学习通题库密码
问题来源:有老师账密,但是考试题库查看有另外的密码,!(data/attachment/forum/202212/12/232938gg793w1c11hss1d9.png)!(data/attachment/forum/202212/12/233002ys89av98t5v87oxj.png)\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-自己的一些分析:\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
下面是f12后获取的html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
\<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
\<title>安全验证\</title>
<link rel="stylesheet" type="text/css" href="/css/set/keep-safe.css"/>
\</head>
\<body>
\<div class="maskBg">
\<div class="wid440 het318">
\<div class="popHead">
验证题库安全口令
\</div>
\<input type="hidden" id="courseId" name="courseId" value="231623468"/>
\<input type="hidden" id="cpi" name="cpi" value="157058966"/>
\<div class="het196">
\<p class="pInfo">你已设置了加密,修改其设置必须密码验证,从而确保你的课程安全\</p>
\<div class="wid286 marTop30">
\<div class="inpuCon forgetInp">
\<span class="wid70">安全密码\</span>
\<input type="password" id="password" onblur="enterShow();" autocomplete="new-password" class="inp216 pad70" />
\<a href="javascript:void(0);" class="forgetpassword">忘记密码?\</a>
\</div>
\</div>
\<p id="enterTip" class="erroInfo newpassword2" style="padding-left: 146px;display:none;">\</p>
\</div>
\<div class="bomDiv">
\<a href="javascript:;" class="greenBtn" onclick="verify();">确定\</a>
\<a href="javascript:;" class="grayBtn" onclick="window.history.back(-1);">取消\</a>
\</div>
\</div>
\</div>
\<div class="maskBg sendreset" style="z-index:999;display:none;">
\<div class="wid440 het318">
\<div class="popHead">\<a href="#" class="closePic closeSave"><img width="100%" height="100%" src="/images/courselist/popClose.png" />\</a>忘记密码\</div>
\<div class="het196">
\<p class="pInfo">系统将发送信息到你绑定的手机,请通过里面的链接重置密码\</p>
\<div class="wid306">
\<div class="inpuCon forgetInp">
\<span class="wid70 wid90">手机号\</span>
<input class="inp216 colorBd" id="phonetext" type="type" value="\*\*\*\*" disabled="disabled" />
\</div>
\</div>
\</div>
\<div class="bomDiv">
\<a href="javascript:void(0);" class="greenBtn sendmsg">发送短信\</a>
\<a href="javascript:void(0);" class="grayBtn" onclick="window.history.back(-1);">取消\</a>
\</div>
\</div>
\</div>
<script src="/js/jquery-1.9.0.min.js">\</script>
\<script>
function enterShow() {
var password = $("#password").val();
if(password.length == 0) {
$("#enterTip").html("请输入密码");
$("#enterTip").show();
} else {
$("#enterTip").hide();
}
}
function verify() {
var courseId = "231623468";
var cpi = "157058966";
var password = $("#password").val();
if(password.length == 0) {
$("#enterTip").html("请输入密码");
$("#enterTip").show();
return;
}
$.ajax({
url : "/keep/safe",
type : "post",
dataType : "json",
data : {
"courseId" : courseId,
"cpi" : cpi,
"password" : password
},
success : function(data) {
if ( !data.status) {
$("#enterTip").html(data.msg);
$("#enterTip").show();
} else {
var url = data.url;
if (url != "" && url.length > 0) {
location.href = url;
} else {
window.history.back(-1);
}
}
}
});
}
\</script>
<script src="/js/courselist-v2/courselist.js?v=2021-0507-1625" type="text/javascript">\</script>
\</body>
\</html>
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
从界面看出是verify()函数验证完成后跳转,从而自己做了三种尝试(虽然无效,手动滑稽:)
方式一:
用抓包工具篡改响应,根据自己创建的课程输入正确密码的响应,篡改需要破解的响应(无效,不知道为啥)
方法二:
根据响应成功后界面仍是当前页面,所以把相应改成当前页面。(无效)
方法三:
篡改verify()函数,将ajax响应成功后的执行内容改为响应失败执行,即将success改为error(无效)
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
自己刚自学玩js,还是萌新,上述思路过于滑稽,还请各位哥哥指点一二 这个基本都是后端校验
贴html是没用的
可以尝试替换course cpi classid等试试
或者试试用另外一个号拷贝个课程啥的试试
太久不研究了不知道能不能行 本帖最后由 不知名.曹 于 2022-12-12 23:48 编辑
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>安全验证</title>
<link rel="stylesheet" type="text/css" href="/css/set/keep-safe.css"/>
</head>
<body>
<div class="maskBg">
<div class="wid440 het318">
<div class="popHead">
验证题库安全口令
</div>
<input type="hidden" id="courseId" name="courseId" value="去敏"/>
<input type="hidden" id="cpi" name="cpi" value="去敏"/>
<div class="het196">
<p class="pInfo">你已设置了加密,修改其设置必须密码验证,从而确保你的课程安全</p>
<div class="wid286 marTop30">
<div class="inpuCon forgetInp">
<span class="wid70">安全密码</span>
<input type="password" id="password" autocomplete="new-password" class="inp216 pad70" />
<a href="javascript:void(0);" class="forgetpassword">忘记密码?</a>
</div>
</div>
<p id="enterTip" class="erroInfo newpassword2" style="padding-left: 146px;display:none;"></p>
</div>
<div class="bomDiv">
<a href="javascript:;" class="greenBtn">确定</a>
<a href="javascript:;" class="grayBtn">取消</a>
</div>
</div>
</div>
<div class="maskBg sendreset" style="z-index:999;display:none;">
<div class="wid440 het318">
<div class="popHead"><a href="#" class="closePic closeSave"><img width="100%" height="100%" src="/images/courselist/popClose.png" /></a>忘记密码</div>
<div class="het196">
<p class="pInfo">系统将发送信息到你绑定的手机,请通过里面的链接重置密码</p>
<div class="wid306">
<div class="inpuCon forgetInp">
<span class="wid70 wid90">手机号</span>
<input class="inp216 colorBd" id="phonetext" type="type" value="****" disabled="disabled" />
</div>
</div>
</div>
<div class="bomDiv">
<a href="javascript:void(0);" class="greenBtn sendmsg">发送短信</a>
<a href="javascript:void(0);"class="grayBtn">取消</a>
</div>
</div>
</div>
<script src="/js/jquery-1.9.0.min.js"></script>
<script>
function enterShow() {
var password = $("#password").val();
if(password.length == 0) {
$("#enterTip").html("请输入密码");
$("#enterTip").show();
} else {
$("#enterTip").hide();
}
}
function verify() {
var courseId = "";
var cpi = "";
var password = $("#password").val();
if(password.length == 0) {
$("#enterTip").html("请输入密码");
$("#enterTip").show();
return;
}
$.ajax({
url : "/keep/safe",
type : "post",
dataType : "json",
data : {
"courseId" : courseId,
"cpi" : cpi,
"password" : password
},
error : function(data) {
if ( !data.status) {
$("#enterTip").html(data.msg);
$("#enterTip").show();
} else {
var url = data.url;
if (url != "" && url.length > 0) {
location.href = url;
} else {
window.history.back(-1);
}
}
}
});
}
</script>
<script src="/js/courselist-v2/courselist.js?v=2021-0507-1625" type="text/javascript"></script>
</body>
</html>
之前看见一篇盗学习通账号的贴子在加上你的妥妥的一套丝滑的期末必过小连招啊 XXXMlin 发表于 2022-12-13 10:51
之前看见一篇盗学习通账号的贴子在加上你的妥妥的一套丝滑的期末必过小连招啊 ...
盗号前提是登录状态啊 hj01857655 发表于 2022-12-13 13:15
盗号前提是登录状态啊
这个就不清楚了那个贴子我也没仔细看 丢个教师号
页:
[1]