Linux使用Curl并启用cookie功能

奶牛最近发现有的网站为了阻止第7层网络的攻击,选择了使用cookie进行阻止恶意攻击。比如Voxility在防护启用的时候,就会用如下的方式:

<html>
<head><meta http-equiv="refresh" content="1" /><meta http-equiv="cache-control"                                                                                                                                                              content="max-age=0" /><meta http-equiv="cache-control" content="no-cache" /><met                                                                                                                                                             a http-equiv="expires" content="-1" /><meta http-equiv="expires" content="Tue, 0                                                                                                                                                             1 Jan 1980 1:00:00 GMT" /><meta http-equiv="pragma" content="no-cache" /></head>
<script type="text/javascript">
<!--
function getCookie(w){
        cName = "";
        pCOOKIES = new Array();
        pCOOKIES = document.cookie.split('; ');
        for(bb = 0; bb < pCOOKIES.length; bb++){
                NmeVal  = new Array();
                NmeVal  = pCOOKIES[bb].split('=');
                if(NmeVal[0] == w){
                        cName = unescape(NmeVal[1]);
                }
        }
        return cName;
}
function printCookies(w){
        cStr = "";
        pCOOKIES = new Array();
        pCOOKIES = document.cookie.split('; ');
        for(bb = 0; bb < pCOOKIES.length; bb++){
                NmeVal  = new Array();
                NmeVal  = pCOOKIES[bb].split('=');
                if(NmeVal[0]){
                        cStr += NmeVal[0] + '=' + unescape(NmeVal[1]) + '; ';
                }
        }
        return cStr;
}
function setCookie(name, value, expires, path, domain, secure){
        var vlad = name + "=" + escape(value);
        if(expires){
                expires = setExpiration(expires);
                vlad += ";expires=" + expires;
        }
        if(path){
                vlad += ";path=" + path;
        }
        if(domain){
                vlad += ";domain=" + domain;
        }
        if(secure){
                vlad += ';secure';
        }
document.cookie = vlad;
}
function setExpiration(cookieLife){
    var today = new Date();
    var expr = new Date(today.getTime() + cookieLife * 24 * 60 * 60 * 1000);
    return  expr.toGMTString();
}
function delete_cookie(name){
  document.cookie = name +'=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
}
// -->
</script>
<script type="text/javascript">
<!--
delete_cookie('hasVisitedSite');
setCookie('hasVisitedSite', 'Yes', '3', '/', '300', '');
delete_cookie('fb624561f4f8b25819e9b3c4fad70f85');
setCookie('fb624561f4f8b25819e9b3c4fad70f85', 'Yes', '3', '/', '300', '');
-->
</script><body></body></html>

如果我们直接curl加网址的话得到的就是这种情况。如果我们想访问真实内容需要启用cookie。

curl -c cookie.txt www.nenew.net
curl -b cookie.txt www.nenew.net

当第一次访问的时候,奶牛保存cookie信息在cookie.txt中,第二次访问包含cookie.txt中的信息,就可以访问到真实页面了。

奶牛 | 2018年05月1日

Leave a Reply