写此文章的目的不是要鼓励大家恶意灌水,而是要了解Http头信息传输的机制及Cookie的一些知识,讲之前大家先看一下下面我在CSDN所截获的回复帖子的Http包信息内容:
typestate=1&Point=0&TopicName=%B7%A2%CC%F9%B2%E2%CA%D4%A3%AC%CF%D0%C8%CB%CE%F0%BD%F8%A3%A1&Room=1404&Content=rt
//Point:分数0 TopicName:文章标题:发贴测试,闲人勿进!是经过unicode编码的 Content:内容: rt 上面是传递的参数
10.104.9.30(1062)-> //发送方ip及端口
10.104.9.30(80) //接受方IP及端口
POST /Expert/PostNew_SQL.asp HTTP/1.1 //接受页面及HTTP版本
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-Powerpoint, application/vnd.ms-Excel, application/msWord, application/x-shockwave-Flash, */*
Referer: http://expert.csdn.net/Expert/PostNew.asp?room=1404 //提交的地址
Accept-Language: zh-cn //中文语言
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate //接受压缩格式类型
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) //用户环境
Host: expert.csdn.net //主机名称
Content-Length: 111 //长度:111
Connection: Keep-Alive //保持激活状态
Cache-Control: no-cache //没有使用缓存
Cookie: remenber=0; ASPsessionIDAAATSBBS=POHKDGIBFHAMPECBCDHIHBCD; room=0; username=dashi888; speaknum=0; speaktime=2003%2D5%2D15+11%3A56%3A34; adminok=True; userid=487815; info1=0; m%5Ftype=1; aszx=0a727a0323230cd62e4cf5326besba01; mid=476831 //COOKIE的内容
注:用户的Cookie是经过32位加密的,我们要先构造自己要发送的Http包信息
截图如下:
下面是代码部分:
unit submit;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
ScktComp, NMURL, StdCtrls, ComCtrls, ExtCtrls;
type
TForm1 = class(TForm)
url: TNMURL;
ClientSocket1: TClientSocket;
Label1: TLabel;
Label2: TLabel;
Label3: TLabel;
Edit1: TEdit;
Edit2: TEdit;
Edit3: TEdit;
Label4: TLabel;
Edit4: TEdit;
Label5: TLabel;
Button1: TButton;
Button2: TButton;
StatusBar1: TStatusBar;
memo2: TMemo;
Memo1: TMemo;
Label6: TLabel;
Label7: TLabel;
Label8: TLabel;
Edit5: TEdit;
Edit6: TEdit;
Label9: TLabel;
Edit7: TEdit;
Button3: TButton;
Timer1: TTimer;
Button4: TButton;
Timer2: TTimer;
Button5: TButton;
PRocedure Button1Click(Sender: TObject);
procedure ClientSocket1Error(Sender: TObject; Socket: TCustomWinSocket;
ErrorEvent: TErrorEvent; var ErrorCode: Integer);
procedure ClientSocket1Read(Sender: TObject; Socket: TCustomWinSocket);
procedure Button2Click(Sender: TObject);
procedure Edit4KeyPress(Sender: TObject; var Key: Char);
procedure Edit5KeyPress(Sender: TObject; var Key: Char);
procedure Edit6KeyPress(Sender: TObject; var Key: Char);
procedure Edit7KeyPress(Sender: TObject; var Key: Char);
procedure Timer1Timer(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure Button4Click(Sender: TObject);
procedure Timer2Timer(Sender: TObject);
procedure ClientSocket1Connect(Sender: TObject;
Socket: TCustomWinSocket);
procedure FormShow(Sender: TObject);
procedure Button5Click(Sender: TObject);
private
{ Private declarations }
TopicID,StartID,EndID:integer;
DelayTime :integer;
succ :boolean;
procedure SendData();
procedure BuildHttpHead();
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.DFM}
procedure TForm1.Button1Click(Sender: TObject);
begin
clientsocket1.Active :=true;
Button1.Enabled :=false;
BuildHttpHead();
end;
procedure TForm1.ClientSocket1Error(Sender: TObject;
Socket: TCustomWinSocket; ErrorEvent: TErrorEvent;
var ErrorCode: Integer);
begin
StatusBar1.SimpleText:='连接出错!';
errorcode:=0; //出错代码
end;
procedure TForm1.ClientSocket1Read(Sender: TObject;
Socket: TCustomWinSocket);
var
s:string;
begin
succ :=false;
s:=socket.ReceiveText;
if (pos('200',s)<>0) then //返回信息:200 OK,表示发送成功
begin
StatusBar1.SimpleText:='成功!';
clientsocket1.Active :=false;
succ :=true;
Button1.Enabled :=true;
end else
begin
StatusBar1.SimpleText:='失败!';
clientsocket1.active:=true;
succ :=false;
Button1.Enabled :=false;
end;
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
Close;
end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
DelayTime :=strtoint(trim(edit7.text));
timer1.Interval :=DelayTime;
timer1.Enabled :=True;
clientsocket1.Active :=true;
SendData; //发送数据
end;
procedure TForm1.SendData;
var
i:integer;
begin
EndID :=StrToInt(trim(edit6.text));
TopicID :=StrToInt(trim(edit4.text));
if TopicID<EndID then
begin
Inc(TopicID);
BuildHttpHead(); //构造Http头信息
edit4.Text :=inttostr(TopicID);
end;
end;
procedure TForm1.Button3Click(Sender: TObject);
begin
Button3.Enabled :=false;
StartID :=StrToInt(trim(edit5.text));
edit4.text :=inttostr(StartID);
Timer1Timer(sender);
end;
procedure TForm1.Button4Click(Sender: TObject);
begin
timer1.Enabled :=false;
clientsocket1.Active :=false;
Button3.Enabled :=true;
end;
procedure TForm1.BuildHttpHead;
var
sendp,sends,sendc:string;
begin
//Http头信息
sends:='POST /Expert/reply.asp HTTP/1.1'+#13#10;
sends:=sends+'Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*'+#13#10;
sends:=sends+'Accept-Language: zh-cn'+#13#10;
sends:=sends+'Content-Type: application/x-www-form-urlencoded'+#13#10;
sends:=sends+'Accept-Encoding: gzip, deflate'+#13#10;
sends:=sends+'User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)'+#13#10;
sends:=sends+'Host: expert.csdn.net'+#13#10;
sends:=sends+'Cache-Control: no-cache'+#13+#10;
//构造Cookie信息
if edit1.text<>'' then
begin
url.InputString :=trim(edit1.Text);
sendp:='username='+url.Encode ; //unicode编码
sendc:='csdnname='+url.Encode ;
end;
if edit2.text<>'' then
begin
url.InputString :=trim(edit2.Text);
sendp:=sendp+';userid='+url.Encode;
sendc:=sendc+'&csdnpassword='+url.Encode ;
end;
if edit3.text<>'' then
begin
url.InputString :=trim(edit3.Text);
sendp:=sendp+';aszx='+url.Encode;
end;
sends:=sends+'Cookie: '+sendp+#13+#10;
//发送的内容
url.inputstring:=trim(edit4.text);
sendc:=sendc+'&Topicid='+url.Encode;
url.InputString :=trim(memo1.Text);
sendc:=sendc+'&ReplyContent='+url.Encode;
sendc:=sendc+'&xmlReply=aaaaa';
sends:=sends+'Content-Length: '+inttostr(length(sendc))+#13#10;
sends:=sends+'Connection: Keep-Alive'+#13+#10+#13#10 +sendc;
memo2.Lines.Clear;
memo2.Lines.Add(sends);
clientsocket1.Socket.SendText(sends); //发送
end;
procedure TForm1.ClientSocket1Connect(Sender: TObject;
Socket: TCustomWinSocket);
begin
BuildHttpHead(); //一连接成功就发送
end;
procedure TForm1.FormShow(Sender: TObject);
begin
succ :=false; //是否成功
end;
procedure TForm1.Button5Click(Sender: TObject);
begin
button1.Enabled :=true;
clientsocket1.Active :=false;
end;
end.
新闻热点
疑难解答