C # It is easy to pay automatically when connecting to China Telecom,

C # It is easy to pay automatically when connecting to China Telecom,

First, we need to change the payment for China Telecom to the previous figure, including the mobile and web versions.

Address for Web: http:// B .bestpay.com.cn

My previous figure on the mobile phone version. You can also download and install it on the web version above.

 

I mainly use the web version to implement its functions. Open the official website as follows:

 

Okay, okay. Now let's start our work,

The first step is to simulate login. We can get the data as shown in figure through packet capture.

I believe everyone can understand these parameters except the password. This password is actually encrypted by the Security plug-in. For details, see the following.

He has such a JS PassGuardCtrl. js code.

1 defaults: {2 obj: null, 3 random: null, // number of random factors 4 hidPwdName: 'Password', // hide the name of the password box, used to save the encrypted password value 5 outInputClass: '', // The position 6 params: {// additional attribute to be written in the password input box, optional 7 pgePath :". /ocx/", // control file directory 8 pgeId:" _ ocx_password ", // Control ID 9 pgeEdittype: 0, // control type, 0 asterisks, 1 plaintext 10 pgeEreg1: "[\ s \ S] *", // The character type Limit During the input process is 11. pgereg2: "[\ s \ S] {6, 50 }", // when the input is complete, the character type judgment condition 12 pgmaxlength: 50, // The maximum allowed input length is 13 pgeTabindex: 2, // tab key Order 14 pgeClass: "ocx_style ", // control css style 15 pginstallclass: "ocx_style", // for installation or upgrade 16 pgonkeydown: "FormSubmit ()", // return key response function 17 tabCallback: "_ ocx_password2" 18}

This section of js initializes the password control. I will change it to C # later in the background.

_setRandom:function(){                if(null==this.settings.random){                    alert("error:random is empty");                    return false;                }                this.object.pwdSetSk(this.settings.random);                return true;            }        }

    pwdSetSk: function(s) {                if (this.checkInstall()) {                    try {                        var control = document.getElementById(this.settings.pgeId);                        if (this.osBrowser==1 || this.osBrowser==3 || this.osBrowser==6 || this.osBrowser==8) {                            control.input1=s;                        } else if (this.osBrowser==2 || this.osBrowser==4 || this.osBrowser==5) {                            control.input(1,s);                        }                                        } catch (err) {                    }                }                

 

This js file sets the random factor of the security control to operate on input1 of the security control.

 

pwdResult: function() {                var code = '';                if (!this.checkInstall()) {                    code = '';                }                else{                        try {                        var control = document.getElementById(this.settings.pgeId);                        if (this.osBrowser==1 || this.osBrowser==3) {                            code = control.output1;                        } else if (this.osBrowser==2 || this.osBrowser==4 || this.osBrowser==5) {                            code = control.output(7);                        }else if (this.osBrowser==6 || this.osBrowser==8) {                            code = control.get_output1();                        }                                        } catch (err) {                        code = '';                    }                }                //alert(code);                return code;            },

This file is our main character, that is, when we enter the content in the security control, we will automatically encrypt our password. however, the added password is not the ciphertext submitted, and a BASE64 encryption is required.

function setPwdVal(clazz){    var _$=jQuery;    _$("input."+clazz).each(function(i,n){        var _objId = _$(n).attr("objId");        var _code = null;        var control = _$("#"+_objId)[0];            _code=window["PassGuardCtrl"+control.id.split("-")[0].toLocaleLowerCase()].pwdResult();        //_code = Base64.encoder(_code);        _code=BASE64.encoder(_code);        _$(n).val(_code);    });}

In this method, we can see that a BASE64 encryption is used,
After the above steps, we can encrypt the password as we did when submitting,

You may have used security controls in VS. You can right-click the toolbar and choose items> COM components> select corresponding components. OK.

However, unfortunately, when you drag the control to the interface, your VS will crash. I used vs2005 and vs2008 vs2010 and vs2013, but I couldn't find a good solution, you can only manually create one by yourself. The key points are estimated.

I guess this is the security of the control that caused VS to crash. In the past, the support payment assistant was the same as that of the control. I found that the control is actually the same, but it only has different names, (it should be that telecom and mobile projects are outsourced to the same company)

Now, paste the core code segment of the password and encryption method,

 

Public static String GetPayPass (AxPassGuardCtrlLib. AxPassGuard paypwd, String random ){
Paypwd. input1 = random;
Paypwd. edittype = 0;
Paypwd. maxlength = 50;
Paypwd. input2 = "[\ s \ S] *"; // character type restrictions during Input
Paypwd. input13 = "[\ s \ S] {6, 50 }";
String strPwd = paypwd. output1;
Paypwd. ClearSeCtrl ();
Return EncodeBase64 (strPwd );
}

This random factor can be found on the page you log on.

Note: This is not the same. It seems that every time you refresh the page, When you refresh the page, all of us need to log on to the home page and first request the following logon surface to obtain this random factor.

Below are some of my login methods.

 

Internal void Login () {String Result = ""; net. Url = "https:// B .bestpay.com.cn/bppf/login.do? Method = login "; net. method = NetHelper. requestMethod. GET; net. isStream = false; Result = net. sendRequest (); if (Result. startsWith ("-1") {LastError = "unable to connect to the server"; return;} String random = Utils. getValue (Result, "pwdSetSk \ (\" "," \ ""); Utils. setPassword (PassGuard, LoginPass); net. url = "https:// B .bestpay.com.cn/bppf/vimage.do? 0. "+ Utils. GetUnixTime (); net. Referer =" https:// B .bestpay.com.cn/bppf/login.do? Method = login "; net. isStream = true; net. method = NetHelper. requestMethod. GET; net. sendRequest (); if (net. IOStream = null) {LastError = "failed to obtain the verification code"; return;} Bitmap bmp = new Bitmap (net. IOStream); String chkCode = Captcha. getCheckString (bmp); // check the verification code. net. url = "https:// B .bestpay.com.cn/bppf/verifyCode"; net. postData = "verifyCode =" + chkCode; net. isStream = false; net. method = NetHelper. requestMeth Od. POST; Result = net. SendRequest (); if (Result. StartsWith ("-1") | Result! = "True") {LastError = "unable to connect to the server"; return;} String LoginPwd = Utils. getPayPass (PassGuard, random); net. url = "https:// B .bestpay.com.cn/bppf/login.do"; net. postData = "signature = & certSN = & toURL = & TOURL_MENUID = & sysLoginType = BPPF & username =" + MerchantId + "& password =" + LoginPwd + "& method = login & verifyCode = "+ chkCode; net. method = NetHelper. requestMethod. POST; net. encode = "gbk"; net. isStream = false; Result = net. sendRequest (); LastError = Result; if (Result. contains ("Merchant ID:" + MerchantId) {IsLogin = true; dAmt0 = Convert. toDecimal (Utils. getValue (Result, "account balance: <span class = \" property-amount \ ">", "</span>"); dAmt1 = Convert. toDecimal (Utils. getValue (Result, "available balance: <span class = \" property-amount \ ">", "</span>"); dAmt2 = Convert. toDecimal (Utils. getValue (Result, "reward balance: <span class = \" property-amount \ ">", "</span>"); dAmt3 = Convert. toDecimal (Utils. getValue (Result, "frozen amount: <span class = \" property-amount \ ">", "</span> "));}}

Mobile phone recharge Order Method

Internal Boolean MobilePay (Order order, ref String msg) {Boolean isSuccess = false; for (int I = 0; I <3; I ++) {String Result = ""; net. url = "https:// B .bestpay.com.cn/bppf/ipos/mobilerecharge.do? Method = process "; net. method = NetHelper. requestMethod. POST; net. postData = "mobile =" + order. account + "& otherMoney =" + order. price + "& moneyText ="; net. isStream = false; Result = net. sendRequest (); if (Result. startsWith ("-1") {continue;} if (! Result. contains ("Please check the carrier information, recharge number, and amount to avoid filling errors") {continue;} String random = Utils. getValue (Result, "pwdSetSk \ (\" "," \ ""); String token = Utils. getValue (Result, "\" org. apache \\. struts \\. taglib \\. html \\. TOKEN \ "", "type"); token = Utils. getValue (Result, "value = \"","\""). trim (); String phone = Utils. getValue (Result, "name = \" phone \ "value = \"","\""). trim (); String money = Utils. getValue (Result, "name = \" Money \ "value = \"","\""). trim (); String txnAmount = Utils. getValue (Result, "name = \" txnAmount \ "value = \"","\""). trim (); String poundage = Utils. getValue (Result, "name = \" poundage \ "value = \"","\""). trim (); Utils. setPassword (PassGuard, PayPass); if (order. account! = Phone) {msg = "recharge account token tampering"; return false;} if (order. Price! = Money) {msg = "Recharge Amount tampering"; return false;} String PayPwd = Utils. GetPayPass (PassGuard, random); net. Url = "https:// B .bestpay.com.cn/bppf/ipos/mobilerecharge.do? Method = checkPayPwd & payPwd = "+ PayPwd; net. method = NetHelper. requestMethod. POST; net. postData = ""; net. isStream = false; Result = net. sendRequest (); Log. write (Result, "debut.txt"); net. url = "https:// B .bestpay.com.cn/bppf/ipos/mobilerecharge.do? Method = confirm "; net. method = NetHelper. requestMethod. POST; net. postData = String. format ("org.apache.struts.taglib.html. TOKEN = {0} & phone = {1} & money = {2} & txnAmount = {3} & poundage = {4} & receivePhone = {5} & payPwd = {6 }", token, phone, money, txnAmount, poundage, phone, PayPwd); Log. write (net. postData, "debug.txt"); net. isStream = false; Result = net. sendRequest (); if (Result. contains ("recharge successful") {msg = "payment order successful"; return true;} msg = Utils. getValue (Result, "cause of recharge failure: </span> <span class = \" title \ "style = \" color: red; \ "> ", "</span>"); Log. write (Result, "debut.txt");} return isSuccess ;}

 

 

The content has been implemented for a long time and cannot be continued. For the next article, C # + (winio/winring0) will automatically fill in the password for its security control. During the test above, you can manually enter the password in the control.

Come here first. Get a complete software.

 

-- Happy sea

Blog: http://www.cnblogs.com/ningqhai/

Do not delete some reference addresses