Mail:yahoo vs sina

来源：互联网发布：亚威数冲编程什么软件编辑：程序博客网时间：2024/06/08 11:00

用wireshark嗅探，得知

yahoo使用了TLS

200 21.547549 x.x.x.240 202.43.216.165 TLSv1 Client Hello

202 21.619237 202.43.216.165 x.x.x.240 TLSv1 Server Hello, Certificate, Server Hello Done

203 21.619680 x.x.x.240 202.43.216.165 TLSv1 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message

204 21.697178 202.43.216.165 x.x.x.240 TLSv1 Change Cipher Spec, Encrypted Handshake Message

208 21.791262 x.x.x.240 202.43.216.165 TLSv1 Application Data

208 21.793262 202.43.216.165 x.x.x.240 TLSv1 Application Data

212 21.923464 202.43.216.165 x.x.x.240 TLSv1 Encrypted Alert

216 21.958943 x.x.x.240 202.96.134.133 DNS Standard query A cn.mc159.mail.yahoo.com

//不知道浏览器怎么得到这个域名的，估计是TLS过程中下发

217 21.987224 202.96.134.133 x.x.x.240 DNS Standard query response CNAME mc.cnb.apac.mail.gm0.yahoodns.net CNAME cnb-mc.cnb.apac.mail.gm0.yahoodns.net A 203.209.230.242

221 22.054219 x.x.x.240 203.209.230.242 HTTP GET /mc/welcome?.gx=0&.tm=1304858793&.rand=8p9c3eith4ua2 HTTP/1.1

Sina原始到明文传输用户名密码

DNS Standard query A mail.sina.com.cn

DNS Standard query response A 58.63.234.251

To 58.63.234.251

Expert Info (Chat/Sequence): POST /cgi-bin/login.cgi HTTP/1.1/r/n

hao_mail_username=&hao_mail_passwd=&u=xxxxxx&psw=xxxxxx //明文传播，从hao123登陆

From 58.63.234.251

Expert Info (Chat/Sequence): HTTP/1.1 302 Found/r/n

Location: http://mail3-119.sinamail.sina.com.cn/cgi/index.php?check_time=c9429b34070dfa6c8641629a416b7a66/r/n

从hao123登陆网易同样是post明文传递，使用第三方邮箱登陆，存在安全隐患。

网易本地登陆http://email.163.com/提供SSL安全登录，如果不勾选，则明文传递，勾选后，使用HTTP GET，估计密码在cookie内。