1 工具
使用工具:
Wireshark
谷歌浏览器 (F12调试)
Postman
2操作步骤
1) 打开Wireshark 捕获网络报文
2) 打开浏览器 输入网址 输入账号密码 点击登陆
3)右击相应的报文 选择追踪HTPP流 如下(未完全截图):
其中UNAME=%D0%EC%BF%A1%BA%C6&PASSWORD=是账号密码,添加到相应的网址后面,使用postman 模拟登陆
4)postman 模拟登陆
下图为服务器的响应 可以看出验证账号密码已经通过了
<body class="bodycolor">
<script>
var isIE = 0;
if(/msie\s[6-8]/ig.test(navigator.userAgent)){
isIE = 1;
}
var modify_pwd = "0";
var url = "./general/index.php?isIE="+isIE+"&modify_pwd=0";
function goto_oa()
{
window.location=url;//"./general/";
}
goto_oa();
</script>
<div class=big1>正在进入系统,请稍候...</div>
</body>
</html>
Wireshark 还有如下报文请求
GET /general/index.php?isIE=0&modify_pwd=0 HTTP/1.1
Host: 192.168.8.252:8181
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.62 Safari/537.36
再使用postman模拟get 下图为服务器的响应 可以看出已经进入系统 可以使用QT实现了
3 QT实现
1)登陆请求函数部分代码:
QNetworkReply * MainWindow::login(QString destUrl)
{
QList<QNetworkCookie> Web_cookies;
// Web_cookies.push_back(QNetworkCookie("KEY_RANDOMDATA","53"));
// Web_cookies.push_back(QNetworkCookie("PHPSESSID","igpl035u1gm0t93"));
// Web_cookies.push_back(QNetworkCookie("KEY_RANDOMDATA","53"));
// Web_cookies.push_back(QNetworkCookie("PHPSESSID","e0a27dtierpnf5"));
QVariant var;
QNetworkRequest network_request;
var.setValue(Web_cookies);
//QNetworkRequest network_request;
network_request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
network_request.setHeader(QNetworkRequest::ContentTypeHeader,"application/x-www-form-urlencoded");
network_request.setHeader(QNetworkRequest::CookieHeader,var);
network_request.setUrl(QUrl(destUrl));
return m_NetManager->get(network_request);
//m_NetManager->post(network_request,"");
}
2)replyFinished函数部分代码:
void MainWindow::replyFinished(QNetworkReply *reply)
{
QVariant statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute);
if (statusCode != 200)
{
QMessageBox::warning(this, "warning",QString("Json文件下载失败 状态码:%1").arg(statusCode.toString()));
return;
}
if(statusCode.toInt() == 200) {//TODO 获取cookie信息
if(reply->hasRawHeader("Set-Cookie"))
{
QByteArray cookie = reply->rawHeader("Set-Cookie");
qDebug()<<cookie.size();
qDebug()<<cookie;
int indexS = cookie.indexOf("PHPSESSID");
int index = cookie.indexOf("=",indexS);
int indexE = cookie.indexOf(";",indexS);
QString temp = cookie.mid(index+1,indexE-index);
if(!temp.isEmpty())
mPHPSESSID = temp;
indexS = cookie.indexOf("OA_USER_ID");
index = cookie.indexOf("=",indexS);
indexE = cookie.indexOf("\n",indexS);
temp = cookie.mid(index+1,indexE-index-1).trimmed();
if(!temp.isEmpty())
mOA_USER_ID = temp;
}else
qDebug()<<"no cookies!!!!!!!!!";
QString str = reply->readAll();
reply->deleteLater();
}
}
获取响应的Cookies,在下载文件中使用
3)QT登入后 获取Cookies 下载文件
部分代码如下
void CHttpDownLoadFile::DownLoadFile()
{
m_bIsFinished = false;
QNetworkRequest request(m_urlAdress);
//设置cookies start
QList<QNetworkCookie> Web_cookies;
Web_cookies.push_back(QNetworkCookie("KEY_RANDOMDATA",QString("%1").arg(cOA_USER_ID).toLocal8Bit()));
Web_cookies.push_back(QNetworkCookie("PHPSESSID",QString("%1").arg(cPHPSESSID).toLocal8Bit()));
QVariant var;
var.setValue(Web_cookies);
request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
request.setHeader(QNetworkRequest::ContentTypeHeader,"application/x-www-form-urlencoded");
request.setHeader(QNetworkRequest::CookieHeader,var);
//设置cookies end
request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
m_netReply = m_netAccessManager->get(request);
connect(m_netAccessManager, SIGNAL(finished(QNetworkReply*)), this, SLOT(replyFinished(QNetworkReply*)));//关联信号和槽
connect(m_netReply, SIGNAL(readyRead()), this, SLOT(ReplyNewDataArrived()));//当有新数据到达时就会触发此信号
connect(m_netReply, SIGNAL(finished()), this, SLOT(ReplyFinished()));//完成数据接收后发送此信号
connect(m_netReply, SIGNAL(error(QNetworkReply::NetworkError)), this, SLOT(ReplyError(QNetworkReply::NetworkError)));//出现错误时发送此信号;
connect(m_netReply, SIGNAL(downloadProgress(qint64, qint64)), this, SLOT(ReplyDownloadProgress(qint64, qint64)));//用来提示文件下载进度
}
4 成果展示
该软件为检测升级软件,通过HTTP获取服务器的文件,实现下载功能。检测到新版本,说明软件内部实现已经成功登录服务器,进行文件读取并与本地版本的对比,点击立即下载可以下载成功并解压安装!