POST.NET
来源:BIN-Blog
写了一个WEB版的POST工具,可以向内网提交数据,其实在POST注入的时候发挥一定的效果!主要增加了对HTTP_X_FORWARDED_FOR 这个值的自定义提交.看着玩吧!
<%@ Page Language="c#" Debug="true" validaterequest="false" %>
<%@ import Namespace="System.Net.Sockets" %>
<%@ import Namespace="System.Text" %>
<%@ import Namespace="System.Net" %>
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
string hostName = TextBox1.Text.Trim();
int port = Int32.Parse(TextBox2.Text.Trim());
IPHostEntry ipInfo = Dns.GetHostByName(hostName);
IPAddress[] ipAddr = ipInfo.AddressList;
IPAddress ip = ipAddr[0];
IPEndPoint hostEP = new IPEndPoint(ip, port);
Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
try
{
socket.Connect(hostEP);
}
catch (Exception se)
{
TextBox4.Text = se.Message;
}
int lenth = TextBox7.Text.Length;
string sendStr0 = "POST " + TextBox3.Text + " HTTP/1.1\r\n";
string sendStr1 = "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/msword, application/vnd.ms-excel, application/x-shockwave-flash, */*\r\n";
string sendStr2 = "Referer: " + TextBox5.Text + "\r\n";
string sendStr3 = "Accept-Language: zh-cn\r\n";
string sendStr4 = "Content-Type: application/x-www-form-urlencoded\r\n";
string sendStr5 = "UA-CPU: x86\r\n";
string sendStr6 = "Accept-Encoding: gzip, deflate\r\n";
string sendStr7 = "User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)\r\n";
string sendStr8 = "Host: " + TextBox1.Text + "\r\n";
string sendStr9 = "Content-Length:" +lenth+ "\r\n";
string sendStr14 = "X-Forwarded-For: " + TextBox8.Text + "\r\n";
string sendStr10 = "Connection: close\r\n";
string sendStr11 = "Cache-Control: no-cache\r\n";
string sendStr12 = "Cookie:" + TextBox6.Text + "\r\n\r\n";
string sendStr13 = TextBox7.Text + "\r\n\r\n";
string sendStr = sendStr0 + sendStr1 + sendStr2 + sendStr3 + sendStr4 + sendStr5+sendStr6+sendStr7+sendStr8+sendStr9+sendStr10+sendStr11+sendStr14+sendStr12+sendStr13;
byte[] bytesSendStr = new byte[1024];
bytesSendStr = Encoding.ASCII.GetBytes(sendStr);
try
{
socket.Send(bytesSendStr, bytesSendStr.Length, 0);
}
catch (Exception ce)
{
TextBox4.Text= ce.Message;
}
string recvStr = "";
byte[] recvBytes = new byte[1024];
int bytes = 0;
try
{
do
{
bytes = socket.Receive(recvBytes, recvBytes.Length, 0);
recvStr += Encoding.GetEncoding("GB2312").GetString(recvBytes, 0, bytes);
}
while (bytes > 0);
TextBox4.Text = recvStr;
}
catch (Exception re)
{
TextBox4.Text = re.Message;
}
try
{
socket.Shutdown(SocketShutdown.Both);
socket.Close();
}
catch (Exception er) {
TextBox4.Text = er.Message;
}
}
</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>BIN-POST(c#)</title>
</head>
<body>
<form id="form1" runat="server">
<div style="TEXT-ALIGN: center">Bin - Post - [C#]
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center"> HOST:<asp:TextBox id="TextBox1" runat="server" Width="122px">www.rootkit.net.cn</asp:TextBox>
<font face="宋体" size="3">HTTP_X_FORWARDED_FOR:</font>
<asp:TextBox id="TextBox8" runat="server"></asp:TextBox>
PORT:<asp:TextBox id="TextBox2" runat="server" Width="40px">80</asp:TextBox>
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center">POSTURL:<asp:TextBox id="TextBox3" runat="server" Width="463px" Height="16px">/index.php</asp:TextBox>
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">REFERER:<asp:TextBox id="TextBox5" runat="server" Width="463px"></asp:TextBox>
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">COOKIES:<asp:TextBox id="TextBox6" runat="server" Width="467px" Height="55px" TextMode="MultiLine"></asp:TextBox>
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">POSTDATA:<asp:TextBox id="TextBox7" runat="server" Width="479px" Height="113px" TextMode="MultiLine"></asp:TextBox>
<br />
<br />
RECEDATA:<asp:TextBox id="TextBox4" runat="server" Width="479px" Height="181px" TextMode="MultiLine"></asp:TextBox>
<br />
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
<asp:Button id="Button1" onclick="Button1_Click" runat="server" Text="POST"></asp:Button>
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">
</div>
<div style="TEXT-ALIGN: center" align="center">Code By Bin
</div>
<div style="TEXT-ALIGN: center" align="center"><a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
<br />
<br />
<br />
</div>
</form>
</body>
</html>