用wireshark嗅探,得知
yahoo使用了TLS
200 21.547549 x.x.x.240 202.43.216.165 TLSv1 Client Hello
202 21.619237 202.43.216.165 x.x.x.240 TLSv1 Server Hello, Certificate, Server Hello Done
203 21.619680 x.x.x.240 202.43.216.165 TLSv1 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
204 21.697178 202.43.216.165 x.x.x.240 TLSv1 Change Cipher Spec, Encrypted Handshake Message
208 21.791262 x.x.x.240 202.43.216.165 TLSv1 Application Data
208 21.793262 202.43.216.165 x.x.x.240 TLSv1 Application Data
212 21.923464 202.43.216.165 x.x.x.240 TLSv1 Encrypted Alert
216 21.958943 x.x.x.240 202.96.134.133 DNS Standard query A cn.mc159.mail.yahoo.com
//不知道浏览器怎么得到这个域名的,估计是TLS过程中下发
217 21.987224 202.96.134.133 x.x.x.240 DNS Standard query response CNAME mc.cnb.apac.mail.gm0.yahoodns.net CNAME cnb-mc.cnb.apac.mail.gm0.yahoodns.net A 203.209.230.242
221 22.054219 x.x.x.240 203.209.230.242 HTTP GET /mc/welcome?.gx=0&.tm=1304858793&.rand=8p9c3eith4ua2 HTTP/1.1
Sina原始到明文传输用户名密码
DNS Standard query A mail.sina.com.cn
DNS Standard query response A 58.63.234.251
To 58.63.234.251
Expert Info (Chat/Sequence): POST /cgi-bin/login.cgi HTTP/1.1/r/n
hao_mail_username=&hao_mail_passwd=&u=xxxxxx&psw=xxxxxx //明文传播,从hao123登陆
From 58.63.234.251
Expert Info (Chat/Sequence): HTTP/1.1 302 Found/r/n
Location: http://mail3-119.sinamail.sina.com.cn/cgi/index.php?check_time=c9429b34070dfa6c8641629a416b7a66/r/n
从hao123登陆 网易同样是post明文传递,使用第三方邮箱登陆,存在安全隐患。
网易本地登陆http://email.163.com/提供SSL安全登录,如果不勾选,则明文传递,勾选后,使用HTTP GET,估计密码在cookie内。