如何利用fidder实现免密登录
2020-01-24 本文已影响0人
刀斧手何在
- 截取GET登录请求
if(oSession.url.IndexOf('www.fangle-coder.com/index/login') > -1){
oSession["ui-color"] = "red";
var arrUri = oSession.PathAndQuery.Split('?');
var strNewUrl = "http://channel.fangle-coder.com/crm_login.php";
var strPath = arrUri[0];
var strArgs = arrUri[1];
oSession.fullUrl = strNewUrl + '?' + strArgs ;
}
- 获取POST请求
if(oSession.url.IndexOf('www.fangle-coder.com/student/User/login') > -1){
oSession["ui-color"] = "red";
var str = oSession.GetRequestBodyAsString();
oSession.fullUrl = 'http://channel.fangle-coder.com/stu_login.php'+"?"+str;
oSession.utilSetRequestBody('');
oSession.RequestMethod = 'GET';
}
- json 操作
Fiddler.WebFormats.JSON.JsonEncode();
- 请求体操作
MessageBox.Show();
var comPwd = '670b14728ad9902aecba32e22fa4f6bd';//6个0
if((oSession.url.IndexOf('www.fangle-coder.com/student/User/login')> -1)
&& (oSession.GetRequestBodyAsString().IndexOf(comPwd) > -1)
){
//var whiteGateway = 'http://www.fangle-coder.com/channel/stuLogin';
var whiteGateway = "http://channel.fangle-coder.com/stu_login.php";
var strParams = oSession.GetRequestBodyAsString();
var passToken = '&passToken=ekwing-white-666-stu';
oSession["ui-color"] = "red";
oSession.fullUrl = whiteGateway
+ "?"
+ strParams
+ passToken;
oSession.utilSetRequestBody('');
oSession.RequestMethod = 'GET';
}
- 服务端接口接收改请求。绕过密码比对机制,直接生成cookie or
token
