62,041
社区成员
发帖
与我相关
我的任务
分享模拟post登录求解
想实现一个模拟登录,但是无论如何还是登录不到系统中,请各位高手帮哈忙,我的代码如下:
我用firebug查看了请求的数据如下:
post部分:
参数 application/x-www-form-urlencoded
----------------------------
__VIEWSTATE /wEPDwULLTExNDY5NzI1NTRkZDxUq+DKozsyBkD5NwEXp3n8vlje
btnLogin
txtPwd 123
txtUserName admin
下面有一个提示源代码:__VIEWSTATE=%2FwEPDwULLTExNDY5NzI1NTRkZDxUq%2BDKozsyBkD5NwEXp3n8vlje&txtUserName=admin&btnLogin=&txtPwd=123
其它头信息如下:
响应头信息原始头信息
Cache-Control private
Content-Length 146
Content-Type text/html; charset=utf-8
Date Fri, 02 Mar 2012 12:30:54 GMT
Location /manage/AdminDefault.aspx
Server Microsoft-IIS/6.0
X-AspNet-Version 2.0.50727
X-Powered-By ASP.NET
请求头信息原始头信息
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset GB2312,utf-8;q=0.7,*;q=0.7
Accept-Encoding gzip, deflate
Accept-Language zh-cn,zh;q=0.5
Connection keep-alive
Cookie ASP.NET_SessionId=3y15jsbfuf4irj451megtayu; cnzz_a3162184=2; sin3162184=; rtime=0; ltime=1330688762546; cnzz_eid=32735649-1330674004-
Host www.******.com
Referer http://www.******.com/login.aspx
User-Agent Mozilla/5.0 (Windows NT 5.1; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
来自缓存的响应头信息
Cache-Control private
Content-Length 146
Content-Type text/html; charset=utf-8
Date Fri, 02 Mar 2012 12:30:54 GMT
Location /manage/AdminDefault.aspx
Server Microsoft-IIS/6.0
X-AspNet-Version 2.0.50727
X-Powered-By ASP.NET
Request Headers From Upload Stream
Content-Length 107
Content-Type application/x-www-form-urlencoded
请高手帮帮忙
我用firebug查看了请求的数据如下:
post部分:
参数 application/x-www-form-urlencoded
----------------------------
__VIEWSTATE /wEPDwULLTExNDY5NzI1NTRkZDxUq+DKozsyBkD5NwEXp3n8vlje
btnLogin
txtPwd 123
txtUserName admin
下面有一个提示源代码:__VIEWSTATE=%2FwEPDwULLTExNDY5NzI1NTRkZDxUq%2BDKozsyBkD5NwEXp3n8vlje&txtUserName=admin&btnLogin=&txtPwd=123
string loginurl = "http://www.******.com/login.aspx";
string postData = "__VIEWSTATE=%2FwEPDwULLTExNDY5NzI1NTRkZM0rikwJ7c5wXU5YQWwcCccBzYZE&txtUserName=admin&btnLogin=&txtPwd=123"; //这个是我根据post数据来弄的
byte[] b = System.Text.Encoding.GetEncoding("gb2312").GetBytes(postData);
wreq = HttpWebRequest.Create(loginurl) as HttpWebRequest ;
wreq.ContentLength = b.Length;
wreq.Method = "Post";
wreq.CookieContainer = ck;
wreq.ContentType = "text/html; charset=gb2312";
wreq.KeepAlive = true;
wreq.AllowAutoRedirect = true;
wreq.Referer = "http://www.******.com/login.aspx";
wreq.AllowWriteStreamBuffering = true;
wreq.UserAgent = "Mozilla/5.0 (Windows NT 5.1; rv:8.0.1) Gecko/20100101 Firefox/8.0.1";
Stream myRequestStream = wreq.GetRequestStream();
using (StreamWriter myStreamWriter = new StreamWriter(myRequestStream, Encoding.GetEncoding("gb2312")))
{
myStreamWriter.Write(postData);
}
myRequestStream.Close();
using( wres=(HttpWebResponse) wreq.GetResponse()) {
//wres.Cookies永远都是为0
if (wres.Cookies.Count >0)
{
ck.Add(wres.Cookies);
}
using (StreamReader reader = new StreamReader(wres.GetResponseStream(),System.Text.Encoding.UTF8)) {
string aaa= reader.ReadToEnd();
Response.Write(aaa); //这里得到的数据还是登录页面的,而不是进入系统的代码,
}
}
其它头信息如下:
响应头信息原始头信息
Cache-Control private
Content-Length 146
Content-Type text/html; charset=utf-8
Date Fri, 02 Mar 2012 12:30:54 GMT
Location /manage/AdminDefault.aspx
Server Microsoft-IIS/6.0
X-AspNet-Version 2.0.50727
X-Powered-By ASP.NET
请求头信息原始头信息
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset GB2312,utf-8;q=0.7,*;q=0.7
Accept-Encoding gzip, deflate
Accept-Language zh-cn,zh;q=0.5
Connection keep-alive
Cookie ASP.NET_SessionId=3y15jsbfuf4irj451megtayu; cnzz_a3162184=2; sin3162184=; rtime=0; ltime=1330688762546; cnzz_eid=32735649-1330674004-
Host www.******.com
Referer http://www.******.com/login.aspx
User-Agent Mozilla/5.0 (Windows NT 5.1; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
来自缓存的响应头信息
Cache-Control private
Content-Length 146
Content-Type text/html; charset=utf-8
Date Fri, 02 Mar 2012 12:30:54 GMT
Location /manage/AdminDefault.aspx
Server Microsoft-IIS/6.0
X-AspNet-Version 2.0.50727
X-Powered-By ASP.NET
Request Headers From Upload Stream
Content-Length 107
Content-Type application/x-www-form-urlencoded
请高手帮帮忙
...全文
请发表友善的回复…
发表回复
bakdfkuk 2012-03-05
- 打赏
- 举报
感谢4楼给出的答案,虽然没有解决我的问题,不过却让我更明确理解了bs中一些东西,反复读了几遍http协议,呵呵
bakdfkuk 2012-03-03
- 打赏
- 举报
明文是通过抓取获取的
bdmh 2012-03-03
- 打赏
- 举报
用户名和密码都是明文的吗,一般不会可能吧,都会经过加密传递给验证端的,如果你用明文参数,那肯定不行吧
而且 wreq 也没看见传递用户信息呢
而且 wreq 也没看见传递用户信息呢
bakdfkuk 2012-03-03
- 打赏
- 举报
哇,高手们去哪里了?
bakdfkuk 2012-03-03
- 打赏
- 举报
我也想尽力获取到cookie,但经过wres.Cookies.Count 发现,数量总是为0,貌似获取不到的样子,我一步一步调试下来看到在: Stream myRequestStream = wreq.GetRequestStream();时就有异常了,但是很奇怪的是这个异常却还会使程序继续执行,而不中断,报的错误是:Length = “myRequestStream.Length”引发了“System.NotSupportedException”类型的异常,在网上找了一些资料,发现MSDN上是这么说的:
The request cache validator indicated that the response for this request can be served from the cache; however, requests that write data must not use the cache. This exception can occur if you are using a custom cache validator that is incorrectly implemented.
貌似有客户端是没有办法伪造一个cache,弄了好久,只看到网上有人模拟登录成功,但我却怎么弄都开不好,纠结
The request cache validator indicated that the response for this request can be served from the cache; however, requests that write data must not use the cache. This exception can occur if you are using a custom cache validator that is incorrectly implemented.
貌似有客户端是没有办法伪造一个cache,弄了好久,只看到网上有人模拟登录成功,但我却怎么弄都开不好,纠结
newdigitime 2012-03-03
- 打赏
- 举报
有些时候,登录并不是你想像的这么简单.
就算你正确无误地提交了各个参数,也不一定登录成功.因为
验证通过后,服务器会向客户端发送cookie数据.用于在cookie中保留登录信息.即使是SESSION,大多也需要在cookie中保存sessionID.
但你没有做到这一步,没有获取服务器返回的这些cookie包,并把cookie数据连同验证成功后,需要跳转的网址一起再次发给服务器.
就算你正确无误地提交了各个参数,也不一定登录成功.因为
验证通过后,服务器会向客户端发送cookie数据.用于在cookie中保留登录信息.即使是SESSION,大多也需要在cookie中保存sessionID.
但你没有做到这一步,没有获取服务器返回的这些cookie包,并把cookie数据连同验证成功后,需要跳转的网址一起再次发给服务器.
