WooYun.org

直接上细节吧
public 参数
POST /dosubmit.php?action=createvotebystep HTTP/1.1
Host: **.**.**.**
Proxy-Connection: keep-alive
Content-Length: 1385
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://**.**.**.**
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://**.**.**.**/action/createvote_bystep.html
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie:
action=createvotebystep&op=dosavevotebystep&guid=&votetitle=test&votetype=0&maxselection=0&quickvote=0&public=0&voteviewpasswd=&aftervote=0&expairtime=&votecontent=&aftervotecontent=&mustfills%5Brealname%5D=0&mustfills%5Binfoenglishname%5D=0&mustfills%5Busername%5D=0&mustfills%5Bsex%5D=0&mustfills%5Bemail%5D=0&mustfills%5Bidcard%5D=0&mustfills%5Bbirthday%5D=0&mustfills%5Bage%5D=0&mustfills%5Bphone%5D=0&mustfills%5Bmobile%5D=0&mustfills%5Baddress%5D=0&mustfills%5Binfocommunity%5D=0&mustfills%5Bqq%5D=0&mustfills%5Binfoweixinno%5D=0&mustfills%5Binfoshopname%5D=0&mustfills%5Bcompany%5D=0&mustfills%5Binfojobnumber%5D=0&mustfills%5Binfoposition%5D=0&mustfills%5Bdepartment%5D=0&mustfills%5Bworkaddress%5D=0&mustfills%5Binfocarnumber%5D=0&mustfills%5Bnickname%5D=0&mustfills%5Binfolinkurl%5D=0&mustfills%5Bblogurl%5D=0&mustfills%5Binfoschool%5D=0&mustfills%5Binfofaculty%5D=0&mustfills%5Binfoclass%5D=0&mustfills%5Binfograde%5D=0&mustfills%5Binfotaobao%5D=0&mustfills%5Balipay%5D=0&mustfills%5Binfomembercardno%5D=0&mustfills%5Binfosanwei%5D=0&mustfills%5Binfobodyheight%5D=0&mustfills%5Binfoweight%5D=0&mustfills%5Binfoshoesize%5D=0&mustfills%5Binfopersonabs%5D=0&mustfills%5Binfodescription%5D=0&mustfills%5Binfosuggestion%5D=0&mustfills%5Bother%5D=0&mustfills%5Binfophoto%5D=0&mustfills%5Binfoworkpic%5D=0&mustfills%5Binfojoinracemsg%5D=0&mustfills%5Binfoleavemsg%5D=0&inputagree=1