yaklang / yakit

Cyber Security ALL-IN-ONE Platform
GNU Affero General Public License v3.0
6.63k stars 830 forks source link

部分请求包编码出现错误 #1990

Open yinsel opened 1 month ago

yinsel commented 1 month ago

在抓包过程中发现部分请求包出现400,未加载其他插件。复制原始请求发现BurpSuite无此问题,怀疑是yakit对该请求包编码存在问题。

请求包如下:

GET /?jsoncallback=jQuery00006786726479427239_1726561258553&str=%7B%22rankey%22%3A%229dtoj9563bkrczf1513cuwdss016doag%22%2C%22datab%22%3A%22wfxglwyL7sxLTv8dem%2Bju8O%2BnmNABKbviQDhTdqIHe0%3D%22%2C%22datac%22%3A%22l1C9TdWP%2BDZVUZ5dDTFJxiK26gn%2BpIRDzuy1Yakw8RYCsOKLciRgZjxZxN86Z%2BLHBybZtDK%2Fn7%2Bfcl1st1LoMztvkyvCYY70Iup3ckTr5it%2B1FphGFny%2FsnmQyHPx6xmfZeu0vj5Lg0cHxCW2YZwxj4aEEwavtnT2%2BR8kBTk89A0ZcJHbBJR2SID4gGZNfq3i5WVbb%2FJGMXgcrHmtd%2Baz25JkUdBOIzPHFdanfVw7VFw8maktGs5l7RiEvAuSv8qeQqWCGT%2BaWpwk8KxTLkS5YJWckURc7tAZaMOxZZ6y56T4Tx65GKdxtEg9TstbSqaDm9ZpCj3rLEAT%2F21TAZCjZUmFBwtvSWXEF8%2Bol4XKEtTS%2B%2B26ZelwPDXpxuz557X4JUnmpVKe7WgBzusQq2LUMoPUpOD9GiDLCmnfFKD16b23Adm8n5QlmO%2Fm6azLMgY%2FJXFjWAd5mlWHhmT5SywJy8P%2FiorneN72AQ8zu1VLpxqei2NhO%2BqNJdLeIV4%2FfOPDhsdX1hpYQzIPuAsOcv%2BnKJRRQWXx2HmvV2kfJhTOTPpRe1KCD5Z9Mo3H%2F2Zwba%2FibxTBXJEYK9CYXUIRiYeFyP2bBVF%2FSnbuSLXLVxuLNLtdt9DESP2u4hdq1G90UJIcyxovSzYEe6KWzgt4qXwtyNhiY1Ts4c9qK39eeJk9Q5xigszKqU4wavqwy15dGj34sIxZy96GuGTZqXLsW%2BjowPHMyuYUqzf55S5PKlOZ24L1y7kLocdVeiEhN%2BY3u7JO2LInGLbqOts8GGlrqREIqzcgxnfjO%2FlCgaM9bA9ul8pRYkjoGDliqW9%2Bp2KFRGR%2BBkJh7TTiWIpdO%2B2GSvKCBt2LscK6yxWtYNJaZqLs4zsD4H%2FUTK1VAxdx1pOAMSCEhIH5ebP8cIkh4x09U25r%2FisnqvXOvPHZUoEvXptVXQEJhZYe6vFiDtM5r7zy5JJGfdYclzIVPzYYT%2BOZ1058XZ%2ByfpTQKA88Pd9BFofZulh%2FgzEmdJTqchU4BuwlY8uOwrGirQIxGsOubPUlyAfXVyzSYftAuL3C83fCYANMDIhaAbhSuYM2RhIH5k%2BGw1d1eX2nMLTheW5kezvDA%2FNJSYY3harkXFY3jMDUS3wajxS8nBgiJdwF2wvmwDVctalqCXUJ7TGjh8EzcsZmarYrgTM0aC9duUnersepPtfQv1seEKiPjPhWNDVxo0bZs5kXsKBAShYJGP104nIM77jkHXlELlJ0fVmzUwC8373jK5JaXVakZJn5yMkh%2BhA%2FIsOb47iNV%2BwE8mlgk%2F4iTUtIsfPlRIKinYRiIx%2BzBNySkG5DhrAmCr6J1fRr%2BD020nzoe2U3IJdvSL9GWoS4Ae8y%2F8syLR%2F1FHtaN6k9ZZQs4XjmdGxnq7WfIlVKpsVuivXEhechxSYkcEymDHnIFM8TYewEjQdO2un5ahXndDf1dJCHAYkb1mJQZuNfi09wJTY2qnsuEC15JAAxaWZgBhZ8DqB58VFivu9YDSbk8cjDRDCgWTtXpfj91hHsjs4g3riAjsmCQsQ9qM0Y25TdNSWAzjsgAEOOY30frKDMDI5sONyWxwUFDk7C%2FVbmboE%2BEaoKAeKIemLeY%2FU094d3DxvTxjJ8%2FsTXoxRNapBhWY78eErtJ1gI%2BZrN%2BRyDv9Ku1wu8IY%2BG4C6wvUx82Y9vEp3lnEb1ZKJK812UrK47%2BWHlcf6RXTacr%2FhwBNicKfDtBLOp%2FqEdZ8nhKrOJi1vJb%2FnMHc6e7zki8vDADSltPoLDr%2B41T2vqbEV3ldueSy%2B4lDiSBOFuMYXeO0lfz0MaZyCt55caBTfOUI01FJWPxmVrWtkEoAFXyNayM0qI5LY3y%2FU4PPlTeVPDZYi3Ktmhl00GVcLTfN51i0g5sLNFQqyDblMH9SBw0zv%2BkP5UL9yIunV2zMu2H9ggGQR9%2FWmI1mmhEDg8gjuDDHVAiKhXIPTvvCXJQZzqgCzvLOjjOcWrjh0j7W3hnOVzb2%2F0Sz%2BWtM%2BgEE9gQvfqJXLd7QfwzBZcjrI%2F7B3OR%2FA4FBcj%2BG11qeXVb0zub7fHkFsJLe2qmhroDQwsEpm5O8t%2BOGaOhoKQFwNS3P5hK810YDeEn8f8o9Z%22%7D&_=1726561265761 HTTP/1.1
Host: 127.0.0.1:5501
Connection: keep-alive
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: zh-CN,zh;q=0.9

附上gif图:

recording

WAY29 commented 1 month ago

我猜可能是你在发包时勾选了HTTPS的原因

yinsel commented 1 month ago

本身就是https ---- 回复的原邮件 ---- | 发件人 | @.> | | 日期 | 2024年09月19日 10:34 | | 收件人 | @.> | | 抄送至 | @.>@.> | | 主题 | Re: [yaklang/yakit] 部分请求包编码出现错误 (Issue #1990) |

我猜可能是你在发包时勾选了HTTPS的原因

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>

WAY29 commented 1 month ago

你的包是发往本地端口的,我无法复现

yinsel commented 1 month ago

你的包是发往本地端口的,我无法复现

这个,需要安装一些控件:https://ebank.nmgnxs.com.cn:488/ibank/page/index/index.html

WAY29 commented 1 month ago

你的包是发往本地端口的,我无法复现

这个,需要安装一些控件:https://ebank.nmgnxs.com.cn:488/ibank/page/index/index.html

image 你好,我这边测试没有问题,用Webfuzzer也得到200 ok