zoukankan      html  css  js  c++  java
  • VC设置cookies实现文件刷下载量

    同学XXX提问:

    大家好,我们做的Android应用已经成功在中兴汇天地成功上架了,打开“中兴汇天地应用商店”http://apps.ztems.com/,搜索栏搜索“睿云”就能找到了,但是需要你注册一个应用商店的账号,完成后就可以下载了,还可以给我们评论。最简单的刷下载量请直接点击http://dl5.ztems.com/tmpfile/cst2009/2009001/appSoft/2013/10/9/ruiyun.apk(经测试可以下载,不能增加下载量)
    以上两种方法均可,第一种更好,第二种也可。但是在大家空闲的时候还是推荐第一种。XXX在此谢谢各位的帮助了。

    -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


    类似这样的app下载网站,是不会验证IP,更不会验证MAC,来实现仅仅让一个客户端下载一次.(验证IP,我们可以用代理IP来实现我们的刷下载量的目的)


    模拟登录一下,看看服务器是怎样处理用户请求的.

    用抓包软件监测下:


    POST /storeUserbasicFacade/login.ssm HTTP/1.1
    Host: apps.ztems.com
    Connection: keep-alive
    Content-Length: 72
    Origin: http://apps.ztems.com
    User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36
    Content-Type: text/plain;charset=UTF-8
    Accept: */*
    Referer: http://apps.ztems.com/newLogin.html
    Accept-Encoding: gzip,deflate,sdch
    Accept-Language: zh-CN,zh;q=0.8
    Cookie: JSESSIONID=811B619FA8744978B07238A82F1E6A8B.app42-1; zte_store_view=4028329f417e6dcd01419d5dafa21aa3-1131011170551%2C
    
    [{"email":"******","userPasswd":"****","checkCode":"3367"}]

    http://apps.ztems.com/newLogin.html

    /storeUserbasicFacade/login.ssm

    这种东西由于水平有限暂时不知道如何去处理,所以就从cookies入手了.

    得到了cookies我们就可以非常轻松的绕过后台登录了.


    接下来用VC实现上述操作,利用win api

    InternetSetCookie

    Syntax

    BOOL InternetSetCookie(
      _In_  LPCTSTR lpszUrl,
      _In_  LPCTSTR lpszCookieName,
      _In_  LPCTSTR lpszCookieData
    );
    
    

    Parameters

    lpszUrl [in]

    Pointer to a null-terminated string that specifies the URL for which the cookie should be set.

    lpszCookieName [in]

    Pointer to a null-terminated string that specifies the name to be associated with the cookie data. If this parameter is NULL, no name is associated with the cookie.

    lpszCookieData [in]

    Pointer to the actual data to be associated with the URL.

    Return value

    Returns TRUE if successful, or FALSE otherwise. To get a specific error message, call GetLastError.

    Remarks

    Cookies created by InternetSetCookie without an expiration date are stored in memory and are available only in the same process that created them. Cookies that include an expiration date are stored in the windowscookies directory.

    Creating a new cookie might cause a dialog box to appear on the screen asking the user if they want to allow or disallow cookies from this site based on the privacy settings for the user.

    Caution  InternetSetCookie will unconditionally create a cookie even if “Block all cookies” is set in Internet Explorer. This behavior can be viewed as a breach of privacy even though such cookies are not subsequently sent back to servers while the “Block all cookies” setting is active. Applications should use InternetSetCookieEx to correctly honor the user's privacy settings.

    For more cookie internals, see http://blogs.msdn.com/ieinternals/archive/2009/08/20/WinINET-IE-Cookie-Internals-FAQ.aspx.

    Like all other aspects of the WinINet API, this function cannot be safely called from within DllMain or the constructors and destructors of global objects.

    Note  WinINet does not support server implementations. In addition, it should not be used from a service. For server implementations or services use Microsoft Windows HTTP Services (WinHTTP).

    #include <iostream>
    #include <cstdio>
    #include <afxinet.h>
    using namespace std;
    
    CString getHtml(CString url)
    {
    	CString content;
    	CString data;
    	DWORD dwStatusCode;
    	CInternetSession session(TEXT("HttpClient"));
    
    	CHttpFile* pfile = (CHttpFile *)session.OpenURL(url);
    	pfile->QueryInfoStatusCode(dwStatusCode);
    	if(dwStatusCode == HTTP_STATUS_OK)
    	{ 
    		while (pfile->ReadString(data))
    		{
    			content += data;
    		}
    	}
    	pfile->Close();
    	delete pfile;
    	session.Close();
    	return content;
    }
    
    int main()
    {
    	CString url = "http://apps.ztems.com/fdpc?appcode=4028329f417e6dcd01419d5dafa21aa3";
    	InternetSetCookie(url, NULL, TEXT("JSESSIONID=811B619FA8744978B07238A82F1E6A8B.app42-1; zte_store_view=;expires=Sat,01-Jan-2014 00:00:00GMT"));
    	getHtml(url);
    }



    Keep it simple!
    作者:N3verL4nd
    知识共享,欢迎转载。
  • 相关阅读:
    JavaScript 中,定义函数时用 var foo = function () {} 和 function foo() 有什么区别?
    Vue报错 [Vue warn]: Cannot find element
    一个android样本的过保护
    cve-2015-1635漏洞分析
    一个linux的样本分析
    ios透明代理抓包
    各浏览器抗uaf机制
    面试知识点总结之Nginx
    面试知识点总结之redis
    面试知识点总结之I/O流IO/BIO/NIO/AIO区别
  • 原文地址:https://www.cnblogs.com/lgh1992314/p/5834890.html
Copyright © 2011-2022 走看看