使用导出的 cookies 来获取受保护的内容

使用导出的 cookies 来获取受保护的内容

我从 Firefox 导出了一对对相关 URL 有效的 cookie,并尝试从该地址访问/下载受保护的内容,但最终结果是返回登录页面。我尝试对其他 3 个网站执行相同的操作,结果类似。有什么线索可以说明我可能做错了什么吗?

我使用的语法:wget --load--cookies=FILE URL

-----------------------------------------------
DEBUG output created by Wget 1.12 on linux-gnu.


Stored cookie www.x.org -1 (ANY) / <permanent> <insecure> [expiry 1901-12-13 22:25:44] c_secure_login lz8xZQ%3D%3D

Stored cookie www.x.org -1 (ANY) / <permanent> <insecure> [expiry 1901-12-13 22:25:44] c_secure_pass 
2fd4e1c67a2d28fced849ee1bb76e74a

Stored cookie www.x.org -1 (ANY) / <permanent> <insecure> [expiry 1901-12-13 22:25:44] c_secure_uid GZX4TDA%3D
--2011-01-14 13:57:02--  www.x.org/download.php?id=397003
Resolving www.x.org... 1.1.1.1
Caching www.x.org => 1.1.1.1
Connecting to www.x.org|1.1.1.1|:80... connected.
Created socket 5.
Releasing 0x0943ef20 (new refcount 1).

---request begin---
GET /download.php?id=397003 HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
Accept: */*
Host: www.x.org
Connection: Keep-Alive

---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 302 Found
Date: Fri, 14 Jan 2011 11:26:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny8
Set-Cookie: PHPSESSID=5f2fd97103f8988554394f23c5897765; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: www.x.org/login.php?returnto=download.php%3Fid%3D397003
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

---response end---
302 Found

Stored cookie www.x.org -1 (ANY) / <session> <insecure> [expiry none] PHPSESSID 5f2fd97103f8988554394f23c5897765
Registered socket 5 for persistent reuse.
Location: www.x.org/login.php?returnto=download.php%3Fid%3D397003 [following]
Skipping 0 bytes of body: [] done.
--2011-01-14 13:57:02--  www.x.org/login.php?returnto=download.php%3Fid%3D397003
Reusing existing connection to www.x.org:80.
Reusing fd 5.

---request begin---
GET /login.php?returnto=download.php%3Fid%3D397003 HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
Accept: */*
Host: www.x.org
Connection: Keep-Alive
Cookie: PHPSESSID=5f2fd97103f8988554394f23c5897765

---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 200 OK
Date: Fri, 14 Jan 2011 11:26:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 2171
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html

---response end---
200 OK
Length: 2171 (2.1K) [text/html]
Saving to: `x.out'

     0K ..                                                    100% 18.7M=0s

2011-01-14 13:57:02 (18.7 MB/s) - `x.out' saved [2171/2171]

答案1

好吧,我终于明白了:)

看起来,“pass”cookie 是使用 IP 地址的盐生成的:最初,我从 Windows 操作系统导出了 cookie,并且已经从不同的 IP 进行 wget。

最后,经过大量的反复尝试,我终于成功进入了该网站,并在成功登录后查看了 cookie - “pass” cookie 确实不同!

答案2

您是否尝试过在浏览器的“cookie 管理器”中查看 cookie?

尝试复制 cookie 并使用:wget --no-cookies --header "Cookie: name=value"

相关内容