企业🤖AI智能体构建引擎,智能编排和调试,一键部署,支持私有化部署方案 广告
findler抓包 工具选项----http是----选中捕获https 菜单规则---自动断点----选中之前的请求(或者F11) 访问网站 ![](https://img.kancloud.cn/a5/32/a532d4804ee8d32d07a666e906303bd7_1484x621.png) inspector检查器的raw就是原始数据 ![](https://img.kancloud.cn/78/8e/788ea809abbd6c2bc3d190b7f497f1ff_804x271.png) Webform可以显示字段 例子:ecshop点击登录时, 这里选择请求发送之前下断点(菜单规则---自动断点----选中之前的请求(或者快捷键F11),还有一个是响应之后下断点这里选不合适) ![](https://img.kancloud.cn/56/1a/561a77f6df75ff6213a1c5bfd34a8a5f_1149x423.png) ecshop填写账号密码点击登录后请求就会被拦截下来 ![](https://img.kancloud.cn/da/ae/daaee670e5679f5af9efc5ae8c1782ab_1303x455.png) raw原始数据如下图: ![](https://img.kancloud.cn/a0/1c/a01ce9d87e0fd0982d1b79208a0fa782_1306x500.png) php照着raw原始数据一模一样的拼接出来; ``` $data = array( "username" => "ghost", "password" => "ghost123", "act" => "actlogin", "back_act" => "http:/localhost/ecshop/index.phe", "submit" =>"" ); $data = http_build_query($data); $fp = fsockopen("localhost", 80, $errno, $errstr, 5 ); $request = "POST http://localhost/ecshop/user.php HTTP/1.1\r\n"; $request .= "HOST:localhost\r\n"; $request .= "Proxy-Connection: keep-alive". "\r\n"; $request .= "Cache-Control: max-age=0"."\r\n"; $request .= "Origin: http://localhost" ."\r\n"; $request .= "Upgrade-Insecure-Requests: 1" ."\r\n"; $request .= "Content-type:application/x-www-form-urlencoded\r\n"; $request .= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8"; $request .= "Accept-Encoding: gzip, deflate" ."\r\n"; $request .= "Accept-Language: zh-CN,zh;q=0.8" ."\r\n"; $request .= "Content-length:" . strlen( $data )."\r\n"; //上面截图没将此的数据显示全后面是乱补的,实际运用时保持一致就好了 $request .= "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3264.0 Safari/537.36"; $request .= "Referer: http://localhost/ecshop/user.php" ."\r\n\r\n"; $request .= $data ."\r\n"; fwrite( $fp, $request); $str=''; while (!feof($fp)) { $str.=fgets($fp,1024); } // 将上步的断点取消再次执行此脚本。将请求后返回的响应信息保存在user.html中比对是否返回的是成功后的信息 //file_put_contents("./user.html",$str);//内容将保存在user.html中内容见下图 //参照user.html中的内容使用正则匹配cookie信息 preg_match( '/ECS_ID=(.*)?;/', $str, $match); setcookie( "ECS_ID", $match[1], 0, '/'); fclose( $fp ); //下图的没有将所有的信息截取完,实际上User.html中有登录成功的提示信息 if (preg_match( '/登录成功/', $str)){ echo "ok"; }else { echo "error"; } fclose($fp); ``` 成功后`file_put_contents("./user.html",$str);`写入到user.html文件,内容如下 ![](https://img.kancloud.cn/57/6a/576aae2c1a04b0d2336d4131cfa6ba41_1378x803.png)