<span style="font-family: Arial, Helvetica, sans-serif; background-color: rgb(255, 255, 255);">学习资源:燕十八的http课程(公开形式的资源,请自行查找) 四五节</span>
我的笔记:由于第四节没有找到合适的测试网站,因此主要记录为第五节的内容
通过telnet,往留言板中post方式插入数据
POST 【path】 HTTP/1.1
Host:localhost
Content-type:application/x-www-form-urlencoded
Content-length:45
主要是完成post函数的完善,添加主体信息,进行http_build_query转化,之后构造request,然后循环发送
具体见教程
-------------------------------------
关于登录发帖,利用前四节课编写的Http类,其中集成了POST和GET的请求的构造,分别是请求行、请求头、请求行,
然后写了写了一个test.php在这里面要模拟cookie的值(用于登录),这个值从浏览器中获取,然后伪造cookie和User-Agent等等request请求头(这些请求头往往是用来验证cookie是否伪造,因此伪造到底,所以全部都复制进行伪造),写好头之后,往里面写入信息主体$mgs,这个可以用http_build_query将数组直接转化为http的信息主体格式,然后发送请求,即可实现登陆,然后发帖。
关键技术在于,cookie的构造(其实也是在伪造一个可以登录的request的请求,然后进行登陆,然后利用写入的信息主体进行post提交,服务器那边接收到post表单就会进行处理)
用来测试的网站是电驴,然后我注册了俩个账户,分别一发一收,测试源代码如下,最后测试成功,只是收的一方有一到俩分钟的延迟
<?php
require('./Http.class.php');
$http = new Http("http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0");
//$http->setHeader("Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
//$http->setHeader("Accept-Encoding:gzip, deflate");
//$http->setHeader("Accept-Language:zh-CN,zh;q=0.8");
//$http->setHeader("Cache-Control:max-age=0");
//$http->setHeader("Connection:keep-alive");
//$http->setHeader("Content-Length:173");
$http->setHeader("Cookie:sid=95dc8f184d9a87d4ec42669cc84c0198007eb00f; member_id=20880048; member_name=18795882132; mgroupId=93; pass_hash=ff485d8ff09b415feef518c826f4902a; rememberme=false; Hm_lvt_c7849bb40e146a37d411700cb7696e46=1458349182; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1458349343; uchome_auth=89beIvpKfPwdCKoXpIsRxhxXPUn80pvX6awcVlSBQ1saTFrGhQBS9SqiWvK%2BH%2B8syp9up8KzFk425UYatOuyD6WEBgDHoA; uchome_loginuser=18795882132; uchome__refer=%2Fspace.php%3Fdo%3Dpm%26filter%3Dnewpm; uchome_sendmail=1; CNZZDATA1479=cnzz_eid%3D1512915095-1458346223-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1458357847; dcm=1");
//$http->setHeader("Upgrade-Insecure-Requests:1");
//$http->setHeader("User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36");
//$http->setHeader("Referer:http://home.verycd.com/cp.php?ac=pm");
//$http->setHeader("Upgrade-Insecure-Requests:1");
$msg = array(
"username"=>"2997215859",
"message"=>"rilgoul",
"refer"=>"http://home.verycd.com/space.php?do=pm&filter=privatepm",
"pmsubmit"=>"true",
"pmsubmit_btn"=>"发送",
"formhash"=>"27522225"
);
//$http->post($msg);
file_put_contents("./response.txt", $http->post($msg));
echo "ok";
/*cp.php?ac=pm&op=send&touid=0&pmid=0
username:2997215859
message:asdfasgaegthyregarf
refer:http://home.verycd.com/space.php?do=pm&filter=privatepm
pmsubmit:true
pmsubmit_btn:发送
formhash:27522225 */
// Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
// Accept-Encoding:gzip, deflate
// Accept-Language:zh-CN,zh;q=0.8
// Cache-Control:max-age=0
// Connection:keep-alive
// Content-Length:173
// Content-Type:application/x-www-form-urlencoded
// Cookie:sid=95dc8f184d9a87d4ec42669cc84c0198007eb00f; member_id=20880048; member_name=18795882132; mgroupId=93; pass_hash=ff485d8ff09b415feef518c826f4902a; rememberme=false; Hm_lvt_c7849bb40e146a37d411700cb7696e46=1458349182; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1458349343; uchome_auth=89beIvpKfPwdCKoXpIsRxhxXPUn80pvX6awcVlSBQ1saTFrGhQBS9SqiWvK%2BH%2B8syp9up8KzFk425UYatOuyD6WEBgDHoA; uchome_loginuser=18795882132; uchome__refer=%2Fspace.php%3Fdo%3Dpm%26filter%3Dnewpm; uchome_sendmail=1; CNZZDATA1479=cnzz_eid%3D1512915095-1458346223-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1458357847; dcm=1
// Host:home.verycd.com
// Origin:http://home.verycd.com
// Referer:http://home.verycd.com/cp.php?ac=pm
// Upgrade-Insecure-Requests:1
// User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36
补充完整的http类如下
<?php
//http请求类接口
interface Proto{
//连接url
function conn($url);
//发送GET请求
function get();
//发送POST请求
function post();
//关闭连接
function close();
}
class Http implements Proto{
const CRLF = "\r\n";//carriage return line feed
protected $url = array();
protected $line = array();
protected $header = array();
protected $body = array();
protected $fh = null;
protected $version = 'HTTP/1.1';
protected $errno = -1;
protected $errstr = '';
protected $response = '';
public function __construct($url)
{
$this->conn($url);
$this->setHeader("Host:".$this->url["host"]);
}
//此方法负责写请求行
protected function setLine($method){
$this->line[] = "$method"." ".$this->url['path']."?".$this->url['query']." ".$this->version;
// echo $this->line[0];
}
//此方法负责写请求头
public function setHeader($headerLine){
$this->header[] = $headerLine;
}
//此方法负责写主体信息
protected function setBody($body){
//$this->body = array.merge($this->body,$body);
$this->body[] = http_build_query($body);
//echo $this->body[0];
}
//连接url
public function conn($url){
$this->url = parse_url($url);
//print_r($this->url);
//判断端口
if(!isset($this->url['port'])){
$this->url['port'] = 80;
}
$this->fh = fsockopen($this->url['host'],$this->url['port'],$this->errno,$this->errstr,3);
}
//构造GET请求
public function get(){
$this->setLine("GET");
$this->request();
return $this->response;
}
//构造POST请求
public function post($body = array()){
//设置POST请求行
$this->setLine("POST");
//设置头消息
$this->setHeader("Content-type:application/x-www-form-urlencoded");
//echo $this->header[1];
//设置主体信息,比get要多一些设置
$this->setBody($body);
$this->setHeader("Content-length:".strlen($this->body[0]));
//echo $this->header[2];
$this->request();
return $this->response;
}
//真正请求
public function request(){
//把请求行和body信息放在一个数组中,便于拼接
$req = array_merge($this->line,$this->header,array(''),$this->body,array(''));
$req = implode(self::CRLF, $req);
//echo $req;exit;
//print_r($req);
fwrite($this->fh,$req);
while(!feof($this->fh)){
$this->response.=fread($this->fh,1024);
}
$this->close();//关闭连接
}
//关闭连接
public function close(){
//fclose($this->fh);
}
}
// $url = "http://news.163.com/16/0317/20/BICRPR0400014PRF.html";
// $http = new http($url);
//$str = str_shuffle("asdfasdfsd");
//$tit = substr($str,0,5);
//$content = substr($str,0,8);
//echo $http->get();
//print_r($http);
//echo $http->post(array("tit"=>"$tit","content"=>$content,"submit"=>"留言"));