HtmlUnit单击submitinput,但页面不会更新

时间:2015-03-17 06:40:40

标签: java htmlunit

第一篇文章。我试图解决我使用dvwa的HtmlUnit问题。当我尝试单击代码的doFormPost部分中的提交按钮时,它向我显示文本字段仍然是完整而不是新页面的旧页面。我已经尝试了很多东西来完成这项工作,从等待到页面更改到等待3分钟然后重新检查,但我们的问题可能无法找到。我希望这里有人知道发生了什么。提前谢谢。

import java.io.IOException;
import java.net.MalformedURLException;
import java.util.List;

import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.html.HtmlAnchor;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlInput;
import com.gargoylesoftware.htmlunit.html.HtmlOption;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlSelect;
import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;

public class BasicFuzzer {

public static void main(String[] args) throws FailingHttpStatusCodeException, MalformedURLException, IOException {
    WebClient webClient = new WebClient();
    webClient.setJavaScriptEnabled(true);
    discoverLinks(webClient);
    System.out.println("\n\n\n\n\n\n");
    doFormPost(webClient);
    webClient.closeAllWindows();
}

/**
 * This code is for showing how you can get all the links on a given page, and visit a given URL
 * @param webClient
 * @throws IOException
 * @throws MalformedURLException
 */
private static void discoverLinks(WebClient webClient) throws IOException, MalformedURLException {
    HtmlPage page = webClient.getPage("http://localhost:8080/bodgeit");
    List<HtmlAnchor> links = page.getAnchors();
    for (HtmlAnchor link : links) {
        System.out.println("Link discovered: " + link.asText() + " @URL=" + link.getHrefAttribute());
    }
}

/**
 * This code is for demonstrating techniques for submitting an HTML form. Fuzzer code would need to be
 * more generalized
 * @param webClient
 * @throws FailingHttpStatusCodeException
 * @throws MalformedURLException
 * @throws IOException
 */
private static void doFormPost(WebClient webClient) throws FailingHttpStatusCodeException, MalformedURLException, IOException {
    login(webClient,"dvwa");
    HtmlPage page = webClient.getPage("http://127.0.0.1/dvwa/vulnerabilities/sqli/");
    List<HtmlForm> forms = page.getForms();
    for (HtmlForm form : forms) {
        HtmlInput input = form.getInputByName("id");
        input.setValueAttribute("$id=3' OR '1'='1");
        HtmlSubmitInput submit = (HtmlSubmitInput) form.getFirstByXPath("//input[@value='Submit']");
        System.out.println(submit.<HtmlPage> click().getWebResponse().getContentAsString());
    }
}

/**
 * This method logs the user in based on the site URL.
 * 
 * @param loginType
 */
private static void login(WebClient client,String loginType) {

    System.out.println("Login type: " + loginType + "\n");

    //Log in on dwva
    if(loginType.toLowerCase().contentEquals("dvwa")){

        ///////////////////////////////Navigate to page/////////////////////////////////////////////////
        HtmlPage thisPage = null;
        String pagename = "http://127.0.0.1/dvwa/login.php";
        try {
            thisPage = client.getPage(pagename);
        } catch (FailingHttpStatusCodeException e) {
            System.out.println("Failing HTTP Status Code Exception: " + pagename);
            return;
        } catch (MalformedURLException e) {
            System.out.println("Malformed URL Exception: " + pagename);
            return;
        } catch (IOException e) {
            System.out.println("I/O Exception: " + pagename);
            return;
        }

        //The strings to login
        String username = "admin";
        String password = "password";

        //Get the forms on the page
        List<HtmlForm> forms = thisPage.getForms();
        for(HtmlForm form : forms){

            //Input username
            HtmlInput usernameInput = form.getInputByName("username");
            usernameInput.setValueAttribute(username);

            //Input password
            HtmlInput passwordInput = form.getInputByName("password");
            passwordInput.setValueAttribute(password);

            //Click submit button
            HtmlSubmitInput submit = (HtmlSubmitInput) form.getInputByName("Login");
            try {
                submit.<HtmlPage> click().getWebResponse().getContentAsString();
            } catch (IOException e) {
                System.out.println("Something went wrong when trying to log in!");
            }
        }
        ///////////////////////////////////////////////////////////////////////////////////////////
        //Navigate to security page
        thisPage = null;
        pagename = "http://127.0.0.1/dvwa/security.php";
        try {
            thisPage = client.getPage(pagename);
        } catch (FailingHttpStatusCodeException e) {
            System.out.println("Failing HTTP Status Code Exception: " + pagename);
            return;
        } catch (MalformedURLException e) {
            System.out.println("Malformed URL Exception: " + pagename);
            return;
        } catch (IOException e) {
            System.out.println("I/O Exception: " + pagename);
            return;
        }

        //Change security
        HtmlSelect securitySelect = (HtmlSelect) thisPage.getElementByName("security");
        HtmlOption option = securitySelect.getOptionByValue("low");
        securitySelect.setSelectedAttribute(option, true);

        //Press Submit
        HtmlSubmitInput submitButton = thisPage.getElementByName("seclev_submit");
        try {
            submitButton.click();
        } catch (IOException e) {
            e.printStackTrace();
        }

    //Log in on bodgeit
    } else if(loginType.toLowerCase().contentEquals("bodgeit")){

        //Navigate to page
        HtmlPage thisPage = null;
        String pagename = "http://localhost:8080/bodgeit/login.jsp";
        try {
            thisPage = client.getPage(pagename);
        } catch (FailingHttpStatusCodeException e) {
            System.out.println("Failing HTTP Status Code Exception: " + pagename);
            return;
        } catch (MalformedURLException e) {
            System.out.println("Malformed URL Exception: " + pagename);
            return;
        } catch (IOException e) {
            System.out.println("I/O Exception: " + pagename);
            return;
        }

        //The string to login as the admin
        String username = "admin@thebodgeitstore.com' or '1'='1";

        //Get the forms on the page
        List<HtmlForm> forms = thisPage.getForms();
        for(HtmlForm form : forms){

            //Input username
            HtmlInput usernameInput = form.getInputByName("username");
            usernameInput.setValueAttribute(username);

            //Click submit button
            HtmlSubmitInput submit = (HtmlSubmitInput) form.getFirstByXPath("//input[@id='submit']");
            try {
                submit.<HtmlPage> click().getWebResponse().getContentAsString();
            } catch (IOException e) {
                System.out.println("Something went wrong when trying to log in!");
            }
        }


    } else {
        System.out.println("Invalid Login type! Only \"dvwa\" and \"bodgeit\" logins are supported!");
    }

}

}

1 个答案:

答案 0 :(得分:0)

只需点击提交按钮即可使用:

HtmlSubmitInput submit = (HtmlSubmitInput) form.getFirstByXPath("//input[@value='Submit']");
HtmlPage myPage = submit.click();

如果没有,您可以尝试以编程方式执行POST请求。示例来自:https://colinhowe.wordpress.com/2009/06/24/htmlunit-how-to-do-a-post/

Final WebClient webClient = new WebClient();

// Instead of requesting the page directly we create a WebRequestSettings object
WebRequestSettings requestSettings = new WebRequestSettings(
  new URL("URL GOES HERE"), HttpMethod.POST);

// Then we set the request parameters
requestSettings.setRequestParameters(new ArrayList());
requestSettings.getRequestParameters().add(new NameValuePair("name of value to post", "value"));

// Finally, we can get the page
HtmlPage page = webClient.getPage(requestSettings);