问题
I'm currently trying to reverse-engineer a private REST-Webservice, which lacks documentation. The only thing I know about it is, that it's written in PHP, using the ZendFramework. Is there any simple way of finding out, which actions are allowed and which parameters I have to supply to make the service work correctly?
Greets, Rob
回答1:
If you have an existing client using the service (a web page, mobile app, etc.) you can use a proxy to record and observe traffic that's sent/received by an existing client using the service. Fiddler or Charles will get the job done.
回答2:
You can use network analyzer tool like WIRESHARK to capture data sent on network Read more about it on wireshark site
For example i hit login web service data captured by wireshark is as:
In above image you can see data sent on HTTP protocol
1.) method POST
2.) Under MIME info for example
Content-Disposition: form-data; name="phoneNumber"\r\n\r\n
name of parameter is phoneNumber
===========UPDATE==============
Here you can see fiddle captured data:
1.) Click on GO bottun, after that it starts capturing requests
回答3:
you can use
network analyzer tab under inspect element option in google chrome
where you can see all the data and scripts loaded for that webpage, for example check this screenshot, where i am trying to see which google api is used to find coordinates for the given address. in this you will get all the information required.
来源:https://stackoverflow.com/questions/6831144/howto-reverse-engineer-a-rest-webservice