hZ+gVBqwg77mGiQZ/JWSNVB39vTDA== </data> 

<key>machineName</key> 

<string>Alan'NB6</string> 

<key>needDiv</key> 

<string>0</string> 

<key>origPage</key> 

<string>Software-CN</string> 

<key>origPage2</key> 

<string>Genre-CN-Mobile Software Applications</string> 

<key>origPageCh</key> 

<string>Software Page</string> 

<key>origPageCh2</key> 

<string>Mobile Software Applications-main</string> 

<key>origPageLocation</key> 

<string>Buy</string> 

<key>origPageLocation2</key> 

<string>Tab_iphone|Swoosh_1|Lockup_6</string> 

<key>price</key> 

<string>0</string> 

<key>pricingParameters</key> 

<string>STDQ</string> 

<key>productType</key> 

<string>C</string> 

<key>salableAdamId</key> 

<string>1177989193</string> 

<key>wasWarnedAboutFirstTimeBuy</key> 

<string>true</string> 

</dict> 

</plist>

HEAD


POST /WebObjects/MZBuy.woa/wa/buyProduct HTTP/1.1
Hostbuy.itunes.apple.com
Accept*/*
X-Apple-Store-Front143465-19,17
X-TokenAwIAAAECAAGu3AAAAABZpP3ltQGZ3zI9p+fzb9Efn4NacrwPVKA=
Accept-Languagezh-cn, zh;q=0.75, en-us;q=0.50, en;q=0.25
Accept-Encodinggzip
User-AgentiTunes/11.3 (Windows; Microsoft Windows 7 x64 Ultimate Edition Service Pack 1 (Build 7601)) AppleWebKit/537.60.17
Connectionkeep-alive
X-Dsid11379330482
Cookiemz_mt0-11379330482=ApP12//wyqkdN0H67hE9ho45tz8TxVfCrbC2/7psJG78BrFWL0V+AN7AZobYdVrOofQRZl+fytBzYwNkMed/fkUcpIrMh425NZRNaun3mAPLeWqT4ADYINGiT+h20uhvcjncrhnkX5NrlLSBNKFi/3Jk8pEIN4M08zrquaDqXIhRcAjv2tGztsLCyEFWvDt27GGNBYo=; ns-mzf-inst=36-98-443-109-98-8297-142527-14-st11; session-store-id=3741F8DA14D9A87BFF01317FA8408C2D; hsaccnt=1; mzf_in=142527; wosid-lite=q3alZ8ULE3mkcvGTqri6W0; pldfltcid=a49df753299c44dca8e7cfabdd51c8fc014; mz_at_ssl-11379330482=AwUAAAECAAGu3AAAAABZpP3ldwspSXq1qBRfctK+BBaQSn+3APQ=; mz_at0-11379330482=AwQAAAECAAGu3AAAAABZpP3lp2KD7tkhp4zIGjkHE869AASRrlw=; X-Dsid=11379330482; itspod=14
X-Apple-Tz28800
Content-Length2327
Content-Typeapplication/x-www-form-urlencoded


扫描二维码推送至手机访问。

版权声明:本文由小祥子的博客发布,如需转载请注明出处。

本文地址:http://www.xiaoxiangzi.com/post/57.html

相关文章

AuthKit之AKAnisetteData

   "X-Apple-I-MD" = "AAAABQAAABDWY2vBx3pIU8OPynC3vEvQAAAAAw=="; ...

iTunes&AppStore登录窗口

今天逆向找了半天,找出在设置里的itunes store与appstore点击登录后显示的登录框。涉及framework有authkit与authkitui.framework其中一个可疑的方法- (...

iOS layer addAnimation动画

使用方法:[view.layer addAnimation:<#(nonnull CAAnimation *)#> forKey:nil]+(CAT...

AuthKit之AKAccountManager

+ (BOOL)isAccountsFrameworkAvailable;检测服务是否可用- (id)_tokenWithName:(id)arg1 forAccount:(id)arg2;生成tok...

APPStore协议之登录接口

以前还能用各种软件抓APPStore的HTTPS通讯过程,现在不行了。不过还是抓到了。登录地址:https://buy.itunes.apple.com/WebObjects/MZFinance.wo...

iOS ocr文字识别

因为项目需要,所以调查了一个关于ocr识别的相关资料。这里分手写识别与打印体识别:1.手写识别,可集成百度的SDK,但是要收费。2.打印体识别,可集成开源项目tesseract https:...