最新下载
热门教程
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
ASP.NET WebForm ViewState 抓包代码
时间:2022-06-25 05:46:52 编辑:袖梨 来源:一聚教程网
asp教程.net webform 开发的站点抓包的功能。该功能要求使用该网点内的帐号通过我们自己的程序获取网站内的数据。其间使用了httpwebrequest 进行抓包。具体的抓包过程就不重点讨论了。旨在和大家分享一下我在抓包过程中对viewstate 在 asp.net教程 webform 中的作用有了进一步的了解。如果存在不足之处,希望您能指出。
为了模拟http post/get 我们用vs建立两个工程,截图如下:
注:第一个工程是一个简单的asp.net web form 程序,第二个是模拟web form 的 winform 程序。
webapplication1 执行如下:
两个服务器端控件 dropdownlist 和 button 服务器端相应事件如下:
01 |
protected void dropdownlist1_selectedindexchanged(object sender, eventargs e) |
02 |
{ |
03 |
|
04 |
} |
05 |
|
06 |
protected void button1_click(object sender, eventargs e) |
07 |
{ |
08 |
if (dropdownlist1.selectedvalue == "two") |
09 |
{ |
10 |
lblinfor.text = "two"; |
11 |
} |
12 |
else |
13 |
{ |
14 |
lblinfor.text = "one"; |
15 |
} |
16 |
} |
功能代码非常简单,button1被单击后显示dropdownlist 的文本值:
webform介绍完,剩下就是用winform 通过http post/get来模拟web form 程序,程序运行界面如下:
这里的onepost 与twopost 分别模拟webform中 post 按钮click功能。
贴出模拟的核心代码:postbywebrequest 函数:
private void postbywebrequest(string strpostvalue)
{
try
{
string uri = "http://localhost:2026/webform1.aspx/";
httpwebrequest request = webrequest.create(uri) as httpwebrequest;
request.method = "get";
request.keepalive = true;
request.cookiecontainer = cookiecontainer;
httpwebresponse response = request.getresponse() as httpwebresponse;
system.io.stream responsestream = response.getresponsestream();
system.io.streamreader reader = new system.io.streamreader(responsestream, encoding.utf8);
//返回的页面html文本
string srcstring = reader.readtoend();
//veiwstate
string viewstateflag = "id="__viewstate" value="";
int len1 = srcstring.indexof(viewstateflag) + viewstateflag.length;
int len2 = srcstring.indexof(""", len1);
string viewstate = srcstring.substring(len1, len2 - len1);
//eventvalidation
string eventvalidationflag = "id="__eventvalidation" value="";
len1 = srcstring.indexof(eventvalidationflag) + eventvalidationflag.length;
len2 = srcstring.indexof(""", len1);
string eventvalidation = srcstring.substring(len1, len2 - len1);
//编码
viewstate = system.web.httputility.urlencode(viewstate);
eventvalidation = system.web.httputility.urlencode(eventvalidation);
//这里可以通过抓包工具获得poststring.记得中文需要urlencode编码。
string formatstring = "dropdownlist1={0}&button1={1}&__viewstate={2}&__eventvalidation={3}";
string poststring = string.format(formatstring, strpostvalue,
"do postback", viewstate, eventvalidation);
byte[] postdata = encoding.utf8.getbytes(poststring);
uri = "http://localhost:2026/webform1.aspx/";
//post
request = webrequest.create(uri) as httpwebrequest;
request.method = "post";
request.keepalive = false;
request.contenttype = "application/x-www-form-urlencoded";
request.cookiecontainer = cookiecontainer;
request.contentlength = postdata.length;
system.io.stream outputstream = request.getrequeststream();
outputstream.write(postdata, 0, postdata.length);
outputstream.close();
response = request.getresponse() as httpwebresponse;
responsestream = response.getresponsestream();
reader = new system.io.streamreader(responsestream, encoding.utf8);
srcstring = reader.readtoend();
}
catch (exception ex)
{
string msg = ex.message;
messagebox.show(ex.message);
}
}
相关文章
- 云星穹铁道权益升级怎么玩 云崩铁权益升级活动介绍 12-03
- 以闪亮之名山中绘梦怎么玩 以闪亮之名滢然花梦套装活动介绍 12-03
- 以闪亮之名绿野梦歌礼包怎么样 以闪亮之名绿野梦歌拍照礼包介绍 12-03
- 光遇12.6有什么更新 光遇12月6日更新内容介绍 12-03
- 伍六七暗影交锋测试资格怎么获得 伍六七暗影交锋内测资格获取方法 12-03
- 无限暖暖晶莹诗集怎么样 12-03