XMLHTTP is used to create thieves. Many people have already discussed and discussed the specific details behind the times. However, in the process of making ASP thieves, many people find that ASP thieves are not as powerful as PHP thieves. Indeed, if form submission or cookie verification exists on the original website, it is difficult for ASP to do so without using socket-based components. In fact, the other two methods of XMLHTTP are ignored, this is the key to the problem.
The method is described as follows:
1 .. Send ()
Because popular thieves use get instead of post to transmit data, many people ignore this method, and sending data using send is also very simple, that is, send ("content"). However,
Sending a form is not that simple, because if the form you send is in Chinese, it will involve encoding.
First, you must determine whether to use post or. Open ("Post", address, asynchronous) during open)
Then, add the content of your form to send. For example, the form you want to submit has three form fields: A, B, and C. The corresponding values are 1, 2, 3. Then, in the send
The sample can be submitted,. Send ("A = 1 & B = 2 & C = 3"). How is it very simple? Didn't you think of it? But don't be too happy. As I mentioned earlier, if the value of the form is
In Chinese, data transmission will fail. Here we use an escape () function, so anyone familiar with JavaScript should know the function's role. Now VBScript also supports this function .. Send ("A = escape ('value 1') & B = escape ('value 2') & C = escape ('value 3 ')")
2 .. SetRequestHeader ()
As mentioned above, when your data is sent, the other party will not receive it. Why? In fact, it is because your HTTP header has missing something, then you can use this function to add it, specifically. setRequestHeader ("Content-Type", "application/X-WWW-form-urlencoded") tells the other party that you have submitted a urlencode-encoded form.
Okay. After completing the form submission, let's talk about how to transmit cookies and sessions.
In fact, sending cookies is also very easy. I also use this function to add things to the HTTP header. For example, my current outdated cookies are
Cdb_sid = ybbik0; cdb_cookietime = 315360000; cdb_oldtopics = d869008d; cdb_visitedfid = 1d45; cdb_auth = signature % 2fbaijb1lucg; cdb_fid45 = 1113370145
Now I want to send this cookie directly. setRequestHeader ("cookie", "cdb_sid = ybbik0; cdb_cookietime = 315360000; cdb_oldtopics = d869008d; cdb_visitedfid = 1d45; cdb_auth = signature % signature; cdb_fid45 = 1113370145 ")
Of course, some website pages have the page judgment function, which is not difficult, that is,. setRequestHeader ("Referer", "lailu absolute address ")
There is another important problem here, that is, because this method is used to write an HTTP header, you cannot change the existing HTTP header. For how to use ASP to obtain cookies or sessions from the other side of the page and send them out.