先看这段代码:
/// <summary>
/// 将数据提交到远程服务器
/// </summary>
/// <param name="StrUrl">要提交的URL</param>
/// <param name="postData">提交的数据</param>
public void PostData(string StrUrl,string postData)
{
byte[] data = System.Text.Encoding.GetEncoding("GB2312").GetBytes(postData);
HttpWebRequest myRequest =
(HttpWebRequest)WebRequest.Create(StrUrl);
myRequest.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.01; Windows NT 5.0)";
myRequest.CookieContainer = new CookieContainer();
myRequest.Method = "POST";
myRequest.ContentType="application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
System.IO.Stream newStream=myRequest.GetRequestStream();
//提交数据
newStream.Write(data,0,data.Length);
newStream.Close();
/******** 到此数据提交完毕 下面是获取提交完网页返回的结果信息 用于分析提交情况(如身份验证是否合法的返回信息等) *****/
HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse();
System.IO.StreamReader sr = new System.IO.StreamReader(response.GetResponseStream(), System.Text.Encoding.GetEncoding("GB2312"));
string readText = sr.ReadToEnd();
response.Close();
}
在需要提交数据的地方调用此方法即可:
string postUrl = "http://localhost/WebForm1.aspx";
string postData = "__VIEWSTATE=dDwtMjYxNjY2NzE5OztsPENoZWNrQm94MTs%2BPuSIvwzz1bd40PjKoMF6P0ajgUnc&TextBox1=1234&TextBox2=12_code_12&Button1=Button";
PostData(postUrl,postData);
注意这里的postData中有个 _VIEWSTATE ,一定要填写正确,否则服务器不认。。。(当然这是针对asp.net的,但不管是什么样的站点,都要截数据包,再分析替换内容,才能正确Post到对方站点上去。
如何截取,可以参考 : http://hqt.cnblogs.com/archive/2005/10/08/250277.html
webform1 页面只是做个简单测试,放了1个TextBox和一个Button
后台文件中的 button1_click :
private void Button1_Click(object sender, System.EventArgs e)
{
if(TextBox1.Text == "123")
{
Response.Write("<script>alert('good');</script>");
}
}
获取服务器返回的结果如下:
<script>alert('good');</script>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>WebForm2</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body MS_POSITIONING="GridLayout">
<form name="Form1" method="post" action="webform2.aspx" id="Form1">
<input type="hidden" name="__VIEWSTATE" value="dDwyMDE4OTI5MDg4Ozs+vx7wtWFh0lI152lRZ3jPBMxTInQ=" />
<input name="TextBox1" type="text" value="123" id="TextBox1" style="Z-INDEX: 102; LEFT: 328px; POSITION: absolute; TOP: 176px" />
<input type="submit" name="Button1" value="Button" id="Button1" style="Z-INDEX: 103; LEFT: 328px; POSITION: absolute; TOP: 240px" />
</form>
</body>
</HTML>
如果在 button1_click 中加入 Session 的判断,而Session的取值又是从另一个页面获得的,那该如何解决?
1. 先对获取SESSION的页面进行 Get 访问
2. 再提交需要验证SESSION的页面。
/// <summary>
/// 将数据提交到远程服务器 /// </summary> /// <param name="StrUrl">要提交的URL</param> /// <param name="postData">提交的数据</param> public void PostData(string StrUrl,string postData) {
byte[] data = System.Text.Encoding.GetEncoding("GB2312").GetBytes(postData); HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(StrUrl); myRequest.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.01; Windows NT 5.0)"; myRequest.CookieContainer = new CookieContainer(); myRequest.Method = "POST"; myRequest.ContentType="application/x-www-form-urlencoded"; myRequest.ContentLength = data.Length; System.IO.Stream newStream=myRequest.GetRequestStream(); //提交数据 newStream.Write(data,0,data.Length); newStream.Close(); /******** 到此数据提交完毕 下面是获取提交完网页返回的结果信息 用于分析提交情况(如身份验证是否合法的返回信息等) *****/
HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse(); System.IO.StreamReader sr = new System.IO.StreamReader(response.GetResponseStream(), System.Text.Encoding.GetEncoding("GB2312")); string readText = sr.ReadToEnd(); response.Close(); }在需要提交数据的地方调用此方法即可:
string postUrl = "http://localhost/WebForm1.aspx"; string postData = "__VIEWSTATE=dDwtMjYxNjY2NzE5OztsPENoZWNrQm94MTs%2BPuSIvwzz1bd40PjKoMF6P0ajgUnc&TextBox1=1234&TextBox2=12_code_12&Button1=Button";PostData(postUrl,postData);
注意这里的postData中有个 _VIEWSTATE ,一定要填写正确,否则服务器不认。。。(当然这是针对asp.net的,但不管是什么样的站点,都要截数据包,再分析替换内容,才能正确Post到对方站点上去。
如何截取,可以参考 : http://hqt.cnblogs.com/archive/2005/10/08/250277.html
webform1 页面只是做个简单测试,放了1个TextBox和一个Button
后台文件中的 button1_click :
private void Button1_Click(object sender, System.EventArgs e) { if(TextBox1.Text == "123") { Response.Write("<script>alert('good');</script>"); } }获取服务器返回的结果如下:
<script>alert('good');</script><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" ><HTML> <HEAD> <title>WebForm2</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> </HEAD> <body MS_POSITIONING="GridLayout"> <form name="Form1" method="post" action="webform2.aspx" id="Form1"><input type="hidden" name="__VIEWSTATE" value="dDwyMDE4OTI5MDg4Ozs+vx7wtWFh0lI152lRZ3jPBMxTInQ=" /> <input name="TextBox1" type="text" value="123" id="TextBox1" style="Z-INDEX: 102; LEFT: 328px; POSITION: absolute; TOP: 176px" /> <input type="submit" name="Button1" value="Button" id="Button1" style="Z-INDEX: 103; LEFT: 328px; POSITION: absolute; TOP: 240px" /> </form> </body></HTML>如果在 button1_click 中加入 Session 的判断,而Session的取值又是从另一个页面获得的,那该如何解决?
1. 先对获取SESSION的页面进行 Get 访问
2. 再提交需要验证SESSION的页面。
