找回密码
 加入
搜索
查看: 4032|回复: 3

[网络通信] 大家帮忙看看,一个投票程序,为什么服务器端不能接收到Referer的值呢?

[复制链接]
发表于 2011-9-2 22:14:07 | 显示全部楼层 |阅读模式
写入欺骗代码如下:(下面代码中的ip为某个网站的ip地址或者是某个网址)
$oHTTP = ObjCreate("microsoft.xmlhttp")
$oHTTP.Open("post", "http://ip/jieshou.asp", False)
$oHTTP.setRequestHeader("Accept-Encoding", "gzip, deflate")
$oHTTP.setRequestHeader("Accept-Language", "zh-cn")
$oHTTP.setRequestHeader("Cache-Control", "no-cache")
$oHTTP.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")
$oHTTP.setRequestHeader("Host", "ip")
$oHTTP.setRequestHeader("Referer", "http://ip/input.html")
$oHTTP.Send("ck1=%D5%C5%C8%FD&ck1=%C0%EE%CB%C4&Submit=%CC%E1%BD%BB");post投票

我写程序后,然后在服务器端简写一个jieshou.asp程序,检测接收到的数据,发现发送的表单数据还可以,能够接收得到,
但用Request.ServerVariables("HTTP_REFERER")检测Referer头信息,却是空的,没有接收的到通过语句:$oHTTP.setRequestHeader("Referer", "http://ip/input.html")
设置的头信息,为什么呢?
请大家赐教。如果有人研究够winhttp的新写法,也可以发上来大家一起研究
 楼主| 发表于 2011-9-3 11:31:44 | 显示全部楼层
高手朋友们,您在哪呀???????
发表于 2011-9-3 13:34:59 | 显示全部楼层
回复 1# sdwd_lhq

xmlhttp 是98时代的产物,呵呵...不支持referer不支持Cookies,为何要用呢?

想要用的话,至少要ServerXmlhttp 5.0以上,推荐直接 winhttp 就好了。
 楼主| 发表于 2011-9-3 15:15:29 | 显示全部楼层
回复 3# republican

我也想用au3中提供的winhttp,但我怎么试也没有发送成功,服务器端的jieshou.asp文件什么都接收不到:

服务器的地址:192.168.0.1  web的端口为801  ,
录入网页:http://192.168.0.1:801/input.html
接收网页:http://192.168.0.1:801/jieshou.asp

我把httpwatch抓取得信息如下:
POST /jieshou.asp HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*
Referer: http://192.168.0.1:801/input.html
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 222.135.111.108:801
Content-Length: 53
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: lzstat_uv=267122783216614645|2575321

ck1=%D5%C5%C8%FD&ck1=%C0%EE%CB%C4&Submit=%CC%E1%BD%BB

我运用winhttp写的代码如下:
        Global $sPostData = "ck1=%D5%C5%C8%FD&ck1=%C0%EE%CB%C4&Submit=%CC%E1%BD%BB"
        $saddress = "192.168.0.1"
        ; 初始化并获得会话句柄
        Global $hOpen = _WinHttpOpen()
        ; 获取连接句柄
        Global $hConnect = _WinHttpConnect($hOpen, $saddress, 801)
        ; Request
        Global $hRequest = _WinHttpOpenRequest($hConnect, _
                        "POST", _ ; verb
                        "http://192.168.0.1:801/jieshou.asp", _    ; target
                        Default, _ ; version
                        "http://192.168.0.1:801/input.html", _    ; referer
                        "*/*") ; accept

        ; 确保启用 cookies
        _WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)


        ; 添加到请求头的字段
        $jg = _WinHttpAddRequestHeaders($hRequest, "Accept-Language: zh-cn")
        $jg = _WinHttpAddRequestHeaders($hRequest, "Content-Type: application/x-www-form-urlencoded")
        $jg = _WinHttpAddRequestHeaders($hRequest, "Accept-Encoding: gzip, deflate")
        $jg = _WinHttpAddRequestHeaders($hRequest, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)")
        $jg = _WinHttpAddRequestHeaders($hRequest, "Host: 192.168.0.1:801")
        $jg = _WinHttpAddRequestHeaders($hRequest, "Connection: Keep-Alive")
        $jg = _WinHttpAddRequestHeaders($hRequest, "Cache-Control: no-cache")

        ; 发送
        _WinHttpSendRequest($hRequest, -1, $sPostData)


好心人帮我看看,好吗?
您需要登录后才可以回帖 登录 | 加入

本版积分规则

QQ|手机版|小黑屋|AUTOIT CN ( 鲁ICP备19019924号-1 )谷歌 百度

GMT+8, 2024-12-23 17:07 , Processed in 0.096699 second(s), 23 queries .

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表