获取用户名/密码身份验证背后的数据

发布于 2024-11-02 09:10:16 字数 399 浏览 4 评论 0原文

我想从论坛下载一些数据。包含数据的页面仅对注册用户可见。这是一个包含用户数据的示例网页;

http://www.bikeforums.net/member.php/227664-StackOverflow

我想使用 wget 或 C# 获取数据。我尝试通过 Firefox 登录,然后将 cookies 文件(希望包含登录信息)传递给 wget。这更像是一个临时的黑客攻击,而不是真正的解决方案,但它仍然失败了。我该如何正确地做到这一点?

我设置了一个帐户来测试是否有帮助。

用户:StackOverflow

通行证:so123

I'd like to download some data from a forum. The page containing the data is visible only to registered users. Here's an example webpage containing user data;

http://www.bikeforums.net/member.php/227664-StackOverflow

I'd like to get the data using wget or C#. I tried logging in via Firefox, then passing the cookies file (hopefully containing the login information) to wget. That was more of a makeshift hack and not a real solution, but it still failed. How do I do this properly?

I set up an account for testing if that's helpful.

User: StackOverflow

Pass: so123

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

煮酒 2024-11-09 09:10:16

使用 firebug,您可以轻松获取登录页面的 POST 数据,并使用它来创建 WebRequest 并登录论坛。

服务器创建用于身份验证的 cookie,我们可以在论坛页面的下一个请求中使用此 cookie,以便服务器可以验证请求并返回所有数据。

在这里,我测试了一个实现此机制的简单控制台应用程序。

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Globalization;
using System.Web;
using System.Net;
using System.Xml;
using System.Xml.XPath;
using System.Xml.Linq;
using System.IO;



namespace ConsoleApplication2
{
    class Program
    {
        static void Main(string[] args)
        {
            CookieContainer cookieContainer = new CookieContainer();
            HttpWebRequest wpost = (HttpWebRequest) HttpWebRequest.Create("http://www.bikeforums.net/login.php?do=login");
            wpost.CookieContainer = cookieContainer;
            wpost.Method = "POST";
            string postData = "do=login&vb_login_md5password=d93bd4ce1af6a9deccaf0ea844d6c05d&vb_login_md5password_utf=d93bd4ce1af6a9deccaf0ea844d6c05d&s=&securitytoken=guest&url=%2Fmember.php%2F227664-StackOverflow&vb_login_username=StackOverflow&vb_login_password=";
            byte[] byteArray = Encoding.UTF8.GetBytes(postData);
            // Set the ContentType property of the WebRequest.
            wpost.ContentType = "application/x-www-form-urlencoded";
            // Set the ContentLength property of the WebRequest.
            wpost.ContentLength = byteArray.Length;
            // Get the request stream.
            System.IO.Stream dataStream = wpost.GetRequestStream();
            // Write the data to the request stream.
            dataStream.Write(byteArray, 0, byteArray.Length);
            // Close the Stream object.
            dataStream.Close();
            // Get the response.
            HttpWebResponse response = (HttpWebResponse) wpost.GetResponse();

            // Request 
            wpost = (HttpWebRequest)WebRequest.Create("http://www.bikeforums.net/member.php/227664-StackOverflow");

            //Assing the cookies created on the server to the new request
            wpost.CookieContainer = cookieContainer;
            wpost.Method = "GET";
             response = (HttpWebResponse)wpost.GetResponse();

             Stream receiveStream = response.GetResponseStream();
             // Pipes the stream to a higher level stream reader with the required encoding format. 
             StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8);
            //Display the result to console...
             Console.WriteLine(readStream.ReadToEnd());
             response.Close();
             readStream.Close();

            Console.Read();

        }
    }
}

Using firebug you can easily get the POST data for the login page and use it to create a WebRequest and Login to the Forum.

The Server create the cookies for authentication and we can use this cookies in the next request on the forum page so the server can authenticate the request and return all the data.

Here I've tested a simple console application that achieves this mechanism.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Globalization;
using System.Web;
using System.Net;
using System.Xml;
using System.Xml.XPath;
using System.Xml.Linq;
using System.IO;



namespace ConsoleApplication2
{
    class Program
    {
        static void Main(string[] args)
        {
            CookieContainer cookieContainer = new CookieContainer();
            HttpWebRequest wpost = (HttpWebRequest) HttpWebRequest.Create("http://www.bikeforums.net/login.php?do=login");
            wpost.CookieContainer = cookieContainer;
            wpost.Method = "POST";
            string postData = "do=login&vb_login_md5password=d93bd4ce1af6a9deccaf0ea844d6c05d&vb_login_md5password_utf=d93bd4ce1af6a9deccaf0ea844d6c05d&s=&securitytoken=guest&url=%2Fmember.php%2F227664-StackOverflow&vb_login_username=StackOverflow&vb_login_password=";
            byte[] byteArray = Encoding.UTF8.GetBytes(postData);
            // Set the ContentType property of the WebRequest.
            wpost.ContentType = "application/x-www-form-urlencoded";
            // Set the ContentLength property of the WebRequest.
            wpost.ContentLength = byteArray.Length;
            // Get the request stream.
            System.IO.Stream dataStream = wpost.GetRequestStream();
            // Write the data to the request stream.
            dataStream.Write(byteArray, 0, byteArray.Length);
            // Close the Stream object.
            dataStream.Close();
            // Get the response.
            HttpWebResponse response = (HttpWebResponse) wpost.GetResponse();

            // Request 
            wpost = (HttpWebRequest)WebRequest.Create("http://www.bikeforums.net/member.php/227664-StackOverflow");

            //Assing the cookies created on the server to the new request
            wpost.CookieContainer = cookieContainer;
            wpost.Method = "GET";
             response = (HttpWebResponse)wpost.GetResponse();

             Stream receiveStream = response.GetResponseStream();
             // Pipes the stream to a higher level stream reader with the required encoding format. 
             StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8);
            //Display the result to console...
             Console.WriteLine(readStream.ReadToEnd());
             response.Close();
             readStream.Close();

            Console.Read();

        }
    }
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文