1.前期工作:安装Burpsuite工具这里网上有许多教程,大致步骤如下:

找到安装包然后解压缩,然后双击

Java dtd java dtd修改ua_xml


安装jdk,然后就是配置环境变量,如果是默认jdk安装路径没有更改路径的话就是跟如下一样

配置如下:

(1)JAVA_HOME

变量值填写JAVA安装的路径,我的是C:\Program Files\Java\jdk1.8.0_201

(2)CLASSPATH

变量值填写 .;%JAVA_HOME%\lib\dt.jar;%JAVA_HOME%\lib\tools.jar

(3)修改Path变量

如果是win10,path变量是分别添加的:

C:\Program Files\Java\jdk1.8.0_201\bin

C:\Program Files\Java\jre1.8.0_201\bin

(视个人具体安装路径来填。)

Java dtd java dtd修改ua_html_02

然后就是双击burp-loader-keygen.jar,

Java dtd java dtd修改ua_JAVA_03


点击“run”,会弹出一个小框,

具体教程参考:
下面我来描述一下简单的抓包过程,本次实验采用的是新浪新闻这个网站随便选择一篇底下有评论的文章作为测试

配置浏览器代理为127.0.0.1:8888

burpsuite代理为127.0.0.1:8888

开启拦截

Java dtd java dtd修改ua_html_04

点击点赞按钮之后,抓包

POST /cmnt/vote HTTP/1.1
Host: comment5.news.sina.com.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: https://ent.sina.com.cn/v/m/2022-11-29/doc-imqqsmrp8012612.shtml
Content-Type: application/x-www-form-urlencoded
Content-Length: 148
Origin: https://ent.sina.com.cn
Connection: close
Cookie: UOR=www.baidu.com,news.sina.com.cn,; SINAGLOBAL=183.191.28.183_1669786423.553171; Apache=183.191.28.183_1669786423.553172; ULV=1669786424324:1:1:1:183.191.28.183_1669786423.553172:; __bid_n=184c706de566f137584207; FPTOKEN=30$CODED--v30MUi3]-i,Vv\wZagAj)W; Hm_lvt_fcf72dc8287d20a78b3dfd301a50cbf8=1669786434; Hm_lpvt_fcf72dc8287d20a78b3dfd301a50cbf8=1669793871; Hm_lvt_b82ffdf7cbc70caaacee097b04128ac1=1669786447; Hm_lpvt_b82ffdf7cbc70caaacee097b04128ac1=1669794197; rotatecount=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Sec-Fetch-User: ?1

channel=yl&newsid=comos-mqqsmrp8012612&parent=6386C37C-2485CCA4-1CD3A0FCF-8BD-831&format=js&vote=1&callback=function%28e%29%7B%7D&domain=sina.com.cn

然后右键发送给Repeater

Java dtd java dtd修改ua_JAVA_05

然后点击发送

Java dtd java dtd修改ua_xml_06


Java dtd java dtd修改ua_Java dtd_07

然后刷新页面之后放包即在burosuite的代理界面一直点击forward即可成功

Java dtd java dtd修改ua_html_08


改变UA头使得手机和pc界面互相转换:

本次使用火狐浏览器和逍遥模拟器

访问网站so.com

首先抓取so.com安卓和pc端的数据包

pc数据包:

Java dtd java dtd修改ua_JAVA_09

安卓数据包:

需要注意的是抓取安卓数据包的时候要设置代理为本机ip地址和本机端口,找到设置,wifi设置,长按wifi,点击修改网络,手动配置代理为本机ip和端口例如我配置的是192.168.1.100:8888

然后在安卓模拟器浏览器中输入so.com抓取模拟器的数据包:

Java dtd java dtd修改ua_xml_10

GET /?src=so.com HTTP/1.1

Host: m.so.com

Connection: close

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Linux; Android 7.1.2; HD1910 Build/N2G48H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.70 Mobile Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cookie: QiHooGUID=E79FA4BFDC1A44216D5FC880CA56158E.1669788260369; __guid=34870781.3454048953801212400.1669788292326.8987; env_webp=1; stc_ls_sa=aS8T6RbTAR

然后只需要在抓取数据包的时候修改UA(user-agent)头即可呈现不同的界面

比如把模拟器抓取的数据包中的user-agent:后的内容修改为pc端的user-agent:后的内容即可

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0

Java dtd java dtd修改ua_网络安全_11


想要pc端呈现出模拟器中的效果只需要在抓取数据包的同时把user-agent更改wei模拟器中的UA头,然后再放行即可

改为:Mozilla/5.0 (Linux; Android 7.1.2; HD1910 Build/N2G48H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.70 Mobile Safari/537.36

Java dtd java dtd修改ua_JAVA_12


Java dtd java dtd修改ua_Java dtd_13