Java：如何登录网站

Question

我正在尝试使用某个程序登录网站。我用Google搜索了很多，但其他人这样做的方式对我来说并不起作用。

登录网站的步骤如下：

  

通过请求auth.php获取PHPSESSID

     

使用PHPSESSID作为Cookie +内容发送带有用户名＆amp;的发布请求密码

我使用burp-suite查看整个过程中发送和接收的数据包。

获取PHPSESSID非常简单，设置Cookie并发送帖子请求也不是很难，但响应不一样。

String site = "The Site(Https://....)";
    URL myUrl = new URL(site);
    HttpURLConnection con = (HttpURLConnection) myUrl.openConnection();
    con.setRequestMethod("GET");
    Map<String, List<String>> headers = con.getHeaderFields();
    //Get the PHPSESSID
    for(Entry<String, List<String>>  e : headers.entrySet()){
        System.out.println(e.getKey() + ":" + e.getValue());
    }
    List<String> ff = headers.get("Set-Cookie");
    String asd = ff.get(0);
    String[] temp = asd.split(";");
    asd = temp[0];
    System.out.println(asd);
    con.disconnect();

    myUrl = new URL(site);
    con = null;
    con = (HttpURLConnection) myUrl.openConnection();
    con.setRequestMethod("POST");
    con.setRequestProperty("Host", "The host");
    con.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml");
    con.setRequestProperty("Accept-Language", "de,en-US;q=0.7,en;q=0.3");
    con.setRequestProperty("Referer", "https://ericsson.mareksokol.info/auth.php");
    con.setRequestProperty("Connection", "close");
    con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
    con.setRequestProperty("Cookie", asd);
    con.setRequestProperty("Content-Length", "" +login.length());
    con.setDoOutput(true);
    DataOutputStream wr = new DataOutputStream (
            con.getOutputStream());
        wr.writeBytes(login); //login is just copy&pasted from burp-suite
        wr.close();
    System.out.println("\n");

    InputStream is = con.getInputStream();
    BufferedReader rd = new BufferedReader(new InputStreamReader(is));
    StringBuilder response = new StringBuilder(); //
    String line;
    while ((line = rd.readLine()) != null) {
      response.append(line);
      response.append('\r');
    }
    rd.close();
    System.out.println(response);

这是我第一次使用网站并登录，我非常感谢您能给我的任何帮助。

Answer 1

我建议您使用Java的HTTP客户端库之一：Apache Httpclient，OKHttp等。 如果您想使用普通Connection对象（请注意此示例适用于普通认证方案），您可以这样做：

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;


public class HttpBasicAuth {

    public static void main(String[] args) {

        try {
            URL url = new URL ("http://ip:port/login");
            String encoding = Base64Encoder.encode ("test1:test1");

            HttpURLConnection connection = (HttpURLConnection) url.openConnection();
            connection.setRequestMethod("POST");
            connection.setDoOutput(true);
            connection.setRequestProperty  ("Authorization", "Basic " + encoding);
            InputStream content = (InputStream)connection.getInputStream();
            BufferedReader in   = 
                new BufferedReader (new InputStreamReader (content));
            String line;
            while ((line = in.readLine()) != null) {
                System.out.println(line);
            }
        } catch(Exception e) {
            e.printStackTrace();
        }

    }

}