Burp Proxy抓包,观察数据流过程
1. GET获取SessionID
2. Post username&password
>>perl a.pl http://localhost/login.asp
ASPSESSIONIDQSRSDQQT=JNIJLIKDNHMDAGCFLGEOGIDC; Ajstat_ok_pages=1; Ajstat_ok_times=1
>>cat a.pl
#!/usr/bin/perl -lw use LWP::UserAgent; use HTTP::Request; use HTTP::Response; use strict; use warnings; my $ua = new LWP::UserAgent; my $cookie = undef; my $host = $1 if ($ARGV[0] =~ /www.(.*)\/.*/); my $origin = 'http://'.$host; my $ok_page = '; Ajstat_ok_pages=1'; my $ok_times = '; Ajstat_ok_times=1'; my $action = '?Acton=ok'; my $post_url = $ARGV[0].$action; ############################################################################### # 1. Get cookie for next step ############################################################################### #$ua->agent('Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/28.0.1500.72 Safari/537.36'); $ua->default_header('User-Agent' => 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/28.0.1500.72 Safari/537.36'); $ua->default_header('Accept-Encoding' => 'gzip,deflate,sdch'); $ua->default_header('Accept-Language' => 'zh-CN,zh'); $ua->default_header('Accept' => 'textml,application/xhtml+xml,application/xml'); $ua->default_header('Host' => $host); $ua->default_header('Referer' => $ARGV[0]); my $request = new HTTP::Request('GET',$ARGV[0]); my $response = $ua->request($request); if ($response->is_success) { $cookie = $response->header('Set-Cookie'); } else { print $response->error_as_HTML; } ############################################################################### # 2. Setup the cookie ############################################################################### if($cookie =~ /(.*)\;/){ $cookie = $1; }else{ die "Error COOKIE: $cookie"; } $cookie = $cookie.$ok_page.$ok_times; print $cookie; ############################################################################### # 3. Login using the password ############################################################################### $ua = undef; $ua = new LWP::UserAgent; #$ua->agent('Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML,application/xml'); $ua->default_header('Host' => $host); $ua->default_header('Referer' => $ARGV[0]); $ua->default_header('Proxy-Connection' => 'keep-alive'); $ua->default_header('Cookie' => $cookie); $ua->default_header('Content-Length' => '89'); $ua->default_header('Content-Type' => 'application/x-www-form-urlencoded'); $ua->default_header('Origin' => $origin); $ua->default_header('User-Agent' => 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/28.0.1500.72 Safari/537.36'); $request = new HTTP::Request('POST',$post_url); $request->content('username=jgjguyguj+&password=11111&cookietime=1&loginsubmit=+%B5%C7+%C2%BC+&action=login'); $response = $ua->request($request); if ($response->is_success) { print $response->content; } else { print $response->error_as_HTML; }
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。