玩了Twitter好几天了,但都是我follow别人很少有人follow me,估计是我影响力不够吧。但是在我疯狂follow之后也会有少数人跟我,没两天跟我的人数就到100了。现在用Twitter还是老外居多很少follow到说中文的,于是改了E文签名,继续疯狂follow,这下效果更明显了,1天就到200人了。不过这种follow的方式很闹心,需要一个一个的点。Twitter在follow的时候不需要输入验证码,想到一个可以自动follow别人的方法,用nc直接向Twitter的服务器提交报文完成follow。在follow别人的时候,试着用WSockExpert(WSockExpert是一个抓包工具,它可以用来监视和截获指定进程网络数据的传输,对测试网站时非常有用。在黑客的手中,它常常被用来修改网络发送和接收数据,利用它可以协助完成很多网页脚本入侵工作。)抓取浏览器的报文,抓到了POST报文如下:
POST /friendships/create/16567987 HTTP/1.1 Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 Accept: application/json, text/javascript, */* Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: gb2312,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://twitter.com/search/users?q=google&category=people&source=find_on_twitter Content-Length: 70 Cookie: __utma=43838368.4499610204100122600.1240408740.1243434125.1243777709.5; __utmz=43838368.1242664752.3.3.utmcsr=fendou.info|utmccn=(referral)|utmcmd=referral|utmcct=/; __utmv=43838368.lang%3A%20en; __utmb=43838368.18.10.1243777709; _twitter_sess=BAh2CzoJdXNlcmkEEqGaAjoMY1NyZl4pZCIlYjZjYmMxYjFkMDAwOGZmOGU1%220AYmY3Y1JiZGNlM2IyOGQ6E3Bhc3N3b3JkX3Rva2VuIi0zOTI5MzFmNzM2ZDEy%250AYjVkMmIzZDI0YjQyYTk3ZTNkYWEzYjVhYjNkOg5yZXR1cm5fdG8wIgpmbGFz%250AaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpA%250AdXNlZHsAOgdpZCIlM2NhN2FiOTFiZWQwMGJjNmNlMmFhMTgyZDI0N2YxZGY%253D--04263e760cbc614297744e0a735cb34aa0ac50a1; __utmc=43838368; lang=en Pragma: no-cache Cache-Control: no-cache authenticity_token=131126cc3f43ba5dff8121c73a5ac7b1022b194e&twttr=true
很明显第一行是报文实现的功能follow别人后面的一串数字就你要follow对象的数字id,这个id可以在查找页面的源代码里面找到。中间的是一些我浏览器的信息。最下面是关键cookies(上面报文的cookies我改过了,你不能用,只能我用)和令牌(authenticity_token),现在有了报文试着修改一下用nc提交,我把id加1然后用nc提交,回到Twitter主页,果然在Following中多了一个人。哈哈成功了!弄个批处理开始疯狂提交
for /l %%a in (16567987,1,40000000) do ( echo POST /friendships/create/%%a HTTP/1.1 >pack.txt type footer.txt >>pack.txt nc.exe 128.121.146.228 80
简单解释一下,for /l %%a in (16567987,1,40000000) do () 变量a的值在16567987和40000000之间循环一次加1。
echo POST /friendships/create/%%a HTTP/1.1 >pack.txt 由于每次提交的报文只有前面follow的数字id不同,而后面(footer.txt的内容)是完全相同的,追加后合并为完整的报文。最后这行是用外部程序nc.exe(需要另外下载)将完整报文pack.txt提交到Twitter服务器128.121.146.228的80端口。运行一小时后成功的following 800+ 这800人中约有10%follow me 。但好景不长不到2小时的时候系统返回了不能继续加好友的提示,打开提示链接是Twitter的支持论坛上面写了Twitter的一些限制:
* 1,000 total updates per day, on any and all devices (web, mobile web, phone, API, etc. )
* 1,000 total direct messages per day, on any and all devices
* 100 API requests per hour
We’ve also placed limits on the number of people you can follow. The number is different for everyone, and is based on a ratio that changes as the account changes. If you hit a follow limit, you must balance your follower/following ratio in order to follow more people- basically, you can’t follow 50,000 people if only 23 people follow you. Based on current behavior in the Twitter community, we’ve concluded that this is both fair and reasonable.
晕了 我的鲸鱼计划泡汤了~?
又仔细看了看说明,上面没有提到加人后再删人的限制,如果我先加300人,让后在删掉这300人,这300人知道有30人会follow me 的,而且还没有受到上面规定的限制。再次抓包将删人的报文抓到,重写批处理,在加个延时。
rem N值为大概的id范围(1000000-90000000) set /a n=18000000 :go rem 第一个小循环将N值后300个ID加为好友 set /a m=0 :follow set /a id=%m%+%n% echo %id% echo POST /friendships/create/%id% HTTP/1.1 >cc.txt type follow.txt >>cc.txt rem pause nc.exe 128.121.146.228 80cc.txt type unfollow.txt >>cc.txt rem pause nc.exe 128.121.146.228 80
OK!在写这篇文章的时候这个脚本已经跑了1个多小时加了100多人,其中有10个人回跟。^_^ 一个很不错的Twitter鲸鱼诞生了!
“Twitter大鲸鱼诞生记”上的2条回复
Interesting article i totally agree with the comments above. Keep us posting
过来看看 哦