\u8bf7\u6c42\u65b9\u6cd5\u4e0e\u72b6\u6001\u7801\uff1aHTTP \u7684\u52a8\u4f5c\u4e0e\u53cd\u9988<\/h3>\n\n\n\n
\u6211\u4eec\u5148\u4ece\u6700\u57fa\u7840\u7684 HTTP \u65b9\u6cd5\u548c\u72b6\u6001\u7801\u5165\u624b\u3002HTTP \u65b9\u6cd5\uff08\u5982 GET\u3001POST\uff09\u544a\u8bc9\u670d\u52a1\u5668\u4f60\u60f3\u505a\u4ec0\u4e48\u52a8\u4f5c\uff0c\u72b6\u6001\u7801\u5219\u662f\u670d\u52a1\u5668\u544a\u8bc9\u4f60\u52a8\u4f5c\u7684\u7ed3\u679c\u5982\u4f55\u3002\u8fd9\u5c31\u597d\u6bd4\u4f60\u53bb\u9910\u5385\uff1a\u4f60\u8bf4\u201c\u6211\u8981\u70b9\u9910\u201d\uff08POST \u65b9\u6cd5\uff09\uff0c\u670d\u52a1\u5458\u56de\u590d\u201c\u597d\u7684\uff0c\u8fd9\u662f\u83dc\u5355\u201d\uff08200 OK\uff09\uff1b\u6216\u8005\u8bf4\u201c\u6211\u8981\u53d6\u6d88\u8ba2\u5355\u201d\uff08DELETE \u65b9\u6cd5\uff09\uff0c\u670d\u52a1\u5458\u8bf4\u201c\u8ba2\u5355\u5df2\u53d6\u6d88\u201d\uff08200 OK\uff09\u6216\u201c\u8ba2\u5355\u4e0d\u5b58\u5728\u201d\uff08404 Not Found\uff09\u3002\u8fd9\u6837\u8bbe\u8ba1\u7684\u597d\u5904\u662f\uff0c\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u7aef\u901a\u8fc7\u4e00\u5957\u6807\u51c6\u5316\u7684\u201c\u52a8\u8bcd\u201d\u548c\u201c\u72b6\u6001\u7f16\u53f7\u201d\u6c9f\u901a\uff0c\u65e0\u8bba\u540e\u7aef\u7528\u4ec0\u4e48\u8bed\u8a00\uff0c\u524d\u7aef\u90fd\u80fd\u51c6\u786e\u7406\u89e3\u610f\u56fe\u548c\u7ed3\u679c\u3002<\/p>\n\n\n\n
\u5728\u7cfb\u7edf\u7ed3\u6784\u4e2d\uff0c\u65b9\u6cd5\u548c\u72b6\u6001\u7801\u4f4d\u4e8e HTTP \u534f\u8bae\u7684\u6700\u9876\u5c42\u2014\u2014\u8bf7\u6c42\u884c\u548c\u72b6\u6001\u884c\u4e2d\u3002\u8bf7\u6c42\u884c\u7531\u201c\u65b9\u6cd5 + \u8def\u5f84 + HTTP\u7248\u672c\u201d\u7ec4\u6210\uff0c\u72b6\u6001\u884c\u7531\u201c\u7248\u672c + \u72b6\u6001\u7801 + \u72b6\u6001\u77ed\u8bed\u201d\u7ec4\u6210\u3002\u6d4f\u89c8\u5668\u6216 HTTP \u5ba2\u6237\u7aef\u6784\u5efa\u8bf7\u6c42\u65f6\uff0c\u5fc5\u987b\u6307\u5b9a\u65b9\u6cd5\uff1b\u670d\u52a1\u7aef\u5904\u7406\u5b8c\u8bf7\u6c42\u540e\uff0c\u5fc5\u987b\u8fd4\u56de\u72b6\u6001\u7801\u3002\u5b83\u4eec\u4e0e\u8bf7\u6c42\u5934\u3001\u54cd\u5e94\u5934\u3001\u8bf7\u6c42\u4f53\u3001\u54cd\u5e94\u4f53\u5e76\u5217\uff0c\u4f46\u5374\u662f\u6700\u5148\u88ab\u89e3\u6790\u7684\u90e8\u5206\u3002<\/p>\n\n\n\n
\u4e3a\u4ec0\u4e48\u8fd9\u4e48\u8bbe\u8ba1\uff1f\u56e0\u4e3a\u65b9\u6cd5\u8ba9 HTTP \u5177\u5907\u4e86\u5bf9\u8d44\u6e90\u7684\u64cd\u4f5c\u8bed\u4e49\uff08\u5b89\u5168\u3001\u5e42\u7b49\u3001\u53ef\u7f13\u5b58\uff09\uff0c\u72b6\u6001\u7801\u8ba9\u5ba2\u6237\u7aef\u80fd\u7a0b\u5e8f\u5316\u5730\u5904\u7406\u4e0d\u540c\u7ed3\u679c\uff08\u6bd4\u5982 2xx \u8868\u793a\u6210\u529f\uff0c\u81ea\u52a8\u89e3\u6790\u54cd\u5e94\u4f53\uff1b4xx \u8868\u793a\u5ba2\u6237\u7aef\u9519\u8bef\uff0c\u5c55\u793a\u9519\u8bef\u63d0\u793a\uff09\u3002\u5177\u4f53\u5de5\u4f5c\u65f6\uff0c\u4f60\u6253\u5f00\u6d4f\u89c8\u5668\u5f00\u53d1\u8005\u5de5\u5177\u7684\u201c\u7f51\u7edc\u201d\u9762\u677f\uff0c\u5237\u65b0\u9875\u9762\uff0c\u53ef\u4ee5\u770b\u5230\u6bcf\u4e2a\u8bf7\u6c42\u7684\u65b9\u6cd5\u548c\u72b6\u6001\u7801\u3002\u7528\u547d\u4ee4\u884c\u5de5\u5177 curl \u4e5f\u80fd\u76f4\u89c2\u67e5\u770b\uff1a<\/p>\n\n\n\n
curl -I https:\/\/api.github.com\/users\/octocat<\/code><\/pre>\n\n\n\n\u8fd4\u56de\u7684\u7b2c\u4e00\u884c\u5c31\u662f HTTP\/2 200<\/code>\uff0c\u72b6\u6001\u7801 200 \u8868\u793a\u6210\u529f\u3002\u5e38\u7528\u7684\u65b9\u6cd5\u6709 GET\uff08\u83b7\u53d6\uff09\u3001POST\uff08\u521b\u5efa\uff09\u3001PUT\uff08\u5168\u91cf\u66f4\u65b0\uff09\u3001PATCH\uff08\u90e8\u5206\u66f4\u65b0\uff09\u3001DELETE\uff08\u5220\u9664\uff09\uff1b\u72b6\u6001\u7801\u5206\u7c7b\u4e3a 1xx\uff08\u4fe1\u606f\uff09\u30012xx\uff08\u6210\u529f\uff09\u30013xx\uff08\u91cd\u5b9a\u5411\uff09\u30014xx\uff08\u5ba2\u6237\u7aef\u9519\u8bef\uff09\u30015xx\uff08\u670d\u52a1\u5668\u9519\u8bef\uff09\u3002<\/p>\n\n\n\n\u5b9e\u9645\u573a\u666f\u4e2d\uff0c\u5f00\u53d1\u8c03\u8bd5 API \u65f6\uff0c\u770b\u5230 404 \u4f1a\u53bb\u68c0\u67e5\u8def\u5f84\u6216\u8d44\u6e90\u662f\u5426\u5b58\u5728\uff1b\u770b\u5230 500 \u5219\u8981\u6392\u67e5\u670d\u52a1\u5668\u4ee3\u7801\u3002\u6700\u5bb9\u6613\u8e29\u7684\u5751\u662f\u6ee5\u7528\u65b9\u6cd5\uff0c\u6bd4\u5982\u7528 GET \u6267\u884c\u5220\u9664\u64cd\u4f5c\uff0c\u8fd9\u8fdd\u53cd\u4e86 HTTP \u8bed\u4e49\uff0c\u4e5f\u5bb9\u6613\u88ab\u722c\u866b\u6216\u641c\u7d22\u5f15\u64ce\u8bef\u89e6\u53d1\uff1b\u6216\u8005\u8fd4\u56de\u72b6\u6001\u7801\u65f6\u53ea\u5173\u6ce8 200\uff0c\u5373\u4f7f\u4e1a\u52a1\u903b\u8f91\u5931\u8d25\u4e5f\u7528 200 \u5305\u88f9\uff0c\u5bfc\u81f4\u5ba2\u6237\u7aef\u65e0\u6cd5\u7edf\u4e00\u5904\u7406\u9519\u8bef\u3002\u6b63\u786e\u505a\u6cd5\u662f\u4e25\u683c\u9075\u5faa HTTP \u8bed\u4e49\uff1a\u975e\u7b80\u5355\u67e5\u8be2\u7528 POST\/PUT\/DELETE\uff0c\u9519\u8bef\u65f6\u8fd4\u56de\u5bf9\u5e94 4xx\/5xx \u72b6\u6001\u7801\u3002\u9a8c\u8bc1\u65b9\u6cd5\u5f88\u7b80\u5355\uff0c\u7528 curl \u52a0\u4e0a -X<\/code> \u6307\u5b9a\u65b9\u6cd5\uff0c\u89c2\u5bdf\u8fd4\u56de\u7801\u3002\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u5c31\u8981\u5b66\u4e60\u5982\u4f55\u5728\u8bf7\u6c42\u4e2d\u52a0\u5165\u66f4\u591a\u63a7\u5236\u4fe1\u606f\u2014\u2014\u8bf7\u6c42\u5934\u3002<\/p>\n\n\n\nMermaid \u56fe\u8868\uff1aHTTP\u8bf7\u6c42\u4e0e\u54cd\u5e94\u7ed3\u6784\u56fe<\/strong><\/p>\n\n\n\n![\"\"](\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\")
<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5c55\u793a\u4e86\u5b8c\u6574\u7684 HTTP \u8bf7\u6c42\u4e0e\u54cd\u5e94\u7ed3\u6784\u3002\u5de6\u4fa7\u5ba2\u6237\u7aef\u6784\u9020\u8bf7\u6c42\uff1a\u8bf7\u6c42\u884c\u5305\u542b\u65b9\u6cd5\u3001\u8def\u5f84\u548c\u7248\u672c\uff1b\u8bf7\u6c42\u5934\u662f\u4e00\u7cfb\u5217\u952e\u503c\u5bf9\uff1b\u7a7a\u884c\u5206\u9694\u5934\u4e0e\u4f53\uff1b\u8bf7\u6c42\u4f53\u5b58\u653e\u8981\u53d1\u9001\u7684\u6570\u636e\u3002\u53f3\u4fa7\u670d\u52a1\u5668\u8fd4\u56de\u54cd\u5e94\uff1a\u72b6\u6001\u884c\u5305\u542b\u7248\u672c\u3001\u72b6\u6001\u7801\u548c\u77ed\u8bed\uff1b\u54cd\u5e94\u5934\u63a7\u5236\u5ba2\u6237\u7aef\u884c\u4e3a\uff1b\u7a7a\u884c\u540e\u662f\u54cd\u5e94\u4f53\u6570\u636e\u3002\u7bad\u5934\u8868\u793a\u6570\u636e\u4ece\u5ba2\u6237\u7aef\u6d41\u5411\u670d\u52a1\u5668\uff0c\u518d\u8fd4\u56de\u5ba2\u6237\u7aef\u7684\u987a\u5e8f\u3002<\/p>\n\n\n\n
\u4fee\u6539\u8bf7\u6c42\u5934\uff1a\u5b9a\u5236\u5ba2\u6237\u7aef\u8eab\u4efd\u4e0e\u610f\u56fe<\/h3>\n\n\n\n
\u8bf7\u6c42\u5934\u5c31\u50cf\u5feb\u9012\u5355\u4e0a\u7684\u5907\u6ce8\u680f\uff0c\u4f60\u53ef\u4ee5\u6dfb\u52a0\u989d\u5916\u4fe1\u606f\uff0c\u4f8b\u5982\u8ba4\u8bc1\u4ee4\u724c\uff08Authorization\uff09\u3001\u671f\u671b\u7684\u54cd\u5e94\u683c\u5f0f\uff08Accept\uff09\u3001\u6765\u6e90\u9875\u9762\uff08Referer\uff09\u7b49\u3002\u4e3a\u4ec0\u4e48\u8981\u4fee\u6539\u8bf7\u6c42\u5934\uff1f\u56e0\u4e3a\u670d\u52a1\u7aef\u5e38\u5e38\u4f9d\u8d56\u8fd9\u4e9b\u5b57\u6bb5\u505a\u8eab\u4efd\u9a8c\u8bc1\u3001\u5185\u5bb9\u534f\u5546\u3001\u6d41\u91cf\u63a7\u5236\u3002\u4f8b\u5982\uff0c\u8c03\u7528\u9700\u8981\u767b\u5f55\u7684 API\uff0c\u4f60\u5fc5\u987b\u5728\u8bf7\u6c42\u5934\u4e2d\u643a\u5e26 session ID \u6216 JWT\uff1b\u60f3\u8ba9\u670d\u52a1\u5668\u8fd4\u56de JSON \u800c\u975e XML\uff0c\u5c31\u8981\u8bbe\u7f6e Accept: application\/json<\/code>\u3002<\/p>\n\n\n\n\u5728\u7cfb\u7edf\u7ed3\u6784\u4e2d\uff0c\u8bf7\u6c42\u5934\u5904\u4e8e\u8bf7\u6c42\u884c\u4e4b\u540e\u3001\u8bf7\u6c42\u4f53\u4e4b\u524d\u3002\u5ba2\u6237\u7aef\uff08\u6d4f\u89c8\u5668\u6216\u540e\u7aef\u670d\u52a1\uff09\u5728\u53d1\u9001\u8bf7\u6c42\u524d\u53ef\u4ee5\u81ea\u7531\u6dfb\u52a0\u3001\u4fee\u6539\u5934\u5b57\u6bb5\uff1b\u670d\u52a1\u5668\u6536\u5230\u540e\u6839\u636e\u5934\u5b57\u6bb5\u51b3\u5b9a\u5982\u4f55\u5904\u7406\u8bf7\u6c42\u3002\u6d4f\u89c8\u5668\u4e2d\u53ef\u4ee5\u7528 fetch<\/code> \u6216 XMLHttpRequest<\/code> \u4fee\u6539\u8bf7\u6c42\u5934\uff0cNode.js \u4e2d\u53ef\u4ee5\u7528 axios<\/code> \u6216 http<\/code> \u6a21\u5757\uff0c\u540e\u7aef\u670d\u52a1\u5219\u53ef\u80fd\u901a\u8fc7\u7f51\u5173\u6216\u4e2d\u95f4\u4ef6\u4fee\u6539\u8bf7\u6c42\u5934\uff08\u4f8b\u5982\u6dfb\u52a0\u8ffd\u8e2a ID\uff09\u3002<\/p>\n\n\n\n\u5b9e\u9645\u4e2d\u6700\u5e38\u7528\u7684\u5de5\u5177\u5f53\u7136\u662f\u7f16\u7a0b\u8bed\u8a00\u81ea\u5e26\u7684 HTTP \u5ba2\u6237\u7aef\u6216\u7b2c\u4e09\u65b9\u5e93\u30022025 \u5e74\uff0c\u6d4f\u89c8\u5668\u73af\u5883 fetch<\/code> \u5df2\u6210\u6807\u51c6\uff0cNode.js \u4e5f\u5185\u7f6e\u4e86 fetch<\/code>\uff08\u9700\u8981 Node.js 18+\uff09\uff0c\u4f46\u4e3a\u4e86\u66f4\u7075\u6d3b\u5730\u63a7\u5236\uff0c\u5f88\u591a\u4eba\u4ecd\u7528 axios<\/code>\u3002\u4e0b\u9762\u662f\u4e00\u4e2a\u524d\u7aef\u7528 fetch<\/code> \u53d1\u9001 POST \u8bf7\u6c42\u5e76\u6dfb\u52a0\u81ea\u5b9a\u4e49\u5934\u7684\u4f8b\u5b50\uff1a<\/p>\n\n\n\n\/\/ \u6d4f\u89c8\u5668\u73af\u5883\nconst response = await fetch('https:\/\/api.example.com\/users', {\n method: 'POST', \/\/ \u6307\u5b9a\u65b9\u6cd5\n headers: {\n 'Content-Type': 'application\/json', \/\/ \u544a\u77e5\u670d\u52a1\u5668\u8bf7\u6c42\u4f53\u662f JSON\n 'Authorization': 'Bearer eyJhbGci...', \/\/ \u643a\u5e26 JWT \u4ee4\u724c\n 'X-Request-ID': 'abc-123' \/\/ \u81ea\u5b9a\u4e49\u8ffd\u8e2a ID\n },\n body: JSON.stringify({ name: 'Alice' }) \/\/ \u8bf7\u6c42\u4f53\n});<\/code><\/pre>\n\n\n\n\u9010\u884c\u89e3\u91ca\uff1afetch<\/code> \u7684\u7b2c\u4e00\u4e2a\u53c2\u6570\u662f URL\uff0c\u7b2c\u4e8c\u4e2a\u53c2\u6570\u662f\u914d\u7f6e\u5bf9\u8c61\u3002method<\/code> \u660e\u786e\u8bf7\u6c42\u65b9\u6cd5\uff1bheaders<\/code> \u5bf9\u8c61\u91cc\u8bbe\u7f6e\u9700\u8981\u53d1\u9001\u7684\u5934\uff0cContent-Type<\/code> \u544a\u8bc9\u670d\u52a1\u5668\u6211\u4eec\u53d1\u9001\u7684\u662f JSON\uff0cAuthorization<\/code> \u662f\u5e38\u89c1\u7684\u8ba4\u8bc1\u5934\uff0cX-Request-ID<\/code> \u662f\u81ea\u5b9a\u4e49\u5934\uff0c\u5e38\u7528\u4e8e\u94fe\u8def\u8ffd\u8e2a\uff1bbody<\/code> \u5b58\u653e\u8981\u53d1\u9001\u7684\u6570\u636e\uff0c\u9700\u5e8f\u5217\u5316\u4e3a\u5b57\u7b26\u4e32\u3002<\/p>\n\n\n\n\u670d\u52a1\u7aef\u5982\u4f55\u8bfb\u53d6\u8fd9\u4e9b\u5934\uff1f\u4ee5 Node.js + Express \u4e3a\u4f8b\uff1a<\/p>\n\n\n\n
const express = require('express');\nconst app = express();\n\napp.use(express.json()); \/\/ \u89e3\u6790 JSON \u8bf7\u6c42\u4f53\n\napp.post('\/users', (req, res) => {\n const authHeader = req.headers['authorization']; \/\/ \u8bfb\u53d6 Authorization \u5934\n const requestId = req.headers['x-request-id']; \/\/ \u8bfb\u53d6\u81ea\u5b9a\u4e49\u5934\n console.log('Auth:', authHeader, 'RequestID:', requestId);\n\n \/\/ \u8fd9\u91cc\u53ef\u505a\u9a8c\u8bc1\uff1a\u5982\u679c authHeader \u65e0\u6548\u5219\u8fd4\u56de 401\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n return res.status(401).json({ error: 'Unauthorized' });\n }\n\n \/\/ \u5904\u7406\u4e1a\u52a1...\n res.status(201).json({ id: 123, name: req.body.name });\n});\n\napp.listen(3000);<\/code><\/pre>\n\n\n\nreq.headers<\/code> \u662f\u4e00\u4e2a\u5bf9\u8c61\uff0c\u5305\u542b\u4e86\u6240\u6709\u8bf7\u6c42\u5934\uff0c\u952e\u540d\u81ea\u52a8\u8f6c\u6210\u4e86\u5c0f\u5199\u3002\u6211\u4eec\u53ef\u4ee5\u901a\u8fc7\u5b83\u8bfb\u53d6\u5e76\u9a8c\u8bc1\u5934\u4fe1\u606f\u3002<\/p>\n\n\n\n\u6700\u5bb9\u6613\u8e29\u7684\u5751\u6709\u4e09\u4e2a\uff1a\u4e00\u662f\u8de8\u57df\u8bf7\u6c42\u65f6\uff0c\u5982\u679c\u6dfb\u52a0\u4e86\u975e\u7b80\u5355\u5934\uff08\u6bd4\u5982\u81ea\u5b9a\u4e49 X-Request-ID<\/code> \u6216 Authorization<\/code> \u5176\u5b9e\u4e5f\u7b97\u7b80\u5355\u5934\uff1f\u5b9e\u9645\u4e0a\uff0cAuthorization \u5c5e\u4e8e\u7b80\u5355\u5934\uff1f\u7b80\u5355\u5934\u5305\u62ec Accept\u3001Accept-Language\u3001Content-Language\u3001Content-Type\uff08\u4ec5\u9650\u67d0\u4e9b\u503c\uff09\uff0c\u800c Authorization \u4e0d\u5c5e\u4e8e\u7b80\u5355\u5934\uff0c\u56e0\u6b64\u4f1a\u89e6\u53d1 CORS \u9884\u68c0\u8bf7\u6c42\u3002\u8fd9\u610f\u5473\u7740\u6d4f\u89c8\u5668\u4f1a\u5148\u7528 OPTIONS \u65b9\u6cd5\u8be2\u95ee\u670d\u52a1\u5668\u662f\u5426\u5141\u8bb8\u8be5\u5934\uff0c\u82e5\u670d\u52a1\u5668\u4e0d\u5141\u8bb8\uff0c\u771f\u6b63\u7684\u8bf7\u6c42\u5c31\u4e0d\u4f1a\u53d1\u51fa\u3002\u4e8c\u662f\u5934\u540d\u79f0\u5927\u5c0f\u5199\uff0cHTTP \u89c4\u8303\u89c4\u5b9a\u5934\u540d\u79f0\u4e0d\u533a\u5206\u5927\u5c0f\u5199\uff0c\u4f46\u67d0\u4e9b\u670d\u52a1\u5668\u5b9e\u73b0\u53ef\u80fd\u4f9d\u8d56\u7279\u5b9a\u5927\u5c0f\u5199\uff08\u4e00\u822c\u4e0d\u4f1a\uff09\u3002\u4e09\u662f\u4e0d\u8981\u5728\u8bf7\u6c42\u5934\u4e2d\u66b4\u9732\u654f\u611f\u4fe1\u606f\uff08\u5982\u5185\u90e8 IP\u3001\u6570\u636e\u5e93\u5bc6\u7801\uff09\uff0c\u56e0\u4e3a\u8bf7\u6c42\u5934\u5728\u5ba2\u6237\u7aef\u53ef\u89c1\uff08\u6d4f\u89c8\u5668\u4e2d\uff09\u3002<\/p>\n\n\n\n\u9a8c\u8bc1\u8bf7\u6c42\u5934\u662f\u5426\u6b63\u786e\u53d1\u9001\uff0c\u53ef\u4ee5\u4f7f\u7528\u6d4f\u89c8\u5668\u5f00\u53d1\u8005\u5de5\u5177\u7684\u201c\u7f51\u7edc\u201d\u9762\u677f\uff0c\u70b9\u51fb\u8bf7\u6c42\u67e5\u770b\u201c\u8bf7\u6c42\u5934\u201d\u90e8\u5206\uff1b\u6216\u8005\u7528 curl \u7684 -v<\/code> \u53c2\u6570\u67e5\u770b\u8be6\u7ec6\u4ea4\u4e92\u3002\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u81ea\u7136\u8981\u770b\u770b\u670d\u52a1\u7aef\u5982\u4f55\u8fd4\u56de\u81ea\u5df1\u7684\u5934\u548c\u72b6\u6001\u7801\u3002<\/p>\n\n\n\nMermaid \u56fe\u8868\uff1a\u8bf7\u6c42\u5934\u4fee\u6539\u6d41\u7a0b\uff08\u4ee5Node.js\u4e2d\u95f4\u4ef6\u4e3a\u4f8b\uff09<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5c55\u793a\u4e86\u8bf7\u6c42\u5934\u5728\u670d\u52a1\u7aef\u88ab\u4e2d\u95f4\u4ef6\u4fee\u6539\u6216\u9a8c\u8bc1\u7684\u6d41\u7a0b\u3002\u5ba2\u6237\u7aef\u8bf7\u6c42\u8fdb\u5165\u540e\uff0c\u7b2c\u4e00\u4e2a\u4e2d\u95f4\u4ef6\u53ef\u80fd\u6dfb\u52a0\u6216\u4fee\u6539\u5934\uff08\u6bd4\u5982\u63d2\u5165\u8ffd\u8e2a ID\uff09\uff1b\u7b2c\u4e8c\u4e2a\u4e2d\u95f4\u4ef6\u8bfb\u53d6\u5e76\u9a8c\u8bc1 Authorization \u5934\uff0c\u82e5\u6709\u6548\u5219\u4ea4\u7ed9\u8def\u7531\u5904\u7406\u5668\uff0c\u65e0\u6548\u5219\u8df3\u8f6c\u5230\u9519\u8bef\u4e2d\u95f4\u4ef6\uff1b\u6700\u7ec8\u6240\u6709\u8def\u5f84\u90fd\u4f1a\u6c47\u805a\u5230\u54cd\u5e94\u8fd4\u56de\u5ba2\u6237\u7aef\u3002\u84dd\u8272\u548c\u9ec4\u8272\u5206\u522b\u8868\u793a\u4e0d\u540c\u7684\u4e2d\u95f4\u4ef6\u804c\u80fd\uff0c\u7bad\u5934\u65b9\u5411\u662f\u8bf7\u6c42\u7684\u4f20\u9012\u8def\u5f84\u3002<\/p>\n\n\n\n
\u4fee\u6539\u54cd\u5e94\u5934\u4e0e\u72b6\u6001\u7801\uff1a\u63a7\u5236\u5ba2\u6237\u7aef\u884c\u4e3a<\/h3>\n\n\n\n
\u54cd\u5e94\u5934\u548c\u72b6\u6001\u7801\u662f\u670d\u52a1\u7aef\u63a7\u5236\u5ba2\u6237\u7aef\u884c\u4e3a\u7684\u4e3b\u8981\u624b\u6bb5\u3002\u72b6\u6001\u7801\u544a\u8bc9\u5ba2\u6237\u7aef\u8bf7\u6c42\u7ed3\u679c\u7684\u5927\u7c7b\uff0c\u54cd\u5e94\u5934\u5219\u63d0\u4f9b\u7ec6\u5316\u6307\u4ee4\uff0c\u6bd4\u5982 Content-Type<\/code> \u544a\u8bc9\u6d4f\u89c8\u5668\u5982\u4f55\u89e3\u6790\u54cd\u5e94\u4f53\uff0cCache-Control<\/code> \u63a7\u5236\u7f13\u5b58\u7b56\u7565\uff0cSet-Cookie<\/code> \u8ba9\u6d4f\u89c8\u5668\u4fdd\u5b58\u8eab\u4efd\u4fe1\u606f\uff0cLocation<\/code> \u914d\u5408 3xx \u72b6\u6001\u7801\u5b9e\u73b0\u91cd\u5b9a\u5411\u3002\u4f60\u5c31\u50cf\u5feb\u9012\u516c\u53f8\uff0c\u4e0d\u4ec5\u544a\u8bc9\u5ba2\u6237\u201c\u5305\u88f9\u5df2\u53d1\u51fa\u201d\uff08\u72b6\u6001\u7801 200\uff09\uff0c\u8fd8\u5728\u9762\u5355\u4e0a\u6ce8\u660e\u201c\u9700\u672c\u4eba\u7b7e\u6536\u201d\uff08Cache-Control: no-cache<\/code>\uff09\u3002<\/p>\n\n\n\n\u5728\u7cfb\u7edf\u7ed3\u6784\u4e2d\uff0c\u670d\u52a1\u7aef\u7a0b\u5e8f\u901a\u8fc7\u6846\u67b6\u63d0\u4f9b\u7684 API \u8bbe\u7f6e\u72b6\u6001\u7801\u548c\u54cd\u5e94\u5934\u3002\u4ee5 Express \u4e3a\u4f8b\uff0cres.status(code)<\/code> \u8bbe\u7f6e\u72b6\u6001\u7801\uff0cres.set(field, value)<\/code> \u6216 res.set(object)<\/code> \u8bbe\u7f6e\u54cd\u5e94\u5934\uff0c\u6700\u540e\u7528 res.send()<\/code> \u6216 res.json()<\/code> \u53d1\u9001\u54cd\u5e94\u4f53\u3002<\/p>\n\n\n\n\u4e3e\u4e2a\u4f8b\u5b50\uff0c\u6211\u4eec\u521b\u5efa\u4e00\u4e2a\u767b\u5f55\u63a5\u53e3\uff0c\u6210\u529f\u65f6\u8fd4\u56de 200 \u548c JWT \u4ee4\u724c\uff0c\u540c\u65f6\u8bbe\u7f6e\u5b89\u5168\u54cd\u5e94\u5934\u9632\u6b62\u6d4f\u89c8\u5668\u9519\u8bef\u89e3\u6790\uff1b\u5931\u8d25\u65f6\u8fd4\u56de 401 \u5e76\u8981\u6c42\u8ba4\u8bc1\uff1a<\/p>\n\n\n\n
app.post('\/login', async (req, res) => {\n const { username, password } = req.body;\n\n \/\/ \u5047\u8bbe\u9a8c\u8bc1\u903b\u8f91\uff08\u5b9e\u9645\u5e94\u67e5\u8be2\u6570\u636e\u5e93\uff09\n if (username === 'admin' && password === 'secret') {\n \/\/ \u8bbe\u7f6e\u54cd\u5e94\u5934\uff1a\u6307\u660e\u5185\u5bb9\u7c7b\u578b\u4e3a JSON\uff0c\u5e76\u6dfb\u52a0\u5b89\u5168\u5934\n res.set({\n 'Content-Type': 'application\/json',\n 'Cache-Control': 'no-store', \/\/ \u7981\u6b62\u7f13\u5b58\u767b\u5f55\u7ed3\u679c\n 'X-Content-Type-Options': 'nosniff' \/\/ \u9632\u6b62\u6d4f\u89c8\u5668 MIME \u55c5\u63a2\n });\n \/\/ \u751f\u6210 JWT\uff08\u7b80\u5316\u793a\u4f8b\uff0c\u5b9e\u9645\u5e94\u4f7f\u7528\u5e93\uff09\n const token = 'jwt.' + Buffer.from(username).toString('base64');\n \/\/ \u8bbe\u7f6e\u72b6\u6001\u7801 200\uff0c\u5e76\u8fd4\u56de JSON \u4f53\n res.status(200).json({ token });\n } else {\n \/\/ \u8ba4\u8bc1\u5931\u8d25\uff1a\u8fd4\u56de 401 \u5e76\u544a\u8bc9\u5ba2\u6237\u7aef\u9700\u8981 Basic \u8ba4\u8bc1\n res.set('WWW-Authenticate', 'Basic realm=\"User Login\"');\n res.status(401).json({ error: 'Invalid credentials' });\n }\n});<\/code><\/pre>\n\n\n\n\u9010\u884c\u89e3\u91ca\uff1a\u9996\u5148\u901a\u8fc7 req.body<\/code> \u83b7\u53d6\u7528\u6237\u540d\u5bc6\u7801\uff1b\u9a8c\u8bc1\u6210\u529f\u540e\uff0c\u7528 res.set<\/code> \u6279\u91cf\u8bbe\u7f6e\u54cd\u5e94\u5934\uff1aContent-Type<\/code> \u660e\u786e\u662f JSON\uff0cCache-Control: no-store<\/code> \u907f\u514d\u767b\u5f55\u72b6\u6001\u88ab\u7f13\u5b58\uff0cX-Content-Type-Options<\/code> \u662f\u5b89\u5168\u5934\uff0c\u9632\u6b62\u6d4f\u89c8\u5668\u5c06\u54cd\u5e94\u8bef\u5f53\u4f5c\u5176\u4ed6\u683c\u5f0f\u6267\u884c\uff1b\u6700\u540e res.status(200).json(...)<\/code> \u8bbe\u7f6e\u72b6\u6001\u7801\u5e76\u53d1\u9001 JSON\u3002\u5931\u8d25\u65f6\uff0c\u8bbe\u7f6e WWW-Authenticate<\/code> \u5934\uff08\u7528\u4e8e HTTP \u57fa\u7840\u8ba4\u8bc1\uff09\uff0c\u5e76\u8fd4\u56de 401 \u72b6\u6001\u7801\u548c\u9519\u8bef\u4fe1\u606f\u3002<\/p>\n\n\n\n\u5bb9\u6613\u8e29\u7684\u5751\u6709\uff1a\u5728\u8c03\u7528 res.send()<\/code> \u6216 res.json()<\/code> \u4e4b\u540e\u53c8\u5c1d\u8bd5\u8bbe\u7f6e\u5934\u6216\u72b6\u6001\u7801\uff0c\u8fd9\u4f1a\u5bfc\u81f4\u201cCan’t set headers after they are sent\u201d\u9519\u8bef\uff1b\u72b6\u6001\u7801\u8bbe\u7f6e\u540e\u5fd8\u8bb0 return<\/code>\uff0c\u5bfc\u81f4\u540e\u7eed\u4ee3\u7801\u7ee7\u7eed\u6267\u884c\uff0c\u53ef\u80fd\u518d\u6b21\u53d1\u9001\u54cd\u5e94\uff1b\u54cd\u5e94\u5934\u91cd\u590d\uff0c\u9664\u4e86 Set-Cookie<\/code> \u5141\u8bb8\u91cd\u590d\uff0c\u5176\u4ed6\u5934\u4e00\u822c\u5e94\u907f\u514d\u91cd\u590d\u3002\u9a8c\u8bc1\u65f6\u7528 curl -I<\/code> \u53ea\u770b\u54cd\u5e94\u5934\uff0c\u6216\u7528 curl -v<\/code> \u770b\u5b8c\u6574\u4ea4\u4e92\uff1a<\/p>\n\n\n\ncurl -X POST http:\/\/localhost:3000\/login -H \"Content-Type: application\/json\" -d '{\"username\":\"admin\",\"password\":\"secret\"}' -v<\/code><\/pre>\n\n\n\n\u8f93\u51fa\u4f1a\u663e\u793a\u54cd\u5e94\u72b6\u6001\u7801\u548c\u6240\u6709\u5934\u5b57\u6bb5\u3002\u63a5\u4e0b\u6765\uff0c\u6211\u4eec\u7ed3\u5408\u8bf7\u6c42\u5934\u4fee\u6539\u548c\u54cd\u5e94\u5934\u8bbe\u7f6e\uff0c\u505a\u4e00\u4e2a\u7efc\u5408\u793a\u4f8b\uff0c\u5e76\u5f15\u5165\u5b89\u5168\u76f8\u5173\u7684\u4e2d\u95f4\u4ef6\u3002<\/p>\n\n\n\n
Mermaid \u56fe\u8868\uff1a\u54cd\u5e94\u5934\u4e0e\u72b6\u6001\u7801\u8bbe\u7f6e\u6d41\u7a0b<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u63cf\u8ff0\u4e86\u670d\u52a1\u5668\u5185\u90e8\u5982\u4f55\u6784\u5efa\u54cd\u5e94\u3002\u8def\u7531\u5904\u7406\u5668\u5206\u522b\u901a\u8fc7\u6846\u67b6\u65b9\u6cd5\u8bbe\u7f6e\u72b6\u6001\u7801\u3001\u54cd\u5e94\u5934\u548c\u54cd\u5e94\u4f53\uff0c\u8fd9\u4e9b\u7ec4\u4ef6\u6700\u7ec8\u88ab\u7ec4\u5408\u6210\u4e00\u4e2a\u5b8c\u6574\u7684 HTTP \u54cd\u5e94\u62a5\u6587\uff0c\u53d1\u9001\u56de\u5ba2\u6237\u7aef\u3002\u7bad\u5934\u8868\u793a\u6570\u636e\u6d41\u4ece\u5904\u7406\u5668\u5230\u54cd\u5e94\u5bf9\u8c61\uff0c\u518d\u5230\u5ba2\u6237\u7aef\u3002<\/p>\n\n\n\n
\u7efc\u5408\u793a\u4f8b\u4e0e\u5b89\u5168\u8003\u8651<\/h3>\n\n\n\n
\u73b0\u5728\u6211\u4eec\u628a\u8bf7\u6c42\u5934\u4fee\u6539\u3001\u54cd\u5e94\u5934\u8bbe\u7f6e\u3001\u72b6\u6001\u7801\u7ed3\u5408\u8d77\u6765\uff0c\u5b9e\u73b0\u4e00\u4e2a\u5177\u6709\u57fa\u672c\u5b89\u5168\u9632\u62a4\u7684 API\u3002\u5047\u8bbe\u6211\u4eec\u63d0\u4f9b\u4e00\u4e2a\u83b7\u53d6\u7528\u6237\u8d44\u6599\u7684\u63a5\u53e3\uff0c\u9700\u8981\u9a8c\u8bc1 Authorization \u5934\u4e2d\u7684 JWT\uff0c\u540c\u65f6\u8fd4\u56de\u5b89\u5168\u54cd\u5e94\u5934\u9632\u6b62\u5e38\u89c1\u6f0f\u6d1e\u3002\u6211\u4eec\u5c06\u4f7f\u7528 Express \u548c helmet<\/code> \u4e2d\u95f4\u4ef6\uff08\u4e00\u4e2a\u96c6\u6210\u4e86\u591a\u79cd\u5b89\u5168\u54cd\u5e94\u5934\u7684\u5e93\uff09\u3002<\/p>\n\n\n\nconst express = require('express');\nconst helmet = require('helmet'); \/\/ 2025\u5e74\u4e3b\u6d41\u7248\u672c\nconst app = express();\n\napp.use(helmet()); \/\/ \u81ea\u52a8\u8bbe\u7f6e\u591a\u4e2a\u5b89\u5168\u5934\uff1aCSP\u3001X-Frame-Options\u3001X-XSS-Protection \u7b49\napp.use(express.json());\n\n\/\/ \u6a21\u62df\u7528\u6237\u6570\u636e\u5e93\nconst users = { 1: { name: 'Alice' }, 2: { name: 'Bob' } };\n\n\/\/ \u8ba4\u8bc1\u4e2d\u95f4\u4ef6\uff1a\u9a8c\u8bc1 Authorization \u5934\nfunction authenticate(req, res, next) {\n const authHeader = req.headers['authorization'];\n if (!authHeader || !authHeader.startsWith('Bearer ')) {\n \/\/ \u8bbe\u7f6e\u54cd\u5e94\u5934 WWW-Authenticate\uff0c\u63d0\u793a\u5ba2\u6237\u7aef\u9700\u8981 Bearer \u4ee4\u724c\n res.set('WWW-Authenticate', 'Bearer realm=\"User Profile\"');\n return res.status(401).json({ error: 'Missing or invalid token' });\n }\n const token = authHeader.substring(7); \/\/ \u53bb\u6389 \"Bearer \"\n \/\/ \u5b9e\u9645\u5e94\u7528\u5e94\u9a8c\u8bc1 JWT \u7b7e\u540d\uff0c\u8fd9\u91cc\u4ec5\u505a\u6f14\u793a\n if (token !== 'valid-jwt') {\n return res.status(403).json({ error: 'Forbidden' }); \/\/ \u4ee4\u724c\u65e0\u6548\n }\n req.user = { id: 1 }; \/\/ \u6a21\u62df\u89e3\u6790\u51fa\u7684\u7528\u6237\u4fe1\u606f\n next();\n}\n\napp.get('\/profile\/:id', authenticate, (req, res) => {\n const userId = parseInt(req.params.id);\n if (userId !== req.user.id) {\n \/\/ \u5c1d\u8bd5\u8bbf\u95ee\u5176\u4ed6\u7528\u6237\u7684\u8d44\u6599\uff0c\u8fd4\u56de 403\n return res.status(403).json({ error: 'Access denied' });\n }\n const user = users[userId];\n if (!user) {\n return res.status(404).json({ error: 'User not found' });\n }\n \/\/ \u8bbe\u7f6e\u989d\u5916\u54cd\u5e94\u5934\uff1a\u7981\u6b62\u7f13\u5b58\uff0c\u660e\u786e\u5185\u5bb9\u7c7b\u578b\n res.set({\n 'Cache-Control': 'private, no-cache',\n 'Content-Type': 'application\/json'\n });\n res.status(200).json(user);\n});\n\napp.listen(3000, () => console.log('Server running on port 3000'));<\/code><\/pre>\n\n\n\n\u9010\u884c\u89e3\u91ca\uff1ahelmet()<\/code> \u5f15\u5165\u540e\u4f1a\u81ea\u52a8\u8bbe\u7f6e\u5b89\u5168\u54cd\u5e94\u5934\uff0c\u6bd4\u5982 Content-Security-Policy<\/code> \u9632\u6b62 XSS\uff0cX-Frame-Options<\/code> \u9632\u6b62\u70b9\u51fb\u52ab\u6301\u3002authenticate<\/code> \u4e2d\u95f4\u4ef6\u8bfb\u53d6 Authorization \u5934\uff0c\u82e5\u4e0d\u5b58\u5728\u6216\u683c\u5f0f\u4e0d\u5bf9\u5219\u8fd4\u56de 401 \u5e76\u9644\u5e26 WWW-Authenticate<\/code> \u5934\uff08\u7b26\u5408 HTTP \u89c4\u8303\uff09\uff1b\u82e5\u4ee4\u724c\u5185\u5bb9\u4e0d\u662f valid-jwt<\/code>\uff08\u6f14\u793a\u7528\uff09\u5219\u8fd4\u56de 403\u3002\u901a\u8fc7\u9a8c\u8bc1\u540e\uff0c\u5c06\u89e3\u6790\u51fa\u7684\u7528\u6237\u4fe1\u606f\u6302\u8f7d\u5230 req.user<\/code> \u4e0a\u3002\u8def\u7531\u5904\u7406\u4e2d\uff0c\u68c0\u67e5\u8bf7\u6c42\u7684 id<\/code> \u662f\u5426\u4e0e\u4ee4\u724c\u4e2d\u7684\u7528\u6237\u4e00\u81f4\uff0c\u9632\u6b62\u8d8a\u6743\uff1b\u82e5\u4e0d\u4e00\u81f4\u8fd4\u56de 403\u3002\u627e\u5230\u7528\u6237\u540e\u8bbe\u7f6e\u7f13\u5b58\u63a7\u5236\u548c\u5185\u5bb9\u7c7b\u578b\uff0c\u8fd4\u56de 200 \u548c\u7528\u6237\u6570\u636e\u3002<\/p>\n\n\n\n\u6700\u5bb9\u6613\u8e29\u7684\u5751\u662f\u201c\u5934\u6ce8\u5165\u201d\uff08Header Injection\uff09\u6f0f\u6d1e\u3002\u5982\u679c\u670d\u52a1\u7aef\u7528\u7528\u6237\u8f93\u5165\u62fc\u63a5\u54cd\u5e94\u5934\uff08\u6bd4\u5982 res.set('X-Custom-Header', userInput)<\/code>\uff09\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u901a\u8fc7\u8f93\u5165\u5305\u542b\u6362\u884c\u7b26\u7684\u5b57\u7b26\u4e32\uff0c\u6ce8\u5165\u865a\u5047\u5934\u6216\u5206\u5272\u54cd\u5e94\u4f53\u3002\u6b63\u786e\u505a\u6cd5\u662f\u6c38\u8fdc\u4e0d\u8981\u76f4\u63a5\u4f7f\u7528\u672a\u8fc7\u6ee4\u7684\u7528\u6237\u8f93\u5165\u8bbe\u7f6e\u5934\uff0c\u6216\u8005\u81f3\u5c11\u79fb\u9664\u6362\u884c\u7b26\u3002\u9a8c\u8bc1\u5b89\u5168\u5934\u914d\u7f6e\u53ef\u4ee5\u7528 curl -I<\/code> \u67e5\u770b\uff0c\u6216\u4f7f\u7528\u5728\u7ebf\u5de5\u5177\u5982 securityheaders.com \u626b\u63cf\u3002\u4e0b\u4e00\u6b65\u64cd\u4f5c\u5efa\u8bae\uff1a\u6df1\u5165\u5b66\u4e60 HTTPS \u786e\u4fdd\u4f20\u8f93\u5c42\u52a0\u5bc6\uff0c\u4ee5\u53ca OAuth2\u3001JWT \u7b49\u8ba4\u8bc1\u6388\u6743\u673a\u5236\uff0c\u5b83\u4eec\u90fd\u4f9d\u8d56\u4e8e\u8bf7\u6c42\u5934\uff08Authorization\uff09\u548c\u54cd\u5e94\u5934\uff08Set-Cookie\uff09\u3002<\/p>\n\n\n\nMermaid \u56fe\u8868\uff1a\u5305\u542b\u5b89\u5168\u5934\u4e0e\u8ba4\u8bc1\u7684\u8bf7\u6c42\u5904\u7406\u6d41\u7a0b<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5b8c\u6574\u5448\u73b0\u4e86\u8bf7\u6c42\u7ecf\u8fc7\u591a\u4e2a\u4e2d\u95f4\u4ef6\u6700\u7ec8\u751f\u6210\u54cd\u5e94\u7684\u8def\u5f84\u3002\u9996\u5148 helmet<\/code> \u4e2d\u95f4\u4ef6\u5728\u54cd\u5e94\u4e0a\u9884\u8bbe\u5b89\u5168\u5934\uff08\u5373\u4f7f\u540e\u7eed\u51fa\u9519\uff0c\u8fd9\u4e9b\u5934\u4e5f\u4f1a\u88ab\u53d1\u9001\uff09\u3002\u7136\u540e\u8ba4\u8bc1\u4e2d\u95f4\u4ef6\u9a8c\u8bc1\u8bf7\u6c42\u5934\uff0c\u901a\u8fc7\u540e\u8fdb\u5165\u8def\u7531\u5904\u7406\u5668\uff0c\u5904\u7406\u5668\u6839\u636e\u4e1a\u52a1\u903b\u8f91\u8fd4\u56de\u4e0d\u540c\u72b6\u6001\u7801\u548c\u5934\u3002\u6240\u6709\u8def\u5f84\u6700\u540e\u6c47\u805a\u6210\u6700\u7ec8\u54cd\u5e94\u8fd4\u56de\u5ba2\u6237\u7aef\u3002\u4e0d\u540c\u989c\u8272\u533a\u5206\u4e86\u901a\u7528\u5b89\u5168\u4e2d\u95f4\u4ef6\u3001\u8ba4\u8bc1\u4e2d\u95f4\u4ef6\u548c\u4e1a\u52a1\u5904\u7406\u5668\u3002<\/p>\n\n\n\n\u51b3\u7b56\u6307\u5357\uff1a\u4f55\u65f6\u5fc5\u987b\u4fee\u6539\u8bf7\u6c42\u5934\u4e0e\u8fd4\u56de\u5305\uff1f<\/h3>\n\n\n\n
\u4f60\u9700\u8981\u4fee\u6539\u8bf7\u6c42\u5934\u7684\u60c5\u51b5\u5f88\u660e\u786e\uff1a\u5f53\u4f60\u8981\u4f20\u9012\u8eab\u4efd\u51ed\u8bc1\uff08Authorization\uff09\u3001\u544a\u77e5\u670d\u52a1\u5668\u4f60\u671f\u671b\u7684\u5185\u5bb9\u683c\u5f0f\uff08Accept\uff09\u3001\u8ffd\u8e2a\u8bf7\u6c42\u94fe\u8def\uff08X-Request-ID\uff09\u3001\u6216\u8005\u9700\u8981\u6a21\u62df\u7279\u5b9a\u5ba2\u6237\u7aef\uff08User-Agent\uff09\u65f6\uff0c\u5c31\u5fc5\u987b\u5728\u8bf7\u6c42\u4e2d\u8bbe\u7f6e\u76f8\u5e94\u7684\u5934\u3002\u66ff\u4ee3\u65b9\u6848\u662f\u7528 Cookie \u4f20\u9012\u8eab\u4efd\uff08\u672c\u8d28\u4e5f\u662f\u8bf7\u6c42\u5934\uff09\uff0c\u6216\u8005\u5c06\u4fe1\u606f\u653e\u5728 URL \u67e5\u8be2\u53c2\u6570\u4e2d\uff0c\u4f46\u67e5\u8be2\u53c2\u6570\u4f1a\u66b4\u9732\u5728\u6d4f\u89c8\u5668\u5386\u53f2\u3001\u670d\u52a1\u5668\u65e5\u5fd7\u4e2d\uff0c\u4e0d\u9002\u5408\u654f\u611f\u6570\u636e\uff0c\u4e14\u957f\u5ea6\u53d7\u9650\u3002<\/p>\n\n\n\n
\u4fee\u6539\u54cd\u5e94\u5934\u548c\u72b6\u6001\u7801\u5219\u662f\u670d\u52a1\u7aef\u7684\u5fc5\u5907\u6280\u80fd\u3002\u5fc5\u987b\u4fee\u6539\u7684\u573a\u666f\u5305\u62ec\uff1a<\/p>\n\n\n\n
\n- \u6839\u636e\u4e1a\u52a1\u7ed3\u679c\u8fd4\u56de\u6b63\u786e\u7684\u72b6\u6001\u7801\uff082xx\/4xx\/5xx\uff09\uff0c\u8fd9\u662f API \u8bbe\u8ba1\u7684\u57fa\u672c\u8981\u6c42\u3002<\/li>\n\n\n\n
- \u63a7\u5236\u5ba2\u6237\u7aef\u7f13\u5b58\uff0c\u4f7f\u7528
Cache-Control<\/code>\u3001ETag<\/code> \u7b49\u5934\u3002<\/li>\n\n\n\n- \u8bbe\u7f6e\u5b89\u5168\u7b56\u7565\uff0c\u5982
Content-Security-Policy<\/code>\u3001X-Frame-Options<\/code>\u3001Strict-Transport-Security<\/code>\uff08HSTS\uff09\uff0c\u8fd9\u4e9b\u5728\u73b0\u4ee3 Web \u5e94\u7528\u4e2d\u662f\u4e0d\u53ef\u6216\u7f3a\u7684\u3002<\/li>\n\n\n\n- \u5f15\u5bfc\u5ba2\u6237\u7aef\u91cd\u5b9a\u5411\uff083xx + Location \u5934\uff09\u3002<\/li>\n\n\n\n
- \u901a\u8fc7
Set-Cookie<\/code> \u5728\u5ba2\u6237\u7aef\u5b58\u50a8\u72b6\u6001\u3002<\/li>\n<\/ul>\n\n\n\n\u66ff\u4ee3\u65b9\u6848\u662f\u4f9d\u8d56\u670d\u52a1\u5668\u7684\u9ed8\u8ba4\u5934\uff0c\u4f46\u9ed8\u8ba4\u5934\u5f80\u5f80\u7f3a\u4e4f\u5b89\u5168\u8003\u8651\uff08\u5982\u53ef\u80fd\u6cc4\u9732\u670d\u52a1\u5668\u7248\u672c\uff09\uff0c\u4e14\u65e0\u6cd5\u5b9e\u73b0\u7cbe\u7ec6\u5316\u63a7\u5236\u3002\u56e0\u6b64\uff0c\u5bf9\u4e8e\u751f\u4ea7\u73af\u5883\uff0c\u5f3a\u70c8\u5efa\u8bae\u81f3\u5c11\u4f7f\u7528 helmet<\/code> \u8fd9\u6837\u7684\u4e2d\u95f4\u4ef6\u7edf\u4e00\u8bbe\u7f6e\u5b89\u5168\u5934\uff0c\u5e76\u6839\u636e\u4e1a\u52a1\u9700\u6c42\u5b9a\u5236\u72b6\u6001\u7801\u548c\u7f13\u5b58\u5934\u3002<\/p>\n\n\n\n\u603b\u800c\u8a00\u4e4b\uff0c\u8bf7\u6c42\u5934\u548c\u8fd4\u56de\u5305\u662f HTTP \u5bf9\u8bdd\u7684\u201c\u5143\u6570\u636e\u201d\uff0c\u5b83\u4eec\u548c\u65b9\u6cd5\u3001\u72b6\u6001\u7801\u5171\u540c\u6784\u6210\u4e86 Web \u901a\u4fe1\u7684\u9aa8\u67b6\u3002\u638c\u63e1\u5b83\u4eec\u7684\u4fee\u6539\u65b9\u6cd5\uff0c\u4e0d\u4ec5\u80fd\u8ba9\u4f60\u6784\u5efa\u51fa\u529f\u80fd\u5b8c\u5907\u7684\u63a5\u53e3\uff0c\u66f4\u662f\u8fc8\u5411\u5b89\u5168\u5f00\u53d1\u7684\u7b2c\u4e00\u6b65\u3002\u73b0\u5728\uff0c\u4f60\u53ef\u4ee5\u6253\u5f00\u7ec8\u7aef\uff0c\u52a8\u624b\u8bd5\u8bd5\u7528 curl \u6216\u5199\u4e00\u5c0f\u6bb5\u4ee3\u7801\uff0c\u89c2\u5bdf\u5934\u7684\u53d8\u5316\uff0c\u9010\u6b65\u52a0\u6df1\u7406\u89e3\u3002<\/p>\n\n\n\n
\u6570\u636e\u5305\u5206\u6790-\u7ea2\u961f\u653b\u51fb\u5de5\u5177&\u84dd\u961f\u6d41\u91cf\u7814\u5224<\/h2>\n\n\n\n
\u60f3\u8c61\u4e00\u4e0b\uff0c\u4f60\u662f\u4e00\u540d\u5feb\u9012\u516c\u53f8\u7684\u5b89\u5168\u4e3b\u7ba1\uff0c\u6bcf\u5929\u6709\u6210\u5343\u4e0a\u4e07\u7684\u5305\u88f9\uff08\u6570\u636e\u5305\uff09\u5728\u5206\u62e8\u4e2d\u5fc3\u6d41\u8f6c\u3002\u7ea2\u961f\u5c31\u662f\u90a3\u4e9b\u8bd5\u56fe\u6df7\u5165\u5047\u5305\u88f9\u6216\u8fdd\u7981\u54c1\u7684\u201c\u6e17\u900f\u6d4b\u8bd5\u5458\u201d\uff0c\u4ed6\u4eec\u4f1a\u7528\u7279\u6b8a\u7684\u5305\u88c5\u624b\u6cd5\uff08\u653b\u51fb\u5de5\u5177\uff09\u3001\u4f2a\u9020\u7684\u9762\u5355\u4fe1\u606f\uff08\u6d41\u91cf\u7279\u5f81\uff09\u6765\u6d4b\u8bd5\u4f60\u7684\u5b89\u68c0\u80fd\u529b\u3002\u800c\u84dd\u961f\uff0c\u5c31\u662f\u4f60\u5728\u76d1\u63a7\u5ba4\u91cc\u76ef\u7740\u5c4f\u5e55\u7684\u5b89\u68c0\u4e13\u5bb6\uff0c\u4f60\u7684\u4efb\u52a1\u662f\u4ece\u6d77\u91cf\u6d41\u8f6c\u7684\u5305\u88f9\u4e2d\uff0c\u901a\u8fc7\u626b\u63cf\u4eea\u56fe\u50cf\uff08\u6d41\u91cf\u6570\u636e\uff09\u5feb\u901f\u8bc6\u522b\u51fa\u90a3\u4e9b\u5f02\u5e38\u5305\u88f9\uff0c\u5224\u65ad\u5b83\u6765\u81ea\u54ea\u4e2a\u56e2\u4f19\u3001\u7528\u4e86\u4ec0\u4e48\u624b\u6cd5\u3001\u4f01\u56fe\u8fd0\u5230\u54ea\u91cc\uff0c\u8fd9\u5c31\u662f\u201c\u6570\u636e\u5305\u5206\u6790-\u7ea2\u961f\u653b\u51fb\u5de5\u5177&\u84dd\u961f\u6d41\u91cf\u7814\u5224\u201d\u3002\u4e0a\u4e00\u8bb2\u6211\u4eec\u805a\u7126\u4e8e\u5355\u4e2a HTTP \u8bf7\u6c42\u548c\u54cd\u5e94\u7684\u201c\u4e66\u4fe1\u683c\u5f0f\u201d\uff0c\u8fd9\u4e00\u8bb2\u6211\u4eec\u5c06\u89c6\u89d2\u62c9\u9ad8\uff0c\u89c2\u5bdf\u4e00\u6574\u6bb5\u7f51\u7edc\u4f1a\u8bdd\u7684\u201c\u653b\u9632\u5f55\u50cf\u201d\uff0c\u5b66\u4e60\u5982\u4f55\u4ece\u6d41\u91cf\u4e2d\u8fd8\u539f\u653b\u51fb\u8005\u7684\u6bcf\u4e00\u4e2a\u52a8\u4f5c\u3002<\/p>\n\n\n\n
\u6570\u636e\u5305\u5206\u6790\uff1a\u7f51\u7edc\u4e16\u754c\u7684\u201c\u9ed1\u5323\u5b50\u201d\u4e0e\u201cX\u5149\u673a\u201d<\/h3>\n\n\n\n
\u6570\u636e\u5305\u5206\u6790\u89e3\u51b3\u7684\u6838\u5fc3\u95ee\u9898\uff0c\u662f\u5728\u7f51\u7edc\u653b\u51fb\u53d1\u751f\u540e\uff0c\u56de\u7b54\u201c\u4e09\u4e2aW\u201d\uff1a\u8c01\uff08Who\uff09\u653b\u51fb\u4e86\u6211\u4eec\uff1f\u7528\u4e86\u4ec0\u4e48\u5de5\u5177\uff08What tool\uff09\uff1f\u505a\u4e86\u54ea\u4e9b\u64cd\u4f5c\uff08What action\uff09\uff1f\u8fd9\u5c31\u50cf\u98de\u673a\u5931\u4e8b\u540e\u5bfb\u627e\u9ed1\u5323\u5b50\uff0c\u901a\u8fc7\u5206\u6790\u98de\u884c\u6570\u636e\u8bb0\u5f55\u6765\u8fd8\u539f\u4e8b\u6545\u7ecf\u8fc7\u3002\u5728\u65e5\u5e38\u8fd0\u7ef4\u4e2d\uff0c\u6211\u4eec\u53ea\u80fd\u770b\u5230\u670d\u52a1\u5668\u65e5\u5fd7\u91cc\u7684 IP \u548c\u72b6\u6001\u7801\uff08\u5c31\u50cf\u4e0a\u4e00\u8bb2\u5b66\u7684\u54cd\u5e94\u5934\u548c\u72b6\u6001\u7801\uff09\uff0c\u4f46\u65e5\u5fd7\u4e0d\u4f1a\u8bb0\u5f55\u653b\u51fb\u8005\u4f20\u8f93\u7684\u6076\u610f\u6587\u4ef6\u5185\u5bb9\uff0c\u4e5f\u4e0d\u4f1a\u8bb0\u5f55\u52a0\u5bc6\u96a7\u9053\u91cc\u5177\u4f53\u7684\u547d\u4ee4\u4ea4\u4e92\u3002\u6570\u636e\u5305\u5206\u6790\uff0c\u5c31\u662f\u8ba9\u6211\u4eec\u6709\u673a\u4f1a\u770b\u5230\u201c\u5feb\u9012\u5305\u88f9\u201d\u91cc\u5230\u5e95\u88c5\u7684\u662f\u4ec0\u4e48\u2014\u2014\u662f\u660e\u6587\u4f20\u8f93\u7684\u201cwhoami\u201d\u547d\u4ee4\uff0c\u8fd8\u662f\u52a0\u5bc6\u540e\u7684 C2 \u5fc3\u8df3\u5305\u3002<\/p>\n\n\n\n
\u5728\u7cfb\u7edf\u7ed3\u6784\u4e2d\uff0c\u6570\u636e\u5305\u5206\u6790\u5de5\u5177\uff08\u5982 Wireshark\uff09\u4f4d\u4e8e\u7f51\u7edc\u534f\u8bae\u6808\u7684\u201c\u6700\u5e95\u5c42\u201d\uff0c\u5b83\u80fd\u6355\u83b7\u7f51\u5361\u4e0a\u6d41\u7ecf\u7684\u539f\u59cb\u7535\u4fe1\u53f7\uff0c\u5e76\u5c06\u5176\u89e3\u6790\u4e3a\u4ece\u7269\u7406\u5c42\u5230\u5e94\u7528\u5c42\u7684\u5b8c\u6574\u6570\u636e\u3002\u5b83\u4e0e\u6211\u4eec\u4e0a\u4e00\u8bb2\u7684\u201c\u8bf7\u6c42\u5934&\u8fd4\u56de\u5305\u201d\u662f\u4ec0\u4e48\u5173\u7cfb\uff1f\u4e0a\u4e00\u8bb2\u6211\u4eec\u5173\u6ce8\u7684\u662f\u6784\u9020\u8bf7\u6c42\u548c\u89e3\u6790\u54cd\u5e94\uff0c\u662f\u201c\u5199\u4fe1\u201d\u7684\u89c4\u8303\uff1b\u800c\u6570\u636e\u5305\u5206\u6790\u662f\u201c\u8bfb\u4fe1\u201d\u7684\u9006\u5411\u8fc7\u7a0b\uff0c\u5e76\u4e14\u80fd\u8bfb\u53d6\u5230 TCP \u4e09\u6b21\u63e1\u624b\u3001IP \u5206\u7247\u3001TLS \u63e1\u624b\u7b49\u4f20\u8f93\u5c42\u548c\u7f51\u7edc\u5c42\u7684\u7ec6\u8282\uff0c\u8fd9\u4e9b\u5728\u6d4f\u89c8\u5668\u7684\u5f00\u53d1\u8005\u5de5\u5177\u91cc\u662f\u770b\u4e0d\u5230\u7684\u3002\u4e3e\u4e2a\u4f8b\u5b50\uff0c\u5f53\u4f60\u7528 Burp Suite\uff08\u4e00\u4e2a Web \u4ee3\u7406\u5de5\u5177\uff09\u6293\u5305\u65f6\uff0c\u5b83\u53ea\u80fd\u770b\u5230 HTTP\/HTTPS \u5c42\uff0c\u800c Wireshark \u80fd\u770b\u5230\u5e95\u5c42\u7684 TCP \u5e8f\u5217\u53f7\u3001\u7a97\u53e3\u5927\u5c0f\uff0c\u751a\u81f3\u80fd\u68c0\u6d4b\u5230 TCP \u4f1a\u8bdd\u52ab\u6301\u3002<\/p>\n\n\n\n
\u4e3a\u4ec0\u4e48\u5fc5\u987b\u5b66\u4f1a\u6570\u636e\u5305\u5206\u6790\uff1f\u56e0\u4e3a\u7ea2\u961f\u5de5\u5177\u8d8a\u6765\u8d8a\u72e1\u733e\u3002\u6bd4\u5982 Cobalt Strike\uff08\u7b80\u79f0 CS\uff09\u7684\u6d41\u91cf\u53ef\u4ee5\u4f2a\u88c5\u6210\u6b63\u5e38\u7684 HTTPS\uff0c\u5982\u679c\u4f60\u53ea\u4f9d\u8d56 Web \u65e5\u5fd7\uff0c\u770b\u5230\u7684\u53ea\u662f\u4e00\u5806 200 OK \u7684\u52a0\u5bc6\u6d41\u91cf\uff0c\u6839\u672c\u65e0\u6cd5\u5224\u65ad\u662f\u7528\u6237\u6b63\u5e38\u6d4f\u89c8\u8fd8\u662f\u653b\u51fb\u8005\u5728\u8fdc\u7a0b\u6267\u884c\u547d\u4ee4\u3002\u53ea\u6709\u901a\u8fc7\u6d41\u91cf\u5206\u6790\uff0c\u7ed3\u5408 JA3 \u6307\u7eb9\u3001\u5fc3\u8df3\u5305\u95f4\u9694\u3001\u8bc1\u4e66\u7279\u5f81\u7b49\uff0c\u624d\u80fd\u4ece\u52a0\u5bc6\u6d41\u91cf\u4e2d\u63ea\u51fa\u201c\u62ab\u7740\u7f8a\u76ae\u7684\u72fc\u201d\u3002<\/p>\n\n\n\n
Mermaid \u56fe\u8868\uff1a\u6570\u636e\u5305\u5206\u6790\u5728\u7f51\u7edc\u5b89\u5168\u4f53\u7cfb\u4e2d\u7684\u4f4d\u7f6e<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5c55\u793a\u4e86\u6570\u636e\u5305\u5206\u6790\u7684\u5c42\u7ea7\u7ed3\u6784\u3002\u6700\u5e95\u5c42\u662f\u539f\u59cb\u6d41\u91cf\uff0c\u53ef\u4ee5\u662f\u5b9e\u65f6\u6293\u53d6\u6216\u4fdd\u5b58\u7684 PCAP \u6587\u4ef6\u3002\u4e2d\u95f4\u5c42\u662f\u5206\u6790\u5de5\u5177\uff0cWireshark \u8d1f\u8d23\u6df1\u5ea6\u534f\u8bae\u89e3\u6790\uff0c\u800c NIDS\uff08\u5982 Snort\uff09\u8d1f\u8d23\u81ea\u52a8\u544a\u8b66\u3002\u6700\u4e0a\u5c42\u662f\u5e94\u7528\u8f93\u51fa\uff1a\u7ea2\u961f\u7528\u5206\u6790\u7ed3\u679c\u4f18\u5316\u5de5\u5177\u7279\u5f81\uff08\u5982\u4fee\u6539 CS \u7684\u9ed8\u8ba4\u8bc1\u4e66\uff09\uff0c\u84dd\u961f\u5219\u7528\u5176\u8fd8\u539f\u653b\u51fb\u94fe\u3001\u5173\u8054\u5a01\u80c1\u60c5\u62a5\u3002\u84dd\u8272\u4ee3\u8868\u901a\u7528\u5de5\u5177\uff0c\u6a59\u8272\u4ee3\u8868\u7ea2\u961f\u7528\u9014\uff0c\u7eff\u8272\u4ee3\u8868\u84dd\u961f\u7528\u9014\u3002<\/p>\n\n\n\n
\u7ea2\u961f\u653b\u51fb\u5de5\u5177\u6d41\u91cf\u7279\u5f81\uff1a\u8bc6\u522b\u653b\u51fb\u8005\u7684\u201c\u7b7e\u540d\u201d<\/h3>\n\n\n\n
\u7ea2\u961f\u5de5\u5177\u4e94\u82b1\u516b\u95e8\uff0c\u4f46\u65e0\u8bba\u600e\u4e48\u9690\u85cf\uff0c\u53ea\u8981\u4ea7\u751f\u7f51\u7edc\u6d41\u91cf\uff0c\u5c31\u4e00\u5b9a\u4f1a\u7559\u4e0b\u201c\u7b7e\u540d\u201d\u3002\u8fd9\u4e9b\u7b7e\u540d\u53ef\u80fd\u85cf\u5728 TLS \u8bc1\u4e66\u7684\u9881\u53d1\u8005\u5b57\u6bb5\u91cc\uff0c\u53ef\u80fd\u85cf\u5728 HTTP \u5934\u7684\u987a\u5e8f\u91cc\uff0c\u751a\u81f3\u85cf\u5728\u52a0\u5bc6\u6d41\u91cf\u7684\u5305\u957f\u5ea6\u89c4\u5f8b\u91cc\u3002\u8bc6\u522b\u8fd9\u4e9b\u7b7e\u540d\uff0c\u5c31\u662f\u84dd\u961f\u7814\u5224\u7684\u6838\u5fc3\u3002<\/p>\n\n\n\n
\u5e38\u89c1\u7ea2\u961f\u5de5\u5177\u53ca\u5176\u6d41\u91cf\u6307\u7eb9<\/h4>\n\n\n\n
\u5148\u4ece\u6700\u57fa\u7840\u7684\u5de5\u5177\u8bf4\u8d77\u3002Nmap<\/strong> \u662f\u4e00\u4e2a\u7aef\u53e3\u626b\u63cf\u5668\uff0c\u5b83\u7684 SYN \u534a\u5f00\u626b\u63cf\u4f1a\u5728\u77ed\u65f6\u95f4\u5185\u4ea7\u751f\u5927\u91cf\u6e90 IP \u76f8\u540c\u3001\u76ee\u6807\u7aef\u53e3\u9012\u589e\u7684 TCP SYN \u5305\uff0c\u6ca1\u6709\u5b8c\u6574\u7684\u4e09\u6b21\u63e1\u624b\uff0c\u8fd9\u79cd\u6d41\u91cf\u6a21\u5f0f\u5f88\u5bb9\u6613\u88ab IDS \u68c0\u6d4b\u5230\u3002SQLMap<\/strong> \u662f\u4e00\u4e2a\u81ea\u52a8\u5316 SQL \u6ce8\u5165\u5de5\u5177\uff0c\u5b83\u7684\u6d41\u91cf\u7279\u5f81\u901a\u5e38\u5305\u62ec\u5927\u91cf\u7684\u5e03\u5c14\u67e5\u8be2\u3001\u65f6\u95f4\u5ef6\u8fdf\u6ce8\u5165\u7684\u660e\u663e\u54cd\u5e94\u65f6\u95f4\u5dee\uff0c\u4ee5\u53ca User-Agent \u9ed8\u8ba4\u503c\uff08\u5982 \u201csqlmap\/1.6\u201d\uff09\uff0c\u4e0d\u8fc7\u7ea2\u961f\u901a\u5e38\u4f1a\u4fee\u6539 UA\uff0c\u6240\u4ee5\u66f4\u9690\u853d\u7684\u7279\u5f81\u662f\u8bf7\u6c42\u53c2\u6570\u4e2d\u5927\u91cf\u7684\u6570\u5b66\u8fd0\u7b97\uff08\u5982 2*3<\/code>\u30014-2<\/code>\uff09\u7528\u4e8e\u5224\u65ad\u6ce8\u5165\u70b9\u3002<\/p>\n\n\n\n\u771f\u6b63\u8ba9\u84dd\u961f\u5934\u75bc\u7684\u662f Cobalt Strike (CS)<\/strong> \u548c Metasploit (MSF)<\/strong> \u8fd9\u7c7b\u8fdc\u63a7\u5de5\u5177\u3002CS \u7684\u9ed8\u8ba4 HTTPS \u76d1\u542c\u5668\u6709\u975e\u5e38\u660e\u663e\u7684\u7279\u5f81\uff1a\u8bc1\u4e66\u7684\u9881\u53d1\u8005\uff08Issuer\uff09\u5b57\u6bb5\u901a\u5e38\u5305\u542b \u201ccobaltstrike\u201d \u5b57\u6837\uff0c\u6216\u8005\u4f7f\u7528\u9ed8\u8ba4\u7684 Java Keystore \u751f\u6210\u7684\u8bc1\u4e66\uff0c\u5176\u6307\u7eb9\uff08\u5982 38:8C:9E:D1:0A:8D:73:2C:\u2026\uff09\u662f\u516c\u5f00\u7684\u3002\u6b64\u5916\uff0cCS \u7684 Beacon \u9ed8\u8ba4\u5fc3\u8df3\u95f4\u9694\u662f 60 \u79d2\uff0c\u4e14\u5fc3\u8df3\u5305\u901a\u5e38\u662f\u56fa\u5b9a\u7684\u957f\u5ea6\u548c\u7ed3\u6784\uff0c\u6bd4\u5982\u4e00\u4e2a GET \u8bf7\u6c42\uff0cURI \u662f \/pixel.gif<\/code> \u8fd9\u7c7b\u770b\u4f3c\u6b63\u5e38\u7684\u8def\u5f84\uff0c\u4f46\u5982\u679c\u4f60\u5728 Wireshark \u91cc\u8bbe\u7f6e http.time_delta > 50<\/code> \u8fc7\u6ee4\u51fa\u54cd\u5e94\u95f4\u9694\u8d85\u8fc7 50 \u79d2\u7684\u5305\uff0c\u5c31\u80fd\u628a\u8fd9\u4e9b\u201c\u6162\u5fc3\u8df3\u201d\u63ea\u51fa\u6765\u3002\u66f4\u9ad8\u7ea7\u7684\u662f\uff0c\u7ea2\u961f\u4f1a\u4f7f\u7528 Malleable C2 Profiles<\/strong> \u5f7b\u5e95\u6539\u9020\u6d41\u91cf\u7279\u5f81\uff0c\u6bd4\u5982\u628a Beacon \u901a\u4fe1\u4f2a\u88c5\u6210 Microsoft Update \u7684\u6d41\u91cf\uff0c\u5305\u62ec\u4fee\u6539 UA \u4e3a \u201cWindows-Update-Agent\u201d\uff0c\u4fee\u6539 POST \u7684\u6570\u636e\u683c\u5f0f\u4e3a XML \u7b49\u7b49\u3002<\/p>\n\n\n\n\u5bf9\u4e8e MSF\uff0c\u5176\u9ed8\u8ba4\u751f\u6210\u7684 Meterpreter Payload \u5728 reverse_http \u6a21\u5f0f\u4e0b\uff0c\u6d41\u91cf\u4e2d\u6709\u56fa\u5b9a\u7684 \u201cFirefox\u201d UA \u5934\uff08\u5373\u4f7f\u662f\u5728 Windows \u4e0a\uff09\uff0c\u800c\u4e14\u521d\u59cb\u7684\u51e0\u8f6e GET\/POST \u8bf7\u6c42\u7684 URI \u662f\u968f\u673a\u5b57\u7b26\u4e32\uff0c\u4f46\u957f\u5ea6\u548c\u7ed3\u6784\u6709\u89c4\u5f8b\u3002MSF \u81ea\u5e26\u7684 SSL \u8bc1\u4e66\u4e5f\u662f\u516c\u5f00\u7279\u5f81\uff0c\u5982\u679c\u4f60\u770b\u5230\u67d0\u4e2a HTTPS \u6d41\u91cf\u7684\u8bc1\u4e66\u5e8f\u5217\u53f7\u662f\u7279\u5b9a\u7684\u503c\uff0c\u6216\u8005\u8bc1\u4e66\u8be6\u60c5\u91cc\u51fa\u73b0 \u201cMetasploit\u201d\uff0c\u57fa\u672c\u53ef\u4ee5\u65ad\u5b9a\u662f MSF \u5728\u901a\u4fe1\u3002<\/p>\n\n\n\n
\u7ea2\u961f\u5982\u4f55\u4fee\u6539\u7279\u5f81\uff1a\u5bf9\u6297\u84dd\u961f\u7814\u5224<\/h4>\n\n\n\n
\u4e3a\u4e86\u8eb2\u907f\u68c0\u6d4b\uff0c\u7ea2\u961f\u4f1a\u82b1\u5927\u91cf\u7cbe\u529b\u505a\u201c\u53cd\u6eaf\u6e90\u201d\u548c\u201c\u6d41\u91cf\u52a0\u5bc6\u201d\u3002\u4ee5 CS \u4e3a\u4f8b\uff0c\u4ed6\u4eec\u4f1a\u7528 keytool<\/code> \u547d\u4ee4\u91cd\u65b0\u751f\u6210\u8bc1\u4e66\uff0c\u5c06\u8bc1\u4e66\u7684 CN\uff08Common Name\uff09\u6539\u4e3a www.baidu.com<\/code> \u8fd9\u79cd\u6b63\u5e38\u57df\u540d\uff0c\u6709\u6548\u671f\u6539\u4e3a 1 \u5e74\uff0c\u6d88\u9664\u539f\u6709\u7684\u7279\u5f81\u3002\u8fd8\u4f1a\u901a\u8fc7\u7f16\u5199 Profile \u6587\u4ef6\u4fee\u6539\u5fc3\u8df3\u5305\u7684 URI\u3001Cookie \u7684\u5b57\u6bb5\u540d\uff0c\u751a\u81f3\u628a C2 \u6d41\u91cf\u85cf\u5230 CDN \u540e\u9762\uff0c\u8ba9\u84dd\u961f\u8ffd\u8e2a\u5230\u7684 IP \u662f Cloudflare \u7684\u8282\u70b9\uff0c\u800c\u975e\u771f\u6b63\u7684\u670d\u52a1\u5668\u3002<\/p>\n\n\n\nMSF \u5219\u53ef\u4ee5\u901a\u8fc7 auxiliary\/gather\/impersonate_ssl<\/code> \u6a21\u5757\uff0c\u76f4\u63a5\u4ece\u767e\u5ea6\u7b49\u6b63\u89c4\u7f51\u7ad9\u514b\u9686\u4e00\u4e2a\u8bc1\u4e66\uff0c\u52a0\u8f7d\u5230\u76d1\u542c\u5668\u4e2d\uff0c\u8fd9\u6837\u6d41\u91cf\u52a0\u5bc6\u5c42\u7684\u8bc1\u4e66\u5c31\u548c\u6b63\u5e38\u7f51\u7ad9\u4e00\u6a21\u4e00\u6837\uff0c\u8bc1\u4e66\u6307\u7eb9\u544a\u8b66\u5c31\u4f1a\u5931\u6548\u3002\u6b64\u5916\uff0c\u7ea2\u961f\u8fd8\u4f1a\u7528 DNS Tunnel<\/strong> \u6280\u672f\uff0c\u628a\u6570\u636e\u5207\u5206\u6210\u5c0f\u5757\uff0c\u585e\u8fdb DNS \u7684 TXT \u8bb0\u5f55\u67e5\u8be2\u91cc\uff0c\u56e0\u4e3a\u9632\u706b\u5899\u901a\u5e38\u4f1a\u653e\u884c DNS\uff0c\u8fd9\u79cd\u6d41\u91cf\u5982\u679c\u4e0d\u505a\u6df1\u5ea6\u5185\u5bb9\u68c0\u67e5\uff0c\u5f88\u96be\u53d1\u73b0\u6709\u4eba\u5728\u7528 DNS \u4f20\u8f93\u6570\u636e\u3002<\/p>\n\n\n\nMermaid \u56fe\u8868\uff1a\u7ea2\u961f\u5de5\u5177\u6d41\u91cf\u7279\u5f81\u7684\u5bf9\u6297\u6f14\u5316<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5c55\u793a\u4e86\u7ea2\u961f\u4e0e\u84dd\u961f\u5728\u6d41\u91cf\u7279\u5f81\u4e0a\u7684\u201c\u519b\u5907\u7ade\u8d5b\u201d\u3002\u4ece\u5de6\u5230\u53f3\uff1a\u7ea2\u961f\u4ece\u4f7f\u7528\u9ed8\u8ba4\u5de5\u5177\uff08\u4ea7\u751f\u660e\u663e\u7279\u5f81\uff09\uff0c\u5230\u84dd\u961f\u68c0\u6d4b\u5e76\u62e6\u622a\uff0c\u5012\u903c\u7ea2\u961f\u4fee\u6539\u7279\u5f81\uff08\u5982\u66ff\u6362\u8bc1\u4e66\uff09\uff0c\u4f7f\u6d41\u91cf\u8d8b\u8fd1\u6b63\u5e38\u3002\u84dd\u961f\u968f\u4e4b\u5347\u7ea7\u68c0\u6d4b\u624b\u6bb5\u5230\u884c\u4e3a\u5206\u6790\uff0c\u7ea2\u961f\u5219\u8fdb\u4e00\u6b65\u5229\u7528 CDN \u7b49\u57fa\u7840\u8bbe\u65bd\u9690\u85cf\u771f\u5b9e IP\u3002\u989c\u8272\u6df1\u6d45\u4ee3\u8868\u5bf9\u6297\u7684\u5347\u7ea7\u5c42\u6b21\u3002<\/p>\n\n\n\n
\u84dd\u961f\u6d41\u91cf\u7814\u5224\uff1aWireshark\u5b9e\u6218\u4e0e\u653b\u51fb\u8fd8\u539f<\/h3>\n\n\n\n
\u4f5c\u4e3a\u84dd\u961f\uff0c\u6211\u4eec\u62ff\u5230\u4e00\u4e2a PCAP \u6587\u4ef6\u540e\uff0c\u600e\u4e48\u4ece\u6d77\u91cf\u6570\u636e\u5305\u4e2d\u627e\u5230\u90a3\u6839\u201c\u9488\u201d\uff1f\u6838\u5fc3\u65b9\u6cd5\u8bba\u662f\uff1a\u5148\u5b8f\u89c2\uff0c\u540e\u5fae\u89c2<\/strong>\u3002\u5148\u7528\u7edf\u8ba1\u5de5\u5177\u770b\u6574\u4f53\u8f6e\u5ed3\uff0c\u518d\u8fc7\u6ee4\u51fa\u53ef\u7591\u4f1a\u8bdd\u9010\u5305\u5206\u6790\u3002<\/p>\n\n\n\n\u7b2c\u4e00\u6b65\uff1a\u5b8f\u89c2\u5206\u6790\u2014\u2014\u534f\u8bae\u5206\u7ea7\u4e0e\u4f1a\u8bdd\u7edf\u8ba1<\/h4>\n\n\n\n
\u7528 Wireshark \u6253\u5f00\u6355\u83b7\u6587\u4ef6\u540e\uff0c\u5148\u4e0d\u8981\u6025\u7740\u7ffb\u5305\u3002\u70b9\u51fb \u7edf\u8ba1 -> \u534f\u8bae\u5206\u7ea7<\/strong>\uff0c\u8fd9\u91cc\u4f1a\u663e\u793a\u5404\u79cd\u534f\u8bae\u7684\u6bd4\u4f8b\u3002\u5982\u679c\u4e00\u4e2a PCAP \u91cc ARP \u534f\u8bae\u5360\u6bd4\u5f02\u5e38\u9ad8\uff0c\u53ef\u80fd\u662f\u5185\u7f51\u626b\u63cf\uff1b\u5982\u679c HTTP \u5360\u6bd4\u6781\u5c11\uff0c\u800c HTTPS \u6d41\u91cf\u5360 90% \u4ee5\u4e0a\uff0c\u90a3\u5c31\u8981\u91cd\u70b9\u770b\u770b\u8fd9\u4e9b TLS \u6d41\u7684\u8bc1\u4e66\u548c SNI\uff08\u670d\u52a1\u5668\u540d\u79f0\u6307\u793a\uff09\u3002\u63a5\u7740\u70b9\u51fb \u7edf\u8ba1 -> \u4f1a\u8bdd<\/strong>\uff0c\u53ef\u4ee5\u6309 IPv4 \u5730\u5740\u5bf9\u6392\u5e8f\uff0c\u67e5\u770b\u54ea\u4e2a IP \u5bf9\u4e4b\u95f4\u901a\u4fe1\u91cf\u6700\u5927\u3001\u8fde\u63a5\u6570\u6700\u591a\u3002\u5982\u679c\u5185\u7f51\u4e00\u53f0\u670d\u52a1\u5668\u5bf9\u516c\u7f51\u67d0\u4e2a IP \u4ea7\u751f\u4e86\u5927\u91cf\u957f\u8fde\u63a5\uff0c\u4e14\u4e0a\u4e0b\u884c\u5b57\u8282\u6570\u4e0d\u5bf9\u79f0\uff08\u6bd4\u5982\u4e0a\u884c\u5f88\u5c0f\uff0c\u4e0b\u884c\u5f88\u5927\uff0c\u53ef\u80fd\u662f\u4e0b\u8f7d\u6570\u636e\uff1b\u6216\u8005\u4e0a\u884c\u5f88\u5927\uff0c\u4e0b\u884c\u5f88\u5c0f\uff0c\u53ef\u80fd\u662f\u6570\u636e\u6cc4\u9732\uff09\uff0c\u8fd9\u5c31\u662f\u9ad8\u5371\u7ebf\u7d22\u3002<\/p>\n\n\n\n\u7b2c\u4e8c\u6b65\uff1a\u8fc7\u6ee4\u53ef\u7591\u6d41\u91cf\u2014\u2014\u7cbe\u51c6\u5b9a\u4f4d\u653b\u51fb<\/h4>\n\n\n\n
\u6839\u636e\u4e0a\u4e00\u8bb2\u7684\u8bf7\u6c42\u5934\u77e5\u8bc6\uff0c\u6211\u4eec\u53ef\u4ee5\u6784\u5efa\u5f3a\u5927\u7684\u8fc7\u6ee4\u8868\u8fbe\u5f0f\u3002\u5047\u8bbe\u6000\u7591\u6709 SQL \u6ce8\u5165\uff0c\u53ef\u4ee5\u7528 http.request.uri matches \".*(select|union|insert).*\"<\/code> \u8fc7\u6ee4\u51fa URI \u91cc\u5305\u542b SQL \u5173\u952e\u5b57\u7684\u8bf7\u6c42\u3002\u5982\u679c\u6000\u7591\u662f WebShell \u901a\u4fe1\uff0c\u6bd4\u5982\u8681\u5251\u7684\u6d41\u91cf\uff0c\u5176 POST \u6570\u636e\u901a\u5e38\u7ecf\u8fc7 base64 \u7f16\u7801\uff0c\u5e76\u4e14\u6709\u56fa\u5b9a\u7684\u53c2\u6570\u540d\uff08\u5982 cmd<\/code>\uff09\uff0c\u53ef\u4ee5\u7528 http.request.method == \"POST\" && http contains \"cmd\"<\/code> \u6765\u8fc7\u6ee4\u3002\u5bf9\u4e8e\u53cd\u5f39 shell\uff0c\u6bd4\u5982\u7528 NC\uff08Netcat\uff09\u53cd\u5f39\u7684\u660e\u6587 shell\uff0c\u6d41\u91cf\u7279\u5f81\u975e\u5e38\u660e\u663e\uff1a\u5728\u4e00\u6bb5 TCP \u6d41\u4e2d\uff0c\u80fd\u770b\u5230\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u547d\u4ee4\uff08\u5982 whoami<\/code>\uff09\uff0c\u7d27\u63a5\u7740\u670d\u52a1\u5668\u8fd4\u56de\u547d\u4ee4\u7ed3\u679c\uff0c\u5b8c\u5168\u660e\u6587\u3002\u8fc7\u6ee4\u65f6\u53ef\u4ee5\u5c1d\u8bd5 tcp contains \"whoami\"<\/code> \u6216 tcp contains \"\/bin\/sh\"<\/code> \u8fd9\u7c7b\u5173\u952e\u8bcd\u3002<\/p>\n\n\n\n\u4e3e\u4e00\u4e2a\u5177\u4f53\u573a\u666f\uff1a\u5206\u6790\u4e00\u4e2a NC \u53cd\u5f39 shell \u7684\u6570\u636e\u5305\u3002\u53d7\u5bb3\u8005 IP 192.168.1.100 \u4e3b\u52a8\u8fde\u63a5\u653b\u51fb\u8005 IP 192.168.1.200 \u7684 8888 \u7aef\u53e3\u3002\u5728 Wireshark \u4e2d\u8fc7\u6ee4 ip.addr == 192.168.1.200 and tcp.port == 8888<\/code>\u3002\u8ddf\u8e2a TCP \u6d41\uff08\u53f3\u952e -> \u8ffd\u8e2a\u6d41 -> TCP Stream\uff09\uff0c\u4f60\u4f1a\u770b\u5230\u7c7b\u4f3c\u4e0b\u9762\u7684\u4ea4\u4e92\uff1a<\/p>\n\n\n\nwhoami\ndesktop-abc\\user\nipconfig\n\nWindows IP Configuration\n...\uff08\u7f51\u7edc\u914d\u7f6e\u4fe1\u606f\uff09<\/code><\/pre>\n\n\n\n\u8fd9\u5c31\u662f\u5178\u578b\u7684\u660e\u6587\u53cd\u5f39 shell \u7279\u5f81\u3002\u800c\u5982\u679c\u662f\u52a0\u5bc6\u7684 C2 \u6d41\u91cf\uff0c\u6bd4\u5982 CS \u7684 Beacon\uff0c\u4f60\u8ffd\u8e2a TCP \u6d41\u770b\u5230\u7684\u4f1a\u662f\u4e71\u7801\uff0c\u4f46\u53ef\u4ee5\u901a\u8fc7 TLS \u63e1\u624b\u7ec6\u8282<\/strong> \u6765\u5224\u65ad\uff1a\u67e5\u770b\u670d\u52a1\u5668\u7684\u8bc1\u4e66\uff0c\u5982\u679c\u8bc1\u4e66\u7684 CN \u662f\u968f\u673a\u5b57\u7b26\u4e32\uff0c\u6216\u8005\u9881\u53d1\u8005\u662f unknown\uff0c\u5e76\u4e14 JA3 \u6307\u7eb9\uff08\u4e00\u79cd TLS \u5ba2\u6237\u7aef\u6307\u7eb9\uff09\u5339\u914d\u5df2\u77e5\u6076\u610f\u6307\u7eb9\u5e93\uff0c\u5c31\u9ad8\u5ea6\u53ef\u7591\u3002<\/p>\n\n\n\n\u7b2c\u4e09\u6b65\uff1a\u63d0\u53d6\u4e0e\u9a8c\u8bc1\u2014\u2014\u8fd8\u539f\u653b\u51fb\u8f7d\u8377<\/h4>\n\n\n\n
\u5f53\u53d1\u73b0\u53ef\u7591\u7684 HTTP \u6d41\u91cf\u4e0b\u8f7d\u4e86\u4e00\u4e2a .exe<\/code> \u6216 .zip<\/code> \u6587\u4ef6\uff0c\u6211\u4eec\u53ef\u4ee5\u7528 Wireshark \u7684 \u5bfc\u51fa\u5bf9\u8c61<\/strong> \u529f\u80fd\u3002\u70b9\u51fb \u6587\u4ef6 -> \u5bfc\u51fa\u5bf9\u8c61 -> HTTP<\/strong>\uff0c\u4f1a\u5217\u51fa\u6240\u6709 HTTP \u4f20\u8f93\u7684\u6587\u4ef6\uff0c\u53ef\u4ee5\u76f4\u63a5\u4fdd\u5b58\u4e0b\u6765\u3002\u4fdd\u5b58\u540e\u7528\u6740\u6bd2\u8f6f\u4ef6\u626b\u63cf\uff0c\u6216\u8005\u4e0a\u4f20\u5230\u5fae\u6b65\u5728\u7ebf\u3001VirusTotal \u7b49\u5a01\u80c1\u60c5\u62a5\u5e73\u53f0\u8fdb\u884c\u5206\u6790\u3002\u5bf9\u4e8e SMB \u534f\u8bae\u4f20\u8f93\u7684\u6076\u610f\u6587\u4ef6\uff0c\u4e5f\u53ef\u4ee5\u5bfc\u51fa\u5bf9\u8c61\u3002<\/p>\n\n\n\n\u6700\u5bb9\u6613\u8e29\u7684\u5751<\/strong>\uff1a\u7b2c\u4e00\u4e2a\u662f\u6d41\u91cf\u592a\u5927\u65f6\u5fd8\u4e86\u7528\u663e\u793a\u8fc7\u6ee4\u5668\uff0c\u76f4\u63a5\u5728\u6570\u5343\u4e2a\u5305\u91cc\u7ffb\u627e\uff0c\u7ed3\u679c\u773c\u82b1\u4e86\u4e5f\u6ca1\u627e\u5230\uff1b\u7b2c\u4e8c\u4e2a\u662f\u9047\u5230\u52a0\u5bc6\u6d41\u91cf\u76f4\u63a5\u653e\u5f03\uff0c\u5176\u5b9e\u52a0\u5bc6\u6d41\u91cf\u4e5f\u53ef\u4ee5\u5206\u6790\u2014\u2014\u770b\u8bc1\u4e66\u3001\u770b\u63e1\u624b\u65f6\u7684 SNI \u57df\u540d\u3001\u770b\u6d41\u91cf\u7684\u5305\u957f\u5ea6\u5e8f\u5217\uff08\u5fc3\u8df3\u5305\u901a\u5e38\u5927\u5c0f\u56fa\u5b9a\uff09\u3001\u770b\u65f6\u95f4\u95f4\u9694\uff1b\u7b2c\u4e09\u4e2a\u662f\u5ffd\u7565\u65f6\u95f4\u6233\uff0c\u653b\u51fb\u8005\u5f80\u5f80\u5728\u51cc\u6668\u884c\u52a8\uff0c\u901a\u8fc7 \u89c6\u56fe -> \u65f6\u95f4\u663e\u793a\u683c\u5f0f<\/strong> \u8c03\u6574\u5230\u5408\u9002\u683c\u5f0f\uff0c\u6309\u65f6\u95f4\u6392\u5e8f\uff0c\u627e\u5230\u5f02\u5e38\u6d41\u91cf\u7206\u53d1\u7684\u65f6\u523b\uff0c\u518d\u5012\u63a8\u56de\u53bb\u5206\u6790\u3002<\/p>\n\n\n\n\u9a8c\u8bc1\u65b9\u6cd5<\/strong>\uff1a\u5f53\u4f60\u6000\u7591\u67d0\u6761\u6d41\u662f\u6076\u610f\u8f6f\u4ef6\u56de\u8fde\u65f6\uff0c\u53ef\u4ee5\u5728\u5a01\u80c1\u60c5\u62a5\u5e73\u53f0\u67e5\u8be2\u76ee\u7684 IP\uff0c\u770b\u662f\u5426\u88ab\u6807\u8bb0\u4e3a\u201cC2 Server\u201d\u6216\u201c\u6076\u610f\u4e3b\u673a\u201d\u3002\u4e5f\u53ef\u4ee5\u63d0\u53d6\u6d41\u91cf\u4e2d\u7684\u57df\u540d\uff0c\u67e5\u8be2\u5176\u5386\u53f2 DNS \u89e3\u6790\u8bb0\u5f55\u548c Whois \u4fe1\u606f\uff0c\u5982\u679c\u57df\u540d\u521a\u6ce8\u518c\u4e00\u4e2a\u6708\uff0c\u4e14\u6ce8\u518c\u4fe1\u606f\u9690\u85cf\uff0c\u5acc\u7591\u5c31\u5f88\u5927\u3002<\/p>\n\n\n\n\u4e0b\u4e00\u6b65\u64cd\u4f5c\u5efa\u8bae<\/strong>\uff1a\u5b8c\u6210\u6d41\u91cf\u7814\u5224\u540e\uff0c\u5982\u679c\u662f\u5e94\u6025\u54cd\u5e94\uff0c\u5e94\u7acb\u5373\u5728\u9632\u706b\u5899\u4e0a\u5c01\u9501 C2 \u7684 IP\uff0c\u5e76\u5728\u7ec8\u7aef\u4e0a\u9694\u79bb\u53d7\u5bb3\u4e3b\u673a\u3002\u540c\u65f6\uff0c\u5c06 IOC\uff08\u5a01\u80c1\u6307\u6807\uff0c\u5982 IP\u3001\u57df\u540d\u3001JA3 \u6307\u7eb9\uff09\u8f93\u5165\u5230\u5168\u6d41\u91cf\u8bbe\u5907\u6216 EDR \u4e2d\uff0c\u8fdb\u884c\u5168\u7f51\u5386\u53f2\u6570\u636e\u56de\u626b\uff0c\u770b\u662f\u5426\u6709\u5176\u4ed6\u4e3b\u673a\u5df2\u7ecf\u88ab\u611f\u67d3\u3002<\/p>\n\n\n\nMermaid \u56fe\u8868\uff1a\u84dd\u961f\u6d41\u91cf\u7814\u5224\u7684\u6807\u51c6\u6d41\u7a0b<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u662f\u84dd\u961f\u6d41\u91cf\u7814\u5224\u7684\u6807\u51c6\u64cd\u4f5c\u6d41\u7a0b\u3002\u4ece\u62ff\u5230 PCAP \u6587\u4ef6\u5f00\u59cb\uff0c\u5148\u505a\u5b8f\u89c2\u7edf\u8ba1\u5b9a\u4f4d\u53ef\u7591 IP \u6216\u534f\u8bae\uff0c\u518d\u901a\u8fc7\u7cbe\u51c6\u8fc7\u6ee4\u7f29\u5c0f\u8303\u56f4\uff0c\u7136\u540e\u8ffd\u8e2a\u6d41\u67e5\u770b\u5e94\u7528\u5c42\u6570\u636e\u3002\u6839\u636e\u662f\u5426\u52a0\u5bc6\u5206\u4e24\u6761\u8def\u5f84\u5904\u7406\uff0c\u6700\u540e\u90fd\u5c06\u53ef\u7591\u4fe1\u606f\u63d0\u4ea4\u5a01\u80c1\u60c5\u62a5\u5e73\u53f0\u9a8c\u8bc1\uff0c\u5f62\u6210\u6700\u7ec8\u7684\u5c01\u7981\u6216\u6eaf\u6e90\u51b3\u7b56\u3002\u84dd\u8272\u4ee3\u8868\u5206\u6790\u6b65\u9aa4\uff0c\u7eff\u8272\u4ee3\u8868\u660e\u6587\u5904\u7406\uff0c\u9ec4\u8272\u4ee3\u8868\u52a0\u5bc6\u5904\u7406\uff0c\u6a59\u8272\u4ee3\u8868\u8f93\u51fa\u52a8\u4f5c\u3002<\/p>\n\n\n\n
\u51b3\u7b56\u6307\u5357\uff1a\u4f55\u65f6\u5fc5\u987b\u505a\u6570\u636e\u5305\u5206\u6790\uff1f<\/h3>\n\n\n\n
\u4f5c\u4e3a\u5f00\u53d1\u8005\u6216\u8fd0\u7ef4\uff0c\u4f60\u5fc5\u987b<\/strong>\u8fdb\u884c\u6570\u636e\u5305\u5206\u6790\u7684\u60c5\u51b5\u4e3b\u8981\u6709\u4e09\u79cd\uff1a<\/p>\n\n\n\n\u7b2c\u4e00\uff0c\u544a\u8b66\u786e\u8ba4<\/strong>\u3002\u5f53 EDR\u3001\u6001\u52bf\u611f\u77e5\u5e73\u53f0\u6216 WAF \u53d1\u51fa\u9ad8\u5371\u544a\u8b66\uff08\u5982\u201cWebShell \u901a\u4fe1\u201d\u3001\u201cCobalt Strike \u56de\u8fde\u201d\uff09\uff0c\u4f60\u9700\u8981\u4e0b\u8f7d\u539f\u59cb PCAP \u5305\u8fdb\u884c\u4eba\u5de5\u590d\u73b0\uff0c\u786e\u8ba4\u662f\u5426\u8bef\u62a5\uff0c\u5e76\u8fd8\u539f\u653b\u51fb\u8def\u5f84\u3002\u8fd9\u662f\u84dd\u961f\u7684\u65e5\u5e38\u6838\u5fc3\u5de5\u4f5c\u3002<\/p>\n\n\n\n\u7b2c\u4e8c\uff0c\u65e5\u5fd7\u4e0d\u8db3\u65f6\u6eaf\u6e90<\/strong>\u3002\u5982\u679c\u670d\u52a1\u5668\u88ab\u5165\u4fb5\uff0c\u4f46\u7cfb\u7edf\u65e5\u5fd7\u88ab\u6e05\u9664\uff0c\u53ea\u5269\u4e0b\u7f51\u7edc\u8bbe\u5907\u91cc\u7684 NetFlow \u6216\u6293\u5305\u6587\u4ef6\uff0c\u90a3\u4e48\u6570\u636e\u5305\u5206\u6790\u5c31\u6210\u4e86\u552f\u4e00\u80fd\u8fd8\u539f\u653b\u51fb\u8005\u624b\u6cd5\u7684\u9014\u5f84\u3002\u4f60\u53ef\u4ee5\u901a\u8fc7\u5206\u6790\u627e\u5230\u653b\u51fb\u8005\u4e0a\u4f20\u7684 WebShell \u6587\u4ef6\u540d\u3001\u4e0b\u8f7d\u7684\u6728\u9a6c\uff0c\u751a\u81f3\u901a\u8fc7 HTTP \u5934\u91cc\u7684 X-Forwarded-For \u627e\u5230\u653b\u51fb\u8005\u7684\u771f\u5b9e IP\u3002<\/p>\n\n\n\n\u7b2c\u4e09\uff0c0day \u6f0f\u6d1e\u6355\u83b7<\/strong>\u3002\u5f53\u6000\u7591\u906d\u53d7\u672a\u77e5\u6f0f\u6d1e\u653b\u51fb\uff0c\u4f46\u5b89\u5168\u8bbe\u5907\u6ca1\u6709\u89c4\u5219\u65f6\uff0c\u901a\u8fc7\u6293\u53d6\u8fdb\u51fa\u670d\u52a1\u5668\u7684\u5168\u6d41\u91cf\uff0c\u5728\u4e8b\u540e\u7528 Wireshark \u9010\u5305\u5206\u6790\u5f02\u5e38\u7684 payload \u7ed3\u6784\uff0c\u53ef\u4ee5\u9006\u5411\u51fa\u653b\u51fb\u4ee3\u7801\u3002<\/p>\n\n\n\n\u4ec0\u4e48\u60c5\u51b5\u4e0b\u66ff\u4ee3\u65b9\u6848\u591f\u7528\uff1f\u5982\u679c\u53ea\u662f\u6392\u67e5\u5e94\u7528\u5c42\u7684\u8bbf\u95ee\u5f02\u5e38\uff0c\u67e5\u770b Web \u670d\u52a1\u5668\u65e5\u5fd7\uff08access log\uff09\u548c\u9519\u8bef\u65e5\u5fd7\u901a\u5e38\u662f\u66f4\u5feb\u7684\u9009\u62e9\uff0c\u56e0\u4e3a\u5b83\u4eec\u5df2\u7ecf\u63d0\u4f9b\u4e86\u8bf7\u6c42\u65b9\u6cd5\u3001\u72b6\u6001\u7801\u3001\u54cd\u5e94\u65f6\u95f4\u7b49\u7ed3\u6784\u5316\u4fe1\u606f\u3002\u53e6\u5916\uff0c\u5982\u679c\u516c\u53f8\u90e8\u7f72\u4e86 NTA\uff08\u7f51\u7edc\u6d41\u91cf\u5206\u6790\uff09\u8bbe\u5907\uff0c\u5b83\u4eec\u4f1a\u81ea\u52a8\u63d0\u53d6\u6d41\u91cf\u5143\u6570\u636e\u5e76\u505a\u5a01\u80c1\u68c0\u6d4b\uff0c\u65e5\u5e38\u76d1\u6d4b\u53ef\u4ee5\u4f9d\u8d56\u8fd9\u4e9b\u5e73\u53f0\u7684\u544a\u8b66\uff0c\u53ea\u6709\u6df1\u5165\u8c03\u67e5\u65f6\u624d\u9700\u8981\u624b\u52a8\u6570\u636e\u5305\u5206\u6790\u3002<\/p>\n\n\n\n
\u603b\u4e4b\uff0c\u6570\u636e\u5305\u5206\u6790\u662f\u7f51\u7edc\u5b89\u5168\u9886\u57df\u7684\u201c\u5e95\u5c42\u80fd\u529b\u201d\uff0c\u5b83\u8ba9\u4f60\u4ece\u4f9d\u8d56\u544a\u8b66\u7684\u201c\u88ab\u52a8\u9632\u5fa1\u8005\u201d\uff0c\u6210\u957f\u4e3a\u80fd\u770b\u89c1\u653b\u51fb\u8005\u6bcf\u4e00\u4e2a\u52a8\u4f5c\u7684\u201c\u4e3b\u52a8\u6eaf\u6e90\u8005\u201d\u3002\u7ed3\u5408\u4e0a\u4e00\u8bb2\u7684\u8bf7\u6c42\u5934\u77e5\u8bc6\uff0c\u4f60\u73b0\u5728\u5df2\u7ecf\u80fd\u8bfb\u61c2 HTTP \u7684\u201c\u4e66\u4fe1\u5185\u5bb9\u201d\uff0c\u53c8\u80fd\u4ece\u6570\u636e\u5305\u5c42\u9762\u770b\u89c1\u201c\u90ae\u5dee\u9001\u4fe1\u7684\u5168\u8fc7\u7a0b\u201d\u2014\u2014\u8fd9\u4e24\u8005\u7ed3\u5408\u8d77\u6765\uff0c\u4f60\u5c31\u80fd\u5728\u6784\u5efa\u5b89\u5168\u5e94\u7528\u65f6\uff0c\u65e2\u8003\u8651\u6b63\u786e\u7684\u8bed\u4e49\uff0c\u53c8\u80fd\u9884\u5224\u653b\u51fb\u6d41\u91cf\u53ef\u80fd\u51fa\u73b0\u7684\u75d5\u8ff9\u3002<\/p>\n\n\n\n
\u6570\u636e\u5305\u6784\u9020-Reqable\u81ea\u5b9a\u4e49\u6dfb\u52a0\u4fee\u6539\u8bf7\u6c42<\/h2>\n\n\n\n
\u5982\u679c\u8bf4\u4e0a\u4e00\u8bb2\u7684\u201c\u6570\u636e\u5305\u5206\u6790\u201d\u662f\u8ba9\u4f60\u6210\u4e3a\u80fd\u770b\u61c2\u76d1\u63a7\u5f55\u50cf\u7684\u5b89\u4fdd\u4e13\u5bb6\uff0c\u90a3\u4e48\u8fd9\u4e00\u8bb2\u7684\u201c\u6570\u636e\u5305\u6784\u9020\u201d\u5c31\u662f\u8ba9\u4f60\u6210\u4e3a\u80fd\u81ea\u5df1\u7f16\u5199\u5267\u672c\u7684\u5bfc\u6f14\u3002\u4f60\u4e0d\u518d\u662f\u88ab\u52a8\u5730\u89c2\u5bdf\u6d41\u91cf\uff0c\u800c\u662f\u4e3b\u52a8\u5730\u6784\u9020\u8bf7\u6c42\uff0c\u53bb\u6d4b\u8bd5\u670d\u52a1\u5668\u7684\u53cd\u5e94\u3001\u590d\u73b0\u6f0f\u6d1e\u3001\u6216\u8005\u8c03\u8bd5\u63a5\u53e3\u7684\u8fb9\u754c\u60c5\u51b5\u3002\u8fd9\u5c31\u50cf\u53a8\u5e08\u505a\u83dc\u65f6\u4e0d\u4ec5\u8981\u4f1a\u54c1\u5c1d\uff08\u5206\u6790\uff09\uff0c\u66f4\u8981\u4f1a\u6839\u636e\u53e3\u5473\u8c03\u6574\u4f50\u6599\uff08\u6784\u9020\uff09\u3002Reqable<\/strong>\uff08\u6c5f\u6e56\u4eba\u79f0\u201c\u5c0f\u9ec4\u9e1f\u201d\uff09\u5c31\u662f\u8fd9\u6837\u4e00\u628a\u8ba9\u4f60\u968f\u5fc3\u6240\u6b32\u201c\u8c03\u5236\u201dHTTP\u6570\u636e\u5305\u7684\u745e\u58eb\u519b\u5200\u2014\u2014\u5b83\u65e2\u80fd\u6293\u5305\u5206\u6790\uff0c\u66f4\u5f3a\u5927\u7684\u529f\u80fd\u662f\u8ba9\u4f60\u81ea\u5b9a\u4e49\u6784\u9020\u8bf7\u6c42\u3001\u4fee\u6539\u8bf7\u6c42\u5934\u548c\u8bf7\u6c42\u4f53\uff0c\u751a\u81f3\u7f16\u5199\u811a\u672c\u81ea\u52a8\u5316\u5904\u7406\u6d41\u91cf\u3002<\/p>\n\n\n\nReqable\uff1aHTTP\u6570\u636e\u5305\u7684\u201c\u8c03\u8bd5\u5de5\u4f5c\u53f0\u201d<\/h3>\n\n\n\n
Reqable\u89e3\u51b3\u7684\u6838\u5fc3\u95ee\u9898\uff0c\u662f\u8ba9\u5f00\u53d1\u8005\u80fd\u591f\u50cf\u7a0b\u5e8f\u5458\u8c03\u8bd5\u4ee3\u7801\u4e00\u6837\uff0c\u5355\u6b65\u8c03\u8bd5HTTP\u8bf7\u6c42\u3002\u5728\u5b9e\u9645\u5f00\u53d1\u4e2d\uff0c\u4f60\u53ef\u80fd\u4f1a\u9047\u5230\u8fd9\u6837\u7684\u573a\u666f\uff1a\u540e\u7aef\u63a5\u53e3\u6587\u6863\u8bf4\u201c\u4f20\u8fd9\u4e2a\u53c2\u6570\u4f1a\u8fd4\u56de\u7279\u5b9a\u6570\u636e\u201d\uff0c\u4f46\u4f60\u7528\u6d4f\u89c8\u5668\u8bbf\u95ee\u65f6\u5374\u603b\u662f\u62a5\u9519\uff1b\u6216\u8005\u4f60\u6000\u7591\u67d0\u4e2a\u8bf7\u6c42\u5934\uff08\u6bd4\u5982Authorization\uff09\u5199\u9519\u4e86\uff0c\u4f46\u4e0d\u60f3\u91cd\u65b0\u7f16\u8bd1\u6574\u4e2a\u524d\u7aef\u5e94\u7528\u53bb\u6d4b\u8bd5\u3002\u8fd9\u65f6\u5019\uff0c\u4f60\u5c31\u9700\u8981\u4e00\u4e2a\u5de5\u5177\u80fd\u8ba9\u4f60\u81ea\u7531\u5730\u7ec4\u5408\u8bf7\u6c42\u65b9\u6cd5\u3001URL\u3001\u8bf7\u6c42\u5934\u3001\u8bf7\u6c42\u4f53\uff0c\u50cf\u642d\u79ef\u6728\u4e00\u6837\u62fc\u51fa\u4e00\u4e2a\u6570\u636e\u5305\uff0c\u7136\u540e\u7acb\u523b\u53d1\u9001\u51fa\u53bb\u770b\u670d\u52a1\u5668\u53cd\u5e94\u3002Reqable\u5c31\u662f\u8fd9\u6837\u4e00\u4e2a\u5de5\u5177\uff0c\u5b83\u628a\u201c\u6784\u9020-\u53d1\u9001-\u5206\u6790-\u4fee\u6539-\u91cd\u53d1\u201d\u7684\u95ed\u73af\u96c6\u6210\u5728\u4e00\u4e2a\u754c\u9762\u91cc\uff0c\u8ba9\u4f60\u80fd\u50cf\u8c03\u8bd5\u4ee3\u7801\u4e00\u6837\u8c03\u8bd5HTTP\u534f\u8bae\u3002<\/p>\n\n\n\n
\u5728\u7cfb\u7edf\u7ed3\u6784\u4e2d\uff0cReqable\u626e\u6f14\u4e86\u4e24\u4e2a\u89d2\u8272\uff1a\u6b63\u5411\u4ee3\u7406<\/strong>\u548cHTTP\u5ba2\u6237\u7aef<\/strong>\u3002\u4f5c\u4e3a\u4ee3\u7406\uff0c\u5b83\u5904\u4e8e\u5ba2\u6237\u7aef\uff08\u6d4f\u89c8\u5668\/APP\uff09\u548c\u670d\u52a1\u5668\u4e4b\u95f4\uff0c\u53ef\u4ee5\u62e6\u622a\u5e76\u4fee\u6539\u6d41\u91cf\uff08\u8fd9\u662f\u4e0a\u4e00\u8bb2\u201c\u6570\u636e\u5305\u5206\u6790\u201d\u7684\u573a\u666f\uff09\uff1b\u4f5c\u4e3aHTTP\u5ba2\u6237\u7aef\uff0c\u5b83\u76f4\u63a5\u66ff\u4ee3\u6d4f\u89c8\u5668\u5411\u670d\u52a1\u5668\u53d1\u9001\u8bf7\u6c42\uff0c\u4f60\u53ef\u4ee5\u5b8c\u5168\u63a7\u5236\u8bf7\u6c42\u7684\u6bcf\u4e00\u4e2a\u5b57\u8282\u3002\u8fd9\u4e0e\u6211\u4eec\u7b2c\u4e00\u8bb2\u5b66\u7684\u5185\u5bb9\u4e00\u8109\u76f8\u627f\uff1a\u7b2c\u4e00\u8bb2\u6211\u4eec\u662f\u7528\u4ee3\u7801\uff08fetch\u3001axios\uff09\u6784\u9020\u8bf7\u6c42\uff0c\u90a3\u662f\u201c\u7f16\u7a0b\u5f0f\u201d\u7684\uff1b\u800c\u7528Reqable\u6784\u9020\u8bf7\u6c42\uff0c\u662f\u201c\u53ef\u89c6\u5316\u201d\u7684\u2014\u2014\u4f60\u4e0d\u518d\u9700\u8981\u5199\u4ee3\u7801\uff0c\u53ea\u9700\u70b9\u70b9\u9f20\u6807\u5c31\u80fd\u751f\u6210\u4e00\u4e2a\u5b8c\u6574\u7684HTTP\u6570\u636e\u5305\u3002<\/p>\n\n\n\n\u4e3a\u4ec0\u4e48\u9700\u8981\u8fd9\u6837\u4e00\u4e2a\u5de5\u5177\uff1f\u56e0\u4e3a\u5728\u5b9e\u9645\u7684\u5b89\u5168\u6d4b\u8bd5\u548c\u63a5\u53e3\u8c03\u8bd5\u4e2d\uff0c\u624b\u52a8\u4fee\u6539\u4ee3\u7801\u518d\u8fd0\u884c\u7684\u8fc7\u7a0b\u592a\u6162\u4e86\u3002\u6bd4\u5982\u4f60\u60f3\u6d4b\u8bd5\u4e00\u4e2aAPI\u5728\u7f3a\u5c11\u67d0\u4e2a\u8bf7\u6c42\u5934\u65f6\u7684\u884c\u4e3a\uff0c\u5982\u679c\u7528\u4ee3\u7801\u6539\uff0c\u5f97\u4fee\u6539\u6e90\u7801\u3001\u91cd\u542f\u670d\u52a1\u3001\u91cd\u65b0\u53d1\u9001\uff0c\u800c\u7528Reqable\uff0c\u4f60\u53ea\u9700\u8981\u5728\u754c\u9762\u4e0a\u5220\u9664\u90a3\u4e2a\u8bf7\u6c42\u5934\uff0c\u70b9\u51fb\u201c\u53d1\u9001\u201d\uff0c\u4e00\u79d2\u540e\u5c31\u80fd\u770b\u5230\u670d\u52a1\u5668\u7684\u8fd4\u56de\u3002\u8fd9\u79cd\u5373\u65f6\u53cd\u9988\u7684\u201c\u8bd5\u9519\u201d\u4f53\u9a8c\uff0c\u80fd\u6781\u5927\u63d0\u5347\u5f00\u53d1\u548c\u6d4b\u8bd5\u6548\u7387\u3002<\/p>\n\n\n\n
Mermaid \u56fe\u8868\uff1aReqable\u5728HTTP\u4ea4\u4e92\u4e2d\u7684\u89d2\u8272\u5b9a\u4f4d<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u5bf9\u6bd4\u4e86\u4f20\u7edf\u5f00\u53d1\u8c03\u8bd5\u6a21\u5f0f\u548c\u7528Reqable\u6784\u9020\u8bf7\u6c42\u7684\u6a21\u5f0f\u3002\u4e0a\u65b9\u4f20\u7edf\u6a21\u5f0f\u9700\u8981\u5728\u201c\u7f16\u5199\u4ee3\u7801-\u8fd0\u884c-\u67e5\u770b\u65e5\u5fd7\u201d\u4e4b\u95f4\u591a\u6b21\u5faa\u73af\uff1b\u4e0b\u65b9Reqable\u6a21\u5f0f\u5219\u76f4\u63a5\u6784\u9020\u5e76\u53d1\u9001\u8bf7\u6c42\uff0c\u6839\u636e\u54cd\u5e94\u5373\u65f6\u8c03\u6574\uff0c\u95ed\u73af\u66f4\u77ed\u3001\u53cd\u9988\u66f4\u5feb\u3002\u84dd\u8272\u4ee3\u8868\u6784\u9020\u73af\u8282\uff0c\u7eff\u8272\u4ee3\u8868\u5206\u6790\u73af\u8282\u3002<\/p>\n\n\n\n
Reqable\u6784\u9020\u8bf7\u6c42\uff1a\u50cf\u586b\u8868\u4e00\u6837\u7ec4\u88c5HTTP\u6570\u636e\u5305<\/h3>\n\n\n\n
Reqable\u7684\u8bf7\u6c42\u6784\u9020\u754c\u9762\uff0c\u672c\u8d28\u4e0a\u662f\u4e00\u4e2a\u53ef\u89c6\u5316\u7684HTTP\u6570\u636e\u5305\u7f16\u8f91\u5668\u3002\u5b83\u628a\u8bf7\u6c42\u884c\u3001\u8bf7\u6c42\u5934\u3001\u8bf7\u6c42\u4f53\u62c6\u5206\u6210\u6e05\u6670\u7684\u9009\u9879\u5361\uff0c\u8ba9\u4f60\u9010\u9879\u586b\u5199\u3002\u6211\u4eec\u6765\u770b\u770b\u600e\u4e48\u7528\u5b83\u81ea\u5b9a\u4e49\u6dfb\u52a0\u548c\u4fee\u6539\u8bf7\u6c42\u3002<\/p>\n\n\n\n
\u7b2c\u4e00\u6b65\uff1a\u9009\u62e9\u8bf7\u6c42\u65b9\u6cd5\u4e0e\u8f93\u5165URL<\/h4>\n\n\n\n
\u6253\u5f00Reqable\uff0c\u4f60\u4f1a\u770b\u5230\u4e00\u4e2a\u7b80\u6d01\u7684\u754c\u9762\u3002\u9876\u90e8\u662f\u8bf7\u6c42\u5730\u5740\u680f\uff0c\u4f60\u53ef\u4ee5\u5728\u8fd9\u91cc\u8f93\u5165\u5b8c\u6574\u7684URL\uff0c\u6bd4\u5982 https:\/\/api.example.com\/users<\/code>\u3002\u5de6\u4fa7\u4e0b\u62c9\u83dc\u5355\u53ef\u4ee5\u9009\u62e9\u8bf7\u6c42\u65b9\u6cd5\u2014\u2014GET\u3001POST\u3001PUT\u3001DELETE\u7b49\uff0cReqable\u652f\u6301\u6807\u51c6\u76849\u79cdHTTP\u65b9\u6cd5\uff0c\u751a\u81f3\u652f\u6301\u81ea\u5b9a\u4e49\u65b9\u6cd5\u540d\uff0c\u6bd4\u5982\u4f60\u53ef\u4ee5\u8f93\u5165 HELLO<\/code> \u8fd9\u79cd\u975e\u6807\u51c6\u65b9\u6cd5\uff0c\u8fd9\u5728\u6d4b\u8bd5\u67d0\u4e9b\u5947\u8469\u670d\u52a1\u5668\u5b9e\u73b0\u65f6\u5f88\u6709\u7528 \u3002<\/p>\n\n\n\n\u7b2c\u4e8c\u6b65\uff1a\u4fee\u6539\u8bf7\u6c42\u5934\u2014\u2014\u8868\u683c\u6a21\u5f0f\u4e0e\u6587\u672c\u6a21\u5f0f<\/h4>\n\n\n\n
\u70b9\u51fb\u201cHeaders\u201d\u9009\u9879\u5361\uff0c\u4f60\u5c31\u8fdb\u5165\u4e86\u8bf7\u6c42\u5934\u7f16\u8f91\u533a\u3002\u8fd9\u91cc\u6709\u4e24\u79cd\u6a21\u5f0f\uff1a\u8868\u683c\u6a21\u5f0f<\/strong>\u548c\u6587\u672c\u6a21\u5f0f<\/strong>\u3002<\/p>\n\n\n\n\u8868\u683c\u6a21\u5f0f\u662f\u6700\u76f4\u89c2\u7684\uff0c\u5b83\u50cfExcel\u8868\u683c\u4e00\u6837\uff0c\u6bcf\u4e00\u884c\u662f\u4e00\u4e2a\u8bf7\u6c42\u5934\u5b57\u6bb5\uff0c\u5de6\u8fb9\u5199Key\uff08\u5982 Content-Type<\/code>\uff09\uff0c\u53f3\u8fb9\u5199Value\uff08\u5982 application\/json<\/code>\uff09\u3002\u4f60\u53ef\u4ee5\u968f\u610f\u6dfb\u52a0\u3001\u5220\u9664\u3001\u4fee\u6539\u884c\u3002Reqable\u8fd8\u5f88\u8d34\u5fc3\u5730\u63d0\u4f9b\u4e86\u5185\u7f6e\u8bf7\u6c42\u5934<\/strong>\u529f\u80fd\uff0c\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u5b83\u4f1a\u81ea\u52a8\u586b\u5145\u5fc5\u8981\u7684\u8bf7\u6c42\u5934\u5982 Host<\/code>\u3001User-Agent<\/code>\u3001Connection<\/code> \u7b49\uff0c\u8fd9\u4e9b\u5185\u7f6e\u5934\u4ee5\u7070\u8272\u663e\u793a\uff0c\u4f60\u53ef\u4ee5\u70b9\u51fb\u5c0f\u773c\u775b\u56fe\u6807\u663e\u793a\u6216\u9690\u85cf\u5b83\u4eec \u3002\u5982\u679c\u60f3\u4fee\u6539\u5185\u7f6e\u5934\uff08\u6bd4\u5982\u628a\u9ed8\u8ba4\u7684 User-Agent: Reqable\/\u7248\u672c\u53f7<\/code> \u6539\u6210\u6d4f\u89c8\u5668\u7684UA\uff09\uff0c\u76f4\u63a5\u70b9\u51fb\u5e26\u9501\u56fe\u6807\u7684\u5b57\u6bb5\u65c1\u8fb9\u7684\u503c\uff0c\u89e3\u9501\u540e\u5373\u53ef\u4fee\u6539 \u3002\u5982\u679c\u9700\u8981\u6279\u91cf\u6dfb\u52a0\u6216\u4fee\u6539\uff0c\u53ef\u4ee5\u5207\u6362\u5230\u6587\u672c\u6a21\u5f0f\uff0c\u8fd9\u91cc\u6240\u6709\u8bf7\u6c42\u5934\u4ee5\u7eaf\u6587\u672c\u5f62\u5f0f\u5c55\u793a\uff0c\u4f60\u53ef\u4ee5\u4e00\u6b21\u590d\u5236\u7c98\u8d34\u591a\u884c \u3002\u7279\u522b\u7684\u662f\uff0c\u4f60\u53ef\u4ee5\u5728\u67d0\u4e00\u884c\u524d\u9762\u52a0 \/\/<\/code> \u6765\u6ce8\u91ca\u6389\u8fd9\u4e2a\u8bf7\u6c42\u5934\uff0c\u76f8\u5f53\u4e8e\u4e34\u65f6\u7981\u7528\u4f46\u4e0d\u5220\u9664\uff0c\u65b9\u4fbf\u6765\u56de\u5bf9\u6bd4\u6d4b\u8bd5 \u3002<\/p>\n\n\n\n\u5047\u8bbe\u6211\u4eec\u8981\u6a21\u62df\u4e00\u4e2a\u79fb\u52a8\u7aefAPP\u7684\u767b\u5f55\u8bf7\u6c42\uff0c\u9700\u8981\u6dfb\u52a0 Authorization<\/code> \u5934\u548c\u81ea\u5b9a\u4e49\u7684 X-APP-Version<\/code> \u5934\u3002\u5728\u8868\u683c\u6a21\u5f0f\u4e0b\uff0c\u6211\u4eec\u76f4\u63a5\u65b0\u589e\u4e24\u884c\uff0c\u6548\u679c\u5982\u4e0b \uff1a<\/p>\n\n\n\n\/\/ \u793a\u4f8b\u8bf7\u6c42\u5934\n{\n \"Content-Type\": \"application\/json\",\n \"Authorization\": \"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\",\n \"X-APP-Version\": \"3.2.1\"\n}<\/code><\/pre>\n\n\n\n\u7b2c\u4e09\u6b65\uff1a\u6784\u9020\u8bf7\u6c42\u4f53\u2014\u2014\u652f\u6301\u591a\u79cd\u6570\u636e\u683c\u5f0f<\/h4>\n\n\n\n
\u70b9\u51fb\u201cBody\u201d\u9009\u9879\u5361\uff0c\u8fd9\u91cc\u624d\u662fReqable\u7684\u7cbe\u534e\u6240\u5728\u3002\u5b83\u652f\u6301JSON\u3001\u6587\u672c\u3001XML\u3001\u8868\u5355\uff08Form\uff09\u3001Multipart\u3001\u6587\u4ef6<\/strong>\u516d\u79cd\u8bf7\u6c42\u4f53\u7c7b\u578b \u3002\u9009\u62e9\u4e0d\u540c\u7684\u7c7b\u578b\uff0cReqable\u4f1a\u81ea\u52a8\u5e2e\u4f60\u8bbe\u7f6e\u5bf9\u5e94\u7684 Content-Type<\/code> \u8bf7\u6c42\u5934\uff0c\u6bd4\u5982\u9009JSON\u5c31\u4f1a\u81ea\u52a8\u52a0\u4e0a Content-Type: application\/json<\/code> \u3002<\/p>\n\n\n\n\n- JSON\u7c7b\u578b<\/strong>\uff1a\u7f16\u8f91\u5668\u81ea\u5e26\u8bed\u6cd5\u9ad8\u4eae\u548c\u683c\u5f0f\u5316\uff0c\u4f60\u76f4\u63a5\u5199JSON\u5bf9\u8c61\uff0c\u6bd4\u5982
{\"username\":\"admin\",\"password\":\"123456\"}<\/code>\u3002\u5982\u679c\u4e0d\u60f3\u7528\u81ea\u52a8\u6dfb\u52a0\u7684 Content-Type<\/code>\uff0c\u53ef\u4ee5\u53d6\u6d88\u52fe\u9009\u5185\u7f6e\u7684 Content-Type<\/code>\uff0c\u7136\u540e\u624b\u52a8\u6dfb\u52a0\u4e00\u4e2a\u65b0\u7684\u8986\u76d6\u5b83 \u3002<\/li>\n\n\n\n- \u8868\u5355\u7c7b\u578b<\/strong>\uff1a\u7528\u4e8e
application\/x-www-form-urlencoded<\/code> \u683c\u5f0f\u7684\u6570\u636e\uff0c\u754c\u9762\u53d8\u6210\u952e\u503c\u5bf9\u8f93\u5165\uff0c\u9002\u5408\u6a21\u62df\u7f51\u9875\u8868\u5355\u63d0\u4ea4\u3002<\/li>\n\n\n\n- Multipart\u7c7b\u578b<\/strong>\uff1a\u8fd9\u662f\u6700\u5f3a\u5927\u7684\uff0c\u652f\u6301\u5728\u4e00\u4e2a\u8bf7\u6c42\u4f53\u91cc\u6df7\u5408\u6587\u672c\u548c\u6587\u4ef6\u3002\u4f60\u53ef\u4ee5\u6dfb\u52a0\u4e00\u4e2a\u201c\u6587\u672c\u5206\u90e8\u201d\u5199\u666e\u901a\u5b57\u6bb5\uff0c\u518d\u6dfb\u52a0\u4e00\u4e2a\u201c\u6587\u4ef6\u5206\u90e8\u201d\u4e0a\u4f20\u672c\u5730\u56fe\u7247\uff0cReqable\u4f1a\u81ea\u52a8\u751f\u6210\u6b63\u786e\u7684boundary\u5206\u9694\u7b26 \u3002\u8fd9\u5728\u6d4b\u8bd5\u6587\u4ef6\u4e0a\u4f20\u63a5\u53e3\u65f6\u6781\u5176\u65b9\u4fbf\u3002<\/li>\n\n\n\n
- \u6587\u4ef6\u7c7b\u578b<\/strong>\uff1a\u76f4\u63a5\u628a\u6587\u4ef6\u62d6\u62fd\u8fdb\u53bb\uff0cReqable\u4f1a\u6839\u636e\u6587\u4ef6\u7c7b\u578b\u81ea\u52a8\u63a8\u5bfc
Content-Type<\/code>\uff0c\u6bd4\u5982\u4f20 .png<\/code> \u6587\u4ef6\u5c31\u8bbe\u4e3a image\/png<\/code> \u3002<\/li>\n<\/ul>\n\n\n\n\u7b2c\u56db\u6b65\uff1a\u53d1\u9001\u8bf7\u6c42\u5e76\u67e5\u770b\u54cd\u5e94<\/h4>\n\n\n\n
\u586b\u597d\u6240\u6709\u4fe1\u606f\u540e\uff0c\u70b9\u51fb\u53f3\u4e0a\u89d2\u7684\u5927\u201c\u53d1\u9001\u201d\u6309\u94ae\u3002Reqable\u4f1a\u7acb\u523b\u5c06\u4f60\u6784\u9020\u7684\u6570\u636e\u5305\u53d1\u51fa\u53bb\uff0c\u5e76\u5728\u4e0b\u65b9\u533a\u57df\u5c55\u793a\u5b8c\u6574\u7684\u54cd\u5e94\uff1a\u72b6\u6001\u7801\u3001\u54cd\u5e94\u5934\u3001\u54cd\u5e94\u4f53\u3002\u54cd\u5e94\u4f53\u4f1a\u6839\u636e\u683c\u5f0f\u81ea\u52a8\u683c\u5f0f\u5316\uff08JSON\u4f1a\u7f29\u8fdb\u9ad8\u4eae\uff09\uff0c\u4f60\u53ef\u4ee5\u4e00\u76ee\u4e86\u7136\u5730\u770b\u5230\u670d\u52a1\u5668\u8fd4\u56de\u4e86\u4ec0\u4e48 \u3002\u5982\u679c\u7ed3\u679c\u4e0d\u5bf9\uff0c\u4f60\u53ef\u4ee5\u76f4\u63a5\u5728\u4e0a\u9762\u7684\u8bf7\u6c42\u533a\u57df\u4fee\u6539\u53c2\u6570\uff0c\u518d\u6b21\u53d1\u9001\uff0c\u6574\u4e2a\u8fc7\u7a0b\u6ca1\u6709\u7f16\u8bd1\u3001\u6ca1\u6709\u91cd\u542f\uff0c\u7eaf\u7cb9\u662f\u201c\u6240\u89c1\u5373\u6240\u5f97\u201d\u7684\u8c03\u8bd5\u4f53\u9a8c\u3002<\/p>\n\n\n\n
Mermaid \u56fe\u8868\uff1aReqable\u6784\u9020\u8bf7\u6c42\u7684\u6838\u5fc3\u529f\u80fd\u6a21\u5757<\/strong><\/p>\n\n\n\n<\/div><\/figure>\n\n\n\n\u8fd9\u5f20\u56fe\u662fReqable\u8bf7\u6c42\u6784\u9020\u529f\u80fd\u7684\u601d\u7ef4\u5bfc\u56fe\u3002\u4ece\u8bf7\u6c42\u6784\u9020\u5668\u51fa\u53d1\uff0c\u5206\u652f\u51fa\u8bf7\u6c42\u65b9\u6cd5\u3001URL\u3001\u8bf7\u6c42\u5934\u3001\u8bf7\u6c42\u4f53\u56db\u5927\u6a21\u5757\u3002\u8bf7\u6c42\u5934\u4e0b\u6709\u8868\u683c\/\u6587\u672c\/\u5185\u7f6e\u5934\u7ba1\u7406\u4e09\u79cd\u64cd\u4f5c\u65b9\u5f0f\uff1b\u8bf7\u6c42\u4f53\u4e0b\u6709\u516d\u79cd\u6570\u636e\u683c\u5f0f\uff1b\u6700\u7ec8\u6c47\u805a\u5230\u70b9\u51fb\u53d1\u9001\u5e76\u67e5\u770b\u54cd\u5e94\u3002\u8fd9\u5b8c\u6574\u5c55\u793a\u4e86Reqable\u4f5c\u4e3a\u53ef\u89c6\u5316HTTP\u5ba2\u6237\u7aef\u7684\u80fd\u529b\u8fb9\u754c\u3002<\/p>\n\n\n\n
\u5b9e\u6218\u573a\u666f\uff1a\u7528Reqable\u590d\u73b0\u63a5\u53e3\u6f0f\u6d1e\u6d4b\u8bd5<\/h3>\n\n\n\n
\u7406\u8bba\u8bf4\u5b8c\u4e86\uff0c\u6211\u4eec\u6765\u4e00\u4e2a\u771f\u5b9e\u7684\u573a\u666f\uff1a\u5047\u8bbe\u6211\u4eec\u8981\u6d4b\u8bd5\u4e00\u4e2a\u5b58\u5728\u8d8a\u6743\u6f0f\u6d1e\u7684API\u3002\u6b63\u5e38\u7528\u6237A\u53ea\u80fd\u67e5\u770b\u81ea\u5df1\u7684\u8d44\u6599\uff0c\u4f46\u901a\u8fc7\u4fee\u6539\u8bf7\u6c42\u53c2\u6570\uff0c\u6709\u53ef\u80fd\u67e5\u770b\u5230\u7528\u6237B\u7684\u8d44\u6599\u3002\u7528Reqable\u6211\u4eec\u53ef\u4ee5\u8fd9\u6837\u64cd\u4f5c\u3002<\/p>\n\n\n\n
\n- \u6784\u9020\u6b63\u5e38\u8bf7\u6c42<\/strong>\uff1a\u5148\u6b63\u5e38\u767b\u5f55APP\uff0c\u7528\u6d4f\u89c8\u5668\u5f00\u53d1\u8005\u5de5\u5177\u590d\u5236\u51fa\u4e00\u4e2a\u5b8c\u6574\u7684\u8bf7\u6c42\u3002\u4f46\u6211\u4eec\u73b0\u5728\u7528Reqable\u4ece\u5934\u6784\u9020\u3002\u65b9\u6cd5\u9009
GET<\/code>\uff0cURL\u586b https:\/\/api.example.com\/user\/profile<\/code>\u3002\u5728Headers\u91cc\u6dfb\u52a0 Authorization: Bearer \u7528\u6237A\u7684token<\/code>\u3002\u70b9\u51fb\u53d1\u9001\uff0c\u54cd\u5e94\u91cc\u8fd4\u56de\u4e86\u7528\u6237A\u7684\u8d44\u6599\uff0c\u72b6\u6001\u7801200\u3002<\/li>\n\n\n\n- \u4fee\u6539\u53c2\u6570\u6d4b\u8bd5\u8d8a\u6743<\/strong>\uff1a\u6839\u636e\u7ecf\u9a8c\uff0c\u5f88\u591a\u8d8a\u6743\u6f0f\u6d1e\u53d1\u751f\u5728\u53c2\u6570\u4e0a\uff0c\u6bd4\u5982 URL \u6539\u6210
https:\/\/api.example.com\/user\/profile?user_id=1002<\/code>\u3002\u6211\u4eec\u76f4\u63a5\u5728URL\u540e\u9762\u52a0\u4e0a\u67e5\u8be2\u53c2\u6570\uff0c\u518d\u6b21\u53d1\u9001\u3002\u5982\u679c\u670d\u52a1\u5668\u8fd4\u56de\u4e86\u7528\u6237B\u7684\u8d44\u6599\uff0c\u8bf4\u660e\u5b58\u5728\u8d8a\u6743\u2014\u2014\u5b83\u53ea\u6821\u9a8c\u4e86token\u6709\u6548\u6027\uff0c\u4f46\u6ca1\u6709\u6821\u9a8ctoken\u5bf9\u5e94\u7684\u7528\u6237ID\u548c\u8bf7\u6c42\u7684 user_id<\/code> \u662f\u5426\u4e00\u81f4\u3002<\/li>\n\n\n\n- \u4fee\u6539\u8bf7\u6c42\u65b9\u6cd5\u6d4b\u8bd5<\/strong>\uff1a\u6709\u4e9b\u63a5\u53e3\u5bf9GET\u505a\u4e86\u6743\u9650\u6821\u9a8c\uff0c\u4f46\u5bf9POST\u5374\u758f\u5ffd\u4e86\u3002\u6211\u4eec\u628a\u65b9\u6cd5\u4eceGET\u6539\u6210POST\uff0cURL\u4e0d\u53d8\uff0c\u5728Body\u91cc\u9009\u62e9JSON\uff0c\u8f93\u5165
{\"user_id\":1002}<\/code>\u3002\u53d1\u9001\u540e\u770b\u72b6\u6001\u7801\uff0c\u5982\u679c\u662f200\u4e14\u8fd4\u56de\u4e86\u7528\u6237B\u8d44\u6599\uff0c\u606d\u559c\u4f60\u53d1\u73b0\u4e86\u4e00\u4e2a\u9ad8\u5371\u6f0f\u6d1e\u3002<\/li>\n\n\n\n- \u4fee\u6539\u8bf7\u6c42\u5934\u7ed5\u8fc7\u9650\u5236<\/strong>\uff1a\u6709\u7684API\u4f1a\u68c0\u67e5
Referer<\/code> \u6216
![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/HTTP\u8bf7\u6c42\u4e0e\u54cd\u5e94\u7ed3\u6784\u56fe-1024x1024.jpg\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u8bf7\u6c42\u5934\u4fee\u6539\u6d41\u7a0b\uff08\u4ee5Node.js\u4e2d\u95f4\u4ef6\u4e3a\u4f8b\uff09-781x1024.png\"){kind=spacer}
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u54cd\u5e94\u5934\u4e0e\u72b6\u6001\u7801\u8bbe\u7f6e\u6d41\u7a0b-1024x1024.jpg\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u5305\u542b\u5b89\u5168\u5934\u4e0e\u8ba4\u8bc1\u7684\u8bf7\u6c42\u5904\u7406\u6d41\u7a0b-686x1024.png\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u6570\u636e\u5305\u5206\u6790\u5728\u7f51\u7edc\u5b89\u5168\u4f53\u7cfb\u4e2d\u7684\u4f4d\u7f6e-1017x1024.png\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u7ea2\u961f\u5de5\u5177\u6d41\u91cf\u7279\u5f81\u7684\u5bf9\u6297\u6f14\u5316-313x1024.png\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/\u84dd\u961f\u6d41\u91cf\u7814\u5224\u7684\u6807\u51c6\u6d41\u7a0b-476x1024.png\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/Reqable\u5728HTTP\u4ea4\u4e92\u4e2d\u7684\u89d2\u8272\u5b9a\u4f4d-1024x293.png\")
<\/div><\/figure>\n\n\n\n![\"\"](\"http:\/\/www.preluna.xyz\/wp-content\/uploads\/2026\/03\/Reqable\u6784\u9020\u8bf7\u6c42\u7684\u6838\u5fc3\u529f\u80fd\u6a21\u5757-1024x358.png\")
<\/div><\/figure>\n\n\n\n