南航匹配疑似已采用白名单机制

必须送花

post_deleted

matlab卸载很久了，不然可以用decode函数试试是哪种编码方式

太高深，完全看不懂你说的啥。你就说有没有漏洞可寻吧。应该怎么操作。告诉我们就行了

大佬，弄破解吗？

请收下我的膝盖，技术帝~

高手

2019-10-15 15:35:22 +0800

POST /wxopen/api/interContinental/checkIHG2CZAndRegister?appid=wx720237547ac7a14c&wxchannel=wxopen HTTP/1.1

Accept-Encoding: gzip, deflate, br

Accept: */*

Content-Length: 543

Host: wxapi.csair.com

Referer: https://servicewechat.com/wx720237547ac7a14c/99/page-frame.html

Content-Type: application/json

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 MicroMessenger/7.0.8(0x17000820) NetType/WIFI Language/zh_CN

Accept-Language: zh-cn

Connection: keep-alive

sessionId: wxopen_21eb8c68-714f-4065-8e13-44e4fa264900b542aac0-892d-4276-9756-f630ec9dc466

{"recordRequest":{"ihgId":"F346CA3A4AA5A7F9BC5FEFDD9933D962","memberNo":"413901234567","challengeActivitys":[{"activityCode":"IHGP1","targetTierLevel":"TIER_2","targetTierLevelExpDate":"2020-2-29"},{"activityCode":"IHGP2","targetTierLevel":"TIER_2","targetTierLevelExpDate":"2021-2-28"}],"activityChannel":"WX"},"registerRequest":{"memberNo":"413901234567","activityCodes":["IHGP1","IHGP2"]},"checkRequest":{"ihgLevel":"IHGP1","request":{"ihgId":"F346CA3A4AA5A7F9BC5FEFDD9933D962","memberNo":"413901234567","activityCodes":["IHGP1","IHGP2"]}}}

2019-10-15 15:35:23 +0800HTTP/1.1 200

Content-Type: application/json;charset=utf-8

Content-Length: 90

Server: openresty/1.11.2.2

Connection: keep-alive

Date: Tue, 15 Oct 2019 07:35:23 GMT

{"errorcode":"W45006","message":"保存成功，注册失败，回滚失败","result":"N"}

yunian13 发表于 2019-10-15 13:46

我抓的响应是这样

45009好像是微信定义的 接口调用超过限制

vipuser 发表于 2019-10-15 15:48

2019-10-15 15:35:22 +0800POST /wxopen/api/interContinental/checkIHG2CZAndRegister?appid=wx720237547ac7a14c&wxchannel=wxopen HTTP/1.1Accept-Encoding: gzip, deflate, brAccept: */*Content-Length: 543Host: wxapi.csair.comReferer: https://servicewechat.com/wx720237547ac7a14c/99/page-frame.htmlContent-Type: application/jsonUser-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 MicroMessenger/7.0.8(0x17000820) NetType/WIFI Language/zh_CNAccept-Language: zh-cnConnection: keep-alivesessionId: wxopen_21eb8c68-714f-4065-8e13-44e4fa264900b542aac0-892d-4276-9756-f630ec9dc466{"recordRequest":{"ihgId":"F346CA3A4AA5A7F9BC5FEFDD9933D962","memberNo":"413901234567","challengeActivitys":[{"activityCode":"IHGP1","targetTierLevel":"TIER_2","targetTierLevelExpDate":"2020-2-29"},{"activityCode":"IHGP2","targetTierLevel":"TIER_2","targetTierLevelExpDate":"2021-2-28"}],"activityChannel":"WX"},"registerRequest":{"memberNo":"413901234567","activityCodes":["IHGP1","IHGP2"]},"checkRequest":{"ihgLevel":"IHGP1","request":{"ihgId":"F346CA3A4AA5A7F9BC5FEFDD9933D962","memberNo":"413901234567","activityCodes":["IHGP1","IHGP2"]}}}2019-10-15 15:35:23 +0800HTTP/1.1 200 Content-Type: application/json;charset=utf-8Content-Length: 90Server: openresty/1.11.2.2Connection: keep-aliveDate: Tue, 15 Oct 2019 07:35:23 GMT{"errorcode":"W45006","message":"保存成功，注册失败，回滚失败","result":"N"}

兄弟你的id啥的 全暴露了

ID纯属虚构，如有雷同概不负责

楼主直接黑了他的服务器，把自己改成金尊

学习了

抓个帮包看看

数据区加密后都是小写字母和数字，估计是自己定义的encode，不好做。试试选择明文攻击。

CD_FT2020 发表于 2019-10-15 14:08

额....楼主的抓包和分析 我确实没看懂... 所谓的白名单机制我倒是也没看出来... 我抓包倒是看到整个请求流程之中 南航做了一个大概是匹配记录的查询。如图1，post大家的南航会员号码到getapplyrecord查询，请求主体内容里面是大家南航的会员号码。然后返回包里面应该就是大家之前匹配过的时间记录（还需进一步验证)，如图2，具体标识还得进一步分析。[图片][图片]

同求，这是啥？抓的是http还是https的？

乌龙茶先生 发表于 2019-10-16 10:56

数据区加密后都是小写字母和数字，估计是自己定义的encode，不好做。试试选择明文攻击。

手机抓包是明文，路由器抓包 因为有tls 和微信 抓不出明文