一.分析抓包请求
- 首先抓包后发现,登录请求了/api/user/login接口,会返回相关用户信息和token:
{"code":0,"data":{"account":"xxxx","is_vip":"1","token":"1"},"msg":"Success"}
- 后续操作会带着token请求/api/user/check_token接口:
{"code":0,"data":{"account":"xxxx","is_vip":"1"},"msg":"Success"}
二.编写fiddler脚本
分别打开Rules->Customize Rules..然后弹出文本框编写脚本:
static function OnBeforeResponse(oSession: Session) {
if (m_Hide304s && oSession.responseCode == 304) {
oSession["ui-hide"] = "true";
}
if(oSession.fullUrl.Contains("/api/user/login")){
var responseStringOriginal = '{"code":0,"data":{"account":"785175323","is_vip":"1","token":"1"},"msg":"Success"}';
oSession.utilSetResponseBody(responseStringOriginal)
oSession.oResponse.headers.Remove("Content-Type")
oSession.oResponse.headers.Add("Content-Type","application/json")
oSession.responseCode = 200;
}else if(oSession.fullUrl.Contains("/api/user/check_token")){
var responseStringOriginal = '{"code":0,"data":{"account":"785175323","is_vip":"1"},"msg":"Success"}';
oSession.utilSetResponseBody(responseStringOriginal)
oSession.oResponse.headers.Remove("Content-Type")
oSession.oResponse.headers.Add("Content-Type","application/json")
oSession.responseCode = 200;
}
}
三.测试成功
随便输入,登录成功VIP身份;
四.关于解决翻x代理导致的fiddler弹窗黄色警告
1.搜索自定义脚本OnPeekAtResponseHeaders,在上面添加代码:
static function DoReattach(o: Object, ea: EventArgs)
{
ScheduledTasks.ScheduleWork("reattach", 1000, innerReattach);
}
static function innerReattach()
{
FiddlerApplication.UI.actAttachProxy();
}
static function OnRetire()
{
FiddlerApplication.oProxy.remove_DetachedUnexpectedly(DoReattach);
}
2.找到Main()方法,第一行添加代码:
FiddlerApplication.oProxy.add_DetachedUnexpectedly(DoReattach);
本文由 GY 创作,采用 知识共享署名4.0 国际许可协议进行许可
本站文章除注明转载/出处外,均为本站原创或翻译,转载前请务必署名
最后编辑时间为:
2023/02/23 08:34