C# brush ticket program

Recommended for you: Get network issues from WhatsUp Gold. Not end users.

Someone let me help to vote last month, I do not want to write a program that gave him the brush point was, though it is against the rules, when entertainment. .


The first



1 Analysis

      Since it is a webpage to vote, it can forge a HTTP request to brush ticket. Needs analysis is the site used which prevent brush ticket measures. The vote has been stopped, I give everybody to describe.

      (1)At first, this is open to all people vote, did not must be the user limit.

      (2)According to the F12. Check the network, grab the voting HTTP requests. The poll, interception, that is Get, QuerySting value of a random number, a candidate number, there is not a clear value, the initial guess is Cookie Limited.

      (3). voted again vote, display “ you have been involved in, every day can only vote once”.

      (4)In Chrome browser, set, privacy settings, see Cookie, find the site of Cookies, find a not clear, there is also a saving candidate number Cookie. The two are deleted, and then point to vote, vote failed &rdquo display “. Although no votes, but the return information is not the same, that affirmation and Cookie.

      (5)Directly. Disable the site of Cookie, point to vote or display “ the referendum failed”.

      (6)At this time to look carefully at the QueryString long do not know value, and Cookie in the unknown values are the same, the voting button event should never change, it is estimated that when the page loads of both loaded. And then refresh the page, and this value is changed.

      (7)Then delete only save candidate number Cookie, keep the Cookie, and then point to vote, success´╝ü

      This website prevent brush ticket measures relatively simple, as long as have a look carefully will find this problem. Then I made the first edition.

2 structure of HTTP requests

      (1)To obtain the SID. First I said above that a long string of unclear value called SID, should be to verify whether Cookie functions.


private string GetSid()
        {
            string url = "http://www.xxxxxx.com/xxxx/list-510-1.html";
            HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
            var res = req.GetResponse() as HttpWebResponse;
            string sid= res.Headers.GetValues(5)[0].Split('=')[1];//In the ResponseThe firstThe value of the Cookie taken from the Headers. 

return sid;

}

      (2)According to the HTTP browser. Grab the request to simulate a HTTP request

      private HttpWebRequest CreatHttp()
        {
            Random rnd = new Random();
            string rndstr = rnd.NextDouble().ToString();//This is the imitation of the random number in the QueryString, no estimation does not affect the results
            string url = "http://www.xxxxxx.com/xxxx/api.php?op=qgtp&id=32&sid=" + sid + "&r=" + rndstr;
            HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
            CookieCollection cookies = new CookieCollection();
            //Add Cookie
            cookies.Add(new Cookie("xxxxaction", sid, "/rail", "www.peoplerail.com"));
            cookies.Add(new Cookie("xxxxxxxrand", rndstr, "/rail", "www.peoplerail.com"));
            //Also the random number stored, the life cycle of only 2 seconds, so the analysis did not find, in order to imitate realistic also wrote
            req.CookieContainer = new CookieContainer();
            req.CookieContainer.Add(cookies);
            req.Method = "GET";
            req.UserAgent = "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36";
            req.Timeout = 10000;
            req.Referer = "http://www.xxxxxx.com/xxxxxx/index.php?m=content&c=index&a=lists&catid=517&page=6";
            req.KeepAlive = true;
            req.Headers.Add("x-requested-with", "XMLHttpRequest");
            //All of the above in accordance with the browser crawl results corresponding to the one one
            return req;
        }

       (3). brush votes, and observe the brush ticket situation. Find the votes is will return the content, updates to TextBox.

     private void Go()
        {
            HttpWebRequest req = CreatHttp();
            var res = req.GetResponse() as HttpWebResponse;
            Stream st = res.GetResponseStream();//Read Response
            StreamReader sr = new StreamReader(st);
            string result = sr.ReadToEnd().ToString();
            try
            {
                textBox1.Text = result.Split(': ')[1].Split('<')[0];//Find out the votes from the return of the contents.
            }
            catch
            {
                timer1.Stop();
                label2.Text = "Brush votes to suspend";
            }
        }



       (4)Set the cycle. Using a For loop to send request, whoosh over hundreds of cycles, and there are no reaction to come over. Using Sleep (middle) words, sometimes program into a state of suspended animation, not real time observation to brush the ticket situation. So we use Winform controls Timer, when the page loads to stop, set the time interval, then the above method in Riga Timer events can be.

  private void Form1_Load(object sender, EventArgs e)
        {
            timer1.Stop();
            timer1.Interval = 1000;
        }

 3 improved

        The above several steps and then try to brush, brush too quickly found the system will return “ the referendum failed, suspected brush votes ” tips, and adjusted the time interval. But after two days, suddenly gone, several analysis, found with IP constraints. Find the agent IP in trouble, so stop by reconnection broadband. Each brush a reconnection can be a time.

   public static string Connect(string UserS,string PwdS)
        {
            string arg = @"Rasdial.exe broadband connection" + " " + UserS + " " + PwdS;
            return InvokeCmd(arg);
        }

        public static string Disconnect()
        {
            string arg = string.Format("rasdial \"{0}\" /disconnect", "Broadband connection");
            return InvokeCmd(arg);
        }

        private static string InvokeCmd(string cmdArgs)
        {
            string Tstr = "";
            Process p = new Process();
            p.StartInfo.FileName = "cmd.exe";
            p.StartInfo.UseShellExecute = false;
            p.StartInfo.RedirectStandardInput = true;
            p.StartInfo.RedirectStandardOutput = true;
            p.StartInfo.RedirectStandardError = true;
            p.StartInfo.CreateNoWindow = true;
            p.Start();

            p.StandardInput.WriteLine(cmdArgs);
            p.StandardInput.WriteLine("exit");
            Tstr = p.StandardOutput.ReadToEnd();
            p.WaitForExit();
            p.Close();
            return Tstr;
        }


 Webpage voting no perfect prevent brush ticket measures, can only be said to be anti gentleman is not anti villain, want to brush can always find loopholes.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Posted by Vanessa at November 14, 2013 - 12:01 PM