67.220.90.12/bbs/index.php,对乌云漏洞库payload的整理以及Burp辅助插件

66b39cefea89699334f2cf28c29bb452.gif

来自于一个小的想法,我们能否从一个http

burp插件

然后写了一个burp插件,用来辅助寻找http请求包中域名,路径,参数等获取乌云历史漏洞中类似的数据。

66b39cefea89699334f2cf28c29bb452.gif

Payload排名Top

既然已经将wooyun中的一些url抓取出来,不如来统计一些常用的字典来丰富一下字典?

出现漏洞的端口Top100

端口号

出现次数

8080

6710

80

2458

81

1345

8081

925

7001

885

8000

882

8088

740

8888

735

9090

578

8090

477

88

446

8001

406

82

401

9080

350

8082

301

8089

265

9000

225

8443

206

9999

185

8002

162

89

160

8083

142

8200

141

8008

135

90

135

8086

129

801

127

8011

120

8085

120

9001

118

9200

117

8100

111

8012

108

85

105

8084

102

8070

101

7002

99

8091

94

8003

92

99

91

7777

84

8010

78

443

73

8028

72

8087

71

83

70

7003

70

10000

68

808

64

38888

64

8181

64

800

63

18080

63

8099

62

8899

62

86

62

8360

58

8300

57

8800

52

8180

52

3505

49

7000

49

9002

47

8053

43

1000

42

7080

40

8989

38

28017

38

9060

36

888

34

3000

34

8006

34

41516

34

880

34

8484

34

6677

33

8016

32

84

32

7200

31

9085

30

5555

30

8280

29

7005

29

1980

29

8161

28

9091

27

7890

27

8060

27

6080

27

8880

26

8020

26

7070

26

889

26

8881

24

9081

24

8009

24

7007

24

8004

23

38501

23

1010

23

最后得到的端口数量在1104,说明在端口扫描时,只需要扫描这一千端口就行,很大节省了效率。

ASP Top100

路径

出现次数

/news_show.asp

233

/about.asp

205

/news.asp

201

/login.asp

173

/index.asp

167

/admin/login.asp

141

/list.asp

130

/show.asp

112

/shownews.asp

88

/search.asp

85

/News_show.asp

85

/product.asp

83

/news_list.asp

70

/article.asp

67

/view.asp

59

/default_standard.asp

59

/info.asp

58

/news_more.asp

57

/newshow.asp

54

/news_detail.asp

48

/news_view.asp

47

/admin/index.asp

46

/products.asp

46

/nzcmslistnews.asp

46

/read.asp

44

/index1.asp

44

/detail.asp

43

/contact.asp

42

/tt/inc/login.asp

41

/default.asp

41

/readnews.asp

40

/mucc/about.asp

39

/doc/page/main.asp

38

/About.asp

37

/onews.asp

37

/cp.asp

37

/News.asp

36

/content.asp

36

/doc/page/login.asp

36

/productshow.asp

35

/view_n.asp

34

/new.asp

33

/pic.asp

33

/newsDetail.asp

33

/job.asp

33

/JBRCMS/Manager/jbrUploadConfig.asp

33

/newsinfo.asp

32

/newsbrow.asp

30

/newsview.asp

29

/admin/admin_login.asp

29

/class.asp

28

/ProductShow.asp

28

/productview.asp

28

/Article_Print.asp

27

/newsshow.asp

27

/LstInfo.asp

27

/page.asp

25

/jiannya/default.asp

25

/CompHonorBig.asp

24

/adminqibo5/Edit/editor/resurm_upfile.asp

24

/feedback.asp

23

/viewnews.asp

22

/manage/login.asp

22

/ShowNews.asp

22

/more.asp

22

/hn_type.asp

22

/1.asp

21

/service.asp

20

/admin/Login.asp

20

/readpro.asp

20

/sbweb/nameedit.asp

20

/Body.asp

20

/opensoft.asp

20

/main.asp

19

/showcareer.asp

19

/company.asp

19

/Pro_shcn.asp

19

/jjweb/nameedit.asp

19

/cpinfo.asp

19

/Htmledit/admin/login.asp

19

//liuyan.asp

19

/showfwly.asp

19

/MoralsView.asp

18

/user/reg.asp

18

/product_show.asp

18

/fuwu_list.asp

18

/lesiure/up.asp

18

/shell.asp

17

/admin.asp

17

/admin/admin.asp

17

/showservices.asp

17

/manage/html/ewebeditor/admin_login.asp

17

/Newsview.asp

17

/admin/Admin_Login.asp

16

/down.asp

16

/info_Print.asp

16

/person/mailbox.asp

16

/jieshao.asp

16

/type.asp

16

/product_cate.asp

16

ASPX Top100

路径

出现次数

/Default.aspx

349

/login.aspx

341

/UIFrameWork/login.aspx

307

/Login.aspx

288

/Detail.aspx

209

/admin/login.aspx

157

/index.aspx

127

/default.aspx

124

/OT.OA.WEB/UIFrameWork/login.aspx

76

/search.aspx

58

/userlogin.aspx

57

/list.aspx

54

/Admin/login.aspx

48

/custom/GroupNewsList.aspx

45

//SubCategory.aspx

42

/manage/login.aspx

38

/aspx/gqxx.aspx

38

/newsView.aspx

38

/news.aspx

37

/Search.aspx

34

/admin/index.aspx

31

/Web/Login/PSCP01001.aspx

30

/city_index.aspx

30

/main.aspx

29

/newslist.aspx

29

/admin/Login.aspx

28

/show.aspx

28

/Admin/Index.aspx

27

/SubCategory.aspx

26

/G2S/AdminSpace/QE/AddCustomForm.aspx

26

/NewsList.aspx

25

/Index.aspx

24

/about.aspx

23

/gmis/leftmenu.aspx

23

/Permission/ApplicationQueryList.aspx

22

/test.aspx

22

/site/ajax/WebSiteAjax.aspx

22

/select_e.aspx

22

/ExhibitionCenter.aspx

22

/system/stuuserregist.aspx

21

/News.aspx

21

/workplate/xzsp/gxxt/tjfx/spsl.aspx

21

/manager/member/admin_add.aspx

20

/workplate/xzsp/tjfx/grbjtj/list.aspx

20

/zfmllist.aspx

20

/workplate/base/person/listbyorgsel.aspx

20

/NewsDetail.aspx

19

/Supplylist.aspx

19

/Product/ProductList.aspx

19

/Web/Login.aspx

18

/articleview.aspx

18

/model/TwoGradePage/equipmentlist.aspx

18

/jsondb/otherreport.aspx

18

/jsondb/flightreturn.aspx

18

//bos/desktop/RequestOrResponse.aspx

18

/Broadcast/Broadcast.aspx

18

/jsondb/meblist.aspx

18

/searchbargain.aspx

18

/jsondb/aircompany.aspx

18

/RiskInfo.aspx

18

/owa/auth/logon.aspx

17

/WebDefault3.aspx

17

/article.aspx

17

/G2S//AdminSpace/PublicClass/AddCourseWare.aspx

17

/news_view.aspx

16

/info.aspx

16

/CommonPage.aspx

16

/DownLoadPage.aspx

16

/fckeditor/editor/filemanager/connectors/aspx/connector.aspx

16

/support/minisite/thinkpad/htmls/advancedsearch.aspx

16

/emlib4/format/release/aspx/eml_homepage.aspx

16

/Gmis/Byyxwgl/xls_lwdbxxedit.aspx

16

/CMSUploadFile.aspx

16

/Main.aspx

15

/OrderDetail.aspx

15

/webSchool/list.aspx

15

/Magazine/NewMagazine.aspx

15

/k4/list.aspx

15

/k1/preview.aspx

15

/MoreIndex.aspx

15

/sysadmin/Login.aspx

15

/persondh/urgent.aspx

15

/OnlineQuery/QueryList.aspx

15

/Broadcast/displayNewsPic.aspx

15

/Web/News.aspx

15

/ModifyPassWord.aspx

15

/ftb.imagegallery.aspx

14

/TableDataManage/BaseInforQueryContent.aspx

14

/presellbuild.aspx

14

/tabid/2159/Default.aspx

14

/cart.aspx

14

/G2S/AdminSpace/PublicClass/AddCathedraWare.aspx

14

/admin/course/uploaddemo.aspx

14

/searchLines.aspx

14

/help/pendantShow.aspx

14

/BsGuide.aspx

13

/NewsView.aspx

13

/Admin/fileManage.aspx

13

/ShowNews.aspx

13

/Web_Site/Search.aspx

13

Jsp Top100

路径

出现次数

/login.jsp

317

/index.jsp

176

/kingdee/login/loginpage.jsp

160

/get_pwd.jsp

126

/zecmd/zecmd.jsp

109

/console/login/LoginForm.jsp

103

/login/Login.jsp

88

/customer.jsp

87

/is/index.jsp

81

/uddiexplorer/SearchPublicRegistries.jsp

79

/yyoa/common/js/menu/test.jsp

74

/jcms/interface/user/out_userinfo.jsp

59

/seeyon/index.jsp

53

/download.jsp

53

/yyoa/checkWaitdo.jsp

50

/admin/login.jsp

49

/list.jsp

46

/defaultroot/login.jsp

45

/upload5warn/shell.jsp

45

/search.jsp

43

/myname/wooyun.jsp

40

/web/epublic/upload.jsp

39

/yyoa/indexPass.jsp

39

/yyoa/common/selectPersonNew/initData.jsp

37

/bak.jsp

35

/yyoa/index.jsp

35

/postAjax.jsp

35

/cK/foot.jsp

34

/tools/SWFUpload/upload.jsp

32

/nei.jsp

32

/1.jsp

31

/wooyun.jsp

31

/is/cmd.jsp

30

/download/download.jsp

29

/cmd.jsp

29

/webschool/News/news_list.jsp

28

/chopper/chopper.jsp

27

/business/notifyView.jsp

27

/sofpro/gecs/consulmanage/wsts/bbstitlelist1.jsp

27

/live800/downlog.jsp

26

/Silic.jsp

26

/edoas2/oa.jsp

26

/wooyun/wooyun.jsp

25

/jmxroot/jmxroot.jsp

25

/manage/content/docmanage/download.jsp

25

/ConInfoParticular.jsp

24

/uddiexplorer/out.jsp

23

/1/sx/login.jsp

23

/templates/index/hrlogon.jsp

23

/commfront/tzzx/uploadImageFiledo.jsp

23

/yyoa/ext/https/getSessionList.jsp

22

/admin/index.jsp

22

/shell.jsp

22

/admin/upload.jsp

22

/detail.jsp

22

/1/sjleader/login.jsp

22

/admin/select.jsp

22

/admin/fxx.jsp

22

/jbossass/jbossass.jsp

21

/yyoa/HJ/iSignatureHtmlServer.jsp

21

/eol/homepage/common/index.jsp

21

/a/pwn.jsp

21

/web/common/getfile.jsp

21

/upload.jsp

20

/test.jsp

20

/homepage/LoginHomepage.jsp

20

/page/maint/common/UserResourceUpload.jsp

20

/zpsys/index.jsp

20

/vc/vc/para/opr_initvc.jsp

20

/pages/manager/managerAddNManager.jsp

20

/hdcy/zxzx_show.jsp

20

/yyoa/assess/js/initDataAssess.jsp

19

/upload5warn/wooyun.jsp

19

/cms/weblawcase/impList.jsp

19

/nicknamelogin.jsp

19

/ca/ma3.jsp

19

/gkznInfo.jsp

19

/myname/index.jsp

18

/df/index.jsp

18

/guige.jsp

18

/coremail/index.jsp

18

/syfile/swfUpload.jsp

18

/admin/protected/index.jsp

17

/2/sjtj/login.jsp

17

/news.jsp

17

/site/law_artile.jsp

17

/zwdtSjgl/Directory/lastDirList_iframe.jsp

17

/content/topicdeal.jsp

17

/webschool/Book/news_list.jsp

17

//web/careerapply/HrmCareerApplyPerView.jsp

16

/cms/web/downloadFiles.jsp

16

/TSPB/web/xzzx/xzzx.jsp

16

/prosec.jsp

16

/adminroot/common/downLoadFile.jsp

16

/uddiexplorer/SetupUDDIExplorer.jsp

15

/kingdee/login/loginpage2.jsp

15

/wui/theme/ecology7/page/login.jsp

15

/f1print/F1PrintKernelJ1.jsp

15

/login/login.jsp

15

/eln3_asp/public/cscec8b/bulletin.jsp

15

PHP Top100

路径

出现次数

/index.php

2456

/admin.php

278

/login.php

243

/forum.php

240

/share/share.php

227

/news.php

208

/info.php

191

/phpinfo.php

181

/plus/search.php

173

/test.php

162

/admin/login.php

162

/src/system/login.php

146

/article.php

140

/plus/recommend.php

138

/search.php

136

/list.php

132

/api.php

117

/admin/index.php

117

/CmxDownload.php

113

/about.php

109

/news_show.php

98

/download.php

97

/home.php

81

/login/login.php

80

/user.php

79

/show.php

76

/page.php

71

/product.php

68

/wp-login.php

67

/main.php

67

/detail.php

65

/news_detail.php

64

/faq.php

64

/default.php

60

/content.php

59

//plus/recommend.php

58

/news_display.php

57

/up/UploadTemp/eval.php

57

/down.php

55

/www/index.php

55

/user/storage_explore.php

54

/abouts.php

53

/uc_server/admin.php

50

/rss.php

49

/wescms/index.php

49

/1.php

45

/news_info.php

43

/products_display.php

42

/newsdetail.php

41

/phpmyadmin/index.php

39

/class.php

39

/more.php

38

//index.php

38

/userlist.php

37

/plugin.php

36

/*.php

36

/products.php

35

/pics_list.php

34

/plus/mytag_js.php

34

/news_list.php

34

/newsinfo.php

34

/smenu.php

33

/include/web_content.php

31

/batch.common.php

31

/space.php

30

/modules.php

30

/view.php

30

/read.php

30

/job.php

30

/do.php

29

/link.php

29

/displaynews.php

29

/viewthread.php

28

/m.php

28

/web/index.php

28

/member/index.php

28

/ajax.php

27

/impl/rpccompanyinfo_minkh.php

27

//plus/search.php

27

/thi.php

27

/i.php

26

/member.php

25

/webmail/login.php

25

/admincp.php

25

/download_list.php

25

/cmxlogin.php

25

/auto_reg.php

25

/register.php

24

/news/class/index.php

24

/prog/index.php

24

/thi_details.php

23

/topic.php

23

/shopadmin/index.php

23

/cp.php

23

/phpsso_server/index.php

23

/common/web_meeting/index.php

23

/cn/products.php

23

/Customize/Audit/MessageMonitor/groupSearch.php

23

/new/client.php

23

/notice.php

22

Action Top100

路径

出现次数

/root/chat.action

429

/login.action

291

/index.action

227

/homeLogin.action

46

/portal/login_init.action

46

/stardy/Login.action

40

/login_login.action

24

/license!getExpireDateOfDays.action

23

/indexAction.action

23

/index/downLoadFile.action

22

/common/common_info.action

21

/pages/xxfb/editor/uploadAction.action

21

/accountlossList.action

21

/ggxxfb.action

21

/ivhs/ajax_updateUserInfo.action

20

/download.action

19

/Login.action

19

/syfile/imageCompress.action

18

/managerOneGgxxfb.action

18

/user/login.action

17

/loginAction!login.action

16

/index!index.action

15

/login/login.action

15

/managerNManager.action

15

/home.action

14

/indexmanagerLogin.action

14

/ahsffyww/Default3.action

14

/DRP/login.action

12

/spam/system/index.action

12

/user/gotoLoginPage.action

12

/ecp/announcement/announcement_view2.action

12

/managerAddNManager.action

12

/managerEditNManager.action

12

/main.action

11

/system/login_login.action

11

/login!login.action

10

/loginAction.action

10

/login/index.action

10

/logout.action

10

/register.action

10

/security/loginInit.action

10

/bgxz/bgxzAction_executeBack.action

10

/nFixcardAllList.action

10

/beian/login_login.action

10

//opac_two/mylibrary/comment/queryAllComment.action

10

/module/newzwgk/getmainById.action

10

/index/index.action

9

/shop/member!passwordRecover.action

9

/mail/login.action

9

/admin/login.action

9

/htweixin/InsuranceDownload.action

9

//admin/user_logon.action

9

/BSBM/loginedLogin.action

9

/robot/check-login.action

8

/website/dflz/dflzSiteAction!sjList.action

8

/module/newzwgk/viewquan.action

8

/hbwz/wcms/searchAll.action

8

/ahsffyww/Default2.action

8

/wfvideo/login.action

8

/website-rank/addVoteRecord.action

8

/module/newzwgk/viewZwxxQianMore.action

8

/superadmin/index.action

7

/mall/ui/giftIndex.action

7

/userlogin.action

7

/cms/admin/login.action

7

/szxy/logon.action

7

/virtual/shouye.action

7

/feedback/buyIntention!saveBuyIntentionInfo.action

7

/superadmin/adminLogin.action

7

/Index.action

7

/security/login.action

7

/MemberToLoginIgnore.action

7

/rdms/satisfyaid/actions/cstContactAction!register.action

7

/regmail/download.action

7

/IndexAction.action

6

/publish/query/indexFirst.action

6

/manage/login.action

6

/home/index.action

6

/eeoaftp/downloadFile.action

6

/eis/index.action

6

/gzwl/visit/renewBusinessOrder/renewBusinessOrderDetail.action

6

/css/myquery/queryWQSBill.action

6

/LoginAction.action

6

/detail.action

6

/index/index!list.action

6

/auth/login.action

6

/server/spreq/attachment!download.action

6

/lmsv5/user!editUserInfo.action

6

/5clib/bookWeb.action

6

/otomc/user/loginUI.action

6

/im-client/imclient/selfHelp.action

6

/ahsffyww/ZXDefault2.action

6

/user!login.action

6

/Dzsw/Shky/hwky.wai/index.action

6

/aic/webnz/welcome-web-home!welcome.action

6

/ess/Homepage.action

6

/skypearl/cn/toPrintCard.action

6

/spdt/spdt_listSp.action

6

/xxsearch.action

6

/web/Info!list.action

6

目录Top100

路径

出现次数

/admin

2639

/user

848

/.svn

825

/.git

670

/login

615

/plus

550

/news

533

/web

517

/upload

495

/manager

469

/xxgk/services

465

/root

437

/manage

411

/ftp/com1/html

409

/cgi-bin

406

/servlet

348

/content

333

/api

331

/share

329

/member

315

/UIFrameWork

309

/cn

277

/bbs

275

/jmx-console

273

/index

245

/invoker

244

/s

231

/phpmyadmin

222

/search

220

/Admin

211

/papers

208

/yyoa

207

/common

206

/system

202

/opac

196

/account

196

/uddiexplorer

195

/ajax

190

/cms

188

/2001

187

/kingdee/login

178

/Gmis/xw

173

/1999

168

/include

164

/portal

161

/back/ticket

161

/oa

159

/Gmis/Byyxwgl

158

/home

156

/data

155

/src/system

148

/WEB-INF

141

/main

140

/Chinese

134

/order

132

/gov/services

132

/wap

131

/console

130

/app

130

/is

129

/Web

127

/resin-doc/resource/tutorial/jndi-appconfig

126

/seeyon

124

/config

123

/images

121

/download

120

/view

118

/public

117

/product

117

/model/TwoGradePage

117

/knowledge/ClassShow

115

/en

114

/zecmd

114

/m

114

/soap/envelope

112

/about

111

/install

110

/tushu

107

/ckq

107

/poweb

106

/tips

105

/resin-doc/viewfile

104

/www

104

/console/login

103

/html

103

/bbs/topic

103

/data/admin

103

/wscgs

102

/sys

102

/test

99

/list

99

/v_show

98

/p

97

/fckeditor/editor/filemanager/browser/default

97

/User

96

/uc_server

96

//plus

96

/site

95

/detail

95

/index.php

94

get参数Top100

因为无法通过自动化程序把存在漏洞的参数提取出来,所以只是暴力的把所有url的参数都提取了出来,所以这些top参数不一定有代表性,但作为字典应该是不错的。

参数

出现次数

id

6845

action

1643

type

1503

m

1013

a

992

c

855

act

829

page

813

uid

616

url

585

method

545

cid

545

ID

528

mod

521

aid

490

keyword

474

key

449

t

449

q

444

callback

427

sid

426

s

421

name

407

tid

399

pid

392

code

354

r

316

p

307

file

301

Type

294

do

294

redirect

292

username

291

_

278

op

259

filename

252

path

251

from

230

classid

227

f

222

fid

221

app

213

cmd

213

typeid

203

_FILES

201

ac

194

title

192

fileName

191

userid

190

v

189

flag

176

catid

170

Connector

166

bid

158

order

150

wd

150

mid

150

lang

145

nid

143

city

142

CurrentFolder

139

newsid

138

Command

137

password

131

d

128

source

127

sort

126

user

125

token

122

module

120

class

118

userId

115

dir

113

ie

111

Id

108

pwd

107

num

106

email

103

appid

102

u

102

mobile

102

i

102

keywords

100

version

100

status

99

gid

99

typeArr

96

g

96

service

95

o

95

ArticleID

94

query

94

filePath

94

orderId

94

redirect%3A%24%7B%23req%3D%23context.get%28%27com.opensymphony.

xwork2.dispatcher.HttpServletRequest%27%29%2C%23a%3D%23req.getSession

%28%29%2C%23b%3D%23a.getServletContext%28%29%2C%23c%3D%23b

.getRealPath%28%22%2F%22%29%2C%23matt%3D%23context.get%28%27c

om.opensymphony.xwork2.dispatcher.HttpServletResponse%27%29%2C%23matt.

getWriter%28%29.println%28%23c%29%2C%23matt.getWriter%28%29.flush%28

%29%2C%23matt.getWriter%28%29.close%28%29%7D

93

category

92

word

92

user_id

92

k

91

channel

90

post参数Top100

参数

出现次数

password

457

__VIEWSTATE

430

__EVENTVALIDATION

315

username

313

__EVENTTARGET

210

__EVENTARGUMENT

210

type

145

name

113

id

111

Submit

109

__VIEWSTATEGENERATOR

103

action

98

email

97

mobile

87

page

86

submit

85

pwd

67

uid

66

act

64

phone

59

code

54

userName

54

keyword

52

__LASTFOCUS

50

city

50

47

userid

47

content

43

account

42

y

42

address

41

x

41

UserName

40

title

39

button

39

token

38

Password

37

Button1

37

passwd

37

province

36

tel

36

sex

35

pageSize

33

txtPassword

29

userId

29

version

29

txtUserName

29

url

28

sort

28

key

27

ImageButton1.y

27

ImageButton1.x

27

user

27

pageNo

25

method

25

status

24

login

22

sid

22

channel

22

qq

21

flag

21

TextBox1

20

btnSearch

20

pass

20

user_id

20

domain

20

rows

20

?>

19

from

19

sign

19

uname

19

order

19

txtPwd

19

pid

18

btnLogin

18

pageIndex

18

search

18

keywords

18

loginName

18

lang

17

user_name

17

timestamp

17

imei

17

PassWord

17

captcha

16

number

16

language

16

B1

16

appid

16

area

15

hash

15

}

15

(b)(('43context['xwork.MethodAccessor.denyMethodExecution']75false')(b))

14

('43c')(('43_memberAccess.excludeProperties

14

imageField.y

14

imageField.x

14

limit

14

loginname

14

txtName

14

cmd

14

Cookie参数Top100

参数

出现次数

__utma

226

__utmz

221

__utmc

169

__utmb

142

HMACCOUNT

126

bdshare_firstime

100

pgv_pvi

99

_ga

91

BAIDUID

80

__utmt

71

pgv_si

69

AJSTAToktimes

56

ci_session

55

_gat

49

uid

37

CheckCode

33

safedog-flow-item

33

SERVERID

31

lzstat_uv

27

username

23

IESESSION

23

vjuids

23

ECS_ID

22

ECS[display]

21

ECS[history]

21

AJSTATokpages

21

ECS[visit_times]

18

pgv_pvid

18

SUV

18

vjlast

18

city

17

iweb_hisgoods[15]

16

IPLOC

15

cck_count

15

cck_lasttime

15

lvsessionid

14

LXB_REFER

14

iweb_hisgoods[26]

13

cookie

13

CoreID6

13

NTKFT2DCLIENTID

13

userName

12

loginName

12

BAIDUDUPlcr

12

td_cookie

12

ECSCP_ID

12

_jzqx

12

userid

12

hd_sid

11

real_ipd

11

password

11

route

11

vary

11

nTalkCACHEDATA

11

token

11

WT_FPC

10

ADMINCONSOLESESSION

10

pgv_info

10

nickname

10

guid

10

jiathis_rdc

10

HMVT

10

tma

10

tmd

10

s

10

S[CARTTOTALPRICE]

10

S[CART_COUNT]

10

S[CART_NUMBER]

10

sessionid

10

_jzqa

10

looyu_id

10

dyh_lastactivity

9

SESSIONID

9

s_cc

9

s_sq

9

.ASPXAUTH

9

DedeUserID

9

DedeUserID__ckMd5

9

sid

9

user

9

clientlanguage

9

_jzqc

9

lang

9

wordpresstestcookie

8

_qcwId

8

language

8

hasshown

8

cityid

8

myie

8

s_nr

8

__RequestVerificationToken

8

...

8

DedeUsername

8

DedeUsername__ckMd5

8

loginState

8

ip_ck

8

vn

8

lv

8

pageReferrInSession

8

__cfduid

8

开源地址

将以上整理的信息放到了github,点击阅读原文就能跳到。

burp插件可以在release中

66b39cefea89699334f2cf28c29bb452.gif

  • 0
    点赞
  • 0
    收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
©️2022 CSDN 皮肤主题:深蓝海洋 设计师:CSDN官方博客 返回首页
评论
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值