搞定了,就是钓鱼页面
最后会跳转到一个
http://w.mmf889q2z06.top完整 URL:
http://w.mmf889q2z06.top#?,WorldPro?9xx1?url=
https://mp.weixinbridge.com/mp/wapredirect?url=http%253A%252F%252Fvk.vvzan.com#rdtype2=4&rdtype3=3002529&rdurl=http://ptlogin2.qq.com/jump?u1=http://grouproam.qq.com/cgi-bin/httpconn?htcmd=0x6ff0080&u=http://ptlogin2.fm.qq.com/jump?u1=http://ptlogin2.tenpay.com/jump?skey=@7bmBHm0XLp&u1=http://cf.qq.com/comm-htdocs/milo_mobile/login.html?s_url=http://lol.qq.com/comm-htdocs/milo_mobile/login.html?s_url=http://dnf.qq.com/comm-htdocs/milo_mobile/login.html?s_url=http://htdata2.qq.com:80/cgi-bin/httpconn?htcmd=0x6ff0080&u=http://grouproam.qq.com/cgi-bin/httpconn?htcmd=0x6ff0080&u=http://ptlogin2.fm.qq.com/jump?u1=http://ptlogin2.tenpay.com/jump?skey=@7bmBHm0XLp&u1=http://htdata2.qq.com:80/cgi-bin/http2KIZqt2CBCayOge4H23S它搞这些大概率是为了骗过 QQ 内置浏览器的安全提醒,
然后也抓到包了,登录界面一眼假。。。
https://w.mmf889q2z06.top/qq/loginhost:
w.mmf889q2z06.topcontent-length: 41
sec-ch-ua: "Chromium";v="124", "Google Chrome";v="124", "Not-A.Brand";v="99"
x-csrf-token: y7iPAqFKPs1DlRcsT3VyFknCyVTq9vYfB3NQcOoG
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Windows"
origin:
https://w.mmf889q2z06.topsec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer:
https://w.mmf889q2z06.top/qq/login?id=8accept-encoding: gzip, deflate, br, zstd
accept-language: en,zh-CN;q=0.9,zh;q=0.8
cookie: laravel_session=eyJpdiI6ImRCWVwvWEJicUVKbkpLUTlDK25seFd3PT0iLCJ2YWx1ZSI6Im5INzBFNzVLVEk4eFRQZWw4bzFnbTZYWStyOTlvYks0K3Q2RERKYnN0XC92R0FsOUw1bk1FTmhCV1lFbEhIV3JOIiwibWFjIjoiZjQ1YTE2YjNiY2FmZjMxOTU5YjFkODMxZDUyYzFjNzczZDhmZDRkOTFmZmZlYzQ5NTE2ZGRmNjAyNzlhYWQ3YyJ9
priority: u=1, i
id=8&username=111112222&password=tt&area=
返回值
{
"code": 200,
"msg": "提交成功",
"data": "111112222"
}
下面是一段代码,大家有兴趣就写一个多线程 POST 刷爆对方把
curl -X POST '
https://w.mmf889q2z06.top/qq/login' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36' -H 'Accept-Encoding: gzip, deflate, br, zstd' -H 'sec-ch-ua: "Chromium";v="124", "Google Chrome";v="124", "Not-A.Brand";v="99"' -H 'x-csrf-token: y7iPAqFKPs1DlRcsT3VyFknCyVTq9vYfB3NQcOoG' -H 'sec-ch-ua-mobile: ?0' -H 'content-type: application/x-www-form-urlencoded; charset=UTF-8' -H 'x-requested-with: XMLHttpRequest' -H 'sec-ch-ua-platform: "Windows"' -H 'origin:
https://w.mmf889q2z06.top' -H 'sec-fetch-site: same-origin' -H 'sec-fetch-mode: cors' -H 'sec-fetch-dest: empty' -H 'referer:
https://w.mmf889q2z06.top/qq/login?id=8' -H 'accept-language: en,zh-CN;q=0.9,zh;q=0.8' -H 'priority: u=1, i' -H 'Cookie: laravel_session=eyJpdiI6ImRCWVwvWEJicUVKbkpLUTlDK25seFd3PT0iLCJ2YWx1ZSI6Im5INzBFNzVLVEk4eFRQZWw4bzFnbTZYWStyOTlvYks0K3Q2RERKYnN0XC92R0FsOUw1bk1FTmhCV1lFbEhIV3JOIiwibWFjIjoiZjQ1YTE2YjNiY2FmZjMxOTU5YjFkODMxZDUyYzFjNzczZDhmZDRkOTFmZmZlYzQ5NTE2ZGRmNjAyNzlhYWQ3YyJ9' --data-urlencode 'id=8' --data-urlencode 'username=111112222' --data-urlencode 'password=tt' --data-urlencode 'area='