62,074
社区成员
发帖
与我相关
我的任务
分享本地客户端的数据验证有何方法绕过?
有个ASP.NET的表单页面(关键代码附后),在提交表单时有一个“操作太快”的验证限制,即在页面加载完成后的1秒内,自动填表后立即提交会被限制,大约在1秒后才予以通过。请问在写自动填表程序时,是否有办法可以绕过这个限制?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link href="css/zzxh.css" rel="stylesheet" type="text/css" media="screen" /><title>
用户手机验证
</title>
</head>
<body id="zzxhSMSVerifyPage">
<div id="zzxhHeader">
<h1 title="XXX系统">
<span></span>XXX系统</h1>
</div>
<script type="text/javascript">
function txtCarId_onkeypress(txt) {
var KeyCode = String.fromCharCode(window.event.keyCode);
KeyCode = KeyCode.toUpperCase();
var upkey = KeyCode.charCodeAt(0);
window.event.keyCode = upkey;
}
</script>
<div id="zzxhContent">
<p class="tipsTop">
流程提示</p>
<form name="form1" method="post" action="StepMobileVali.aspx" onsubmit="javascript:return WebForm_OnSubmit();" id="form1">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNDUxMjQzOTMPZBYCAgMPZBYCAgsPZBYCAgEPD2QWAh4Hb25jbGljawUdamF2YXNjcmlwdDpyZXR1cm4gQ2hlY2tidG4oKTtkZKTmUOGgj25UWOSzUc5MCsAAAAAA" />
</div>
<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['form1'];
if (!theForm) {
theForm = document.form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>
<script src="/WebResource.axd?d=08iWKmlSC82d5LotsPtOweqatbqK4qsiJYW2GGPPDJRMJY6s0dPLjDDNh5HoOnzweM4McX1vNPAAAAAA0&t=634437516720008534" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
function Checkbtn()
{
document.form1.code.value='EBFA1346BD1E96718BD8C5616405C6B6'; var a=document.form1.code.value; document.form1.result.value = hex_hex2(a);
}
//]]>
</script>
<script type="text/javascript" src="/ajaxpro/prototype.ashx"></script>
<script type="text/javascript" src="/ajaxpro/core.ashx"></script>
<script type="text/javascript" src="/ajaxpro/converter.ashx"></script>
<script type="text/javascript" src="/ajaxpro/StepMobileVali,App_Web_nlbxcyvp.ashx"></script>
<script src="/WebResource.axd?d=9peMvF8x2vhe3wmmRSgDHpP9zV9v4UW6ZM7xISBtb7SfeJlaaEuQS4QAmKmwWlHes_VDi8s0sI30Q1BxhB_9YQAAAAA1&t=634437516720008534" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
function WebForm_OnSubmit() {
if (typeof(ValidatorOnSubmit) == "function" && ValidatorOnSubmit() == false) return false;
return true;
}
//]]>
</script>
<div>
<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWBwKfm/6+BAKozL9YArGFitkJAvq0qegFArOZzbIHAquRpcEBAtWjxq8O5Coibbl7ZjR7ej+7c6+MFwAAAAA=" />
</div>
<%--3--%>
<script type="text/javascript" language="javascript">
var hexcase = 0;
var b64pad = "";
var chrsz = 8;
function hex_hex2(s) { return binb2hex(core_hex2(str2binb(s), s.length * chrsz)); }
function b64_hex2(s) { return binb2b64(core_hex2(str2binb(s), s.length * chrsz)); }
function str_hex2(s) { return binb2str(core_hex2(str2binb(s), s.length * chrsz)); }
function hex_hmac_hex2(key, data) { return binb2hex(core_hmac_hex2(key, data)); }
function b64_hmac_hex2(key, data) { return binb2b64(core_hmac_hex2(key, data)); }
function str_hmac_hex2(key, data) { return binb2str(core_hmac_hex2(key, data)); }
function hex2_vm_test() {
return hex_hex2("abc") == "a9993e364706816aba3e25717850c26c9cd0d89d";
}
function core_hex2(x, len) {
....
return Array(a, b, c, d, e);
}
function hex2_ft(t, b, c, d) {
...
return b ^ c ^ d;
}
function hex2_kt(t) {
return ...;
}
function core_hmac_hex2(key, data) {
...
return core_hex2(opad.concat(hash), 512 + 160);
}
function safe_add(x, y) {
var lsw = (x & 0xFFFF) + (y & 0xFFFF);
var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
return (msw << 16) | (lsw & 0xFFFF);
}
function rol(num, cnt) {
return (num << cnt) | (num >>> (32 - cnt));
}
function str2binb(str) {
var bin = Array();
var mask = (1 << chrsz) - 1;
for (var i = 0; i < str.length * chrsz; i += chrsz)
bin[i >> 5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i % 32);
return bin;
}
function binb2str(bin) {
var str = "";
var mask = (1 << chrsz) - 1;
for (var i = 0; i < bin.length * 32; i += chrsz)
str += String.fromCharCode((bin[i >> 5] >>> (32 - chrsz - i % 32)) & mask);
return str;
}
function binb2hex(binarray) {
var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var str = "";
for (var i = 0; i < binarray.length * 4; i++) {
str += hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8 + 4)) & 0xF) +
hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8)) & 0xF);
}
return str;
}
function binb2b64(binarray) {
...
return str;
}
</script>
<h2 id="SMSVerify" title="手机验证">
<span></span>手机验证</h2>
<p class="tips2">
<span>获取验证码。</span>
</p>
<table border="0" cellspacing="0" class="blueTB">
<tr>
<th width="100">
手机号码:
</th>
<td>
<input name="txtMobile" type="text" maxlength="15" id="txtMobile" onkeydown="javascript:DisableCtrl_onkeydown();" oncontextmenu="javascript:DisablePopup_oncontextmenu();" />
<em>小灵通请带区号</em><em>
<span id="ReqFiledMobile" style="color:Red;visibility:hidden;">请输入您的手机号</span></em>
</td>
</tr>
<tr>
<th>
手机验证码:
</th>
<td>
<input name="txtMobileValiCode" type="text" maxlength="6" id="txtMobileValiCode" onkeydown="javascript:DisableCtrl_onkeydown();" oncontextmenu="javascript:DisablePopup_oncontextmenu();" />
<em>
<br />
<span id="ReqFiledValiCode" style="color:Red;display:none;">请输入您接收的手机短信验证码</span>
<span id="CustomValiOther" style="color:Red;display:none;">手机验证码不正确</span></em>
</td>
</tr>
<tr>
<th colspan="2">
(注: 发送短信XX免费获取验证码。)
</th>
</tr>
</table>
<div class="tips">
请您首先进行手机验证!<br />
<span id="CustomValiTooFast" style="color:Red;font-size:Medium;font-weight:bold;visibility:hidden;">对不起,您操作太快了!</span>
</div>
<input type="hidden" name="code" id="code" />
<input type="hidden" name="result" id="result" />
<div id="div1" style="position: absolute; left: 560px; top: 420px;
width: 400px;">
<input type="submit" name="Submit1" value="确定" onclick="javascript:return Checkbtn();WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("Submit1", "", true, "", "", false, false))" id="Submit1" class="button78x25" />
</div>
<script type="text/javascript">
//<![CDATA[
var Page_Validators = new Array(document.getElementById("CustomValiTooFast"));
//]]>
</script>
<script type="text/javascript">
//<![CDATA[
var CustomValiTooFast = document.all ? document.all["CustomValiTooFast"] : document.getElementById("CustomValiTooFast");
CustomValiTooFast.errormessage = "对不起,您操作太快了!";
CustomValiTooFast.evaluationfunction = "CustomValidatorEvaluateIsValid";
//]]>
</script>
<script type="text/javascript">
//<![CDATA[
var Page_ValidationActive = false;
if (typeof(ValidatorOnLoad) == "function") {
ValidatorOnLoad();
}
function ValidatorOnSubmit() {
if (Page_ValidationActive) {
return ValidatorCommonOnSubmit();
}
else {
return true;
}
}
//]]>
</script>
</form>
</div>
<div id="zzxhCopyright">
<h6>
<span></span>Copyright © 版权所有 未经允许不得复制本网站</h6>
</div>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link href="css/zzxh.css" rel="stylesheet" type="text/css" media="screen" /><title>
用户手机验证
</title>
</head>
<body id="zzxhSMSVerifyPage">
<div id="zzxhHeader">
<h1 title="XXX系统">
<span></span>XXX系统</h1>
</div>
<script type="text/javascript">
function txtCarId_onkeypress(txt) {
var KeyCode = String.fromCharCode(window.event.keyCode);
KeyCode = KeyCode.toUpperCase();
var upkey = KeyCode.charCodeAt(0);
window.event.keyCode = upkey;
}
</script>
<div id="zzxhContent">
<p class="tipsTop">
流程提示</p>
<form name="form1" method="post" action="StepMobileVali.aspx" onsubmit="javascript:return WebForm_OnSubmit();" id="form1">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNDUxMjQzOTMPZBYCAgMPZBYCAgsPZBYCAgEPD2QWAh4Hb25jbGljawUdamF2YXNjcmlwdDpyZXR1cm4gQ2hlY2tidG4oKTtkZKTmUOGgj25UWOSzUc5MCsAAAAAA" />
</div>
<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['form1'];
if (!theForm) {
theForm = document.form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>
<script src="/WebResource.axd?d=08iWKmlSC82d5LotsPtOweqatbqK4qsiJYW2GGPPDJRMJY6s0dPLjDDNh5HoOnzweM4McX1vNPAAAAAA0&t=634437516720008534" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
function Checkbtn()
{
document.form1.code.value='EBFA1346BD1E96718BD8C5616405C6B6'; var a=document.form1.code.value; document.form1.result.value = hex_hex2(a);
}
//]]>
</script>
<script type="text/javascript" src="/ajaxpro/prototype.ashx"></script>
<script type="text/javascript" src="/ajaxpro/core.ashx"></script>
<script type="text/javascript" src="/ajaxpro/converter.ashx"></script>
<script type="text/javascript" src="/ajaxpro/StepMobileVali,App_Web_nlbxcyvp.ashx"></script>
<script src="/WebResource.axd?d=9peMvF8x2vhe3wmmRSgDHpP9zV9v4UW6ZM7xISBtb7SfeJlaaEuQS4QAmKmwWlHes_VDi8s0sI30Q1BxhB_9YQAAAAA1&t=634437516720008534" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
function WebForm_OnSubmit() {
if (typeof(ValidatorOnSubmit) == "function" && ValidatorOnSubmit() == false) return false;
return true;
}
//]]>
</script>
<div>
<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWBwKfm/6+BAKozL9YArGFitkJAvq0qegFArOZzbIHAquRpcEBAtWjxq8O5Coibbl7ZjR7ej+7c6+MFwAAAAA=" />
</div>
<%--3--%>
<script type="text/javascript" language="javascript">
var hexcase = 0;
var b64pad = "";
var chrsz = 8;
function hex_hex2(s) { return binb2hex(core_hex2(str2binb(s), s.length * chrsz)); }
function b64_hex2(s) { return binb2b64(core_hex2(str2binb(s), s.length * chrsz)); }
function str_hex2(s) { return binb2str(core_hex2(str2binb(s), s.length * chrsz)); }
function hex_hmac_hex2(key, data) { return binb2hex(core_hmac_hex2(key, data)); }
function b64_hmac_hex2(key, data) { return binb2b64(core_hmac_hex2(key, data)); }
function str_hmac_hex2(key, data) { return binb2str(core_hmac_hex2(key, data)); }
function hex2_vm_test() {
return hex_hex2("abc") == "a9993e364706816aba3e25717850c26c9cd0d89d";
}
function core_hex2(x, len) {
....
return Array(a, b, c, d, e);
}
function hex2_ft(t, b, c, d) {
...
return b ^ c ^ d;
}
function hex2_kt(t) {
return ...;
}
function core_hmac_hex2(key, data) {
...
return core_hex2(opad.concat(hash), 512 + 160);
}
function safe_add(x, y) {
var lsw = (x & 0xFFFF) + (y & 0xFFFF);
var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
return (msw << 16) | (lsw & 0xFFFF);
}
function rol(num, cnt) {
return (num << cnt) | (num >>> (32 - cnt));
}
function str2binb(str) {
var bin = Array();
var mask = (1 << chrsz) - 1;
for (var i = 0; i < str.length * chrsz; i += chrsz)
bin[i >> 5] |= (str.charCodeAt(i / chrsz) & mask) << (32 - chrsz - i % 32);
return bin;
}
function binb2str(bin) {
var str = "";
var mask = (1 << chrsz) - 1;
for (var i = 0; i < bin.length * 32; i += chrsz)
str += String.fromCharCode((bin[i >> 5] >>> (32 - chrsz - i % 32)) & mask);
return str;
}
function binb2hex(binarray) {
var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var str = "";
for (var i = 0; i < binarray.length * 4; i++) {
str += hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8 + 4)) & 0xF) +
hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8)) & 0xF);
}
return str;
}
function binb2b64(binarray) {
...
return str;
}
</script>
<h2 id="SMSVerify" title="手机验证">
<span></span>手机验证</h2>
<p class="tips2">
<span>获取验证码。</span>
</p>
<table border="0" cellspacing="0" class="blueTB">
<tr>
<th width="100">
手机号码:
</th>
<td>
<input name="txtMobile" type="text" maxlength="15" id="txtMobile" onkeydown="javascript:DisableCtrl_onkeydown();" oncontextmenu="javascript:DisablePopup_oncontextmenu();" />
<em>小灵通请带区号</em><em>
<span id="ReqFiledMobile" style="color:Red;visibility:hidden;">请输入您的手机号</span></em>
</td>
</tr>
<tr>
<th>
手机验证码:
</th>
<td>
<input name="txtMobileValiCode" type="text" maxlength="6" id="txtMobileValiCode" onkeydown="javascript:DisableCtrl_onkeydown();" oncontextmenu="javascript:DisablePopup_oncontextmenu();" />
<em>
<br />
<span id="ReqFiledValiCode" style="color:Red;display:none;">请输入您接收的手机短信验证码</span>
<span id="CustomValiOther" style="color:Red;display:none;">手机验证码不正确</span></em>
</td>
</tr>
<tr>
<th colspan="2">
(注: 发送短信XX免费获取验证码。)
</th>
</tr>
</table>
<div class="tips">
请您首先进行手机验证!<br />
<span id="CustomValiTooFast" style="color:Red;font-size:Medium;font-weight:bold;visibility:hidden;">对不起,您操作太快了!</span>
</div>
<input type="hidden" name="code" id="code" />
<input type="hidden" name="result" id="result" />
<div id="div1" style="position: absolute; left: 560px; top: 420px;
width: 400px;">
<input type="submit" name="Submit1" value="确定" onclick="javascript:return Checkbtn();WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("Submit1", "", true, "", "", false, false))" id="Submit1" class="button78x25" />
</div>
<script type="text/javascript">
//<![CDATA[
var Page_Validators = new Array(document.getElementById("CustomValiTooFast"));
//]]>
</script>
<script type="text/javascript">
//<![CDATA[
var CustomValiTooFast = document.all ? document.all["CustomValiTooFast"] : document.getElementById("CustomValiTooFast");
CustomValiTooFast.errormessage = "对不起,您操作太快了!";
CustomValiTooFast.evaluationfunction = "CustomValidatorEvaluateIsValid";
//]]>
</script>
<script type="text/javascript">
//<![CDATA[
var Page_ValidationActive = false;
if (typeof(ValidatorOnLoad) == "function") {
ValidatorOnLoad();
}
function ValidatorOnSubmit() {
if (Page_ValidationActive) {
return ValidatorCommonOnSubmit();
}
else {
return true;
}
}
//]]>
</script>
</form>
</div>
<div id="zzxhCopyright">
<h6>
<span></span>Copyright © 版权所有 未经允许不得复制本网站</h6>
</div>
</body>
</html>
...全文
请发表友善的回复…
发表回复
