美文网首页
zoho注册 邮件内容协议分析

zoho注册 邮件内容协议分析

作者: 素笺淡墨染流年 | 来源:发表于2018-07-24 10:38 被阅读49次

    最近需要一批邮箱,找到了zoho提供商,手动注册根本不可能,只有程序自动注册了,因此,需要一个注册机,在此记录一下分析的过程。

    注册机,简单来说,模拟用户进行数据提交,如何模拟呢?
    在我的分类中,大概有两种:

    • 直接操作浏览器,进行注册数据提交,不用关心其他的一些数据。
    • 分析提交接口,进行参数分析,构造数据进行提交。

    第一种:简单粗暴,但是浏览器需要渲染,时间成本比较高。zoho注册通过这种方式,单线程的情况下,注册大概一分多钟。

    第二种:这个的难易程度说不准,不同的网站提交的参数有多有少,参数值得获取有难有易。但是这个注册的速度,炒鸡炒鸡快,单线程大概10几秒。

    本文,就用第二种来进行注册,参数值的获取大概有这些:

    • respose中的body html+js
    • respose中的header cookie
    • js 生成的参数值
    • 魔法值

    注册

    我们首先需要的是抓包,没有使用内置的抓包工具,而是使用的Fidder,只所以放弃内置的,因为注册的时候,回跳转页面,来不及查看,包就被清除了。
    如果用Fidder抓包没有抓到,你看下浏览器是否安装了Fidder的证书。

    我们先看一下,注册界面

    https://www.zoho.com/mail/
    QQ截图20180724102756.png

    数据随便填一些,然后注册,

    QQ截图20180724092446.png

    注册之后会跳转到一个输入验证码的界面,随便输入,先把流程走完。

    QQ截图20180724092534.png

    好了,开始分析,首先去找包,

    首先,会看到一个验证的包,一般的网站都有这个,在注册之前就会验证,用户信息是否合法,这个可以记录下来,后面注册的时候,也可以先进行验证,看看随机生成的字符是否合法。

    QQ截图20180724092921.png

    验证用户名接口信息:

    POST https://accounts.zoho.com/accounts/validate/register.ac HTTP/1.1
Host: accounts.zoho.com
Connection: keep-alive
Content-Length: 66
Accept: application/json, text/javascript, */*; q=0.01
Origin: https://www.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.zoho.com/mail/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: a8c61fa0dc=412d04ceb86ecaf57aa7a1d4903c681d; iamcsr=fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6; JSESSIONID=C93CE925E543B7ADE7007592AE4A67BD; ZohoMarkRef="https://www.zoho.com/mail/"; ZohoMarkSrc="direct:mail|direct:mail|direct:mail"; zohocares-_zldp=YfEOFpfOAG8%2FiEhtvcF4pPiwjMXjDOF5FTpWXURtLOYOw5%2FCxL6cm6FKGK8Fsn2h; zohocares-_zldt=6fabde9b-4dc8-4198-ad6c-bbeb4ece026d

username=kadjfkjkanfjdnaf&servicename=VirtualOffice&serviceurl=%2F

    验证手机接口信息:

    POST https://accounts.zoho.com/accounts/validate/register.ac HTTP/1.1
Host: accounts.zoho.com
Connection: keep-alive
Content-Length: 75
Accept: application/json, text/javascript, */*; q=0.01
Origin: https://www.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.zoho.com/mail/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: a8c61fa0dc=412d04ceb86ecaf57aa7a1d4903c681d; iamcsr=fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6; JSESSIONID=C93CE925E543B7ADE7007592AE4A67BD; ZohoMarkRef="https://www.zoho.com/mail/"; ZohoMarkSrc="direct:mail|direct:mail|direct:mail"; zohocares-_zldp=YfEOFpfOAG8%2FiEhtvcF4pPiwjMXjDOF5FTpWXURtLOYOw5%2FCxL6cm6FKGK8Fsn2h; zohocares-_zldt=6fabde9b-4dc8-4198-ad6c-bbeb4ece026d

country_code=CN&mobile=15198177585&servicename=VirtualOffice&serviceurl=%2F

    验证成功会返回:

    {"t":"json"}

    验证失败,里面就有一个error的字段。

    往下找,就会有一个注册提交的包,看一下:

    QQ截图20180724093356.png

    注册接口信息:

    POST https://accounts.zoho.com/accounts/register.ac HTTP/1.1
Host: accounts.zoho.com
Connection: keep-alive
Content-Length: 268
Accept: */*
Origin: https://www.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.zoho.com/mail/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: a8c61fa0dc=412d04ceb86ecaf57aa7a1d4903c681d; iamcsr=fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6; JSESSIONID=C93CE925E543B7ADE7007592AE4A67BD; ZohoMarkRef="https://www.zoho.com/mail/"; ZohoMarkSrc="direct:mail|direct:mail|direct:mail"; zohocares-_zldp=YfEOFpfOAG8%2FiEhtvcF4pPiwjMXjDOF5FTpWXURtLOYOw5%2FCxL6cm6FKGK8Fsn2h; zohocares-_zldt=6fabde9b-4dc8-4198-ad6c-bbeb4ece026d

username=kadjfkjkanfjdnaf&password=euioafmdkm&firstname=fgk&lastname=fsyhrt&country_code=CN&mobile=15198177585&confirm_country_code=CN&confirmMobile=15198177585&country=CN&newsletter=true&tos=false&mobile_only=true&serviceurl=%2F&servicename=VirtualOffice&is_ajax=true

    提交通过,会返回下面这个

    {
    "t": "message",
    "data": {
        "timeTaken": 1488,
        "responseHeader": [{
            "headerName": "Location",
            "headerValue": "http://accounts.zoho.com/accounts/resource/accounts/register"
        }],
        "httpResponseCode": 200,
        "invitation_signup": false,
        "representation": [{
            "zaid": "671758531",
            "redirect_uri": "https://accounts.zoho.com/ui/settings/verifyMobileSignup.jsp?serviceurl=https://mail.zoho.com/&servicename=VirtualOffice",
            "token_type": "example",
            "email": "15198177585",
            "zuid": "671758532"
        }],
        "resourceType": "register"
    }
}

    提交失败,里面会显示错误信息的,继续分析,提交成功后,会跳转到输入验证码的界面,也就是redirect_uri 这个链接的页面,去找一找里面验证接口,

    眼睛都看瞎了,没有找到,重新发了一个包,这次就有了,估计我第一次输入的有英文字符,本地就做了验证。


    QQ截图20180724095040.png QQ截图20180724095514.png

    提交信息间隔时间太久了,返回的错误信息,没关系,只要能拿到这个接口。

    验证接口信息:

    POST https://accounts.zoho.com/u/verifyotp HTTP/1.1
Host: accounts.zoho.com
Connection: keep-alive
Content-Length: 128
Origin: https://accounts.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Accept: */*
Referer: https://accounts.zoho.com/ui/settings/verifyMobileSignup.jsp?serviceurl=https%3A%2F%2Fmail.zoho.com%2F&servicename=VirtualOffice
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: a8c61fa0dc=412d04ceb86ecaf57aa7a1d4903c681d; iamcsr=fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6; JSESSIONID=C93CE925E543B7ADE7007592AE4A67BD; ZohoMarkRef="https://www.zoho.com/mail/"; ZohoMarkSrc="direct:mail|direct:mail|direct:mail"; zohocares-_zldp=YfEOFpfOAG8%2FiEhtvcF4pPiwjMXjDOF5FTpWXURtLOYOw5%2FCxL6cm6FKGK8Fsn2h; zohocares-_zldt=6fabde9b-4dc8-4198-ad6c-bbeb4ece026d; _iamtt=671758531.671758532.e5ee2562f14a82731d1d310c35ceafadf1a67018a3ccd9a1ecddfcf085144d902550c60726e37037b484837f7d03826673235992ef988f5581a1599d743d8cd9

otpcode=55418&iamcsrcoo=fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6&servicename=VirtualOffice&serviceurl=https%3A%2F%2Fmail.zoho.com%2F

    成功返回:

    showsuccess('https\x3A\x2F\x2Faccounts.zoho.com\x2Faccounts\x2Fannouncement\x2Ftimezone\x2Dupdate\x3Fserviceurl\x3Dhttps\x253A\x252F\x252Fmail.zoho.com\x252F\x26servicename\x3DVirtualOffice',"",'', '', '-1', 'dXM\x3D');

    失败返回:

    {
    "message": "服务器出错。请稍后重试",
    "status": "error"
}

    这个里面有个参数值fc9bf3dc-c45d-478e-b254-4e72cbb8d7d6,看看怎么来的。

    Fidder ctrl+f搜索一下,

    QQ截图20180724095905.png

    高亮黄色,了解一下,

    QQ截图20180724100056.png

    可以看到,这个参数值是通过cookie传递过来的。

    QQ截图20180724100239.png

    注册大概可能就是这个样子的,就可以进行编码了。
    编码的时候注意一下:

    • 请求头信息 以及 cookie的继续持有
    • 代理,这个就要你自己找了
    • 验证码,emmmmmm,这个也要自己找
    QQ截图20180724103628.png

    邮件内容

    邮件内容实际可以通过Zoho提供的协议进行获取,比如IMAP、POP3
    先登录把所有包抓到

    QQ截图20180724112215.png QQ截图20180724112508.png

    先通过邮件内容搜索:

    QQ截图20180724112616.png

    找到的是这个接口:

    QQ截图20180724113448.png

    这个接口就是获取邮件信息的:

    POST https://mail.zoho.com/zm/md.do HTTP/1.1
Host: mail.zoho.com
Connection: keep-alive
Content-Length: 353
Accept: application/json, text/javascript, */*; q=0.01
Origin: https://mail.zoho.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://mail.zoho.com/zm/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: stk=9ce87c4f59ca20d51ff11dbd4cad07ef; dcl_pfx_lcnt=0; dcl_pfx=us; dcl_bd=zoho.com; is_pfx=false; _iamadt=cbfda255cbe760c5ffe043fc623e74bcb8d65402da66696fe15533575b21a34cd5bd19d139d6880c17e907cbca307b979e2f4d4415b334404cbac046540d3775; _iambdt=fefaf22b843328f2383164b8a8f514232a8f42b9341a0164e7596910d55d75de13236015dc496893a5eb738a257961ca579e9c8b60c220c521fa53d263abf2d4; _z_identity=true; 9c8984d0f9=8c6ef617941ffe79dfd31e8331d08c71; zmcsr=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; zmuac=NjcxNzYwMzY0; zmirc=-1; 3a707640b4=7c9316ce580880c35519e829fe0919c9; 880a182d33=d9c6cabcfd1a3bb727324e91fcd07c17; aprmjrnpkcrkks=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; 5779efe0b5=e411c920cc41a00bcf62b6879cea5a2c; concsr=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; b315c52c8b=4b5f8dd690d7d975312d1efa7f82d4cf; baeab91238=3dba424f32372ca524533b2a64247e58; 9c2a003733=cd84221cf3746c74746075d4fd6675c9; CT_CSRF_TOKEN=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; com_chat_owner=1532402670115; zcalirc=-1; JSESSIONID=AB2C47825C88B729E6AEFEFAAB2DBA73

accId=4295414000000008002&split=true&summary=true&getUnread=oldest&msgId=1532401680648120002&folId=4295414000000008014&thId=1532401680472120001&markread=true&entityId=1532401680472120001&groupId=671760364&entityType=1&zmrcsr=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6

    然后分析参数值从何而来,

    QQ截图20180724113731.png QQ截图20180724113910.png QQ截图20180724114008.png QQ截图20180724114116.png

    上面分析有三个请求来源:

    • mail.zoho.com/
    • mail.zoho.com/zm/
    • mail.zoho.com/zm/ml.do

    mail.zoho.com/

    zmrcsr 值得来源,在cookie中

    mail.zoho.com/zm/

    groupId,folId,msgId 值在body里面

    mail.zoho.com/zm/ml.do

    thId ,entityId 值在body里面

    QQ截图20180724114842.png 
    POST https://mail.zoho.com/zm/ml.do HTTP/1.1
Host: mail.zoho.com
Connection: keep-alive
Content-Length: 268
Accept: application/json, text/javascript, */*; q=0.01
Origin: https://mail.zoho.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://mail.zoho.com/zm/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: stk=9ce87c4f59ca20d51ff11dbd4cad07ef; dcl_pfx_lcnt=0; dcl_pfx=us; dcl_bd=zoho.com; is_pfx=false; _iamadt=cbfda255cbe760c5ffe043fc623e74bcb8d65402da66696fe15533575b21a34cd5bd19d139d6880c17e907cbca307b979e2f4d4415b334404cbac046540d3775; _iambdt=fefaf22b843328f2383164b8a8f514232a8f42b9341a0164e7596910d55d75de13236015dc496893a5eb738a257961ca579e9c8b60c220c521fa53d263abf2d4; _z_identity=true; 9c8984d0f9=8c6ef617941ffe79dfd31e8331d08c71; zmcsr=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; zmuac=NjcxNzYwMzY0; zmirc=-1; 3a707640b4=7c9316ce580880c35519e829fe0919c9; 880a182d33=d9c6cabcfd1a3bb727324e91fcd07c17; JSESSIONID=9849A3594BA32AE9AAD907E0D03DB00A; aprmjrnpkcrkks=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6; 5779efe0b5=e411c920cc41a00bcf62b6879cea5a2c

mode=listing&accId=4295414000000008002&from=1&to=50&summary=false&sortBy=date&sortOrder=false&folderSpec=2&folId=4295414000000008014&zmrcsr=350b22730355532d5a1ff99ea55442392f879a1f49193c36951f5e9fdbfa40a5c308622cf9758550fa173f6c2b353e892720f8f6616d46155c12e61b27334de6

    ml,应该是mail list的简写,获取邮件的列表。参数值已经是已知的了。

    登录接口

    QQ截图20180724115224.png 
    POST https://accounts.zoho.com/signin/auth HTTP/1.1
Host: accounts.zoho.com
Connection: keep-alive
Content-Length: 178
Origin: https://accounts.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Accept: */*
Referer: https://accounts.zoho.com/signin?servicename=VirtualOffice&signupurl=https://workplace.zoho.com/orgsignup.do
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: a8c61fa0dc=4d6e62173a764ac5410d1192f41034cd; iamcsr=07f49a6f-6adc-403c-9915-52c9ccda1cb1; JSESSIONID=8D018BE166223A4588311B1AA923B53F; stk=9ce87c4f59ca20d51ff11dbd4cad07ef; dcl_pfx_lcnt=0

LOGIN_ID=xxxxxx&PASSWORD=xxxxx&cli_time=1532402648759&iamcsrcoo=07f49a6f-6adc-403c-9915-52c9ccda1cb1&servicename=VirtualOffice&serviceurl=https%3A%2F%2Fmail.zoho.com

    iamcsrcoo的参数值搜索一下:

    QQ截图20180724115318.png

    上面的参数已经分析完了,来看下结果

    QQ截图20180724125534.png

    相关文章

      网友评论

          本文标题:zoho注册 邮件内容协议分析

          本文链接:https://www.haomeiwen.com/subject/sewdmftx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|zoho注册 邮件内容协议分析|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!