New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

大佬，能不能出一个使用说明？按照JS-Forward使用方法，设置不行，App该如何设置 #2

Open

zkj123 opened this issue Dec 3, 2021 · 1 comment

zkj123 commented Dec 3, 2021

No description provided.

Owner

CTF-MissFeng commented Dec 3, 2021

方法和JS-Forward差不多：
1、移动端wifi代理设置为burp监听地址
2、如果是https，则手机安装JSForward证书
3、分析移动端h5加密方法，找到加密方法名
4、burp抓包，修改返回包加载jquery框架
5、burp抓包，修改返回包，找到js加密方法，添加$.ajax({type:"POST",url:"https://JSForward监听地址/api/request\",data:BSAEDATA,async:false,success:function(resultdata){BSAEDATA=resultdata}});'

BSAEDATA是js加密方法传递的明文，如果是json格式，需要json转字符串在发送（JSON.stringify(jsonobj);）

6、burp放包，后面移动端h5发包前都会通过$.ajax发送请求到JSForward中，但是由于设置了代理，所以先经过burp，burp放包在发送到JSForward，数据篡改就在burp修改即可

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment