search

Litre-WU / Sign

签到啦 (目前支持京东京豆、南航、川航、携程、微信游戏刷提现券、美团优惠券、统一快乐星球、中国移动等)
https://dev.1itre.link
194 stars 41 forks source link

云闪付账户header相关的问题 #19

Closed JiuMingZhu closed 6 months ago

JiuMingZhu commented 7 months ago

请问 ' [/95516]云闪付账户header中Authorization值', 指的是哪个账户页面 我试过去抓签到页面的请求, header里面没有Authorization

Litre-WU commented 7 months ago

请问 ' [/95516]云闪付账户header中Authorization值', 指的是哪个账户页面 我试过去抓签到页面的请求, header里面没有Authorization

app签到页host是youhui.95516.com的请求头都会有一个Authorization

JiuMingZhu commented 7 months ago

我又尝试了下, IOS最新版本的app. 设置的本地局域网Fildder作为代理.

Headers内容如图 image

RAW格式内容如下, 没有搜索到Authorization值. 请指正😄

CONNECT youhui.95516.com:443 HTTP/1.1
Host: youhui.95516.com
Connection: keep-alive
Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: AB BF A8 F1 78 EE 9A 0F FF 55 57 03 DE 4F C3 92 95 60 4D 02 D1 19 B7 84 1A 2E 8D 45 6B A2 09 71
"Time": 6/23/2098 9:22:51 PM
SessionID: C3 B5 2C A5 6C 2E 3D D1 1A 03 69 11 47 13 E0 58 91 7C F4 6F 95 73 C8 29 98 B9 91 2C 83 F2 87 52
Extensions: 
    grease (0x2a2a) empty
    server_name youhui.95516.com
    extended_master_secret  empty
    renegotiation_info  00
    supported_groups    grease [0x1a1a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
    ec_point_formats    uncompressed [0x0]
    ALPN        http/1.1
    status_request  OCSP - Implicit Responder
    signature_algs  ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
    SignedCertTimestamp (RFC6962)   empty
    key_share   00 29 1A 1A 00 01 00 00 1D 00 20 DA 92 AF 51 5F 31 AC 12 E9 AF 0A 15 B0 D7 31 BA 6B D3 D6 49 93 FC 1A C2 CF 6C FB E3 84 2E 3B 5F
    psk_key_exchange_modes  01 01
    supported_versions  grease [0x1a1a], Tls1.3, Tls1.2, Tls1.1, Tls1.0
    0x001b      02 00 01
    grease (0xfafa) 00
    padding     193 null bytes
Ciphers: 
    [1A1A]  Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
    [1301]  TLS_AES_128_GCM_SHA256
    [1302]  TLS_AES_256_GCM_SHA384
    [1303]  TLS_CHACHA20_POLY1305_SHA256
    [C02C]  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    [C02B]  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    [CCA9]  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    [C030]  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    [C02F]  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    [CCA8]  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    [C00A]  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    [C009]  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    [C014]  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
    [C013]  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
    [009D]  TLS_RSA_WITH_AES_256_GCM_SHA384
    [009C]  TLS_RSA_WITH_AES_128_GCM_SHA256
    [0035]  TLS_RSA_WITH_AES_256_CBC_SHA
    [002F]  TLS_RSA_WITH_AES_128_CBC_SHA
    [C008]  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
    [C012]  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
    [000A]  SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
    [00]    NO_COMPRESSION
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 09:30:24.161
Connection: close

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
To view the encrypted sessions inside this tunnel, enable the Tools > Options > HTTPS > Decrypt HTTPS traffic option.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
SessionID:  46 C8 A3 5F A0 3D C1 96 51 07 34 AB 62 E8 0B DD 2A 21 EE 67 25 9D D4 41 F2 53 99 FE 0A 6F 5D C0
Random:     5D A8 B8 D1 11 A2 E0 EE BE 1F EC 08 82 03 1D C0 58 BA 89 EB 24 E3 60 87 F6 8C D5 86 E2 BD 0B A6
Cipher:     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]
CompressionSuite:   NO_COMPRESSION [0x00]
Extensions:
        renegotiation_info  00
        server_name empty
        ec_point_formats    uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
        ALPN        http/1.1
        extended_master_secret  empty
Litre-WU commented 6 months ago

不要看connet和443端口的,去看GET|POST的

我又尝试了下, IOS最新版本的app. 设置的本地局域网Fildder作为代理.

Headers内容如图

image RAW格式内容如下, 没有搜索到Authorization值. 请指正😄

CONNECT youhui.95516.com:443 HTTP/1.1
Host: youhui.95516.com
Connection: keep-alive
Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: AB BF A8 F1 78 EE 9A 0F FF 55 57 03 DE 4F C3 92 95 60 4D 02 D1 19 B7 84 1A 2E 8D 45 6B A2 09 71
"Time": 6/23/2098 9:22:51 PM
SessionID: C3 B5 2C A5 6C 2E 3D D1 1A 03 69 11 47 13 E0 58 91 7C F4 6F 95 73 C8 29 98 B9 91 2C 83 F2 87 52
Extensions: 
  grease (0x2a2a) empty
  server_name youhui.95516.com
  extended_master_secret  empty
  renegotiation_info  00
  supported_groups    grease [0x1a1a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
  ec_point_formats    uncompressed [0x0]
  ALPN        http/1.1
  status_request  OCSP - Implicit Responder
  signature_algs  ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
  SignedCertTimestamp (RFC6962)   empty
  key_share   00 29 1A 1A 00 01 00 00 1D 00 20 DA 92 AF 51 5F 31 AC 12 E9 AF 0A 15 B0 D7 31 BA 6B D3 D6 49 93 FC 1A C2 CF 6C FB E3 84 2E 3B 5F
  psk_key_exchange_modes  01 01
  supported_versions  grease [0x1a1a], Tls1.3, Tls1.2, Tls1.1, Tls1.0
  0x001b      02 00 01
  grease (0xfafa) 00
  padding     193 null bytes
Ciphers: 
  [1A1A]  Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
  [1301]  TLS_AES_128_GCM_SHA256
  [1302]  TLS_AES_256_GCM_SHA384
  [1303]  TLS_CHACHA20_POLY1305_SHA256
  [C02C]  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  [C02B]  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  [CCA9]  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  [C030]  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  [C02F]  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  [CCA8]  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  [C00A]  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  [C009]  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  [C014]  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  [C013]  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  [009D]  TLS_RSA_WITH_AES_256_GCM_SHA384
  [009C]  TLS_RSA_WITH_AES_128_GCM_SHA256
  [0035]  TLS_RSA_WITH_AES_256_CBC_SHA
  [002F]  TLS_RSA_WITH_AES_128_CBC_SHA
  [C008]  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  [C012]  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  [000A]  SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
  [00]    NO_COMPRESSION
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 09:30:24.161
Connection: close

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
To view the encrypted sessions inside this tunnel, enable the Tools > Options > HTTPS > Decrypt HTTPS traffic option.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
SessionID:    46 C8 A3 5F A0 3D C1 96 51 07 34 AB 62 E8 0B DD 2A 21 EE 67 25 9D D4 41 F2 53 99 FE 0A 6F 5D C0
Random:       5D A8 B8 D1 11 A2 E0 EE BE 1F EC 08 82 03 1D C0 58 BA 89 EB 24 E3 60 87 F6 8C D5 86 E2 BD 0B A6
Cipher:       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]
CompressionSuite: NO_COMPRESSION [0x00]
Extensions:
      renegotiation_info  00
      server_name empty
      ec_point_formats    uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
      ALPN        http/1.1
      extended_master_secret  empty

不要看connet和443端口的,去看GET|POST的