diy101账号 如何获取vip账号和密码,并且通过共享租售却不被封杀。


在我们决定租售给用户,给用户的之后,在一开始我们教育diy101的时候,发现很多情况下,用户会截图反馈过来称,账户被封,无法登录的情况。由此我们断定该avhd的网站有判断用户多地登录来限制用户账号的情况。那么问题是如何做到的呢?
avhd101账号和diy101账号如何不被封杀账号

我们分析avhd101的源代码,

1
登录</a></li> </ul> </h4> <div class="tab-content"> <div role="tabpanel" class="tab-pane" id="login"> <form method="post" id="loginForm"> <input type="hidden" name="_token" value="ioVQ70cajCJqAcUCIoEXFxLRykYgcnln7DQfHsgw"> <div class="form-group"> <label class="control-label">帐号仅可自己使用,共享帐号将会被系统自动封号,客服微信379666389</label> <input type="text" class="input-lg form-control" name="email" value='[email protected]' placeholder="范例: [email protected]" required> </div> <div class="alert alert-danger hide" id="email-alert"></div> <div class="form-group"> <input type="password" class="form-control input-lg" placeholder="输入你的密码" name="password" required> </div> <div class="alert alert-danger hide" id="password-alert"></div> <div class="form-group"> <button class="btn btn-lg btn-primary btn-block btn-send" type="submit" id="login_submit">登录</button> </div> <div class="text-right"><a href="/forgetpassword">忘记密码</a></div> <input type="hidden" name="gtoken" id="gtoken"/> </form> </div> <div role="tabpanel" class="tab-pane active" id="register"> <form method="post" id="regForm" class="form-horizonta"> <input type="hidden" name="_token" value="ioVQ70cajCJqAcUCIoEXFxLRykYgcnln7DQfHsgw"> <div class="form-group"> <label class="control-label">输入你的邮箱

我们发现他们的cookies的值有email,password,还有token通过登录以后,我们可以发现登录以后的avhd的cookies的值:

[
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1651540763,
“hostOnly”: false,
“httpOnly”: false,
“name”: “_ga”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “GA1.2.643183819.1588145250”,
“id”: 1
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1588468823,
“hostOnly”: false,
“httpOnly”: false,
“name”: “_gat_gtag_UA_78207029_10”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “1”,
“id”: 2
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1588555163,
“hostOnly”: false,
“httpOnly”: false,
“name”: “_gid”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “GA1.2.1275917186.1588145250”,
“id”: 3
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1674545249,
“hostOnly”: true,
“httpOnly”: false,
“name”: “hello”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “1”,
“id”: 4
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1596244762.454957,
“hostOnly”: true,
“httpOnly”: false,
“name”: “last_login”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “5941vip%40163.com”,
“id”: 5
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1591060762.45507,
“hostOnly”: true,
“httpOnly”: true,
“name”: “lt”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “eyJpdiI6IjZ0Rm1PM09MMTlLeVZzdk9vRDVpTWc9PSIsInZhbHVlIjoiMCsyWGxWbFwvaXN0MGxHVngzRkpOK3RcLzB4Tk1zQ2NxWHU4OGVONHIrZHRVPSIsIm1hYyI6ImUzNjYxY2ZhYzMzOTY5NTIyMzY2NjY3OGQxNWFjZmFiNjQ3NmMwZDk0YjJkNThjNjNlMDNmNjlmMzEzMmM0NTAifQ%3D%3D”,
“id”: 6
},
{
“domain”: “moonlitbar.com”,
“hostOnly”: true,
“httpOnly”: true,
“name”: “miao_cn”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: true,
“session”: true,
“storeId”: “0”,
“value”: “eyJpdiI6IjgzdnFJZDZoSDFwdU82cGRMeVdWR3c9PSIsInZhbHVlIjoiUU9oRHQ5aTg4U1dmdU45blo5ZHR6bHdUVWNRUzBqVEhsVWo5VnVZeDREV1BScWN3S2JocVVNaWU0ZVJWZHdtSiIsIm1hYyI6ImZhMGRlZmVhZjU0MGVmNjgwN2NmYTM1OGEwOTAwMmFjMmJmMjRkNWJiNTRiMjMxNjI1OWNkMDc1NWEwMDU0YzcifQ%3D%3D”,
“id”: 7
},
{
“domain”: “moonlitbar.com”,
“expirationDate”: 1588750051,
“hostOnly”: true,
“httpOnly”: false,
“name”: “rr”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: false,
“session”: false,
“storeId”: “0”,
“value”: “https://cn.aa101.live/”,
“id”: 8
},
{
“domain”: “cn.aa101.live”,
“expirationDate”: 1588472362.840186,
“hostOnly”: true,
“httpOnly”: false,
“name”: “XSRF-TOKEN”,
“path”: “/”,
“sameSite”: “unspecified”,
“secure”: true,
“session”: false,
“storeId”: “0”,
“value”: “eyJpdiI6Iis4NUIzRUFDM3JWRndOWnJHd3pOc1E9PSIsInZhbHVlIjoiQzExT2w2RDhaekp1UFNDMTRKWHkyQnFiNXRxQkhhUU53OVFKUE0xeHNsckxqdFBRM082MitZQ2ZjVHAyVkFXMyIsIm1hYyI6ImM2Yjk0NWRjOGNmMGQ4YTU4NTg4N2ExOGVkM2ExNDBmMDBmOGNiNjRhZDY2ZmJhYjYzZjFjMWJkNmQ3NzlhN2EifQ%3D%3D”,
“id”: 9
}
]

所以得到session值以后,我们之后我们只需要通过session欺骗就可以了。具体方法请搜索百度,此类文章很多。