JAVA模拟POST请求

该场景应用在XSS测试,这个过程我们针对某一特定的请求,进行测试

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;

/**
 * 
 * @author jingmin
 *        
 */
class ServerConn {
	private int m_port = 0;
	private Socket m_socket = null;
	private String m_ip = null;

	public void setPort(int port) {
		this.m_port = port;
	}

	public void setIp(String ip) {
		this.m_ip = ip;
	}

	/***
	
	 * 
	 * @param post_URL
	 * @param Accept
	 * @param User_agent
	 * @param Accept_Lan
	 * @param Content_type
	 * @param Accept_enCoder
	 * @param Host
	 * @param Connection
	 * @param Cookie
	 * @param Cache_control
	 * @throws
	 */

	public String setHeader(String post_URL, String Accept_type, String Refer,
			String Accept_Lan, String User_agent, String Content_Type,
			String request, String Accept_encode, String Host,
			String Connection, String Cookie, String Cache_control,
			List<String> data) {
		String Header = "";
		String Enter = "\r\n";
		if (post_URL != "") {
			Header += "POST " + post_URL + " HTTP/1.1" + Enter;
		} else {
			return null;
		}
		if (Host != "") {
			Header += "Host: " + Host + Enter;
		}
		if (User_agent != "") {
			Header += "User-Agent: " + User_agent + Enter;
		}

		if (Accept_type != "") {
			Header += "Accept: " + Accept_type + Enter;
		}
		if (Accept_Lan != "") {
			Header += "Accept-Language: " + Accept_Lan + Enter;
		}
		if (Accept_encode != "") {
			Header += "Accept-Encoding: " + Accept_encode + Enter;
		}
		if (Content_Type != "") {
			Header += "Content-Type: " + Content_Type + Enter;
		}
		if (request != "") {
			Header += "X-Requested-With: " + request + Enter;
		}

		if (Refer != "") {
			Header += "Referer: " + Refer + Enter;
		}
		int nLength = 0;
		for (int i = 0; i < data.size(); i++) {
			nLength += data.get(i).length();
		}
		nLength++;
		Header += "Content-Length: " + nLength + Enter;

		if (Cookie != "") {
			Header += "Cookie: " + Cookie + Enter;
		}
		if (Connection != "") {
			Header += "Connection: " + Connection + Enter;
		}
		if (Cache_control != "") {
			Header += "Cache-Control: " + Cache_control + Enter;
		}
		Header += Enter;
		try {

			for (int i = 0; i < data.size(); i++) {
				if (i % 2 == 0) {
					if ((i + 1) < data.size()) {
						String tmp = URLEncoder.encode(data.get(i), "utf-8")
								+ "="
								+ URLEncoder.encode(data.get(i + 1), "utf-8");
						Header += tmp;
						if (i + 2 >= data.size()) {
							break;
						} else {
							Header += "&";
						}
					}
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return Header;
	}

	public int Connect() {
		BufferedReader br = null;
		BufferedWriter bw = null;
		OutputStreamWriter ow = null;
		try {
			m_socket = new Socket(m_ip, m_port);
			br = new BufferedReader(new InputStreamReader(
						m_socket.getInputStream()));
			ow = new OutputStreamWriter(m_socket.getOutputStream());
			bw = new BufferedWriter(new BufferedWriter(ow));
			List<String> mm = new ArrayList<String>();
			mm.add("option");
			mm.add("ljw1");
			String result = setHeader(
					"/view/Index.ashx",
					"text/html,*/*;q=0.01",
					"http://inventiontool.net/",
					"zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
					"Mozilla/5.0 (Windows NT 6.1; rv:42.0) Gecko/20100101 Firefox/42.0",
					"application/x-www-form-urlencoded; charset=UTF-8",
					"XMLHttpRequest",
					"gzip,deflate",
					"inventiontool.net",
					"keep-alive",
					"Hm_lvt_f5127c6793d40d199f68042b8a63e725=1444853303,1445609377; Hm_lvt_b83513d98d2b70b2f807abde70212fec=1444853303,1445609380",
					"no-cache", mm);
			bw.write(result);
			bw.flush();
			String get_result = null;
			while ((get_result = br.readLine()) != null) {
				System.out.println(get_result);
			}
			System.out.println("接受完成");
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			try {
				br.close();
				bw.close();
				m_socket.close();
			} catch (IOException e) {
				e.printStackTrace();
			}
		}
		return 0;
	}
}
public class Hello {
	public static void main(String[] args) {
		System.out.println("we begin..");
		ServerConn sc = new ServerConn();
		sc.setIp("115.24.160.250");
		sc.setPort(80);
		sc.Connect();
	}
}

这里呢,我们需要进行做下笔记

1.进行POST请求的时候,其中请求头部和post数据两者之间需要两个\r\n!!!!!!!!

2.如果出现HTTP   400 BAD REQUEST,需要注意两个点,一个是 Content-type,另一个则是Content-Length这两个值一定得正确!!!,才行

3.中途出现了中文乱码问题,我们在eclipse中进行设置了编码问题,只需要进行编码设置为UTF-8


  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

世纪殇

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值