Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

云闪付账户header相关的问题 #19

Closed
JiuMingZhu opened this issue Feb 18, 2024 · 3 comments
Closed

云闪付账户header相关的问题 #19

JiuMingZhu opened this issue Feb 18, 2024 · 3 comments

Comments

@JiuMingZhu
Copy link

请问 ' [/95516]云闪付账户header中Authorization值', 指的是哪个账户页面
我试过去抓签到页面的请求, header里面没有Authorization
@Litre-WU
Copy link
Owner

请问 ' [/95516]云闪付账户header中Authorization值', 指的是哪个账户页面 我试过去抓签到页面的请求, header里面没有Authorization

app签到页host是youhui.95516.com的请求头都会有一个Authorization

@JiuMingZhu
Copy link
Author

我又尝试了下, IOS最新版本的app. 设置的本地局域网Fildder作为代理.

Headers内容如图
image

RAW格式内容如下, 没有搜索到Authorization值. 请指正😄

CONNECT youhui.95516.com:443 HTTP/1.1
Host: youhui.95516.com
Connection: keep-alive
Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: AB BF A8 F1 78 EE 9A 0F FF 55 57 03 DE 4F C3 92 95 60 4D 02 D1 19 B7 84 1A 2E 8D 45 6B A2 09 71
"Time": 6/23/2098 9:22:51 PM
SessionID: C3 B5 2C A5 6C 2E 3D D1 1A 03 69 11 47 13 E0 58 91 7C F4 6F 95 73 C8 29 98 B9 91 2C 83 F2 87 52
Extensions: 
	grease (0x2a2a)	empty
	server_name	youhui.95516.com
	extended_master_secret	empty
	renegotiation_info	00
	supported_groups	grease [0x1a1a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
	ec_point_formats	uncompressed [0x0]
	ALPN		http/1.1
	status_request	OCSP - Implicit Responder
	signature_algs	ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
	SignedCertTimestamp (RFC6962)	empty
	key_share	00 29 1A 1A 00 01 00 00 1D 00 20 DA 92 AF 51 5F 31 AC 12 E9 AF 0A 15 B0 D7 31 BA 6B D3 D6 49 93 FC 1A C2 CF 6C FB E3 84 2E 3B 5F
	psk_key_exchange_modes	01 01
	supported_versions	grease [0x1a1a], Tls1.3, Tls1.2, Tls1.1, Tls1.0
	0x001b		02 00 01
	grease (0xfafa)	00
	padding		193 null bytes
Ciphers: 
	[1A1A]	Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
	[1301]	TLS_AES_128_GCM_SHA256
	[1302]	TLS_AES_256_GCM_SHA384
	[1303]	TLS_CHACHA20_POLY1305_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C00A]	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
	[C009]	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
	[C014]	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[C013]	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[0035]	TLS_RSA_WITH_AES_256_CBC_SHA
	[002F]	TLS_RSA_WITH_AES_128_CBC_SHA
	[C008]	TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
	[C012]	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
	[000A]	SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
	[00]	NO_COMPRESSION

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 09:30:24.161
Connection: close

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
To view the encrypted sessions inside this tunnel, enable the Tools > Options > HTTPS > Decrypt HTTPS traffic option.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
SessionID:	46 C8 A3 5F A0 3D C1 96 51 07 34 AB 62 E8 0B DD 2A 21 EE 67 25 9D D4 41 F2 53 99 FE 0A 6F 5D C0
Random:		5D A8 B8 D1 11 A2 E0 EE BE 1F EC 08 82 03 1D C0 58 BA 89 EB 24 E3 60 87 F6 8C D5 86 E2 BD 0B A6
Cipher:		TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]
CompressionSuite:	NO_COMPRESSION [0x00]
Extensions:
		renegotiation_info	00
		server_name	empty
		ec_point_formats	uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
		ALPN		http/1.1
		extended_master_secret	empty

@Litre-WU
Copy link
Owner

不要看connet和443端口的,去看GET|POST的

我又尝试了下, IOS最新版本的app. 设置的本地局域网Fildder作为代理.

Headers内容如图

image
RAW格式内容如下, 没有搜索到Authorization值. 请指正😄

CONNECT youhui.95516.com:443 HTTP/1.1
Host: youhui.95516.com
Connection: keep-alive
Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: AB BF A8 F1 78 EE 9A 0F FF 55 57 03 DE 4F C3 92 95 60 4D 02 D1 19 B7 84 1A 2E 8D 45 6B A2 09 71
"Time": 6/23/2098 9:22:51 PM
SessionID: C3 B5 2C A5 6C 2E 3D D1 1A 03 69 11 47 13 E0 58 91 7C F4 6F 95 73 C8 29 98 B9 91 2C 83 F2 87 52
Extensions: 
	grease (0x2a2a)	empty
	server_name	youhui.95516.com
	extended_master_secret	empty
	renegotiation_info	00
	supported_groups	grease [0x1a1a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
	ec_point_formats	uncompressed [0x0]
	ALPN		http/1.1
	status_request	OCSP - Implicit Responder
	signature_algs	ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
	SignedCertTimestamp (RFC6962)	empty
	key_share	00 29 1A 1A 00 01 00 00 1D 00 20 DA 92 AF 51 5F 31 AC 12 E9 AF 0A 15 B0 D7 31 BA 6B D3 D6 49 93 FC 1A C2 CF 6C FB E3 84 2E 3B 5F
	psk_key_exchange_modes	01 01
	supported_versions	grease [0x1a1a], Tls1.3, Tls1.2, Tls1.1, Tls1.0
	0x001b		02 00 01
	grease (0xfafa)	00
	padding		193 null bytes
Ciphers: 
	[1A1A]	Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
	[1301]	TLS_AES_128_GCM_SHA256
	[1302]	TLS_AES_256_GCM_SHA384
	[1303]	TLS_CHACHA20_POLY1305_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C00A]	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
	[C009]	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
	[C014]	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[C013]	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[0035]	TLS_RSA_WITH_AES_256_CBC_SHA
	[002F]	TLS_RSA_WITH_AES_128_CBC_SHA
	[C008]	TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
	[C012]	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
	[000A]	SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
	[00]	NO_COMPRESSION

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 09:30:24.161
Connection: close

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
To view the encrypted sessions inside this tunnel, enable the Tools > Options > HTTPS > Decrypt HTTPS traffic option.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
SessionID:	46 C8 A3 5F A0 3D C1 96 51 07 34 AB 62 E8 0B DD 2A 21 EE 67 25 9D D4 41 F2 53 99 FE 0A 6F 5D C0
Random:		5D A8 B8 D1 11 A2 E0 EE BE 1F EC 08 82 03 1D C0 58 BA 89 EB 24 E3 60 87 F6 8C D5 86 E2 BD 0B A6
Cipher:		TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]
CompressionSuite:	NO_COMPRESSION [0x00]
Extensions:
		renegotiation_info	00
		server_name	empty
		ec_point_formats	uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
		ALPN		http/1.1
		extended_master_secret	empty

不要看connet和443端口的,去看GET|POST的

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JiuMingZhu @Litre-WU