通过surpsuite分析登录网站的认证关键信息

作者：jyzyl00037 | 来源：互联网 | 2023-09-24 16:41

设置surpsuite分析制定网址登录目标网站用户中心前设置系统代理设置burpsuite下面的操作包括：登录账号、登录账号后进入用户中心burpsuite一

设置surp suite分析制定网址
通过surp suite分析登录网站的认证关键信息

登录目标网站用户中心前

设置系统代理
设置burp suite

通过surp suite分析登录网站的认证关键信息

下面的操作包括：登录账号、登录账号后进入用户中心
burpsuite一次点击Forward实现客户端与服务端的一次交互，并记录交互的内容

POST /gs.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2F&event_id=34219564&user_id=&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&user_number=&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

POST /user/v2/login HTTP/1.1
Host: api.gaotu100.com
Connection: close
Content-Length: 105
Accept: application/json, text/plain, /
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

mobile=17701299062&password=dad0634893c35bccf52200ba78438e7b&password_orig=sun3320318shine&isTrusted=true

OPTIONS /noviceGift/configForPC HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: POST
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: content-type,sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

POST /pv0.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2F&referrer=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile&user_number=8314384&user_id=8409173&page_str=%2Fgaotu%2Fpc%2Frefresh&pre_page_str=%2Fgaotu%2Fpc%2Findex&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/refresh
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

POST /pv0.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2Frefresh&referrer=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile&user_number=8314384&user_id=8409173&page_str=%2Fgaotu%2Fpc%2Findex&pre_page_str=%2Fgaotu%2Fpc%2Frefresh&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

OPTIONS /course/v7/pc/filter HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: GET
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

POST /noviceGift/configForPC HTTP/1.1
Host: api.gaotu100.com
Connection: close
Content-Length: 64
Accept: application/json, text/plain, /
sid: ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/json;charset=UTF-8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

{"headers":{"Content-Type":"application/x-www-form-urlencoded"}}

以上登录完成

接下来我点击用户中心，我的账户，关注客户端在域服务端交互时提交了能标记身份的sid
GET /_nuxt/pages/account/index.7d48bce6f1295717d9a4.js HTTP/1.1
Host: pc-cdn.gaotu100.com
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

POST /pv0.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2F&referrer=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile&user_number=8314384&user_id=8409173&page_str=%2Fgaotu%2Fpc%2Faccount&pre_page_str=%2Fgaotu%2Fpc%2Findex&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/account
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

POST /pv0.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2Faccount&referrer=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile&user_number=8314384&user_id=8409173&page_str=%2Fgaotu%2Fpc%2Faccount%2Fprofile&pre_page_str=%2Fgaotu%2Fpc%2Faccount&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/account/profile
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

OPTIONS /user/extra_profile?sid=ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: GET
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

修改昵称
OPTIONS /user/v2/update_profile HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: POST
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

POST /user/v2/update_profile HTTP/1.1
Host: api.gaotu100.com
Connection: close
Content-Length: 74
Accept: application/json, text/plain, /
sid: ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

name=%E5%A4%A7%E6%98%8E&sex=0&grade=13&subject=0&province=&city=&district=

添加收获地址
POST /user/consignee/address/add HTTP/1.1
Host: api.gaotu100.com
Connection: close
Content-Length: 239
Accept: application/json, text/plain, /
sid: ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

name=test&mobile=17700000001&province=%E5%8C%97%E4%BA%AC%E5%B8%82&city=%E5%8C%97%E4%BA%AC&area=%E6%9C%9D%E9%98%B3%E5%8C%BA&address=%E5%93%88%E5%93%88%E5%93%88%E4%BB%8E%E4%B8%9C%E5%9F%8E%E5%A4%A7%E9%81%93%E6%92%92%E5%A4%A7%E5%A3%B0%E5%9C%B0

刷新查看
GET /account/profile/address HTTP/1.1
Host: www.gaotu100.com
Connection: close
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://www.gaotu100.com/account/profile
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; TY_SESSION_ID=51a435a4-742f-4332-b698-94b478eacb85; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3; href=https%3A%2F%2Fwww.gaotu100.com%2F; 9755xjdesxxd=32; gdxidpyhxdE=nVu3Z46VsYdkSWgE%2Fsn%2FvoKBnizxx3qIBT9K1r26YpmCWe2dNfu1tXTLCT8N%5ChYvYZSxXYXSq3QLD1xDpegnPXMtn628rp5%2Bt6zKzJoEinPS1DkgyCAa1V1OHPsirNwVGGhYNMONNa6HnrLZtPo0VgPByKOnGJIEPDnuKadODDhUMeEC%3A1575085815745; accessId=98509990-d5eb-11e8-b96a-5995ccc5f91e; ACCOUNT=MTc3MDEyOTkwNjI=; CNZZDATA1271279500=844551988-1575078259-%7C1575191744; pageViewNum=2; user_token=ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB; user_info={%22status%22:0%2C%22error_info%22:%22%22%2C%22academic_credit%22:0%2C%22chat_app_id%22:0%2C%22chat_name%22:%22%22%2C%22chat_user_sig%22:%22%22%2C%22city%22:%22%22%2C%22coin_gold%22:0%2C%22district%22:%22%22%2C%22grade%22:%2213%22%2C%22im_token%22:%22B4IpfHpseWZ2fXVqbXoqQ0E9OUI6QD02LH99b3xqdG8tRUM_PEU9Qz84LoKAcn9sf3x6czBIPz8_OzFwf39ug4mAdTJKMkFHMz0zdIUzTENHSUdEQkRJSkY_NYZ1gIg2TjZHhlt4N0E3eIJ_e4SKdX97OVFHQzmHiod8jXuMOlM7goY7RTuOe4yBf448VT1QPZg%22%2C%22mobile%22:%22MzAwWjNOYmJaZE4%253D%22%2C%22name%22:%22%22%2C%22notify_switch%22:-1%2C%22province%22:%22%22%2C%22role%22:0%2C%22school%22:%22%22%2C%22score%22:0%2C%22session_id%22:%22ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB%22%2C%22sex%22:%222%22%2C%22student_number%22:%229439773%22%2C%22subject%22:%220%22%2C%22teacher_id%22:0%2C%22user_id%22:8409173%2C%22user_number%22:8314384%2C%22wenlike%22:%220%22}

POST /pv0.gif?page_url=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile%2Faddress&referrer=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile&user_number=8314384&user_id=8409173&page_str=%2Fgaotu%2Fpc%2Faccount%2Fprofile-address&pre_page_str=%2Fgaotu%2Fpc%2Faccount%2Fprofile-address&track_id=fa74a091-75bb-095f-ad70-0ea7958030c3&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

OPTIONS /user/consignee/address/list HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: GET
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

OPTIONS /noviceGift/configForPC HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: POST
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: content-type,sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

OPTIONS /search/getHotWords HTTP/1.1
Host: api.gaotu100.com
Connection: close
Access-Control-Request-Method: GET
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: sid
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

POST /perf.gif?url=https%3A%2F%2Fwww.gaotu100.com%2Faccount%2Fprofile%2Faddress&uuid=&uid=&path=%2Faccount%2Fprofile%2Faddress&dns=0&tcp=76&resp=2&ready=64480&tree=3062&ttfb=62356&ttsr=62523&ttfp=64085&ttdc=65590&nt=unknown&net=4g&nrtt=150&ndlm=0&ndl=10&name=gaotu-PC&ver=1.4.2 HTTP/1.1
Host: click.gaotu100.com
Connection: close
Content-Length: 0
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: /
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3

GET /favicon.ico HTTP/1.1
Host: www.gaotu100.com
Connection: close
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: image/webp,image/apng,image/,/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
COOKIE: UM_distinctid=16eba2b3adb145-02281dd2237ba1-1c3c6a5c-fa000-16eba2b3adc1af; TY_SESSION_ID=51a435a4-742f-4332-b698-94b478eacb85; _gaotu_trackid=fa74a091-75bb-095f-ad70-0ea7958030c3; href=https%3A%2F%2Fwww.gaotu100.com%2F; 9755xjdesxxd=32; gdxidpyhxdE=nVu3Z46VsYdkSWgE%2Fsn%2FvoKBnizxx3qIBT9K1r26YpmCWe2dNfu1tXTLCT8N%5ChYvYZSxXYXSq3QLD1xDpegnPXMtn628rp5%2Bt6zKzJoEinPS1DkgyCAa1V1OHPsirNwVGGhYNMONNa6HnrLZtPo0VgPByKOnGJIEPDnuKadODDhUMeEC%3A1575085815745; accessId=98509990-d5eb-11e8-b96a-5995ccc5f91e; ACCOUNT=MTc3MDEyOTkwNjI=; user_token=ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB; user_info={%22status%22:0%2C%22error_info%22:%22%22%2C%22academic_credit%22:0%2C%22chat_app_id%22:0%2C%22chat_name%22:%22%22%2C%22chat_user_sig%22:%22%22%2C%22city%22:%22%22%2C%22coin_gold%22:0%2C%22district%22:%22%22%2C%22grade%22:%2213%22%2C%22im_token%22:%22B4IpfHpseWZ2fXVqbXoqQ0E9OUI6QD02LH99b3xqdG8tRUM_PEU9Qz84LoKAcn9sf3x6czBIPz8_OzFwf39ug4mAdTJKMkFHMz0zdIUzTENHSUdEQkRJSkY_NYZ1gIg2TjZHhlt4N0E3eIJ_e4SKdX97OVFHQzmHiod8jXuMOlM7goY7RTuOe4yBf448VT1QPZg%22%2C%22mobile%22:%22MzAwWjNOYmJaZE4%253D%22%2C%22name%22:%22%22%2C%22notify_switch%22:-1%2C%22province%22:%22%22%2C%22role%22:0%2C%22school%22:%22%22%2C%22score%22:0%2C%22session_id%22:%22ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB%22%2C%22sex%22:%222%22%2C%22student_number%22:%229439773%22%2C%22subject%22:%220%22%2C%22teacher_id%22:0%2C%22user_id%22:8409173%2C%22user_number%22:8314384%2C%22wenlike%22:%220%22}; CNZZDATA1271279500=844551988-1575078259-%7C1575202606; qimo_seosource_98509990-d5eb-11e8-b96a-5995ccc5f91e=%E7%AB%99%E5%86%85; qimo_seokeywords_98509990-d5eb-11e8-b96a-5995ccc5f91e=; pageViewNum=3

GET /user/consignee/address/list HTTP/1.1
Host: api.gaotu100.com
Connection: close
Accept: application/json, text/plain, /
sid: ciIUZcsFdFHoljR8eQGUfxufMGqh6ceB
Origin: https://www.gaotu100.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: https://www.gaotu100.com/account/profile/address
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7

通过surp suite分析登录网站的认证关键信息

推荐阅读

char
使用HTML和JavaScript实现视频截图功能

本文介绍了如何利用HTML和JavaScript实现从远程MP4、本地摄像头及本地上传的MP4文件中截取视频帧，并展示了具体的实现步骤和示例代码。 ... [详细]

蜡笔小新 2024-11-15 00:19:42
utf-8
Python3爬虫实战：突破网站反爬虫机制的方法

本文详细探讨了使用Python3编写爬虫时如何应对网站的反爬虫机制，通过实例讲解了如何模拟浏览器访问，帮助读者更好地理解和应用相关技术。 ... [详细]

蜡笔小新 2024-11-14 19:48:54
split
（7）Python爬虫——爬取豆瓣电影Top250

利用python爬取豆瓣电影Top250的相关信息，包括电影详情链接,图片链接,影片中文名,影片外国名,评分,评价数,概况,导演,主演,年份,地区,类别这12项内容，然后将爬取的信息写入Exce ... [详细]

蜡笔小新 2024-11-13 11:35:24
char
网站访问全流程解析

本文详细介绍了从用户在浏览器中输入一个域名（如www.yy.com）到页面完全展示的整个过程，包括DNS解析、TCP连接、请求响应等多个步骤。 ... [详细]

蜡笔小新 2024-11-12 18:13:16
char
javascript分页类支持页码格式

前端时间因为项目需要，要对一个产品下所有的附属图片进行分页显示，没考虑ajax一张张请求，所以干脆一次性全部把图片out，然 ... [详细]

蜡笔小新 2024-11-12 14:58:57
char
php更新数据库字段的函数是,php更新数据库字段的函数是

php更新数据库字段的函数是,php更新数据库字段的函数是 ... [详细]

蜡笔小新 2024-11-12 11:37:31
utf-8
大类|电阻器_使用Requests、Etree、BeautifulSoup、Pandas和Path库进行数据抓取与处理 | 将指定区域内容保存为HTML和Excel格式

大类|电阻器_使用Requests、Etree、BeautifulSoup、Pandas和Path库进行数据抓取与处理 | 将指定区域内容保存为HTML和Excel格式 ... [详细]

蜡笔小新 2024-11-11 19:05:59
char
如何将TS文件转换为M3U8直播流：HLS与M3U8格式详解

在视频传输领域，MP4虽然常见，但在直播场景中直接使用MP4格式存在诸多问题。例如，MP4文件的头部信息（如ftyp、moov）较大，导致初始加载时间较长，影响用户体验。相比之下，HLS（HTTP Live Streaming）协议及其M3U8格式更具优势。HLS通过将视频切分成多个小片段，并生成一个M3U8播放列表文件，实现低延迟和高稳定性。本文详细介绍了如何将TS文件转换为M3U8直播流，包括技术原理和具体操作步骤，帮助读者更好地理解和应用这一技术。 ... [详细]

蜡笔小新 2024-11-11 12:12:04
controller
基于Net Core 3.0与Web API的前后端分离开发：Vue.js在前端的应用

本文介绍了如何使用Net Core 3.0和Web API进行前后端分离开发，并重点探讨了Vue.js在前端的应用。后端采用MySQL数据库和EF Core框架进行数据操作，开发环境为Windows 10和Visual Studio 2019，MySQL服务器版本为8.0.16。文章详细描述了API项目的创建过程、启动步骤以及必要的插件安装，为开发者提供了一套完整的开发指南。 ... [详细]

蜡笔小新 2024-11-11 10:58:21
version
如何在PHP中计算腾讯云接口签名，实现人脸核身接口的对接与签名配置

在PHP中实现腾讯云接口签名，以完成人脸核身功能的对接与签名配置时，需要注意将文档中的POST请求改为GET请求。具体步骤包括：使用你的`secretKey`生成签名字符串`$srcStr`，格式为`GET faceid.tencentcloudapi.com?`，确保参数正确拼接，避免因请求方法错误导致的签名问题。此外，还需关注API的其他参数要求，确保请求的完整性和安全性。 ... [详细]

蜡笔小新 2024-11-08 21:58:28
char
Python 数据库操作指南：MySQL 与 Redis 实战技巧

本文详细介绍了使用 Python 进行 MySQL 和 Redis 数据库操作的实战技巧。首先，针对 MySQL 数据库，通过 `pymysql` 模块展示了如何连接和操作数据库，包括建立连接、执行查询和更新等常见操作。接着，文章深入探讨了 Redis 的基本命令和高级功能，如键值存储、列表操作和事务处理。此外，还提供了多个实际案例，帮助读者更好地理解和应用这些技术。 ... [详细]

蜡笔小新 2024-11-07 12:55:01
split
探索阿里云RDS中MySQL的高效压缩存储引擎TokuDB应用

在过去，我曾使用过自建MySQL服务器中的MyISAM和InnoDB存储引擎（也曾尝试过Memory引擎）。今年初，我开始转向阿里云的关系型数据库服务，并深入研究了其高效的压缩存储引擎TokuDB。TokuDB在数据压缩和处理大规模数据集方面表现出色，显著提升了存储效率和查询性能。通过实际应用，我发现TokuDB不仅能够有效减少存储成本，还能显著提高数据处理速度，特别适用于高并发和大数据量的场景。 ... [详细]

蜡笔小新 2024-11-04 11:36:52
split
如何查看PHP网站及其源码

本文介绍了如何查看PHP网站及其源码的方法，包括环境搭建、本地测试、源码查看和在线查找等步骤。 ... [详细]

蜡笔小新 2024-11-14 21:51:01
utf-8
Spring Data JdbcTemplate 入门指南

本文将介绍如何使用 Spring JdbcTemplate 进行数据库操作，包括查询和插入数据。我们将通过一个学生表的示例来演示具体步骤。 ... [详细]

蜡笔小新 2024-11-14 10:33:29
char
利用REM实现移动端布局的高效适配技巧

在移动设备上实现高效布局适配时，使用rem单位已成为一种流行且有效的技术。本文将分享过去一年中使用rem进行布局适配的经验和心得。rem作为一种相对单位，能够根据根元素的字体大小动态调整，从而确保不同屏幕尺寸下的布局一致性。通过合理设置根元素的字体大小，开发者可以轻松实现响应式设计，提高用户体验。此外，文章还将探讨一些常见的问题和解决方案，帮助开发者更好地掌握这一技术。 ... [详细]

蜡笔小新 2024-11-11 19:11:53

jyzyl00037

这个家伙很懒，什么也没留下！

Tags | 热门标签

RankList | 热门文章