cookie|cookies|session|xml| Procedure | Thief program
Use XMLHTTP to make the details of the thief is outdated many people have been sent and discussed, but in the process of making ASP thieves, many people found that ASP thieves as strong as PHP thieves
Big. Indeed, if the original site if there is a form submission or cookies validation, for the ASP, do not use socket-based components will be difficult to complete, in fact, the other two XMLHTTP
A method is overlooked by us, and that is the crux of the problem.
Let's start with the method.
1. Send ()
Because the popular thief is using get instead of post to transmit data, so many people ignore this method, and send data using send is very simple, that is, send ("content"), but,
It's not as simple as sending a form, because the form you send is in Chinese, it involves coding problems.
First, you need to be sure to use post, open ("POST", address, asynchronous) when you open it.
Then, add the contents of your form to the send, for example, the form you want to submit has 3 form fields, A,b,c, and the corresponding value is 1,2,3, then you're in send.
Sample writing can be submitted form,. Send ("a=1&b=2&c=3"), how, very simple, is not the idea? But don't be so happy, I said earlier, if the value of the form is
In Chinese, the data will go wrong. Here we use a function to escape (), and friends who are familiar with JavaScript should know what this function is, and now VBScript also supports this function. Send (' A=escape (' value 1 ') &b=escape (' Value 2 ') &c=escape (' Value 3 ')]
2. setRequestHeader ()
Then the above said, your data sent out, the other side will not receive, why, in fact, that is because your HTTP head missing a thing, and then use this function to add to it, specifically. setRequestHeader ("Content-type", " Application/x-www-form-urlencoded "), tell each other that you are submitting a urlencode encoded form.
All right, when you're done with the form submission, how do you send cookies and sessions?
In fact, the delivery of cookies is also very simple, also use this function in the HTTP head to add things, for example, I am currently in the outdated cookies are
Cdb_sid=ybbik0; cdb_cookietime=315360000; cdb_oldtopics=d869008d; CDB_VISITEDFID=1D45; CDB_AUTH=AQYHXVFDGERDSGGVQA1VYUGXQDWFVV1DUALWFAFRXVWU%2FBAIJB1LUCG; cdb_fid45=1113370145
Now I'm going to send this cookie directly to the. setRequestHeader ("Cookie", "cdb_sid=ybbik0; cdb_cookietime=315360000; cdb_oldtopics=d869008d; CDB_VISITEDFID=1D45; CDB_AUTH=AQYHXVFDGERDSGGVQA1VYUGXQDWFVV1DUALWFAFRXVWU%2FBAIJB1LUCG; cdb_fid45=1113370145 ")
Of course, some Web pages have a page to judge the function, this is not difficult, is. setRequestHeader ("Referer", "the absolute address of the antecedents")