登录脚本回放失败问题解决

扫码关注本人公众号

image.png

原因分析

录制的登录脚本回放失败，通过抓包分析，发现登录的请求为Ajax请求。

方案一、使用Ajax TruClient协议录制脚本

image.png

方案二、使用web_add_header函数设置请求消息头

设置请求方式的代码如下：

    web_add_header("X-Requested-With",
    "XMLHttpRequest");

设置支持接收的数据格式的代码如下：

    web_add_header("Accept",
    "application/json, text/javascript, */*; q=0.01");

完整代码如下：

Action()
{

    //使用关联函数得到动态的令牌
    web_reg_save_param("token",
        "LB=\"csrf_token\" value=\"",
        "RB=\"",
        "Ord=1",
        LAST);

    web_url("index.php", 
        "URL=http://192.168.0.114:8080/phpwind/index.php?m=u&c=login", 
        "Resource=0", 
        "RecContentType=text/html", 
        "Referer=", 
        "Snapshot=t93.inf", 
        "Mode=HTML", 
        LAST);

    web_add_header("X-Requested-With",
    "XMLHttpRequest");

    web_add_header("Accept",
    "application/json, text/javascript, */*; q=0.01");

    web_reg_save_param("status",
            "LB=_statu%3D",
            "RB=\"",
            "Ord=1",
            LAST);

    web_submit_data("index.php_3", 
        "Action=http://192.168.0.114:8080/phpwind/index.php?m=u&c=login&a=dorun", 
        "Method=POST", 
        "RecContentType=text/html", 
        "Referer=http://192.168.0.114:8080/phpwind/index.php?m=u&c=login", 
        "Snapshot=t96.inf", 
        "Mode=HTML", 
        ITEMDATA, 
        "Name=username", "Value=lvxiaohui001", ENDITEM, 
        "Name=password", "Value=123456", ENDITEM, 
        "Name=backurl", "Value=", ENDITEM, 
        "Name=invite", "Value=", ENDITEM, 
        "Name=csrf_token", "Value={token}", ENDITEM, 
        LAST);

    web_url("index.php_4", 
        "URL=http://192.168.0.114:8080/phpwind/index.php?m=u&c=login&a=welcome&_statu={status}", 
        "Resource=0", 
        "RecContentType=text/html", 
        "Referer=", 
        "Snapshot=t97.inf", 
        "Mode=HTML", 
        EXTRARES, 
        "Url=themes/site/default/images/main_bg.png", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=themes/site/default/images/common/style_bg.png", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=themes/site/default/images/common/header_dorp.png", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=themes/site/default/images/common/loading.gif", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=themes/site/default/images/forum/bg.png", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=themes/site/default/images/common/core_icon.png", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=res/js/dev/util_libs/lazySlide.js?v=20161021", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=res/js/dev/pages/common/sidebarMain.js?v=20161021", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=res/js/dev/pages/bbs/threadManage.js?v=20161021", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=res/js/dev/ui_libs/dialog/dialog.js?v=20161021", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        "Url=res/images/face/face_small.jpg", "Referer=http://192.168.0.114:8080/phpwind/", ENDITEM, 
        LAST);

    web_add_header("X-Requested-With",
    "XMLHttpRequest");


    web_add_header("Accept",
        "application/json, text/javascript, */*; q=0.01");


    //提交查看积分的请求
    web_submit_data("index.php_5", 
        "Action=http://192.168.0.114:8080/phpwind/index.php?m=u&a=showcredit", 
        "Method=POST", 
        "RecContentType=application/x-www-form-urlencoded; charset=UTF-8", 
        "Referer=http://192.168.0.114:8080/phpwind/", 
        "Snapshot=t98.inf", 
        "Mode=HTML", 
        ITEMDATA, 
        "Name=csrf_token", "Value={token}", ENDITEM, 
        LAST);




    return 0;
}

回放截图

image.png
image.png