SoFunction
Updated on 2024-10-29

Python realize i personnel automatic punching sample code

Our use of the punch card software is i personnel, but I remember this, often missed the punch card signing out, set the alarm clock will forget, today and by the boss dick. So I'm ready to grab a sign-in interface, the use of crontab to realize the automatic sign-in and sign-out.

Environment Configuration

Here we use Fiddler to capture packets, Fiddler is an HTTP debugging proxy tool, in the form of a proxy server to listen to the network data flow. I didn't use Wireshark because I'm not very familiar with wireshark's filters, and because this article uses an emulator (mobile apps with a lot of background traffic, which is not easy to analyze) to capture packets, and the proxy server approach is more convenient.

Installing Fiddler

First install Fiddler (Official website address ), you need to install the fiddlercertmaker certificate generation tool (Official website address )

Fiddler Configuration

As shown in the figure, open Fiddler, Tools select Fiddler Options, check the places identified in the figure, click OK to save and restart Fiddler after configuration.

 

Open the tab again and click Action Generate certificate to desktop (filename )

 

Just upload that certificate file to the emulator.

Simulator Configuration

Records the IP backup of the current Windows NIC.

Open the emulator, select "Security" in the system settings within the emulator, select "Install from SD card", select the certificate uploaded earlier and install it. (During the process, you will be asked to set a screensaver password, just set it)

Select the WiFi connection within the emulator, long press the current WiFi, select Modify Network, select Manually Configure Proxy, fill in the address with the Windows local IP that you have recorded earlier, and the port is 8888, save and restart the emulator.

 

Start grabbing packets.

Configuring Filters

After opening Fiddler, open the simulator, this time in the Fiddler will listen to a large amount of traffic information, easy to find, we need to use filters, as shown in the figure, in the Fiddler interface on the right, select "Filters" and check the box, select "Use Filters", in the "Hosts" item, select "Show only the following Hosts", and fill in " " This will filter out the traffic information of domain names other than i Personnel. Meanwhile, in "Request Headers", check "Show only if URL contains", and fill in "gateway/attendant". Fill in "gateway/attendance/aggregate/attendance/api/sign/doSign", click Actions in the upper right corner, and select "Run Filterset now " to validate the filter. In the Traffic Information column on the left side of Fiddler, use Ctrl + X to clear all current traffic information.

Simulator Check-In

Position the simulator's analog positioning to the location where you need to clock in and out, open i Personnel, click Attendance Clocking, clock in and out and sign in, at this time there will be a listening request in Fiddler, double-click to open it, as shown in the figure.

 

As you can see, the check-in action is actually a POST request. Once we understand the basics of this POST request, we can use Python's requests module to simulate a submission.

Simulation requests

Simulating a POST request is easy, so I won't go into it here, but I'll just post the code (which sucks =.). =! can be used on the line ... do not spray ...):

#!/usr/bin/env python3
#  
# Alliot 
# 2020-1-8 
import requests
import json
import smtplib
from  import MIMEText
from  import formataddr
from time import strftime, localtime
# Ignore requests request authentication warnings
.urllib3.disable_warnings()
# Mail Settings
server = 'smtp.'
port = '25'
sender = 'From e-mail'
passwd = 'cryptographic(authorization code)'
receiver = 'Recipient'
# i Personnel check-in interface address
url = "https:///gateway/attendance/aggregate/attendance/api/sign/doSign"
# Grab the check-in request header
headersValue = {
  'Cookie': 'SESSION=XXXXXXXXXXXXXX; Path=/; HttpOnly',
  'accept': 'application/json;charset=UTF-8',
  'appKey': '',
  'appVersion': 'XXXX',
  'osVersion': 'XXXX',
  'udid': 'XXXXXX',
  'user-agent': 'IRENSHI_APP_AGENT',
  'os': 'Android',
  'irenshilocale': 'zh_CN',
  'Content-Type': 'application/json; charset=utf-8',
  'Content-Length': '272',
  'Host': '',
  'Connection': 'Keep-Alive',
  'Accept-Encoding': 'gzip',
}
# Grab a packet request json
jsonValue = {
  "deviceToken": " ",
  "deviceType": "NORMAL",
  "latitude": XXX,
  "locationName": "XXX",
  "longitude": XXX,
  "phoneName": "MI6",
  "signSource": "APP",
  "wifiMac": "XXX",
  "wifiName": "Alliot",
}
# Check-in method
def doSign(url, jsonValue, headersValue):
  r = (url, json=jsonValue, headers=headersValue, verify=False)
  global results
  results = ()
  print(strftime("%Y-%m-%d %H:%M:%S", localtime()))
  return results
# Mail alert method
def sendMail(server, port, sender, passwd, msg):
  smtp = ()
  (server, port)
  (sender, passwd)
  (msg['From'], msg['To'], msg.as_string())
  ()
  print('Email sent successfully email has send out !')
def newMail(status):
  msg = MIMEText(str(results), 'plain', 'utf-8')
  msg['From'] = formataddr(["AlliotSigner", sender])
  msg['To'] = formataddr(["Alliot", receiver])
  if status == None:
    msg['Subject'] = 'Failed to clock in -_-!'
    print("Failed to clock in.")
  else:
    msg['Subject'] = 'Automatic clock-in successful'
    print("Clocked in.")
  sendMail(server, port, sender, passwd, msg)
# Sign and notify the result by email, if you don't want to notify then doSign(url, jsonValue, headersValue) will do.
newMail(doSign(url, jsonValue, headersValue)["data"])
# doSign(url, jsonValue, headersValue)

Just modify the configuration therein to the data grabbed above (note here that theheadersValue The request header is in dictionary format.jsonValue If you get an error, check to see if it is a formatting error.)

Uploaded to the server and executed:

python3  # Your file name

After execution, open i Personnel to see if a check-in has been successfully generated, and if so, add it to the scheduled tasks.

scheduled execution

Use crontab to automate execution. For more information on the use of crontab, seeUsage and considerations of crontab under Linux | Alliot's blog

I am defining a weekly weekday clocking in at 8:00 18:00 with crontab configured as:

0 8,18 * * mon,tue,wed,thu,fri,sat /usr/bin/python3 /alliot/>>/alliot/ihr_log.txt

postscript

The whole process is very simple and crude, in fact, the general backend is able to see, because each time the check-in location is the same, so if you want to be a little more realistic, you can use a range of random numbers in the latitude and longitude of the request, the name of the location, and so on... However, it is still the same: it's possible, but it's not necessary.

This is the whole content of this article.