如何用idhttp登录邮箱？

wsea 2010-12-24 01:53:40

我想用idhttp登录雅虎邮箱，然后修改密码，用wsexport抓包工具分析了登录的数据包，没看到提交的用户名和密码，好像加密了的。数据包如下 :
GET /mc/welcome?.gx=0&.tm=1293169914&.rand=1293169914&.remember=n&.persistent=n&error_done= HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */*
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Cookie: MG=d=.7Ra2FWWjF26XeKe7Pb7G32g3S_BFHRSY7vndRigBMBCKMv8a3Py8sbOBPKqkq6MFLPwHtms91GF52VXdhG5vxR1o48yzf1QK6mGYno-&v=1; YM.MGC=ns0BNkN9hS4kYUJwhwfl2m1xpWS5PAqtPfz_aFyNeeizY6FN; B=2uufk5h65vqjq&b=4&d=NAPtDw1pYFQMR_RAGXQMK9RWvEw-&s=fv&i=teR3C16vuKTurgazECf8; F=a=TCOcrTMMvTWBx9u9y8KotBOJVZfl5PriDGeS6aUdtaZg7y_4EK7Gf3Fbi7cOqJ80v56TbnxI48upA5qYFdn2VS.d4w--&b=R_ID; YLS=v=1&p=0&n=0; C=mg=1; Y=v=1&n=4bq4k83gquop8&l=60e27kdnk4svwz@o07ee.2d/o&p=f1vvvcn012000000&iz=&r=lv&lg=zh-Hans-CN&intl=cn&np=1; PH=fn=M1deCceOXrORlttWXbbXRdrp&l=zh-Hans-CN; T=z=5TDFNB5nqJNBFx2FCY2O1/ETjU1Bk8zMzM1M040NTUwNDIzMD&a=QAE&sk=DAAkp0l.SZYmOP&ks=EAAM3NvAQCOtVG0I0t6z4tiqg--~E&d=c2wBT1RJeUFUZzBORFF5TkRrek1qSTNNelUwTnpNNAFhAVFBRQFnATZNRlZGNVRGS0JXTVlSUE1JRElJWlRRTFJNAXRpcAF4bHpnT0EBenoBNVRERk5CQTdF
Connection: Keep-Alive
Host: cn.mc922.mail.yahoo.com
大家帮我看看应该如何实现啊？

...全文

175 3 打赏收藏转发到动态举报

写回复

用AI写文章

3 条回复

切换为时间正序

请发表友善的回复…

发表回复

ysai 2010-12-24

打赏
举报

yahoo并没加密密码,不过它用的是HTTPS验证
URL_Login="http://mail.cn.yahoo.com/logout/logout1s.html"
Request_URL="https://edit.bjs.yahoo.com/config/login"
Request_Referer="http://mail.cn.yahoo.com/?cns"
Request_Header="Content-Type: application/x-www-form-urlencoded"
Request_Content=".intl=cn&.done=$PARAM_0$&.src=ym&.cnrid=$PARAM_2$&.challenge=$PARAM_1$&login=$EMAIL$&passwd=$PASSWORD$"



type

  THttpComponent = TIdHttp;



procedure InitHttpComponent(const Http : THttpComponent);

var

  ssl :  TIdSSLIOHandlerSocketOpenSSL;

begin

  Http.AllowCookies :=  True;

  Http.HandleRedirects  :=  True;

  Http.Request.Accept :=  'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';

  Http.Request.AcceptEncoding :=  'deflate';

  Http.Request.Connection :=  'keep-alive';

  Http.Request.ContentType  :=  'application/x-www-form-urlencoded';

  Http.Request.BasicAuthentication  :=  True;

  Http.Request.UserAgent  :=  'Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.1';

  SetAHttpSSLAndProxy(Http, True);

  ssl :=  TIdSSLIOHandlerSocketOpenSSL.Create(Http);

  Http.IOHandler  :=  ssl;

  ssl.SSLOptions.SSLVersions  :=  [sslvSSLv23];

end;



function CheckNewMail_Yahoo_Indy(

    const ALoginURL : string;

    const APostURL : string;

    const APostReferer : string;

    const APostHeader : string;

    const APostContent : string;

    const AEmail : string;

    const APassword : string

    ):integer;

var

  http : THttpComponent;

  resultstream : TStringStream;

  poststream : TStringStream;

  html : string;

  params : array[0..2] of string;

  postdata : string;

  rurl : string;

  sUnRead : string;

  p : Integer;

begin

  Result  :=  -1;

  http  :=  THttpComponent.Create(nil);

  resultstream  :=  TStringStream.Create;

  poststream  :=  TStringStream.Create;

  try

    InitHttpComponent(http);

    try

      http.Get(ALoginURL, resultstream);

      if http.ResponseCode <> HTTP_OK then Exit;

      html  :=  resultstream.DataString;



      params[0] := FindTagContent(html, 1, ' name=.done value="', '"', True);

      if params[0] = '' then

        params[0] := FindTagContent(html, 1, ' name=".done" value="', '"', True);

      params[1] := FindTagContent(html, 1, ' name=".challenge" value="', '"', True);

      params[2] := FindTagContent(html, 1, ' name=".cnrid" value="', '"', True);

      if (params[0] <> '') and (params[1] <> '') then

      begin

        postdata := APostContent;

        postdata := StringReplace(postdata, '$EMAIL$', URLEncode(AEmail), [rfReplaceAll]);

        postdata := StringReplace(postdata, '$PASSWORD$', URLEncode(APassword), [rfReplaceAll]);

        postdata := StringReplace(postdata, '$PARAM_0$', URLEncode(params[0]), [rfReplaceAll]);

        postdata := StringReplace(postdata, '$PARAM_1$', URLEncode(params[1]), [rfReplaceAll]);

        postdata := StringReplace(postdata, '$PARAM_2$', URLEncode(params[2]), [rfReplaceAll]);



        poststream.WriteString(postdata);

        http.Request.Referer  :=  http.URL.URI;

        resultstream.Clear;

        http.Post(APostURL, poststream, resultstream);

        if http.ResponseCode <> HTTP_OK then

          Exit;

        html  :=  resultstream.DataString;



        rurl  :=  FindTagContent(html, 1, 'window.location.replace("', '")', True);

        if rurl = '' then Exit;



        resultstream.Clear;

        http.Get(rurl, resultstream);

        if http.ResponseCode <> HTTP_OK then Exit;

        html := resultstream.DataString;

        rurl  :=  FindTagContent(html, 1, 'window.location.replace("', '")', True);

        sUnRead :=  FindTagContent(html, 1, '<span id="unread_count"', '</span>', True);



        if sUnRead = '' then

        begin

          resultstream.Clear;

          http.Get(http.URL.URI + '&ymv=3', resultstream);

          if http.ResponseCode <> HTTP_OK then Exit;

          html := resultstream.DataString;

          sUnRead :=  FindTagContent(html, 1, '<span id="unread_count"', '</span>', True);

        end;



        if sUnRead <> '' then

        begin

          p :=  Pos('>', sUnRead);

          if p > 0 then

            Delete(sUnRead, 1, p);

          sUnRead :=  Trim(sUnRead);

          sUnRead :=  StringReplace(sUnRead, '(', '', [rfReplaceAll]);

          sUnRead :=  StringReplace(sUnRead, ')', '', [rfReplaceAll]);

          Result  :=  StrToIntDef(Trim(sUnRead), 0);

        end;

      end;

    except

    end;

  finally

    poststream.Free;

    resultstream.Free;

    http.Free;

  end;

end;