CN112162974A - Travel program data fixing method - Google Patents

Travel program data fixing method Download PDF

Info

Publication number
CN112162974A
CN112162974A CN202011021119.9A CN202011021119A CN112162974A CN 112162974 A CN112162974 A CN 112162974A CN 202011021119 A CN202011021119 A CN 202011021119A CN 112162974 A CN112162974 A CN 112162974A
Authority
CN
China
Prior art keywords
data
terminal
data packet
program
trip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011021119.9A
Other languages
Chinese (zh)
Other versions
CN112162974B (en
Inventor
陈劲松
蒋小强
汤国强
朱捷
穆宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Fengshuo Technology Co ltd
Original Assignee
Nanjing Fenghuo Tiandi Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Fenghuo Tiandi Communication Technology Co ltd filed Critical Nanjing Fenghuo Tiandi Communication Technology Co ltd
Priority to CN202011021119.9A priority Critical patent/CN112162974B/en
Publication of CN112162974A publication Critical patent/CN112162974A/en
Application granted granted Critical
Publication of CN112162974B publication Critical patent/CN112162974B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • G06F16/215Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computational Linguistics (AREA)
  • Software Systems (AREA)
  • Probability & Statistics with Applications (AREA)
  • Mathematical Physics (AREA)
  • Fuzzy Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention relates to a travel program data fixing method, which is characterized in that a travel program is designed to be connected with a travel program server in a proxy networking mode based on debugging proxy software, firstly, a Fiddler debugging proxy extracts a data packet of communication interaction between the travel program and the travel program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.

Description

Travel program data fixing method
Technical Field
The invention relates to a travel program data fixing method, and belongs to the field of electronic evidence obtaining.
Background
In the traditional mobile phone evidence obtaining industry, evidence obtaining is only carried out on a fixed evidence source under most conditions, however, at the present that people have stronger and stronger information security awareness and cloud technology, a lot of important data are uploaded to a cloud to be stored and are not stored in the local. Just like travel program historical travel records, the data does not exist in the local backup, but if the data can be extracted in the cloud, great help is provided for analyzing the track of the suspect.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a travel program data fixing method, which is applied to an agent networking mode and can extract and fix data of a cloud end of a travel program to obtain efficient application of the cloud end storage data.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a travel program data fixing method, which is characterized in that information extraction of a target account is realized by a terminal provided with a Fiddler debugging agent aiming at the target account logged by a travel program installed at a mobile terminal; the method comprises the following steps:
step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering step B;
step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C;
c, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing an inquiry data packet about the specified type of data sent by the trip program to the trip program server in the inquiry process by a Fiddler debugging agent on the terminal, returning a result data packet about the specified type of data by the trip program server, and then entering the step D;
d, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field in the data packet, and then entering the step E;
step E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F;
and F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server, namely, the information extraction of the target account number about the specified type of data is realized.
As a preferred technical scheme of the invention: and the mobile terminal is characterized in that a simulator for running the trip program is installed on the terminal, in the step A, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, namely the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
As a preferred technical scheme of the invention: and the step F also comprises the steps of analyzing and cleaning the result data packet returned by the trip program server, storing the result data packet into a database, and finishing the extraction and fixation of the information of the target account related to the specified type of data.
As a preferred technical scheme of the invention: the specified type data comprises four types of data of user information, emergency contacts, historical trips and common addresses.
As a preferred technical scheme of the invention: and in the step B, the mobile terminal uplink program and the uplink program server are in communication interaction, and the process of successfully executing target account login comprises three modes of account password, short message verification code and password-free login.
Compared with the prior art, the trip program data fixing method adopting the technical scheme has the following technical effects:
according to the method for fixing the trip program data, the trip program is designed to be connected with a trip program server in a proxy networking mode based on debugging proxy software, firstly, a Fiddler debugging proxy extracts a data packet of communication interaction between the trip program and the trip program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.
Drawings
Fig. 1 is a schematic diagram of an application architecture of a travel program data fixing method according to the present invention;
fig. 2 is a schematic flow chart of a travel program data fixing method designed by the present invention.
Detailed Description
The following description will explain embodiments of the present invention in further detail with reference to the accompanying drawings.
Searching related data, finding that the source codes logged in by the trip program are https protocols, and therefore simulation can be performed only by capturing the https protocols of the trip program, and four items of content such as user information, emergency contacts, historical trips, common addresses and the like for the trip program can be acquired by simulating the protocols of the app of the trip program.
Therefore, the invention designs a method for fixing travel program data, as shown in fig. 1, through a terminal provided with a Fiddler debugging agent, aiming at a target account number for logging in a travel program installed at a mobile terminal, information of the target account number is extracted and fixed; as shown in fig. 2, includes performing the following steps a through F.
And step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering the step B.
In practical application, the mobile terminal installs a simulator having a trip program running on the terminal, such as a lightning simulator, in the step a, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with a trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, that is, the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
At this point, the packet capturing environment of Fiddler is constructed, and the following steps B to F are continuously executed.
And step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C.
In practical application, regarding the communication interaction between the trip program on the mobile terminal and the trip program server, the process of successfully executing target account login includes three modes of account password, short message verification code and password-free login, namely, the execution of step B, the application can be performed aiming at the three modes, and according to different login modes, a Fiddler debugging agent on the terminal captures a data packet sent by the trip program to the trip program server in the login process and a data packet returned by the trip program server to the trip program server, and obtains a Ticket corresponding to the target account.
Thus, a Fiddler debugging agent on the terminal obtains a Ticket corresponding to the target account.
And C, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing an inquiry data packet about the specified type of data sent by the trip program to the trip program server in the inquiry process by a Fiddler debugging agent on the terminal, returning a result data packet about the specified type of data by the trip program server, and then entering the step D.
And D, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field, and then entering the step E.
And E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F.
And F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server.
The method for fixing the trip program data is applied to practice, and can extract user information, emergency contacts, historical trips and common addresses in a trip program, namely when the type data specified in the steps A to F is any one of the user information, the emergency contacts, the historical trips and the common addresses, the steps A to F are executed, and the Fiddler debugging agent on the terminal can obtain the type data specified under the target account from the cloud.
According to the method for fixing the trip program data, based on debugging agent software, a trip program is designed to be connected with a trip program server in a proxy networking mode, firstly, a Fiddler debugging agent extracts a data packet of communication interaction between the trip program and the trip program server in the successful login process of a target account number, and a socket corresponding to the target account number is obtained; then analyzing a data packet between the trip program and the trip program server about data query of a specified type to obtain the meaning of each field in the data packet; finally, a Fiddler debugging agent constructs a new query data packet, and the new query data packet interacts with a trip program server to realize information extraction of the target trip program account; the travel program APP information fixing method and device can be conveniently and quickly fixed to information such as travel program APP user information, emergency contacts, historical trips, common addresses and the like.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (5)

1. A travel program data fixing method is characterized by comprising the following steps: through a terminal provided with a Fiddler debugging agent, aiming at a target account number logged by a travel program installed at a mobile terminal, information extraction of the target account number is realized; the method comprises the following steps:
step A, controlling the mobile terminal to be connected with a travel program server through the terminal in an agent networking mode corresponding to a Fiddler debugging agent on the terminal, and then entering step B;
step B, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, successfully executing the target account login process, capturing a data packet sent by the trip program to the trip program server and a data packet returned by the trip program server in the login process by a Fiddler debugging agent on the terminal, obtaining a socket corresponding to the target account, and entering the step C;
c, aiming at the communication interaction between the trip program on the mobile terminal and the trip program server, executing an inquiry process about the specified type of data, capturing the trip program direction in the inquiry process by a Fiddler debugging agent on the terminal, sending an inquiry data packet about the specified type of data by the trip program server, returning a result data packet about the specified type of data by the trip program server, and then entering the step D;
d, analyzing each data packet captured in the process of inquiring the data of the specified type by a Fiddler debugging agent on the terminal to obtain the meaning of each field in the data packet, and then entering the step E;
step E, a Fiddler debugging agent on the terminal constructs a new query instruction about the specified type of data according to the meaning of each field in each data packet in the specified type of data query process, replaces token in the new query instruction as a socket corresponding to the target account, constructs a new query data packet, and then enters step F;
and F, the Fiddler debugging agent on the terminal sends a new query data packet to the trip program server and receives a result data packet returned from the trip program server, namely, the information extraction of the target account number about the specified type of data is realized.
2. A travel program data fixing method according to claim 1, characterized in that: and the mobile terminal is characterized in that a simulator for running the trip program is installed on the terminal, in the step A, a CA certificate corresponding to a Fiddler debugging agent in the terminal is installed on the simulator, and an agent networked by the simulator is modified, so that the simulator is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal, namely the mobile terminal is connected with the trip program server through the terminal in an agent networking mode corresponding to the Fiddler debugging agent on the terminal.
3. A travel program data fixing method according to claim 1, characterized in that: and the step F also comprises the steps of analyzing and cleaning the result data packet returned by the trip program server, storing the result data packet into a database, and fixing the information of the target account related to the specified type of data.
4. A travel program data fixing method according to claim 1, characterized in that: the specified type data comprises four types of data of user information, emergency contacts, historical trips and common addresses.
5. A travel program data fixing method according to claim 1, characterized in that: and in the step B, the mobile terminal uplink program and the uplink program server are in communication interaction, and the process of successfully executing target account login comprises three modes of account password, short message verification code and password-free login.
CN202011021119.9A 2020-09-25 2020-09-25 Travel program data fixing method Active CN112162974B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011021119.9A CN112162974B (en) 2020-09-25 2020-09-25 Travel program data fixing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011021119.9A CN112162974B (en) 2020-09-25 2020-09-25 Travel program data fixing method

Publications (2)

Publication Number Publication Date
CN112162974A true CN112162974A (en) 2021-01-01
CN112162974B CN112162974B (en) 2024-06-14

Family

ID=73862951

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011021119.9A Active CN112162974B (en) 2020-09-25 2020-09-25 Travel program data fixing method

Country Status (1)

Country Link
CN (1) CN112162974B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108345543A (en) * 2018-03-02 2018-07-31 财付通支付科技有限公司 A kind of data processing method, device, equipment and storage medium
CN110232146A (en) * 2019-04-30 2019-09-13 北京邮电大学 A kind of data grab method and grabbing device
CN110351259A (en) * 2019-06-28 2019-10-18 深圳数位传媒科技有限公司 A kind of method and device obtaining APP authentication information based on network packet capturing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108345543A (en) * 2018-03-02 2018-07-31 财付通支付科技有限公司 A kind of data processing method, device, equipment and storage medium
CN110232146A (en) * 2019-04-30 2019-09-13 北京邮电大学 A kind of data grab method and grabbing device
CN110351259A (en) * 2019-06-28 2019-10-18 深圳数位传媒科技有限公司 A kind of method and device obtaining APP authentication information based on network packet capturing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王伟兵;秦浩;: "论网络抓包与分析技术在网络犯罪侦查中的应用", 中国人民公安大学学报(自然科学版), no. 02 *

Also Published As

Publication number Publication date
CN112162974B (en) 2024-06-14

Similar Documents

Publication Publication Date Title
CN109167797B (en) Network attack analysis method and device
CN103685598B (en) Method and device for discovering active IP address in IPv6 network
CN109039987A (en) A kind of user account login method, device, electronic equipment and storage medium
CN104506484A (en) Proprietary protocol analysis and identification method
CN108632213A (en) Facility information processing method and processing device
CN104410813A (en) Method and device for binding user account with monitoring equipment in video monitoring system
CN103259795A (en) Method for executing automatic register and login, mobile terminal and server
CN103139200A (en) Single sign-on method of web service
CN108234122B (en) Token checking method and device
CN112838951B (en) Operation and maintenance method, device and system of terminal equipment and storage medium
CN107682361A (en) Website vulnerability scan method, device, computer equipment and storage medium
WO2016082696A1 (en) Ua recognition method and device
CN108924159B (en) Verification method and device of message feature recognition library
CN109840103B (en) Method and device for updating application program container and storage medium
CN111177715A (en) Mobile App vulnerability detection method and device
CN110601832A (en) Data access method and device
CN111625837A (en) Method and device for identifying system vulnerability and server
CN108737328B (en) Browser user agent identification method, system and device
CN103997437A (en) Cloud server registration function testing method
CN109088872B (en) Using method and device of cloud platform with service life, electronic equipment and medium
CN105592169A (en) Terminal identification method and terminal identification device
CN112162974A (en) Travel program data fixing method
CN115795484B (en) Vulnerability detection method, device and equipment of Internet of things equipment
CN106982228A (en) One kind realizes identity authentication method and system
CN109344052B (en) Interface automation test method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20240428

Address after: No. 1515, Zhongshan North 2nd Road, Hongkou District, Shanghai 200092

Applicant after: Shanghai Fengshuo Technology Co.,Ltd.

Country or region after: China

Address before: 211161 Sheng'an Avenue 739, Binjiang Economic Development Zone, Jiangning District, Nanjing City, Jiangsu Province

Applicant before: NANJING FENGHUO TIANDI COMMUNICATION TECHNOLOGY CO.,LTD.

Country or region before: China

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant