c# 怎么能绕过 登录验证登陆成功
0
悬赏园豆:10
[已解决问题]
解决于 2020-02-26 00:00
using main_loader.Utility;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Drawing;
using System.IO;
using System.Net;
using System.Threading;
using System.Windows.Forms;
namespace main_loader.frames
{
public class LoginForm : Form
{
private bool is_aborted;
private bool hasBeenLoggedIn;
private string session_key;
private NetClient.AuthResult auth_result;
private IContainer components;
private Button Login;
private Button Register;
private TextBox loginTextBox;
private TextBox paswordTextBox;
public bool IsLoggedIn
{
get
{
return this.hasBeenLoggedIn;
}
}
public string SessionKey
{
get
{
return this.session_key;
}
}
public NetClient.AuthResult AuthResult
{
get
{
return this.auth_result;
}
}
public LoginForm()
{
this.InitializeComponent();
this.loginTextBox.Text = Config.Login;
this.paswordTextBox.Text = Config.Password;
}
private void Register_Click(object sender, EventArgs e)
{
RegisterForm registerForm = new RegisterForm
{
StartPosition = FormStartPosition.CenterParent
};
if (sender is string)
{
registerForm.license_key.Text = (sender as string);
}
registerForm.Closing += delegate(object o, CancelEventArgs args)
{
if (registerForm.IsRegisteredSuccessfully)
{
this.loginTextBox.Text = registerForm.Login;
this.paswordTextBox.Text = registerForm.Password;
Config.Login = registerForm.Login;
Config.Password = registerForm.Password;
Config.Save();
}
};
if (registerForm.ShowDialog() == DialogResult.OK)
{
Application.Run(registerForm);
}
}
private void Login_Click(object sender, EventArgs e)
{
this.DisableControls();
try
{
HttpWebRequest httpWebRequest = WebRequest.Create("http://127.0.0.1/loader/login.php") as HttpWebRequest;
Dictionary<string, string> expr_1B = new Dictionary<string, string>();
expr_1B["login"] = this.loginTextBox.Text;
expr_1B["password"] = this.paswordTextBox.Text;
byte[] array = NetClient.SerializeParameters(expr_1B);
httpWebRequest.Method = "POST";
httpWebRequest.ContentType = "application/x-www-form-urlencoded";
httpWebRequest.ContentLength = (long)array.Length;
this.is_aborted = false;
ThreadPool.RegisterWaitForSingleObject(httpWebRequest.BeginGetRequestStream(new AsyncCallback(this.UploadValuesCallback), httpWebRequest).AsyncWaitHandle, new WaitOrTimerCallback(this.TimeoutCallback), httpWebRequest, 60000, true);
}
catch (WebException ex)
{
if (ex.Status != WebExceptionStatus.RequestCanceled)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
this.EnableControls();
}
catch (Exception arg_D3_0)
{
this.EnableControls();
MessageBox.Show(arg_D3_0.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
}
private void UploadValuesCallback(IAsyncResult result)
{
try
{
HttpWebRequest httpWebRequest = result.AsyncState as HttpWebRequest;
Stream arg_4A_0 = httpWebRequest.EndGetRequestStream(result);
Dictionary<string, string> expr_18 = new Dictionary<string, string>();
expr_18["login"] = this.loginTextBox.Text;
expr_18["password"] = this.paswordTextBox.Text;
byte[] array = NetClient.SerializeParameters(expr_18);
arg_4A_0.Write(array, 0, array.Length);
arg_4A_0.Close();
ThreadPool.RegisterWaitForSingleObject(httpWebRequest.BeginGetResponse(new AsyncCallback(this.ResponseCallback), httpWebRequest).AsyncWaitHandle, new WaitOrTimerCallback(this.TimeoutCallback), httpWebRequest, 60000, true);
}
catch (WebException ex)
{
if (ex.Status != WebExceptionStatus.RequestCanceled)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
this.EnableControls();
}
catch (Exception arg_B3_0)
{
MessageBox.Show(arg_B3_0.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
this.EnableControls();
}
}
private void TimeoutCallback(object state, bool timedOut)
{
if (timedOut)
{
HttpWebRequest httpWebRequest = state as HttpWebRequest;
if (httpWebRequest != null)
{
if (!this.is_aborted)
{
this.EnableControls();
this.is_aborted = true;
MessageBox.Show("无法连接到服务器!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
httpWebRequest.Abort();
}
}
}
private void ResponseCallback(IAsyncResult result)
{
this.EnableControls();
try
{
using (Stream responseStream = ((result.AsyncState as HttpWebRequest).EndGetResponse(result) as HttpWebResponse).GetResponseStream())
{
using (StreamReader streamReader = new StreamReader(responseStream))
{
NetClient.AuthResult authResult = JsonConvert.DeserializeObject<NetClient.AuthResult>(Encryption.Base64Decode(streamReader.ReadToEnd()));
this.auth_result = authResult;
responseStream.Close();
streamReader.Close();
if (authResult.CanRegister)
{
base.Invoke(new MethodInvoker(delegate
{
this.Register_Click(this.loginTextBox.Text, null);
}));
}
else if (!authResult.IsAuthenticated)
{
MessageBox.Show(authResult.ErrorMessage, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
else
{
Config.Login = this.loginTextBox.Text;
Config.Password = this.paswordTextBox.Text;
Config.Save();
this.hasBeenLoggedIn = true;
this.session_key = authResult.AuthData.Session;
base.BeginInvoke(new MethodInvoker(delegate
{
base.Close();
}));
}
}
}
}
catch (WebException ex)
{
if (ex.Status != WebExceptionStatus.RequestCanceled)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
}
catch (Exception arg_119_0)
{
MessageBox.Show(arg_119_0.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
}
private void DisableControls()
{
this.Login.SetPropertyThreadSafe(() => this.Login.Enabled, false);
this.Register.SetPropertyThreadSafe(() => this.Register.Enabled, false);
this.loginTextBox.SetPropertyThreadSafe(() => this.loginTextBox.Enabled, false);
this.paswordTextBox.SetPropertyThreadSafe(() => this.paswordTextBox.Enabled, false);
}
private void EnableControls()
{
this.Login.SetPropertyThreadSafe(() => this.Login.Enabled, true);
this.Register.SetPropertyThreadSafe(() => this.Register.Enabled, true);
this.loginTextBox.SetPropertyThreadSafe(() => this.loginTextBox.Enabled, true);
this.paswordTextBox.SetPropertyThreadSafe(() => this.paswordTextBox.Enabled, true);
}
protected override void Dispose(bool disposing)
{
if (disposing && this.components != null)
{
this.components.Dispose();
}
base.Dispose(disposing);
}
private void InitializeComponent()
{
this.Login = new Button();
this.Register = new Button();
this.loginTextBox = new TextBox();
this.paswordTextBox = new TextBox();
base.SuspendLayout();
this.Login.Location = new Point(233, 36);
this.Login.Name = "Login";
this.Login.Size = new Size(75, 23);
this.Login.TabIndex = 0;
this.Login.Text = "登录";
this.Login.UseVisualStyleBackColor = true;
this.Login.Click += new EventHandler(this.Login_Click);
this.Register.Location = new Point(12, 77);
this.Register.Name = "Register";
this.Register.Size = new Size(75, 23);
this.Register.TabIndex = 1;
this.Register.Text = "注册";
this.Register.UseVisualStyleBackColor = true;
this.Register.Click += new EventHandler(this.Register_Click);
this.loginTextBox.Location = new Point(12, 12);
this.loginTextBox.Name = "loginTextBox";
this.loginTextBox.Size = new Size(215, 20);
this.loginTextBox.TabIndex = 2;
this.loginTextBox.Text = "注册码";
this.paswordTextBox.Location = new Point(12, 38);
this.paswordTextBox.Name = "paswordTextBox";
this.paswordTextBox.Size = new Size(215, 20);
this.paswordTextBox.TabIndex = 3;
this.paswordTextBox.Text = "密码";
base.AutoScaleDimensions = new SizeF(6f, 13f);
base.AutoScaleMode = AutoScaleMode.Font;
this.BackColor = SystemColors.Control;
base.ClientSize = new Size(407, 112);
base.Controls.Add(this.paswordTextBox);
base.Controls.Add(this.loginTextBox);
base.Controls.Add(this.Register);
base.Controls.Add(this.Login);
base.FormBorderStyle = FormBorderStyle.FixedDialog;
base.Name = "LoginForm";
base.ShowIcon = false;
base.StartPosition = FormStartPosition.CenterScreen;
this.Text = "xxxxx";
base.ResumeLayout(false);
base.PerformLayout();
}
}}
最佳答案
1
HttpWebRequest 本身没有什么验证。你想说的是http server的登录验证吧 —— 不可能,除非留个后门。监听网络“偷”别个的token或者session之类的认证信息。
收获园豆:10
