寫此文章的目的不是要鼓勵大家惡意灌水,而是要了解Http頭信息傳輸的機制及CookIE的一些知識,講之前大家先看一下下面我在CSDN所截獲的回復帖子的Http包信息內容:
typestate=1&Point=0&TopicName=%B7%A2%CC%F9%B2%E2%CA%D4%A3%AC%CF%D0%C8%CB%CE%F0%BD%F8%A3%A1&Room=1404&Content=rt
//Point:分數0 TopicName:文章標題:發貼測試,閒人勿進!是經過unicode編碼的 Content:內容: rt 上面是傳遞的參數
10.104.9.30(1062)-> //發送方IP及端口
10.104.9.30(80) //接受方IP及端口
POST /Expert/PostNew_SQL.ASP HTTP/1.1 //接受頁面及HTTP版本
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-PowerPoint, application/vnd.ms-Excel, application/msWord, application/x-shockwave-Flash, */*
Referer: http://expert.csdn.Net/Expert/PostNew.ASP?room=1404 //提交的地址
Accept-Language: zh-cn //中文語言
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate //接受壓縮格式類型
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) //用戶環境
Host: expert.csdn.Net //主機名稱
Content-Length: 111 //長度:111
Connection: Keep-Alive //保持激活狀態
Cache-Control: no-cache //沒有使用緩存
CookIE: remenber=0; ASPSESSIONIDAAATSBBS=POHKDGIBFHAMPECBCDHIHBCD; room=0; username=dashi888; speaknum=0; speaktime=2003%2D5%2D15+11%3A56%3A34; adminok=True; userid=487815; info1=0; m%5Ftype=1; aszx=0a727a0323230cd62e4cf5326besba01; mid=476831 //COOKIE的內容
注:用戶的CookIE是經過32位加密的,我們要先構造自己要發送的Http包信息
截圖如下:
下面是代碼部分:
unit submit;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
ScktComp, NMURL, StdCtrls, ComCtrls, ExtCtrls;
type
TForm1 = class(TForm)
url: TNMURL;
ClientSocket1: TClIEntSocket;
Label1: TLabel;
Label2: TLabel;
Label3: TLabel;
Edit1: TEdit;
Edit2: TEdit;
Edit3: TEdit;
Label4: TLabel;
Edit4: TEdit;
Label5: TLabel;
Button1: TButton;
Button2: TButton;
StatusBar1: TStatusBar;
memo2: TMemo;
Memo1: TMemo;
Label6: TLabel;
Label7: TLabel;
Label8: TLabel;
Edit5: TEdit;
Edit6: TEdit;
Label9: TLabel;
Edit7: TEdit;
Button3: TButton;
Timer1: TTimer;
Button4: TButton;
Timer2: TTimer;
Button5: TButton;
procedure Button1Click(Sender: TObject);
procedure ClIEntSocket1Error(Sender: TObject; Socket: TCustomWinSocket;
ErrorEvent: TErrorEvent; var ErrorCode: Integer);
procedure ClIEntSocket1Read(Sender: TObject; Socket: TCustomWinSocket);
procedure Button2Click(Sender: TObject);
procedure Edit4KeyPress(Sender: TObject; var Key: Char);
procedure Edit5KeyPress(Sender: TObject; var Key: Char);
procedure Edit6KeyPress(Sender: TObject; var Key: Char);
procedure Edit7KeyPress(Sender: TObject; var Key: Char);
procedure Timer1Timer(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure Button4Click(Sender: TObject);
procedure Timer2Timer(Sender: TObject);
procedure ClIEntSocket1Connect(Sender: TObject;
Socket: TCustomWinSocket);
procedure FormShow(Sender: TObject);
procedure Button5Click(Sender: TObject);
private
{ Private declarations }
TopicID,StartID,EndID:integer;
DelayTime :integer;
succ :boolean;
procedure SendData();
procedure BuildHttpHead();
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.DFM}
procedure TForm1.Button1Click(Sender: TObject);
begin
clIEntsocket1.Active :=true;
Button1.Enabled :=false;
BuildHttpHead();
end;
procedure TForm1.ClIEntSocket1Error(Sender: TObject;
Socket: TCustomWinSocket; ErrorEvent: TErrorEvent;
var ErrorCode: Integer);
begin
StatusBar1.SimpleText:='連接出錯!';
errorcode:=0; //出錯代碼
end;
procedure TForm1.ClIEntSocket1Read(Sender: TObject;
Socket: TCustomWinSocket);
var
s:string;
begin
succ :=false;
s:=socket.ReceiveText;
if (pos('200',s)<>0) then //返回信息:200 OK,表示發送成功
begin
StatusBar1.SimpleText:='成功!';
clIEntsocket1.Active :=false;
succ :=true;
Button1.Enabled :=true;
end else
begin
StatusBar1.SimpleText:='失敗!';
clIEntsocket1.active:=true;
succ :=false;
Button1.Enabled :=false;
end;
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
Close;
end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
DelayTime :=strtoint(trim(edit7.text));
timer1.Interval :=DelayTime;
timer1.Enabled :=True;
clIEntsocket1.Active :=true;
SendData; //發送數據
end;
procedure TForm1.SendData;
var
i:integer;
begin
EndID :=StrToInt(trim(edit6.text));
TopicID :=StrToInt(trim(edit4.text));
if TopicID<EndID then
begin
Inc(TopicID);
BuildHttpHead(); //構造Http頭信息
edit4.Text :=inttostr(TopicID);
end;
end;
procedure TForm1.Button3Click(Sender: TObject);
begin
Button3.Enabled :=false;
StartID :=StrToInt(trim(edit5.text));
edit4.text :=inttostr(StartID);
Timer1Timer(sender);
end;
procedure TForm1.Button4Click(Sender: TObject);
begin
timer1.Enabled :=false;
clIEntsocket1.Active :=false;
Button3.Enabled :=true;
end;
procedure TForm1.BuildHttpHead;
var
sendp,sends,sendc:string;
begin
//Http頭信息
sends:='POST /Expert/reply.ASP HTTP/1.1'+#13#10;
sends:=sends+'Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-PowerPoint, application/vnd.ms-Excel, application/msWord, application/x-shockwave-Flash, */*'+#13#10;
sends:=sends+'Accept-Language: zh-cn'+#13#10;
sends:=sends+'Content-Type: application/x-www-form-urlencoded'+#13#10;
sends:=sends+'Accept-Encoding: gzip, deflate'+#13#10;
sends:=sends+'User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)'+#13#10;
sends:=sends+'Host: expert.csdn.Net'+#13#10;
sends:=sends+'Cache-Control: no-cache'+#13+#10;
//構造CookIE信息
if edit1.text<>'' then
begin
url.InputString :=trim(edit1.Text);
sendp:='username='+url.Encode ; //unicode編碼
sendc:='csdnname='+url.Encode ;
end;
if edit2.text<>'' then
begin
url.InputString :=trim(edit2.Text);
sendp:=sendp+';userid='+url.Encode;
sendc:=sendc+'&csdnpassWord='+url.Encode ;
end;
if edit3.text<>'' then
begin
url.InputString :=trim(edit3.Text);
sendp:=sendp+';aszx='+url.Encode;
end;
sends:=sends+'CookIE: '+sendp+#13+#10;
//發送的內容
url.inputstring:=trim(edit4.text);
sendc:=sendc+'&Topicid='+url.Encode;
url.InputString :=trim(memo1.Text);
sendc:=sendc+'&ReplyContent='+url.Encode;
sendc:=sendc+'&XMLReply=aaaaa';
sends:=sends+'Content-Length: '+inttostr(length(sendc))+#13#10;
sends:=sends+'Connection: Keep-Alive'+#13+#10+#13#10 +sendc;
memo2.Lines.Clear;
memo2.Lines.Add(sends);
clIEntsocket1.Socket.SendText(sends); //發送
end;
procedure TForm1.ClIEntSocket1Connect(Sender: TObject;
Socket: TCustomWinSocket);
begin
BuildHttpHead(); //一連接成功就發送
end;
procedure TForm1.FormShow(Sender: TObject);
begin
succ :=false; //是否成功
end;
procedure TForm1.Button5Click(Sender: TObject);
begin
button1.Enabled :=true;
clIEntsocket1.Active :=false;
end;