一聚教程网:一个值得你收藏的教程网站

热门教程

ASP.NET WebForm ViewState 抓包代码

时间:2022-06-25 05:46:52 编辑:袖梨 来源:一聚教程网

asp教程.net webform 开发的站点抓包的功能。该功能要求使用该网点内的帐号通过我们自己的程序获取网站内的数据。其间使用了httpwebrequest 进行抓包。具体的抓包过程就不重点讨论了。旨在和大家分享一下我在抓包过程中对viewstate 在 asp.net教程 webform 中的作用有了进一步的了解。如果存在不足之处,希望您能指出。

     为了模拟http post/get 我们用vs建立两个工程,截图如下:

注:第一个工程是一个简单的asp.net web form 程序,第二个是模拟web form 的 winform 程序。

webapplication1 执行如下:

两个服务器端控件 dropdownlist 和 button 服务器端相应事件如下:

view source
flash/swflash.cab#version=9,0,0,0" type="application/x-shockwave-flash" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000">
print?
01 protected void dropdownlist1_selectedindexchanged(object sender, eventargs e)
02         {
03   
04         }
05   
06  protected void button1_click(object sender, eventargs e)
07         {
08             if (dropdownlist1.selectedvalue == "two")
09             {
10                 lblinfor.text = "two";
11             }
12             else
13             {
14                 lblinfor.text = "one";
15             }
16         }

 

 

功能代码非常简单,button1被单击后显示dropdownlist 的文本值:

webform介绍完,剩下就是用winform 通过http post/get来模拟web form 程序,程序运行界面如下:

这里的onepost 与twopost 分别模拟webform中 post 按钮click功能。

 

贴出模拟的核心代码:postbywebrequest 函数:

private void postbywebrequest(string strpostvalue)
   {
       try
       {
           string uri = "http://localhost:2026/webform1.aspx/";
           httpwebrequest request = webrequest.create(uri) as httpwebrequest;
           request.method = "get";
           request.keepalive = true;
           request.cookiecontainer = cookiecontainer;
           httpwebresponse response = request.getresponse() as httpwebresponse;
           system.io.stream responsestream = response.getresponsestream();
           system.io.streamreader reader = new system.io.streamreader(responsestream, encoding.utf8);
           //返回的页面html文本
           string srcstring = reader.readtoend();
           //veiwstate               
           string viewstateflag = "id="__viewstate" value="";
           int len1 = srcstring.indexof(viewstateflag) + viewstateflag.length;
           int len2 = srcstring.indexof(""", len1);
           string viewstate = srcstring.substring(len1, len2 - len1);
           //eventvalidation               
           string eventvalidationflag = "id="__eventvalidation" value="";
           len1 = srcstring.indexof(eventvalidationflag) + eventvalidationflag.length;
           len2 = srcstring.indexof(""", len1);
           string eventvalidation = srcstring.substring(len1, len2 - len1);

           //编码
           viewstate = system.web.httputility.urlencode(viewstate);
           eventvalidation = system.web.httputility.urlencode(eventvalidation);

           //这里可以通过抓包工具获得poststring.记得中文需要urlencode编码。
           string formatstring = "dropdownlist1={0}&button1={1}&__viewstate={2}&__eventvalidation={3}";
           string poststring = string.format(formatstring, strpostvalue,
               "do postback", viewstate, eventvalidation);

           byte[] postdata = encoding.utf8.getbytes(poststring);

           uri = "http://localhost:2026/webform1.aspx/";
           //post
           request = webrequest.create(uri) as httpwebrequest;
           request.method = "post";
           request.keepalive = false;
           request.contenttype = "application/x-www-form-urlencoded";
           request.cookiecontainer = cookiecontainer;
           request.contentlength = postdata.length;

           system.io.stream outputstream = request.getrequeststream();
           outputstream.write(postdata, 0, postdata.length);
           outputstream.close();

           response = request.getresponse() as httpwebresponse;
           responsestream = response.getresponsestream();
           reader = new system.io.streamreader(responsestream, encoding.utf8);
           srcstring = reader.readtoend();
       }
       catch (exception ex)
       {
           string msg = ex.message;
           messagebox.show(ex.message);
       }
   }

热门栏目