HTTP协议分析系列（六）------php+socket+cookie请求

创建时间：2015-01-05 投稿人：浏览次数：1551

以www.verycd.com为例

在火狐浏览器登录wuming88888888账号为发送方

在chrome浏览器登录wuming1990账号为接收方

分析发送方的表单

分析提交页源代码POST的数据

<?php 
require("./http.class.php");
$http=new Http("http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0");
$msg=array(
	"formhash"=>"10fe754a",
	"message"=>"你好",
	"pmsubmit"=>true,
	"pmsubmit_btn"=>"发送",
	"refer"=>"http://home.verycd.com/space.php?do=pm&filter=privatepm",
	"username"=>"wuming1990"
);
file_put_contents("./res.html",$http->post($msg));

?>

打开res.html,分析源代码

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 05 Dec 2014 06:57:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Location: http://www.verycd.com/account/profile/
Set-Cookie: uchome__refer=cp.php%253Fac%253Dprofile; path=/; domain=.verycd.com

33fc

调试查看自己发送的是什么内容？

这时候我们可以分析出错误出现在第一行
打印该对象
Http Object
(
    [errno:protected] => 0
    [errstr:protected] => 
    [response:protected] => 
    [url:protected] => Array
        (
            [scheme] => http
            [host] => home.verycd.com
            [path] => /cp.php
            [query] => ac=pm&op=send&touid=0&pmid=0
            [port] => 80
        )

    [version:protected] => HTTP/1.1
    [fh:protected] => Resource id #3
    [line:protected] => Array
        (
            [0] => POST /cp.php HTTP/1.1
        )

    [header:protected] => Array
        (
            [0] => Host:home.verycd.com
            [1] => Content-type:application/x-www-form-urlencoded
            [2] => Content-length:185
        )

    [body:protected] => Array
        (
            [0] => formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990
        )

)

修改我们的http类

<pre name="code" class="php"> //http请求类的接口
interface Proto{
	//连接url
	function conn($url);
	//发送get查询
	function get();
	//发送post查询
	function post();
	//关闭连接
	function close();
}
class Http implements Proto{
	const CRLF="
";
	protected $errno=-1;
	protected $errstr="";
	protected $response="";
	protected $url=null;
	protected $version="HTTP/1.1";
	protected $fh=null;
	protected $line=array();
	protected $header=array();
	protected $body=array();
	
	public function __construct($url){
		$this->conn($url);
		$this->setHeader("Host:".$this->url["host"]);
	}
	//此方法负责写请求行
	protected function setLine($method){
		$this->line[0]=$method." ".$this->url["path"]."?".$this->url["query"]." ".$this->version;
	}
	//此方法负责写头信息
	public function setHeader($headerline){
		$this->header[]=$headerline;
	}
	//此方法负责写主体信息
	protected function setBody($body){
		
		$this->body[]=http_build_query($body);;
	}
	//连接url
	function conn($url){
		$this->url=parse_url($url);
		//判断端口
		if(!isset($this->url["port"])){
			$this->url["port"]=80;
		}
		$this->fh=fsockopen($this->url["host"],$this->url["port"],$this->errno,$this->errstr,3);
	}
	//构造get请求的数据
	function get(){
		$this->setLine("GET");
		$this->request();
		return $this->response;
	}
	//构造post请求的数据
	function post($body=array()){
		//构造主体信息
		$this->setLine("POST");
		
		//设置content-type
		$this->setHeader("Content-type:application/x-www-form-urlencoded");
		//设置主体信息，比GET不一样的地方
		$this->setBody($body);
		//计算content-length
		$this->setHeader("Content-length:".strlen($this->body[0]));
		$this->request();
		return $this->response;
	}
	//真正请求
	function request(){
		//把请求行，头信息，实体信息  放在一个数组里，便于拼接
		$req=array_merge($this->line,$this->header,array(""),$this->body,array(""));
		$req=implode(self::CRLF,$req);
// 		print_r($this);
// 		echo $req;
// 		exit;
		fwrite($this->fh,$req);
		
		while(!feof($this->fh)){
			$this->response.=fread($this->fh,1024);
		}
		
		$this->close();//关闭连接
		return $this->response;
	}
	//关闭连接
	function close(){
		fclose($this->fh);
	}
}

生成如下POST /cp.php?ac=pm&op=send&touid=0&pmid=0 HTTP/1.1Host:home.verycd.comContent-type:application/x-www-form-urlencodedContent-length:185formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 Dec 2014 07:11:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome__refer=cp.php%253Fac%253Dpm; path=/; domain=.verycd.com

表示已成功，但是不完全，我们接着看res.html中的内容
在网页中有如下内容：表明需要先登录以后才能操作

服务器怎么知道咱们没登陆的？

http一个很重要的特点：无状态，两次请求之间没有关系。

服务器如何记住一个客户？

建立cookie.php

<?php
header("content-type:text/html;charset=utf8"); 
setcookie("user","zhangsan");
echo "服务器给你的编号是zhangsan";
?>

建立readcookie.php

<?php
header("content-type:text/html;charset=utf8"); 
echo "服务器给你的编号是".$_COOKIE["user"];
?>

利用命令窗口提交请求

增加提交的信息

<?php 
require("./http.class.php");
$http=new Http("http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0");
$http->setHeader("cookie:Hm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1");
$msg=array(
	"formhash"=>"10fe754a",
	"message"=>"i am from wuming88888888",
	"pmsubmit"=>true,
	"pmsubmit_btn"=>"发送",
	"refer"=>"http://home.verycd.com/space.php?do=pm&filter=privatepm",
	"username"=>"wuming1990"
);
file_put_contents("./res.html",$http->post($msg));
echo "ok";
?>

再看wuming1990的用户是否收到信息

（PS：如果发送不成功，表明COOKIE值不对，cookie的生成与请求头信息有关，保守做法：把全部请求头信息加到post请求里面）

Accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Encoding gzip, deflate

Accept-Language zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3

Connection keep-alive

CookieHm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1

Hosthome.verycd.com

Refererhttp://home.verycd.com/cp.php?ac=pm

User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0

书写格式：

$http->setHeader("红色字体:黑色字体");

声明：该文观点仅代表作者本人，牛骨文系教育信息发布平台，牛骨文仅提供信息存储空间服务。

上一篇： php $_GET $_POST $_COOKIE取值过程
下一篇： windows下curl的安装和简单使用

热门文章: CTF writeup 2_南邮网络攻防训...; SSM框架——详细整合教程（...; Linux Shell脚本编程－－curl命...; HttpClient使用详解; Java面试题全集（上）; JAVA设计模式之单例模式; java.lang.OutOfMemoryError: PermGen ...; TCP协议中的三次握手和四次...; form表单的两种提交方式，su...; String,StringBuffer与StringBuilder...

最新文章: Java之品优购课程讲义_day20（7）; 剑指 Offer - 8：跳台阶; Netty权威指南_札记02_NIO编程; mysql时间属性之时间戳和datetime之...; 虚拟现实或许可以拯救古埃及的“...; spring cloud服务注册中心eureka---集群...; Java SE 第六章; HTTP请求+数据库; HIDL学习笔记之HIDL C++（第二天）; ubuntu系统下指定tomcat运行时为JDK1.8...