PDA

Click to See Complete Forum and Search --> : How to login a website?post!

chinakknd
January 26th, 2008, 01:41 AM
Hi,
I want to login a website eg aaa.com
so I do this,
I use SendRequest send my username an password
pFile->AddRequestHeaders("Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*");
pFile->AddRequestHeaders("Referer: http://www.boofdollars.com/index.php?view=login&");
pFile->AddRequestHeaders("Accept-Language: zh-cn");
pFile->AddRequestHeaders("Content-Type: application/x-www-form-urlencoded");
pFile->AddRequestHeaders("Accept-Encoding: gzip, deflate");
pFile->AddRequestHeaders("User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50727)");
pFile->AddRequestHeaders("Host: www.boofdollars.com");
pFile->AddRequestHeaders("Content-Length: 80");
pFile->AddRequestHeaders("Connection: Keep-Alive");
pFile->AddRequestHeaders("Cache-Control: no-cache");
pFile->AddRequestHeaders("Cookie: "+cookie_);
pFile->AddRequestHeaders("returnTo=&id=&ac=stats&step=&ptype=&form_user=goodhere&form_pwd=goodhere");
pFile->SendRequest(NULL,0,lpOptional,strlen(lpOptional));//80 bytes skipped. Reason: The content type is not captured.

Why?
I must creat a cookie?
Thank you
upredsun
January 26th, 2008, 08:37 PM
you can login the website using IE,and sniff the packet,and then check your code.
FrozenEye
February 3rd, 2008, 12:07 PM
listen..what i know is that its all about sessions..there r 2 ways I've seen to handle sessions
*Cookies
*Posted variables

Cookies, some variables with data sent to u in the response header (Set-Cookie)
Posted variables, when u "GET" a page with the form ur gonna fill, some hidden fields holds some values for example a variable "s" (ie session) may hold "ksudfn983pm3cc9p3" or whatever, it may look like a cookie variable

ny way..u can let wininet handle cookies for u by NOT adding ny "Cookie" headers in ur request AND "INTERNET_FLAG_FORMS_SUBMIT" header in the CHttpConnetion::OpenRequest function

good luck
FrozenEye
February 3rd, 2008, 12:08 PM
and upredsun's suggestion is extremely helpful, u SHOULD do that and find a way to automate the process and utilize wininet functions
MikeAThon
February 4th, 2008, 08:35 PM
To sniff the conversation between a browser and the target site, install a debugging proxy like Fiddler: www.fiddlertool.com

Mike