using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.IO;
using System.Web;
namespace Malicious
{
public partial class Form1 : Form
{
private readonly string BBSURL = "http://bbs.XXXXX.com";
private readonly string USERNAME = "Malicious";
private readonly string PASSWORD = "123456";
private CookieCollection gCookieCollention = null;
private HttpWebRequest BBSRequest = null;
private HttpWebResponse BBSResponse = null;
public Form1()
{
InitializeComponent();
}
private void startBtn_Click(object sender, EventArgs e)
{
string loginUrl = string.Format("{0}/login.aspx ", BBSURL);
RemoveCookies();
MaliciousLogin(loginUrl, USERNAME, PASSWORD);
startBtn.Enabled = false;
}
/// <summary>
/// 自动登录
/// </summary>
public void MaliciousLogin(string loginUrl, string usr, string pwd)
{
string responseHTML = string.Empty; ;
string loginstr = string.Format("username={0}&password={1}&question=0&answer=&expires=43200&templateid=0&login=%E7%99%BB%E5%BD%95", usr, pwd);
loginstr = EncodePost(loginstr);
byte[] replybyte = Encoding.UTF8.GetBytes(loginstr);
try
{
CookieContainer _cookieContainer = new CookieContainer();
BBSRequest = (HttpWebRequest)WebRequest.Create(loginUrl);
BBSRequest.CookieContainer = _cookieContainer;
BBSRequest.ContentType = "application/x-www-form-urlencoded";
BBSRequest.Method = "POST";
//post 开始
BBSRequest.ContentLength = replybyte.Length;
Stream newStream = BBSRequest.GetRequestStream();
newStream.Write(replybyte, 0, replybyte.Length);
newStream.Close();
//post 结束
//返回HTML
BBSResponse = (HttpWebResponse)BBSRequest.GetResponse();
Stream dataStream = BBSResponse.GetResponseStream();
StreamReader reader = new StreamReader(dataStream, Encoding.GetEncoding("utf-8"));
responseHTML = reader.ReadToEnd();
gCookieCollention = BBSResponse.Cookies;
if (responseHTML.IndexOf("登录成功") > 0)
MessageBox.Show("Login successful");
else
MessageBox.Show(responseHTML);
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
/// <summary>
/// post 帖子
/// </summary>
private void PostTopic(string forumid, string title, string content)
{
try
{
BBSRequest = (HttpWebRequest)WebRequest.Create(string.Format("{0}/posttopic.aspx?forumid={1}", BBSURL,forumid));
BBSRequest.ContentType = "application/x-www-form-urlencoded";
BBSRequest.Method = "POST";
BBSRequest.Referer = string.Format("{0}/posttopic.aspx?forumid={1}", BBSURL, forumid);
BBSRequest.KeepAlive = true;
BBSRequest.AllowWriteStreamBuffering = false;
BBSRequest.ContentType = "multipart/form-data; boundary=---------------------------7d8182810472";
CookieContainer cookieCon = new CookieContainer();
BBSRequest.CookieContainer = cookieCon;
BBSRequest.CookieContainer.Add(gCookieCollention);
string topicStr = BuildPostContent(title, content);
// string topic = EncodePost(topicStr);
string topic = topicStr;
byte[] replybyte = Encoding.UTF8.GetBytes(topic);
BBSRequest.ContentLength = replybyte.Length;
Stream newStream = BBSRequest.GetRequestStream();
newStream.Write(replybyte, 0, replybyte.Length);
newStream.Close();
// get response
BBSResponse = (HttpWebResponse)BBSRequest.GetResponse();
Stream dataStream = BBSResponse.GetResponseStream();
StreamReader reader = new StreamReader(dataStream, Encoding.GetEncoding("utf-8"));
string responseHTML = reader.ReadToEnd();
reader.Close();
dataStream.Close();
BBSResponse.Close();
if (responseHTML.IndexOf("发表主题成功") > 0)
MessageBox.Show("发表主题成功!");
else
MessageBox.Show(responseHTML);
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
private string BuildPostContent(string title, string message)
{
StringBuilder sb = new StringBuilder();
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"temppassword/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"question/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"answer/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"title/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(title + "/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"iconid/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"usesig/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("1/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"posteditor_mediatyperadio/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("on/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"message/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(message + "/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"sposteditor_mode/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"restoredata/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("恢复数据/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"previewbutton/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("预览帖子/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"postfile/"; filename=/"/"/r/n");
sb.Append("Content-Type: application/octet-stream/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"localid/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"readperm/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"attachdesc/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"albums/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"postfile/"; filename=/"/"/r/n");
sb.Append("Content-Type: application/octet-stream/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"localid/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("1/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"readperm/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"attachdesc/"/r/n");
sb.Append(Environment.NewLine);
sb.Append(Environment.NewLine);
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"albums/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"topicreadperm/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append(BoundaryString);
sb.Append("Content-Disposition: form-data; name=/"postbytopictype/"/r/n");
sb.Append(Environment.NewLine);
sb.Append("0/r/n");
sb.Append("-----------------------------7d8182810472--");
sb.Append(Environment.NewLine);
return sb.ToString();
}
private string BoundaryString
{
get { return "-----------------------------7d8182810472/r/n"; }
}
private string EncodePost(string input)
{
string output = null;
Char[] reserved = { '?', '=', '&' };
if (input != null)
{
int i = 0, j;
while (i < input.Length)
{
j = input.IndexOfAny(reserved, i);
if (j == -1)
{
output = output + HttpUtility.UrlEncode(input.Substring(i, input.Length - i), System.Text.Encoding.GetEncoding("utf-8"));
break;
}
string tt = HttpUtility.UrlEncode(input.Substring(i, j - i), System.Text.Encoding.GetEncoding("utf-8"));
output += tt;
output += input.Substring(j, 1);
i = j + 1;
}
return output;
}
else
return null;
}
private void btnPost_Click(object sender, EventArgs e)
{
string forumid = txtForumID.Text.Trim();
string title = txtTitle.Text.Trim();
string content = txtContent.Text.Trim();
PostTopic(forumid, title, content);
}
private void RemoveCookies()
{
int cookiesmax = Environment.GetFolderPath(Environment.SpecialFolder.Cookies).Length;
for (int i = 0; i < cookiesmax; i++)
Environment.GetFolderPath(Environment.SpecialFolder.Cookies).Remove(0);
}
}
}
578
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
