朋友让我帮忙刷某个网站的票,我抓包看了一下交互过程。登陆时候的post请求带着id+passwd出去,然后得到应答里带着一个set-cookie字段,内容:zdf_auth=ced8gJ6PyIjJTheQN78Gv4Hmng1Cowm7bAGpv00hjONHqgRjrCOW14f2vCJe4P3zPx1%2Fq%2FsYpX%2BusAi%2BhQEdpWIiQgM; expires=Thu, 09-Feb-2012 02:55:06 GMT; path=/之后我点投票按钮,抓得包里带着cookie字段,如下:
Hm_lpvt_3d9d1f23896bbc7b5f205dc25b87d0ba=1244616834031; Hm_lvt_3d9d1f23896bbc7b5f205dc25b87d0ba=1244616613328; zdf_auth=ced8gJ6PyIjJTheQN78Gv4Hmng1Cowm7bAGpv00hjONHqgRjrCOW14f2vCJe4P3zPx1%2Fq%2FsYpX%2BusAi%2BhQEdpWIiQgM; PHPSESSID=5e8c898a7ffddba4a78ea493a7bca9c3我发现zdf_auth字段是相同的,但是cookie多了前边两个Hm_xxx和PHPSESSID字段,这些字段如何得到的,我没有发现哪个包里带有这些数据,是本地根据set-cookie计算生成的么? 计算方式是什么。
Hm_lpvt_3d9d1f23896bbc7b5f205dc25b87d0ba=1244616834031; Hm_lvt_3d9d1f23896bbc7b5f205dc25b87d0ba=1244616613328; zdf_auth=ced8gJ6PyIjJTheQN78Gv4Hmng1Cowm7bAGpv00hjONHqgRjrCOW14f2vCJe4P3zPx1%2Fq%2FsYpX%2BusAi%2BhQEdpWIiQgM; PHPSESSID=5e8c898a7ffddba4a78ea493a7bca9c3我发现zdf_auth字段是相同的,但是cookie多了前边两个Hm_xxx和PHPSESSID字段,这些字段如何得到的,我没有发现哪个包里带有这些数据,是本地根据set-cookie计算生成的么? 计算方式是什么。
我在应答包包里木有发现PHPSESSID这个玩意... 只看到了这一段:SET-COOKIE:zdf_auth=ced8gJ6PyIjJTheQN78Gv4Hmng1Cowm7bAGpv00hjONHqgRjrCOW14f2vCJe4P3zPx1%2Fq%2FsYpX%2BusAi%2BhQEdpWIiQgM; expires=Thu, 09-Feb-2012 02:55:06 GMT; path=/我再抓包看看,貌似的确没有SEESION ID
POST /sign/?mod=signin HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host:sxwl.ctflife.com
Content-length:47
Cache-Control: no-cacheac=signin&[email protected]&pwd=liangdong1HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Nov 2011 03:40:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: zdf_auth=9765df9MccWGmtbfo5hYpXD9K%2BGQvP01wDswCUjHAf0%2BntrDeIMVv%2
FOeZKFbfoaMQICcJZeu1T6edUiIgO365JQjM%2BA; expires=Thu, 09-Feb-2012 03:40:13 GMT;
path=/
Content-type: text/html<meta http-equiv='refresh' content='0;url=http://sxwl.ctflife.com/baoming'>