CN112162974A - Travel program data fixing method - Google Patents
Travel program data fixing method Download PDFInfo
- Publication number
- CN112162974A CN112162974A CN202011021119.9A CN202011021119A CN112162974A CN 112162974 A CN112162974 A CN 112162974A CN 202011021119 A CN202011021119 A CN 202011021119A CN 112162974 A CN112162974 A CN 112162974A
- Authority
- CN
- China
- Prior art keywords
- data
- terminal
- data packet
- program
- trip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000006855 networking Effects 0.000 claims abstract description 13
- 238000004891 communication Methods 0.000 claims abstract description 12
- 230000003993 interaction Effects 0.000 claims abstract description 12
- 238000000605 extraction Methods 0.000 claims abstract description 8
- 238000012795 verification Methods 0.000 claims description 3
- 238000004140 cleaning Methods 0.000 claims description 2
- 239000000284 extract Substances 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
- G06F16/215—Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2471—Distributed queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computational Linguistics (AREA)
- Software Systems (AREA)
- Probability & Statistics with Applications (AREA)
- Mathematical Physics (AREA)
- Fuzzy Systems (AREA)
- Computer Security & Cryptography (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention relates to a travel program data fixing method, which is characterized in that a travel program is designed to be connected with a travel program server in a proxy networking mode based on debugging proxy software, firstly, a Fiddler debugging proxy extracts a data packet of communication interaction between the travel program and the travel program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.
Description
Technical Field
The invention relates to a travel program data fixing method, and belongs to the field of electronic evidence obtaining.
Background
In the traditional mobile phone evidence obtaining industry, evidence obtaining is only carried out on a fixed evidence source under most conditions, however, at the present that people have stronger and stronger information security awareness and cloud technology, a lot of important data are uploaded to a cloud to be stored and are not stored in the local. Just like travel program historical travel records, the data does not exist in the local backup, but if the data can be extracted in the cloud, great help is provided for analyzing the track of the suspect.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a travel program data fixing method, which is applied to an agent networking mode and can extract and fix data of a cloud end of a travel program to obtain efficient application of the cloud end storage data.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a travel program data fixing method, which is characterized in that information extraction of a target account is realized by a terminal provided with a Fiddler debugging agent aiming at the target account logged by a travel program installed at a mobile terminal; the method comprises the following steps:
step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering step B;
step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C;
c, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing an inquiry data packet about the specified type of data sent by the trip program to the trip program server in the inquiry process by a Fiddler debugging agent on the terminal, returning a result data packet about the specified type of data by the trip program server, and then entering the step D;
d, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field in the data packet, and then entering the step E;
step E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F;
and F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server, namely, the information extraction of the target account number about the specified type of data is realized.
As a preferred technical scheme of the invention: and the mobile terminal is characterized in that a simulator for running the trip program is installed on the terminal, in the step A, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, namely the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
As a preferred technical scheme of the invention: and the step F also comprises the steps of analyzing and cleaning the result data packet returned by the trip program server, storing the result data packet into a database, and finishing the extraction and fixation of the information of the target account related to the specified type of data.
As a preferred technical scheme of the invention: the specified type data comprises four types of data of user information, emergency contacts, historical trips and common addresses.
As a preferred technical scheme of the invention: and in the step B, the mobile terminal uplink program and the uplink program server are in communication interaction, and the process of successfully executing target account login comprises three modes of account password, short message verification code and password-free login.
Compared with the prior art, the trip program data fixing method adopting the technical scheme has the following technical effects:
according to the method for fixing the trip program data, the trip program is designed to be connected with a trip program server in a proxy networking mode based on debugging proxy software, firstly, a Fiddler debugging proxy extracts a data packet of communication interaction between the trip program and the trip program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.
Drawings
Fig. 1 is a schematic diagram of an application architecture of a travel program data fixing method according to the present invention;
fig. 2 is a schematic flow chart of a travel program data fixing method designed by the present invention.
Detailed Description
The following description will explain embodiments of the present invention in further detail with reference to the accompanying drawings.
Searching related data, finding that the source codes logged in by the trip program are https protocols, and therefore simulation can be performed only by capturing the https protocols of the trip program, and four items of content such as user information, emergency contacts, historical trips, common addresses and the like for the trip program can be acquired by simulating the protocols of the app of the trip program.
Therefore, the invention designs a method for fixing travel program data, as shown in fig. 1, through a terminal provided with a Fiddler debugging agent, aiming at a target account number for logging in a travel program installed at a mobile terminal, information of the target account number is extracted and fixed; as shown in fig. 2, includes performing the following steps a through F.
And step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering the step B.
In practical application, the mobile terminal installs a simulator having a trip program running on the terminal, such as a lightning simulator, in the step a, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with a trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, that is, the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
At this point, the packet capturing environment of Fiddler is constructed, and the following steps B to F are continuously executed.
And step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C.
In practical application, regarding the communication interaction between the trip program on the mobile terminal and the trip program server, the process of successfully executing target account login includes three modes of account password, short message verification code and password-free login, namely, the execution of step B, the application can be performed aiming at the three modes, and according to different login modes, a Fiddler debugging agent on the terminal captures a data packet sent by the trip program to the trip program server in the login process and a data packet returned by the trip program server to the trip program server, and obtains a Ticket corresponding to the target account.
Thus, a Fiddler debugging agent on the terminal obtains a Ticket corresponding to the target account.
And C, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing an inquiry data packet about the specified type of data sent by the trip program to the trip program server in the inquiry process by a Fiddler debugging agent on the terminal, returning a result data packet about the specified type of data by the trip program server, and then entering the step D.
And D, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field, and then entering the step E.
And E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F.
And F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server.
The method for fixing the trip program data is applied to practice, and can extract user information, emergency contacts, historical trips and common addresses in a trip program, namely when the type data specified in the steps A to F is any one of the user information, the emergency contacts, the historical trips and the common addresses, the steps A to F are executed, and the Fiddler debugging agent on the terminal can obtain the type data specified under the target account from the cloud.
According to the method for fixing the trip program data, based on debugging agent software, a trip program is designed to be connected with a trip program server in a proxy networking mode, firstly, a Fiddler debugging agent extracts a data packet of communication interaction between the trip program and the trip program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target trip program account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.
Claims (5)
1. A travel program data fixing method is characterized by comprising the following steps: through a terminal provided with a Fiddler debugging agent, aiming at a target account number logged by a travel program installed at a mobile terminal, information extraction of the target account number is realized; the method comprises the following steps:
step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering step B;
step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C;
c, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing the trip program direction in the inquiry process by a Fiddler debugging agent on the terminal, sending an inquiry data packet about the specified type of data by the trip program server, returning a result data packet about the specified type of data by the trip program server, and then entering the step D;
d, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field in the data packet, and then entering the step E;
step E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F;
and F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server, namely, the information extraction of the target account number about the specified type of data is realized.
2. A travel program data fixing method according to claim 1, characterized in that: and the mobile terminal is characterized in that a simulator for running the trip program is installed on the terminal, in the step A, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, namely the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
3. A travel program data fixing method according to claim 1, characterized in that: and the step F also comprises the steps of analyzing and cleaning the result data packet returned by the trip program server, storing the result data packet into a database, and fixing the information of the target account related to the specified type of data.
4. A travel program data fixing method according to claim 1, characterized in that: the specified type data comprises four types of data of user information, emergency contacts, historical trips and common addresses.
5. A travel program data fixing method according to claim 1, characterized in that: and in the step B, the mobile terminal uplink program and the uplink program server are in communication interaction, and the process of successfully executing target account login comprises three modes of account password, short message verification code and password-free login.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011021119.9A CN112162974B (en) | 2020-09-25 | 2020-09-25 | Travel program data fixing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011021119.9A CN112162974B (en) | 2020-09-25 | 2020-09-25 | Travel program data fixing method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112162974A true CN112162974A (en) | 2021-01-01 |
CN112162974B CN112162974B (en) | 2024-06-14 |
Family
ID=73862951
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011021119.9A Active CN112162974B (en) | 2020-09-25 | 2020-09-25 | Travel program data fixing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112162974B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108345543A (en) * | 2018-03-02 | 2018-07-31 | 财付通支付科技有限公司 | A kind of data processing method, device, equipment and storage medium |
CN110232146A (en) * | 2019-04-30 | 2019-09-13 | 北京邮电大学 | A kind of data grab method and grabbing device |
CN110351259A (en) * | 2019-06-28 | 2019-10-18 | 深圳数位传媒科技有限公司 | A kind of method and device obtaining APP authentication information based on network packet capturing |
-
2020
- 2020-09-25 CN CN202011021119.9A patent/CN112162974B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108345543A (en) * | 2018-03-02 | 2018-07-31 | 财付通支付科技有限公司 | A kind of data processing method, device, equipment and storage medium |
CN110232146A (en) * | 2019-04-30 | 2019-09-13 | 北京邮电大学 | A kind of data grab method and grabbing device |
CN110351259A (en) * | 2019-06-28 | 2019-10-18 | 深圳数位传媒科技有限公司 | A kind of method and device obtaining APP authentication information based on network packet capturing |
Non-Patent Citations (1)
Title |
---|
王伟兵;秦浩;: "论网络抓包与分析技术在网络犯罪侦查中的应用", 中国人民公安大学学报(自然科学版), no. 02 * |
Also Published As
Publication number | Publication date |
---|---|
CN112162974B (en) | 2024-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109167797B (en) | Network attack analysis method and device | |
CN103685598B (en) | Method and device for discovering active IP address in IPv6 network | |
CN109039987A (en) | A kind of user account login method, device, electronic equipment and storage medium | |
CN104506484A (en) | Proprietary protocol analysis and identification method | |
CN108632213A (en) | Facility information processing method and processing device | |
CN104410813A (en) | Method and device for binding user account with monitoring equipment in video monitoring system | |
CN103259795A (en) | Method for executing automatic register and login, mobile terminal and server | |
CN103139200A (en) | Single sign-on method of web service | |
CN108234122B (en) | Token checking method and device | |
CN112838951B (en) | Operation and maintenance method, device and system of terminal equipment and storage medium | |
CN107682361A (en) | Website vulnerability scan method, device, computer equipment and storage medium | |
WO2016082696A1 (en) | Ua recognition method and device | |
CN108924159B (en) | Verification method and device of message feature recognition library | |
CN109840103B (en) | Method and device for updating application program container and storage medium | |
CN111177715A (en) | Mobile App vulnerability detection method and device | |
CN110601832A (en) | Data access method and device | |
CN111625837A (en) | Method and device for identifying system vulnerability and server | |
CN108737328B (en) | Browser user agent identification method, system and device | |
CN103997437A (en) | Cloud server registration function testing method | |
CN109088872B (en) | Using method and device of cloud platform with service life, electronic equipment and medium | |
CN105592169A (en) | Terminal identification method and terminal identification device | |
CN112162974A (en) | Travel program data fixing method | |
CN115795484B (en) | Vulnerability detection method, device and equipment of Internet of things equipment | |
CN106982228A (en) | One kind realizes identity authentication method and system | |
CN109344052B (en) | Interface automation test method and device and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20240428 Address after: No. 1515, Zhongshan North 2nd Road, Hongkou District, Shanghai 200092 Applicant after: Shanghai Fengshuo Technology Co.,Ltd. Country or region after: China Address before: 211161 Sheng'an Avenue 739, Binjiang Economic Development Zone, Jiangning District, Nanjing City, Jiangsu Province Applicant before: NANJING FENGHUO TIANDI COMMUNICATION TECHNOLOGY CO.,LTD. Country or region before: China |
|
TA01 | Transfer of patent application right | ||
GR01 | Patent grant | ||
GR01 | Patent grant |