http://oa.wz.zj.cn/ctkj_acl/html/login.html
the normal request data:
POST /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr HTTP/1.1
Host: oa.wz.zj.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: */*
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Referer: http://oa.wz.zj.cn/ctkj_acl/html/login.html
Content-Length: 297
Cookie: DWRSESSIONID=wUPzUu6GqaCZhpZCjIBPG4tioHm; JSESSIONID=14E669C82D053590CBCE18077F1F0D3B
X-Forwarded-For: 60.12.223.156
Connection: close
callCount=1
windowName=c0-param0
c0-scriptName=FrontAction
c0-methodName=getmobilePwdPortal
c0-id=0
c0-e1=string:15577487514
c0-param0=Object_Object:{account:reference:c0-e1}
batchId=3
instanceId=0
page=%2Fctkj_acl%2Fhtml%2Flogin.html
scriptSessionId=wUPzUu6GqaCZhpZCjIBPG4tioHm/7*DkoHm-iav2pEtIy
The Server normal Response:
HTTP/1.1 200 OK
Date: Tue, 21 May 2019 05:52:03 GMT
Content-Type: text/javascript;
Content-Length: 188
Connection: close
Accept-Ranges: bytes
throw 'allowScriptTagRemoting is false.';
(function(){
var r=window.dwr._[0];
//#DWR-INSERT
//#DWR-REPLY
r.handleCallback("8","0",["1","\u8BE5\u8D26\u53F7\u4E0D\u5B58\u5728!"]);
})();
when clicked the button "????" , BURP Intercept function was normal , but Repeater function was abnormal.
The normal request data: "Content-Length: 297"
The abnormal Repeater request data used wireshark capture data: "Content-Length: 3119" "Transfer-Encoding: chunked"
wireshark data:
Hypertext Transfer Protocol
POST /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr HTTP/1.1\r\n
[Expert Info (Chat/Sequence): POST /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr HTTP/1.1\r\n]
[POST /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: POST
Request URI: /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr
Request Version: HTTP/1.1
Host: oa.wz.zj.cn\r\n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0\r\n
Accept: */*\r\n
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3\r\n
Accept-Encoding: gzip, deflate\r\n
Content-Type: text/plain\r\n
Referer: http://oa.wz.zj.cn/ctkj_acl/html/login.html\r\n
Content-Length: 3119\r\n
[Content length: 3119]
Cookie: DWRSESSIONID=wUPzUu6GqaCZhpZCjIBPG4tioHm; JSESSIONID=14E669C82D053590CBCE18077F1F0D3B\r\n
Cookie pair: DWRSESSIONID=wUPzUu6GqaCZhpZCjIBPG4tioHm
Cookie pair: JSESSIONID=14E669C82D053590CBCE18077F1F0D3B
X-Forwarded-For: 60.12.223.156\r\n
Connection: close\r\n
Transfer-Encoding: chunked\r\n
\r\n
[Full request URI: http://oa.wz.zj.cn/dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr]
[HTTP request 1/1]
[Response in frame: 743]
HTTP chunked response
File Data: 297 bytes
Line-based text data: text/plain (11 lines)
callCount=1\n
windowName=c0-param0\n
c0-scriptName=FrontAction\n
c0-methodName=getmobilePwdPortal\n
c0-id=0\n
c0-e1=string:15577487514\n
c0-param0=Object_Object:{account:reference:c0-e1}\n
batchId=3\n
instanceId=0\n
page=%2Fctkj_acl%2Fhtml%2Flogin.html\n
scriptSessionId=wUPzUu6GqaCZhpZCjIBPG4tioHm/7*DkoHm-iav2pEtIy\n
The server abnormal response:
HTTP/1.1 200 OK
Date: Tue, 21 May 2019 06:07:14 GMT
Content-Type: text/javascript;charset=utf-8
Content-Length: 370
Connection: close
Accept-Ranges: bytes
throw 'allowScriptTagRemoting is false.';
(function(){
var r=window.dwr._[0];
//#DWR-REPLY
r.handleBatchException({ name:'java.lang.NullPointerException', message:'null' });
})();
HTTP/1.0 400 Bad request
Cache-Control: no-cache
Connection: close
Content-Type: text/html
400 Bad request
Your browser sent an invalid request.
|