8000 GitHub - viplation/Js-forward3.0: 解决web及移动端H5数据加密Burp调试-通用解决方案
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

viplation/Js-forward3.0

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.assets
README.assets
 
 
app
app
 
 
boot
boot
 
 
library/logger
library/logger
 
 
router
router
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ca.crt
ca.crt
 
 
ca.key
ca.key
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

前言

站在大佬的肩膀上继续前行。

由于一些原因,现在大部分金融站点、APP都进行了加密,正好忙里偷闲改个轮子,方便大家使用。

在此感谢两位大佬

https://github.com/anfutest

https://github.com/G-Security-Team

本项目是基于两位大佬的进行二开,具体原理请移步

https://github.com/G-Security-Team/JS-Forward/

正文

原理图:

image-20231115021545102

使用介绍:

image-20231115023949337

将生成的payload直接插入到要篡改的变量前。

解密前:

image-20231115024103249

解密后:

可实现对加密包的全自动化加解密,更方便各位师傅转发到X-RAY、sqlmap等工具上。

image-20231115024254201

传输过程:

image-20231115024400975

注:https站点需要信任证书

image-20231115024619447 前置知识:https://mp.weixin.qq.com/s/1fisk5MumDcCLmSFJWaRpA

个人推荐练习靶场:

yakit Vulinbox image-20231115030836279

image-20231115030856243

About

解决web及移动端H5数据加密Burp调试-通用解决方案

Resources

Readme

License

GPL-3.0 license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
0