我可以登陆https://XXXX/webui/startpage.do,有用户名,密码,看到页面,点击其中一个按钮,然后我用http analyzer看到具体信息是:
(Request-Line):POST /webui/JSON-RPC HTTP/1.1
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:zh-cn
Cache-Control:no-cache
Connection:Keep-Alive
Content-Length:52
Content-Type:text/plain
Cookie:JSESSIONID=27CBC3ABE4DD9B23C2122E5FBA08FCC0; pysid=3ad6976e9706612b7c7f617084b2a47e
Host:59.64.142.96
Referer:https://59.64.142.96/webui/startPage.do
User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)postdata:{"id":584,"method":".obj#15458303.stop","params":[]}{"id":584,"method":".obj#15458303.stop","params":[]}//这个是点击按钮执行obj#15458303.stop我现在能自己写一个页面,然后把数据post过去,实现之前单击按钮一样的效果吗?能用fsockopen实现吗?看到网上都是可以用fsockopen传递一些数据,可是怎么传obj#15458303.stop呢?
(Request-Line):POST /webui/JSON-RPC HTTP/1.1
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:zh-cn
Cache-Control:no-cache
Connection:Keep-Alive
Content-Length:52
Content-Type:text/plain
Cookie:JSESSIONID=27CBC3ABE4DD9B23C2122E5FBA08FCC0; pysid=3ad6976e9706612b7c7f617084b2a47e
Host:59.64.142.96
Referer:https://59.64.142.96/webui/startPage.do
User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)postdata:{"id":584,"method":".obj#15458303.stop","params":[]}{"id":584,"method":".obj#15458303.stop","params":[]}//这个是点击按钮执行obj#15458303.stop我现在能自己写一个页面,然后把数据post过去,实现之前单击按钮一样的效果吗?能用fsockopen实现吗?看到网上都是可以用fsockopen传递一些数据,可是怎么传obj#15458303.stop呢?
fsockopen
curl
file_get_contents三种方法均可,具体操作你google下参考资料!
"method":".obj#15458303.stop" ,发送的也只是一段字符串,按照正常的header头定义即可!
--------------------
你不是看到http报文了么?postdata:{"id":584,"method":".obj#15458303.stop","params":[]}{"id":584,"method":".obj#15458303.stop","params":[]}
$username=isset($_POST["NAME"])?$_POST["NAME"]:"";
$password=isset($_POST["PASSWORD"])?$_POST["PASSWORD"]:"";////////////////////////////////LOGIN
$host="login.sina.com.cn";
$port=80;
$param="service=miniblog&client=ssologin.js%28v1.3.9%29&entry=miniblog&encoding=utf-8&gateway=1&savestate=7&from=&useticket=0&username=$username&password=$password&url=http%3A%2F%2Ft.sina.com.cn%2Fajaxlogin.php%3Fframelogin%3D1%26callback%3Dparent.sinaSSOController.feedBackUrlCallBack&returntype=META";
$length=strlen($param); $header="POST /sso/login.php?client=ssologin.js(v1.3.9) HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: http://t.sina.com.cn/reg.php?inviteCode=$uid
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: login.sina.com.cn
Content-Length: $length
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: UOR=,t,; _s_upa=1; ULOGIN_IMG=1289883189726; ULV=1289883191236:1:1:1::; Apache=38128988319516\r\n\r\n"; $header.=$param;//表单发送的数据,附加到这里即可。 $fp = @fsockopen($host,$port,$errno,$errstr,10) or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
@fputs($fp,$header); $data="";
$i=0;
while (!feof($fp) && $i<12)
{
$line = @fgets($fp,1024); //去除请求包的头只显示页面的返回数据
$data.=$line;
$i++;
}
fclose($fp);
<?php
$username=isset($_POST["NAME"])?$_POST["NAME"]:"";
$password=isset($_POST["PASSWORD"])?$_POST["PASSWORD"]:"123456789";////////////////////////////////LOGIN
$host="59.64.142.96";
$port=443;
$param="service=miniblog&client=ssologin.js%28v1.3.9%29&entry=miniblog&encoding=utf-8&gateway=1&savestate=7&from=&useticket=0&username=$username&password=$password&url=http%3A%2F%2Ft.sina.com.cn%2Fajaxlogin.php%3Fframelogin%3D1%26callback%3Dparent.sinaSSOController.feedBackUrlCallBack&returntype=META";
$length=strlen($param); $header="POST /webui/JSON-RPC HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: https://59.64.142.96/webui/startPage.do
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: login.sina.com.cn
Content-Length: $length
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: UOR=,t,; _s_upa=1; ULOGIN_IMG=1289883189726; ULV=1289883191236:1:1:1::; Apache=38128988319516\r\n\r\n"; $header.=$param;//表单发送的数据,附加到这里即可。 $fp = @fsockopen($host,$port,$errno,$errstr,10) or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
@fputs($fp,$header); $data="";
$i=0;
while (!feof($fp) && $i<12)
{
$line = @fgets($fp,1024); //去除请求包的头只显示页面的返回数据
$data.=$line;
$i++;
}
fclose($fp);
?>
$infoary = array("username"=>"admin","password"=>"123456789"); //这是我登陆时要输入的用户名密码
$encodestr = encode($infoary);
$fp = fsockopen("59.64.142.96",443,$errno,$errmsg); //我改成我要访问的ip地址,用https,端口号是应该把80改成443吗?
$params.= "POST /webui/JSON-RPC HTTP/1.1\r\n";
$params.= "Host: 59.64.142.96\r\n";
$params.= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X) \r\n";
$params.= "Accept: */*\r\n";
$params.= "Accept-Language: zh-cn\r\n";
$params.= "Accept-Encoding: gzip,deflate\r\n";
$params.= "Keep-Alive: timeout=15,max=17\r\n";
$params.= "Connection: keep-alive\r\n";
$params.= "Referer: https://59.64.142.96/webui/startPage.do\r\n";
$params.= "Content-Type: text/plain;chartset=utf-8\r\n"; //以上这些信息都是通过抓http来实现的
$params.= "method: .obj#15458303.stop"; //我把post data加到这了,好像没起作用
$params.= "Content-Length: ".strlen($encodestr)."\r\n\r\n";
$params.= $encodestr;
fwrite($fp, $params);
while(!feof($fp)){
echo fgets($fp, 4096);
}
fclose($fp);
function encode($params)
{
$i = 0;
foreach($params as $k => $v){
$i++;
$str .= rawurlencode($k)."=".rawurlencode($v);
if($i < count($params)) $str.= "&";
}
return $str;
}
?>
这个还真没做过。
不知道有什么可以模拟https。
http://hi.baidu.com/bignose/blog/item/16bd6f81bdb382dcbc3e1ea4.html
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); //這行請參考 http://curl.haxx.se 的介紹 //?#93;定伺服器憑證,要不要?#93;我忘了... 請自己 try 一下
//curl_setopt($curl, CURLOPT_CAPATH, "/certificate");
//curl_setopt($curl, CURLOPT_CAINFO, "/certificate/server.crt"); //不直接顯示回傳結果
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); //post資料給指定網頁
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $PostData); $Result = curl_exec($curl);
curl_close($curl);
echo $Result;
?>这段代码可以用。执行后得到如下结果:
<p>The document has moved <a href="/setup/welcome.do">here</a></p>
不再是用户名和密码错误的信息了。
<?php
$data["username"]="admin";
$data["password"]="123456789";
$data["method"]=".obj#15458303.stop";//这句话是应该这么写吗,要是http的话这么写对吗?
$data["params"]="";
//$data["msg"]="this is a good thing";while (list($k,$v) = each($data)) {
$post= rawurlencode($k)."=".rawurlencode($v)."&";
}
$post = substr( $post , 0 , -1 );
$len = strlen($post);
//发送
$host = "59.64.142.96";
$file = "/webui/JSON-RPC";
$fp = fsockopen( "ssl://$host", 443, $errno, $errstr, 30);//加上ssl就可以
if (!$fp) {
echo "$errstr ($errno)\n";
} else {
$receive = '';
$out = "GET $file HTTP/1.1\r\n";
$out .= "Host: $host\r\n";
$out .= "Content-type: text/plain\r\n";
$out .= "Connection: Keep-Alive\r\n";
$out .= "Content-Length: $len\r\n";
$out .="\r\n";
$out .= $post."\r\n";
//echo($out);
fwrite($fp, $out);
while (!feof($fp)) {
$receive .= fgets($fp, 128);
}
fclose($fp);
}echo $receive;
?>
你#10这种http post body格式是表单提交(不带文件上传)的标准格式,要带header头
Content-Type: application/x-www-form-urlencoded的
你都在主贴里察看到http头和body的格式了,直接套入即可
大致格式如下,主贴里还有4个http头项你没写入,是不需要吗?
特别是Cookie头那里的session id,你需要模拟登陆获取http返回头里的set-Cookie,再套到这里完成此次Post请求Cookie:JSESSIONID=27CBC3ABE4DD9B23C2122E5FBA08FCC0; pysid=3ad6976e9706612b7c7f617084b2a47e
Referer:https://59.64.142.96/webui/startPage.do
User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)
$post= 'postdata:{"id":584,"method":".obj#15458303.stop","params":[]}{"id":584,"method":".obj#15458303.stop","params":[]}'$host = "59.64.142.96";
$file = "/webui/JSON-RPC";
$fp = fsockopen( "ssl://$host", 443, $errno, $errstr, 30);//加上ssl就可以
if (!$fp) {
echo "$errstr ($errno)\n";
} else {
$receive = '';
$out = "POST $file HTTP/1.1\r\n";
$out .= "Host: $host\r\n";
$out .= "Content-type: text/plain\r\n";
$out .= "Connection: Keep-Alive\r\n";
$out .= "Content-Length: $len\r\n";
$out .="\r\n";
$out .= $post."\r\n";
1.主贴里的信息都需要加上吗,我也不知道那些是有用的,我就想实现点击按钮的那个效果
2.post格式和http body是什么意思咧
3.Content-Type: application/x-www-form-urlencoded
可用http分析软件看到的是Content-Type:text/plain应该用那个呀
4.能麻烦您帮我写个完整的吗
我没理解form格式是什么呀
所以这一句要改成:
$post= 'postdata:urlencode('{"id":584,"method":".obj#15458303.stop","params":[]}{"id":584,"method":".obj#15458303.stop","params":[]}')'
$infoary = array("username"=>"admin","password"=>"123456789"); //这个传用户名密码
$encodestr = encode($infoary);
$fp = fsockopen("ssl://59.64.142.96",443,$errno,$errmsg)or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
$post= 'Post Data:urlencode('{"id":584,"method":".obj#28982303.stop","params":[]}{"id":584,"method":".obj#28982303.stop","params":[]}')';//这是要传的操作
$params= "POST /webui/JSON-RPC HTTP/1.1\r\n";
$params.= "Cookie: JSESSIONID=27CBC3ABE4DD9B23C2122E5FBA08FCC0; pysid=3ad6976e9706612b7c7f617084b2a47e\r\n";
$params.= "Host: 59.64.142.96\r\n";
$params.= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X) \r\n";
$params.= "Accept: */*\r\n";
$params.= "Accept-Language: zh-cn\r\n";
$params.= "Accept-Encoding: gzip,deflate\r\n";
$params.= "Keep-Alive: timeout=15,max=17\r\n";
$params.= "Connection: keep-alive\r\n";
$params.= "Referer: https://59.64.142.96/webui/startPage.do\r\n";
$params.= "Content-Type: text/plain;chartset=utf-8\r\n";
$params.= "Content-Length: ".strlen($encodestr)."\r\n\r\n"; //这些都是header头是吗
$params.= $encodestr;
$params.=$post;//可以把上面的post加进去吗?
fwrite($fp, $params);
while(!feof($fp)){
echo fgets($fp, 4096);
}
fclose($fp);
function encode($params)
{
$i = 0;
foreach($params as $k => $v){
$i++;
$str= rawurlencode($k)."=".rawurlencode($v);
if($i < count($params)) $str.= "&";
}
return $str;
}
?>
<?php
$infoary = array("username"=>"admin","password"=>"iit");
$encodestr = encode($infoary);
$fp = fsockopen("ssl://59.64.142.107",443,$errno,$errmsg)or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
//$post= 'Post Data:{"id":584,"method":".obj#8845078.stop","params":[]}{"id":584,"method":".obj#8845078.stop","params":[]}';
$post= 'postdata:urlencode({"id":818,"method":".obj#8845078.stop","params":[]}{"id":818,"method":".obj#8845078.stop","params":[]})';
$params= "POST /webui/JSON-RPC HTTP/1.1\r\n";
$params.= "Cookie:JSESSIONID=331AC7DC197C37B4BA8646ACA6BB7720; pysid=d6854956ad5b65dc9314c39eb8d8a2af\r\n";
$params.= "Host: 59.64.142.96\r\n";
$params.= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)\r\n";
$params.= "Accept: */*\r\n";
$params.= "Accept-Language: zh-cn\r\n";
$params.= "Accept-Encoding: gzip,deflate\r\n";
$params.= "Keep-Alive: timeout=15,max=17\r\n";
$params.= "Connection: keep-alive\r\n";
$params.= "Referer: https://59.64.142.107/webui/startPage.do\r\n";
$params.= "Content-Type: text/plain;chartset=utf-8\r\n";
//$params.= "method: .obj#15458303.stop";
$params.= "Content-Length: ".strlen($encodestr)."\r\n\r\n";
$params.= $encodestr;
$params.=$post;
fwrite($fp, $params);
while(!feof($fp)){
echo fgets($fp, 4096);
}
fclose($fp);
function encode($params)
{
$i = 0;
foreach($params as $k => $v){
$i++;
$str= rawurlencode($k)."=".rawurlencode($v);
if($i < count($params)) $str.= "&";
}
return $str;
}
?>:
$username=isset($_POST["NAME"])?$_POST["NAME"]:"admin";
$password=isset($_POST["PASSWORD"])?$_POST["PASSWORD"]:"iit";
$host="59.64.142.107";
$port=443;
$param='Post Data:{"id":584,"method":".obj#8845078.stop","params":[]}{"id":584,"method":".obj#8845078.stop","params":[]}'; //把数据加到这了
$length=strlen($param);
$header="POST /webui/JSON-RPC HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: https://59.64.142.107/webui/startPage.do
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)
Host: 59.64.142.107
Content-Length: $length
Connection: Keep-Alive
Cache-Control: no-cache
Cookie:JSESSIONID=331AC7DC197C37B4BA8646ACA6BB7720; pysid=d6854956ad5b65dc9314c39eb8d8a2af\r\n\r\n";
$header.=$param;//表单发送的数据,附加到这里即可。
//$fp = @fsockopen($host,$port,$errno,$errstr,10) or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
$fp = fsockopen("ssl://$host",$port,$errno,$errstr,10) or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
//@fputs($fp,$header);
fputs($fp,$header);
$data="";
$i=0;
while (!feof($fp) && $i<12)
{
// $line = @fgets($fp,1024); //去除请求包的头只显示页面的返回数据
$line = fgets($fp,1024); //去除请求包的头只显示页面的返回数据
$data.=$line;
$i++;
}
fclose($fp);
?>
$fp = fsockopen("ssl://$host",$port,$errno,$errstr,10) or exit($errstr."远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");得到结果:
Unable to find the socket transport "ssl" - did you forget to enable it when you configured PHP?远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。
<?php
$infoary = array("username"=>"admin","password"=>"iit");
$encodestr = encode($infoary);
$fp = fsockopen("ssl://59.64.142.107",443,$errno,$errmsg)or exit("远程服务器无法访问。请刷新重试。此故障发生在获取文件数据操作中。");
//$post= 'Post Data:{"id":584,"method":".obj#8845078.stop","params":[]}{"id":584,"method":".obj#8845078.stop","params":[]}';
$post= 'postdata:urlencode({"id":818,"method":".obj#8845078.stop","params":[]}{"id":818,"method":".obj#8845078.stop","params":[]})';
$params= "POST /webui/JSON-RPC HTTP/1.1\r\n";
$params.= "Cookie:JSESSIONID=331AC7DC197C37B4BA8646ACA6BB7720; pysid=d6854956ad5b65dc9314c39eb8d8a2af\r\n";
$params.= "Host: 59.64.142.107\r\n";
$params.= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SE 2.X; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; SE 2.X)\r\n";
$params.= "Accept: */*\r\n";
$params.= "Accept-Language: zh-cn\r\n";
$params.= "Accept-Encoding: gzip,deflate\r\n";
$params.= "Keep-Alive: timeout=15,max=17\r\n";
$params.= "Connection: keep-alive\r\n";
$params.= "Referer: https://59.64.142.107/webui/startPage.do\r\n";
$params.= "Content-Type: text/plain;chartset=utf-8\r\n";
//$params.= "method: .obj#15458303.stop";
$params.= "Content-Length: ".strlen($encodestr)."\r\n\r\n";
$params.= $encodestr;
$params.=$post;
fwrite($fp, $params);
while(!feof($fp)){
echo fgets($fp, 4096);
}
fclose($fp);
function encode($params)
{
$i = 0;
foreach($params as $k => $v){
$i++;
$str= rawurlencode($k)."=".rawurlencode($v);
if($i < count($params)) $str.= "&";
}
return $str;
}
?>