我正在尝试使用某个程序登录网站。我用Google搜索了很多,但其他人这样做的方式对我来说并不起作用。
登录网站的步骤如下:
通过请求auth.php获取PHPSESSID
使用PHPSESSID作为Cookie +内容发送带有用户名&的发布请求密码
我使用burp-suite查看整个过程中发送和接收的数据包。
获取PHPSESSID非常简单,设置Cookie并发送帖子请求也不是很难,但响应不一样。
String site = "The Site(Https://....)";
URL myUrl = new URL(site);
HttpURLConnection con = (HttpURLConnection) myUrl.openConnection();
con.setRequestMethod("GET");
Map<String, List<String>> headers = con.getHeaderFields();
//Get the PHPSESSID
for(Entry<String, List<String>> e : headers.entrySet()){
System.out.println(e.getKey() + ":" + e.getValue());
}
List<String> ff = headers.get("Set-Cookie");
String asd = ff.get(0);
String[] temp = asd.split(";");
asd = temp[0];
System.out.println(asd);
con.disconnect();
myUrl = new URL(site);
con = null;
con = (HttpURLConnection) myUrl.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Host", "The host");
con.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml");
con.setRequestProperty("Accept-Language", "de,en-US;q=0.7,en;q=0.3");
con.setRequestProperty("Referer", "https://ericsson.mareksokol.info/auth.php");
con.setRequestProperty("Connection", "close");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
con.setRequestProperty("Cookie", asd);
con.setRequestProperty("Content-Length", "" +login.length());
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream (
con.getOutputStream());
wr.writeBytes(login); //login is just copy&pasted from burp-suite
wr.close();
System.out.println("\n");
InputStream is = con.getInputStream();
BufferedReader rd = new BufferedReader(new InputStreamReader(is));
StringBuilder response = new StringBuilder(); //
String line;
while ((line = rd.readLine()) != null) {
response.append(line);
response.append('\r');
}
rd.close();
System.out.println(response);
这是我第一次使用网站并登录,我非常感谢您能给我的任何帮助。
答案 0 :(得分:0)
我建议您使用Java的HTTP客户端库之一:Apache Httpclient,OKHttp等。
如果您想使用普通Connection
对象(请注意此示例适用于普通认证方案),您可以这样做:
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
public class HttpBasicAuth {
public static void main(String[] args) {
try {
URL url = new URL ("http://ip:port/login");
String encoding = Base64Encoder.encode ("test1:test1");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setDoOutput(true);
connection.setRequestProperty ("Authorization", "Basic " + encoding);
InputStream content = (InputStream)connection.getInputStream();
BufferedReader in =
new BufferedReader (new InputStreamReader (content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
} catch(Exception e) {
e.printStackTrace();
}
}
}