某淘 App 接口 x-sign 签名计算

某淘 App 接口 x-sign 签名计算


这个小插件是手淘接口请求时 Header 头里面 的 x-sign 字段的计算

xp 插件 不多解释了。这个插件会自动抓包手淘请求的接口打印在 xp 框架的日志里面，所以可以自行进行任意接口封装，比方说 手淘里面的 淘口令生成、淘口令解析、淘宝详情页面等等这些接口。

步骤：

1：准备一个拥有 xp 框架的手机(模拟器)

2：安装官方淘宝 7.6.0 版本、和本篇文章的插件，安装好后启动插件，重启手机生效

3：点开一下安装的 XP 框架跟手机淘宝 APP

4：把手机(模拟器)10086 端口转发出来（这个插件默认监听 10086 端口）

5：JXU4QkY3JXU2QzQyJXU4RkQ5JXU0RTJBJXU3QUVGJXU1M0UzJXVGRjBDJXU2M0E1JXU1M0UzJXU4REVGJXU3NTMxJXU5RUQ4JXU4QkE0JXU2NjJGL2lucHV0JTIwJXVGRjA4JXU3OTNBJXU0RjhCJXVGRjFBMTI3LjAuMC4xJTNBMTAwODYvc2lnbiV1RkYwOSUyQ0dFVCV1OEJGNyV1NkM0MiV1RkYwQyV1NTNDMiV1NjU3MCV1NTNFQSV1NjcwOSV1NEUyNCV1NEUyQSUyOGlucHV0JXUzMDAxYXBwa2V5JTI5JTIwJTI4JXU3OTNBJXU0RjhCJXVGRjFBaHR0cCUzQS8vMTI3LjAuMC4xJTNBMTAwODYvc2lnbiUzRmlucHV0JTNEWGExJTI1MmIxbnFSb2J3REFJWkUzaERPamglMjUyZnQlMjUyNiUyNTI2JTI1MjYyMTY0NjI5NyUyNTI2OTk5MTRiOTMyYmQzN2E1MGI5ODNjNWU3YzkwYWU5M2IlMjUyNjE1NzI4MzYwMzQlMjUyNm10b3AudGFvYmFvLndpcmVsZXNzLmhvbWVwYWdlLnJlbWluZCUyNTI2My4wJTI1MjYlMjUyNjI3MDIwMCUyNTQwdGFvYmFvX2FuZHJvaWRfNy42LjAlMjUyNkFuRjc3UlBfelk4SjQ2Wi13b3o1TFBCNTFUZmNqbDJpV0kyckNUbHVNSmluJTI1MjYlMjUyNiUyNTI2MjclMjZhcHBfa2V5JTNEMjE2NDYyOTclMjkldUZGMEMldTY3MDAldTU0MEUldThCRjcldTZDNDIldTdFRDMldTY3OUMldTVDMzEldTRGMUEldTUxRkEldTY3NjUlM0ElN0IlMjJzaWduJTIyJTNBJTIyYWIyMDM4MDA5MGQ0YWQ1YWUyOWIwYmRkNThlNzYxMjYwY2YzMzRiM2MxMmUwNWE0ZWQlMjIlN0Q=

PS: 抓取的日志大致为

JTBBQmFzZSUyMFNpZ25TdHJpbmclMjBSZXMlMjgldThGRDkldTRFMkEldTY2MkZpbnB1dCUyMCV1NTNDMiV1NjU3MCV1RkYwQyV1OEZEQiV1ODg0QyV1N0I3RSV1NTQwRCV1NjVGNiV1OTcwMCV1ODk4MSV1NEYyMCV1NTE2NSV1NzY4NCUyOSUyMCUzRSUzRSUzRSUyMCU3QklOUFVUJTNEWGExKzFucVJvYndEQUlaRTNoRE9qaC90JTI2JTI2JTI2MjE2NDYyOTclMjY5OTkxNGI5MzJiZDM3YTUwYjk4M2M1ZTdjOTBhZTkzYiUyNjE1NzI4MzU5OTElMjZtdG9wLmNvbW1vbi5nZXR0aW1lc3RhbXAlMjYqJTI2JTI2MjcwMjAwQHRhb2Jhb19hbmRyb2lkXzcuNi4wJTI2JTI2JTI2JTI2MjclN0QlMEElMEFCYXNlJTIwU2lnbiUyMFBhcmFtcyU1QyU1QjAlNUQlMjgldThGRDkldTRFMkEldTY2MkYldThDMDMldTc1MjgldTdCN0UldTU0MEQldTY1QjkldTZDRDUldTY1RjYldTRGMjAldTUxNjUldTc2ODQldTdCMkMldTRFMDAldTRFMkEldTUzQzIldTY1NzAlMjklMjAlM0UlM0UlM0UlMjAlN0J1aWQlM0RudWxsJTJDJTIwdHRpZCUzRDI3MDIwMEB0YW9iYW9fYW5kcm9pZF83LjYuMCUyQyUyMHNpZCUzRG51bGwlMkMlMjB4LWZlYXR1cmVzJTNEMjclMkMlMjBkYXRhJTNEJTdCJTdEJTJDJTIwdiUzRColMkMlMjB1dGRpZCUzRFhhMSsxbnFSb2J3REFJWkUzaERPamgvdCUyQyUyMHQlM0QxNTcyODM1OTkxJTJDJTIwYXBpJTNEbXRvcC5jb21tb24uZ2V0dGltZXN0YW1wJTJDJTIwZGV2aWNlSWQlM0RudWxsJTJDJTIwYXBwS2V5JTNEMjE2NDYyOTclN0QlMEElMEFCYXNlJTIwU2lnbiUyMFBhcmFtcyU1QyU1QjElNUQlMjgldThGRDkldTRFMkEldTY2MkYldThDMDMldTc1MjgldTdCN0UldTU0MEQldTY1QjkldTZDRDUldTY1RjYldTRGMjAldTUxNjUldTc2ODQldTdCMkMldTRFOEMldTRFMkEldTUzQzIldTY1NzAldUZGMEMldTVFOTQldThCRTUldTY2MkZhcHBrZXklMjklMjAlM0UlM0UlM0UlMjAyMTY0NjI5NyUwQSUwQUJhc2UlMjBTaWduJTIwUGFyYW1zJTVDJTVCMiU1RCUyOCV1OEZEOSV1NEUyQSV1NjYyRiV1OEMwMyV1NzUyOCV1N0I3RSV1NTQwRCV1NjVCOSV1NkNENSV1NjVGNiV1NEYyMCV1NTE2NSV1NzY4NCV1N0IyQyV1NEUwOSV1NEUyQSV1NTNDMiV1NjU3MCV1RkYwQyV1NTdGQSV1NjcyQyV1NEUzQW51bGwlMjklMjAlM0UlM0UlM0UlMjBudWxsJTBBJTBBQmFzZSUyMFNpZ24lMjBSZXMlMjgldThGRDkldTRFMkEldTY2MkYldThDMDMldTc1MjgldTdCN0UldTU0MEQldTY1QjkldTZDRDUldUZGMEMldTY3MDAldTU0MEUldTc2ODQldTdFRDMldTY3OUMlMjklMjAlM0UlM0UlM0UlMjBhYjIwMzgwMDkwZDRmNjIyNmNjZDk0MjgwZDgwMjUyZGNjNzAyZDkxN2I5ZTdkYjAyMw==

JTBBQmFzZSUyMFRhb2JhbyUyMFVybCUyOCV1OEZEOSV1NEUyQSV1NjYyRiV1OEJGNyV1NkM0MiV1NkREOCV1NUI5RCV1NjVGNiV1NzY4NCV1NjU3NCV1NEUyQWh0dHAldTUzNEYldThCQUUldTRGRTEldTYwNkYldUZGMENHRVQlMjAldThCRjcldTZDNDIldUZGMEMldTUzRUEldTY3MDlVUkwlMjAldThEREYlMjBoZWFkZXIldTU5MzQldTkwRTgldTUyMDYldTUyMkIldTc2ODQldTRFMEQldTk3MDAldTg5ODEldTc2ODQlMjklMjAlM0UlM0UlM0UlMjBSZXF1ZXN0JTdCJTIwdXJsJTNEaHR0cHMlM0EvL2d1aWRlLWFjcy5tLnRhb2Jhby5jb20vZ3cvbXRvcC5jb21tb24uZ2V0dGltZXN0YW1wLyovJTNGZGF0YSUzRCUyNTdCJTI1N0QlMkMlMjBtZXRob2QlM0RHRVQlMkMlMjBhcHBLZXklM0QyMTY0NjI5NyUyQyUyMGF1dGhDb2RlJTNEbnVsbCUyQyUyMGhlYWRlcnMlM0QlN0Jjb250ZW50LXR5cGUlM0RhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQlM0JjaGFyc2V0JTNEVVRGLTglMkMlMjB4LXVtdCUzRFMyMUxJclZMT3AxRXN6VnVOUE5hJTI1MkJ2NzBVVzUwcVZOWiUyQyUyMHgtYXBwLWNvbmYtdiUzRDE5JTJDJTIweC1mZWF0dXJlcyUzRDI3JTJDJTIweC11dGRpZCUzRFhhMSUyNTJCMW5xUm9id0RBSVpFM2hET2poJTI1MkZ0JTJDJTIwdXNlci1hZ2VudCUzRE1UT1BTREslMjUyRjMuMC40LjcrJTI1MjhBbmRyb2lkJTI1M0I0LjQuNCUyNTNCaVRvb2xzQVZNX1QwMDI2NDUwUyUyNTNCaVRvb2xzQVZNX1QwMDI2NDUwUyUyNTI5JTJDJTIweC1wdiUzRDUuMSUyQyUyMHgtbWluaS13dWElM0RISG5CX2tvUjRZZGUyRWg4elM5MUV2ako5JTI1MkJsME1Fd3BKZFJkWGRNWkdnbDRSaHl2S0lXblRIYkhWT2FBJTI1MkJYeDNteklodzR3Y0RtTWVIQ2hGVCUyNTJCcnpUZHBiMnhYVUplUzZib0VKZXdwc3oxJTI1MkJIU0glMjUyQkUlMjUzRCUyQyUyMGNhY2hlLWNvbnRyb2wlM0Ruby1jYWNoZSUyQyUyMHgtYy10cmFjZWlkJTNEbnVsbDE1NzI4MzU5OTE0ODAwMDAxMTI0NDAlMkMlMjB4LWFwcGtleSUzRDIxNjQ2Mjk3JTJDJTIweC10JTNEMTU3MjgzNTk5MSUyQyUyMHgtYXBwLXZlciUzRDcuNi4wJTJDJTIweC10dGlkJTNEMjcwMjAwJTI1NDB0YW9iYW9fYW5kcm9pZF83LjYuMCUyQyUyMHgtc2lnbiUzRGFiMjAzODAwOTBkNGY2MjI2Y2NkOTQyODBkODAyNTJkY2M3MDJkOTE3YjllN2RiMDIzJTJDJTIwZi1yZWZlciUzRG10b3AlN0QlMkMlMjBib2R5JTNEbnVsbCUyQyUyMHNlcU5vJTNETVRPUDElMkMlMjBjb25uZWN0VGltZW91dE1pbGxzJTNEMTAwMDAlMkMlMjByZWFkVGltZW91dE1pbGxzJTNEMTUwMDAlMkMlMjByZXRyeVRpbWVzJTNEMSUyQyUyMGJpeklkJTNEMCUyQyUyMGVudiUzRDAlMkMlMjByZXFDb250ZXh0JTNEbnVsbCUyQyUyMGFwaSUzRG10b3AuY29tbW9uLmdldHRpbWVzdGFtcCU3RA==

上面是大致的抓包打印的日志信息，至于怎么导出 XP 框架的日志，玩过的都知道吧，或者自行百度吧，非常简单。下面有 PHP 跟 Python 两个版本的调用例子。

附件
eHAldTYzRDIldTRFRjYlMjBodHRwcyUzQS8vd3d3LmxhbnpvdXMuY29tL2k3N3o5c2IlMEEldTZERDgldTVCOUQ3LjYuMCUyMGh0dHBzJTNBLy93d3cubGFuem91cy5jb20vaTc3emE3ZyUwQVBIUCV1OEMwMyV1NzUyOCV1NEY4QiV1NUI1MCUyMGh0dHBzJTNBLy93d3cubGFuem91cy5jb20vaTc3emE4aCUwQVB5dGhvbiV1OEMwMyV1NzUyOCV1NEY4QiV1NUI1MCUyMGh0dHBzJTNBLy93d3cubGFuem91cy5jb20vaTc3emE5aQ==

牛批，不过现在淘宝升级了 x-sign 版本，最新的是 6.3，之前的版本风控更严，而且会被慢慢淘汰，考虑搞一下最新的吗？

最新的 6.3 x-sign 已经搞到手了 企鹅 MTIxMTk2MDc4MyUwQQ==