1,502
社区成员
发帖
与我相关
我的任务
分享VB POST 提交抓的包方法。
VB POST 提交抓的包方法。
请大家请供一下方法,
Dim strURL As String, strFormData As String
'下面是抓包内容
SentInfo = "-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "mode" & Chr(34) & vbCrLf & vbCrLf & _
"1" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "url" & Chr(34) & vbCrLf & vbCrLf & _
"." & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "lang" & Chr(34) & vbCrLf & vbCrLf & _
"utf-8" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "wr" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "upfile" & Chr(34) & "; FileName = " & Chr(34) & "any_name.php" & Chr(34) & "" & vbCrLf & vbCrLf & _
"Content-Type: image/gif" & vbCrLf & vbCrLf & _
"GIF89a" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "link" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "imgsize" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "alignment" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c--" & vbCrLf
’结束
strURL = "http://xxxx.com/Editor/upok.php" '提交的页面
strFormData = SentInfo '提交的数据
Inet1.Execute strURL, "Post", strFormData, "Accept: */*" & vbCrLf & _
"Referer:http://xxxx.com/Editor/up.php?lang=utf-8" & vbCrLf & _
"Accept-Language:zh-cn" & vbCrLf & _
"User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" & vbCrLf & _
"Content-Type: multipart/form-data; boundary=---------------------------7dc10d8166021c" & vbCrLf & _
"Accept-Encoding: gzip, deflate" & vbCrLf & _
"Connection: Keep-Alive" & vbCrLf _
& "Content-Length: " & Len(strFormData) & vbCrLf _
Do Until Inet1.StillExecuting = False '等待数据加载完成
DoEvents
Loop
这个提交了,返回来的信息是有问是, up.php 页头没构造进去。不知道是什么原因;那位大侠指定一下
返回来的包内容
下面这个是正确的,手工上传抓到的返回包。
HTTP/1.1 200 OK
Date: Sat, 28 Apr 2012 21:45:40 GMT
Server: Apache/2.2.11 (Fedora)
X-Powered-By: PHP/5.2.13
Content-Length: 463
Connection: close
Content-Type: text/html; charset=utf-8
<script src='./languages/utf-8/java.lang.js'></script><script language='javascript'>
<!--
var val;
val = '文件地址/名.php';
parent.insertHtml(val);
//-->
</script>
</BODY></HTML>
'这个是VB提交的包返回结果。
HTTP/1.1 200 OK
Date: Sat, 28 Apr 2012 21:45:40 GMT
Server: Apache/2.2.11 (Fedora)
X-Powered-By: PHP/5.2.13
Content-Length: 463
Connection: close
Content-Type: text/html; charset= ‘少了编码。怀疑是没包发出去,还是构造这个页头不成了,不明白了
<script src='./languages/这里也是少了编码/java.lang.js'></script><script language='javascript'>
<!--
var val;
val = '';
parent.insertHtml(val);
//-->
</script>
</BODY></HTML>
请大家请供一下方法,
Dim strURL As String, strFormData As String
'下面是抓包内容
SentInfo = "-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "mode" & Chr(34) & vbCrLf & vbCrLf & _
"1" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "url" & Chr(34) & vbCrLf & vbCrLf & _
"." & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "lang" & Chr(34) & vbCrLf & vbCrLf & _
"utf-8" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "wr" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "upfile" & Chr(34) & "; FileName = " & Chr(34) & "any_name.php" & Chr(34) & "" & vbCrLf & vbCrLf & _
"Content-Type: image/gif" & vbCrLf & vbCrLf & _
"GIF89a" & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "link" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "imgsize" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c" & vbCrLf & vbCrLf & _
"Content-Disposition: form-data; name=" & Chr(34) & "alignment" & Chr(34) & vbCrLf & vbCrLf & _
"-----------------------------7dc10d8166021c--" & vbCrLf
’结束
strURL = "http://xxxx.com/Editor/upok.php" '提交的页面
strFormData = SentInfo '提交的数据
Inet1.Execute strURL, "Post", strFormData, "Accept: */*" & vbCrLf & _
"Referer:http://xxxx.com/Editor/up.php?lang=utf-8" & vbCrLf & _
"Accept-Language:zh-cn" & vbCrLf & _
"User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" & vbCrLf & _
"Content-Type: multipart/form-data; boundary=---------------------------7dc10d8166021c" & vbCrLf & _
"Accept-Encoding: gzip, deflate" & vbCrLf & _
"Connection: Keep-Alive" & vbCrLf _
& "Content-Length: " & Len(strFormData) & vbCrLf _
Do Until Inet1.StillExecuting = False '等待数据加载完成
DoEvents
Loop
这个提交了,返回来的信息是有问是, up.php 页头没构造进去。不知道是什么原因;那位大侠指定一下
返回来的包内容
下面这个是正确的,手工上传抓到的返回包。
HTTP/1.1 200 OK
Date: Sat, 28 Apr 2012 21:45:40 GMT
Server: Apache/2.2.11 (Fedora)
X-Powered-By: PHP/5.2.13
Content-Length: 463
Connection: close
Content-Type: text/html; charset=utf-8
<script src='./languages/utf-8/java.lang.js'></script><script language='javascript'>
<!--
var val;
val = '文件地址/名.php';
parent.insertHtml(val);
//-->
</script>
</BODY></HTML>
'这个是VB提交的包返回结果。
HTTP/1.1 200 OK
Date: Sat, 28 Apr 2012 21:45:40 GMT
Server: Apache/2.2.11 (Fedora)
X-Powered-By: PHP/5.2.13
Content-Length: 463
Connection: close
Content-Type: text/html; charset= ‘少了编码。怀疑是没包发出去,还是构造这个页头不成了,不明白了
<script src='./languages/这里也是少了编码/java.lang.js'></script><script language='javascript'>
<!--
var val;
val = '';
parent.insertHtml(val);
//-->
</script>
</BODY></HTML>
...全文
请发表友善的回复…
发表回复
网络菜鸟00 2012-06-09
- 打赏
- 举报
[Quote=引用 8 楼 的回复:]
已经处理好了,是页头的问题
删除一些页头就OK了
[/Quote]
请保持及时结帖的良好习惯……:)
已经处理好了,是页头的问题
删除一些页头就OK了
[/Quote]
请保持及时结帖的良好习惯……:)
jjaven 2012-06-08
- 打赏
- 举报
已经处理好了,是页头的问题
删除一些页头就OK了
删除一些页头就OK了
寒烟 2012-05-27
- 打赏
- 举报
基础的东西在哪学啊
dc6000 2012-05-24
- 打赏
- 举报
正在学习抓包。
网络菜鸟00 2012-05-23
- 打赏
- 举报
[Quote=引用 4 楼 的回复:]
你把这个multipart/form-data的内容,保存下来比如a.txt。把a.txt里关于要提交的数据用个符号来表示,比如有个
-----------------------------7dc1c2d7003a8--
用户名
你在a.txt里就这样
-----------------------------7dc1c2d7003a8--
{username}
。然后……
[/Quote]
支持经验交流,不过这贴LZ可能已经忘记了。
你把这个multipart/form-data的内容,保存下来比如a.txt。把a.txt里关于要提交的数据用个符号来表示,比如有个
-----------------------------7dc1c2d7003a8--
用户名
你在a.txt里就这样
-----------------------------7dc1c2d7003a8--
{username}
。然后……
[/Quote]
支持经验交流,不过这贴LZ可能已经忘记了。
WormJan 2012-05-23
- 打赏
- 举报
你把这个multipart/form-data的内容,保存下来比如a.txt。把a.txt里关于要提交的数据用个符号来表示,比如有个
-----------------------------7dc1c2d7003a8--
用户名
你在a.txt里就这样
-----------------------------7dc1c2d7003a8--
{username}
。然后到时候用vb载入这个文件到变量tmp,替换tmp中需要替换的比如上面的username。
提交的时候,直接提交变量tmp就行了。这样代码比较简略易读一些。
然后你的问题是,返回的数据不正确吗?这种情况没遇到过。inet本身就有一些问题,尤其是大量请求【并非频繁】之后,出现莫名其妙的错误。
下面是我用winsock post 提交数据的代码:
postStr 是要提交的内容。
-----------------------------7dc1c2d7003a8--
用户名
你在a.txt里就这样
-----------------------------7dc1c2d7003a8--
{username}
。然后到时候用vb载入这个文件到变量tmp,替换tmp中需要替换的比如上面的username。
提交的时候,直接提交变量tmp就行了。这样代码比较简略易读一些。
然后你的问题是,返回的数据不正确吗?这种情况没遇到过。inet本身就有一些问题,尤其是大量请求【并非频繁】之后,出现莫名其妙的错误。
下面是我用winsock post 提交数据的代码:
p = "POST " & Res(Index).thisUrl & " HTTP/1.0" & vbCrLf & _
"Cookie: " & Res(Index).Cookie & vbCrLf & _
IIf(Res(Index).U_AG = "", mHeader, "User-Agent: " & Res(Index).U_AG) & vbCrLf & _
"host: " & Res(Index).Host & vbCrLf & _
"Content-Type: " & Res(Index).Content_Type & vbCrLf & _
"Referer: " & Res(Index).referer & vbCrLf & _
"Content-Length: " & LenB(StrConv(Res(Index).postStr, vbFromUnicode)) & vbCrLf & vbCrLf & _
Res(Index).postStr
wsk(Index).SendData p
postStr 是要提交的内容。
神马被哪个妞占用了呢 2012-05-04
- 打赏
- 举报
我记得似乎结束是2个vbcrlf ……
"Content-Length: " & Len(strFormData) & vbCrLf & vbCrLf jjaven 2012-04-29
- 打赏
- 举报
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="mode"
1
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="url"
.
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="lang"
utf-8
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="wr"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="upfile"; filename="any_name.gif"
Content-Type: image/gif
GIF89a
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="link"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="imgsize"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="alignment"
-----------------------------7dc1c2d7003a8--
这是原始包内容
Content-Disposition: form-data; name="mode"
1
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="url"
.
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="lang"
utf-8
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="wr"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="upfile"; filename="any_name.gif"
Content-Type: image/gif
GIF89a
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="link"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="imgsize"
-----------------------------7dc1c2d7003a8
Content-Disposition: form-data; name="alignment"
-----------------------------7dc1c2d7003a8--
这是原始包内容
