登录到使用Live.com身份验证的网站 [英] Logging Into a site that uses Live.com authentication
问题描述
我一直想一个登录到网站我频繁,www.bungie.net自动化。该网站与微软和Xbox Live的关联,正因为如此,使的Windows Live ID API的使用,当人们登录到他们的网站。
我是比较新的创建Web蜘蛛/机器人,我担心我误解了一些最基本的概念。我模拟登录到其他网站,如Facebook和Gmail,但live.com给我添麻烦。
不管怎么说,我一直在使用Wireshark的和Firefox的插件篡改数据,试图找出我需要工作,我需要用我的请求中包含什么饼干。据我知道这些都是必须遵循登录到这个网站的步骤。
1 访问HTTPS: //login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917
2 收到饼干MS prequ和MSPOK。
3 发表从表单IDPPSX,从形式上IDPPFT,您的用户名的价值观,你的密码都不断变化的网址类似的值:https://开头login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct=
(有,在该网址的结尾改几个数字)
4。 Live.com返回给用户更隐蔽的形式来发布页面。然后,客户端从表ANON的帖子的值,从表ANONExp的价值,从形式T的URL值:HTTP://www.bung ie.net/Default.aspx?wa = wsignin1.0
5。公布数据后,用户将返回各种饼干其中最重要的就是BNGAuth,这是在日志中的Cookie的网站。
在哪里我有麻烦的是在第五步,但这并不意味着neccesarily我做正确的所有步骤。我从张贴ANON,ANONExp和t的数据,而不是被退回BNGAuth饼干,我回到了一个名为RSPMaybe,并重定向到主页上的cookie。
当我回顾Wireshark的日志,我注意到的东西,立刻站出来给我作为日志之间是不同的,当我登录与Firefox当我的程序运行。这可能是什么,但我会在这里包括图片为您检查。我在第四步发布的数据之前,我被返回从网站的HTTP分组。我不知道这是怎么发生的,但它一定是从什么我在HTTPS步骤做错了副作用。
使用系统;
使用System.Collections.Generic;
使用System.Collections.Specialized;
使用System.Text;
使用System.Net;
使用System.IO;
使用System.IO.Com pression;
使用System.Security.Cryptography;
使用System.Security.Cryptography.X509Certificates;
使用的System.Web;命名空间SpiderFromScratch
{
类节目
{
静态无效的主要(字串[] args)
{
饼干的CookieContainer =新的CookieContainer();
乌里URL =新Uri(\"https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917\");
HttpWebRequest的HTTP =(HttpWebRequest的)HttpWebRequest.Create(URL); http.Timeout = 30000;
http.UserAgent =Mozilla的/ 5.0(视窗; U; Windows NT的5.1; EN-US; rv中:1.9.1.8)的Gecko / 20100202火狐/ 3.5.8(.NET CLR 3.5.30729);
http.Accept =text / html的,是application / xhtml + xml的,应用/ XML; Q = 0.9 * / *; Q = 0.8;
http.Headers.Add(接受语言,EN-US,连接; Q = 0.5);
http.Headers.Add(接收字符集,ISO-8859-1,utf-8的; Q = 0.7,*; Q = 0.7);
http.Headers.Add(保持活动,300);
http.Referer =http://www.bungie.net/;
http.ContentType =应用/的X WWW的形式urlen codeD;
http.CookieContainer =新的CookieContainer();
http.Method = WebRequestMethods.Http.Get; HttpWebResponse响应=(HttpWebResponse)http.GetResponse();
StreamReader的readStream =新的StreamReader(response.GetResponseStream());
串的HTML = readStream.ReadToEnd();
readStream.Close(); //得到饼干(它们在第八标头集合)
字符串[] = strCookies response.Headers.GetValues(8);
response.Close(); 字符串名称,值;
饼干manualCookie;
的for(int i = 0; I< strCookies.Length;我++)
{
命名= strCookies [I] .Substring(0,strCookies [I] .IndexOf(=));
值= strCookies [I] .Substring(strCookies [I] .IndexOf(=)+ 1,strCookies [Ⅰ] .IndexOf(;) - strCookies [I] .IndexOf(=) - 1);
manualCookie =新的Cookie(名称,\\+价值+\\); 乌里manualURL =新的URI(http://login.live.com);
http.CookieContainer.Add(manualURL,manualCookie);
}
//存储后面将要使用的Cookie
饼干= http.CookieContainer; //获取PPSX值
串PPSX = HTML.Remove(0,HTML.IndexOf(PPSX));
PPSX = PPSX.Remove(0,PPSX.IndexOf(值)+ 7);
PPSX = PPSX.Substring(0,PPSX.IndexOf(\\)); //获取这个随机值PPFT
串PPFT = HTML.Remove(0,HTML.IndexOf(PPFT));
PPFT = PPFT.Remove(0,PPFT.IndexOf(值)+ 7);
PPFT = PPFT.Substring(0,PPFT.IndexOf(\\)); //获取你邮寄到随机URL
串POSTURL = HTML.Remove(0,HTML.IndexOf(https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct=));
POSTURL = POSTURL.Substring(0,POSTURL.IndexOf(\\));
//使用POST饼干
HTTP =(HttpWebRequest的)HttpWebRequest.Create(POSTURL); http.UserAgent =Mozilla的/ 5.0(视窗; U; Windows NT的5.1; EN-US; rv中:1.9.1.8)的Gecko / 20100202火狐/ 3.5.8(.NET CLR 3.5.30729);
http.Accept =text / html的,是application / xhtml + xml的,应用/ XML; Q = 0.9 * / *; Q = 0.8;
http.Headers.Add(接受语言,EN-US,连接; Q = 0.5);
http.Headers.Add(接收字符集,ISO-8859-1,utf-8的; Q = 0.7,*; Q = 0.7);
http.Headers.Add(保持活动,300);
http.CookieContainer =饼干;
http.Referer = \"https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268158321&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917\";
http.ContentType =应用/的X WWW的形式urlen codeD;
http.Method = WebRequestMethods.Http.Post; 流的ostream = http.GetRequestStream(); //用于字符串转换成字节
System.Text.ASCIIEncoding编码=新System.Text.ASCIIEncoding(); //邮政信息
字节[]缓冲= encoding.GetBytes(PPSX =+ PPSX +\"&PwdPad=IfYouAreReadingThisYouHaveTooMuc&login=YOUREMAILGOESHERE&passwd=YOURWORDGOESHERE\" +
与& LoginOptions = 2及PPFT =+ PPFT);
ostream.Write(缓冲液,0,buffer.Length);
ostream.Close(); HttpWebResponse响应2 =(HttpWebResponse)http.GetResponse();
readStream =新的StreamReader(response2.GetResponseStream());
的HTML = readStream.ReadToEnd(); response2.Close();
ostream.Dispose();
的foreach(在response2.Cookies饼干饼干)
{
Console.WriteLine(cookie.Name +:);
Console.WriteLine(cookie.Value);
Console.WriteLine(cookie.Expires);
Console.WriteLine();
} //设置POSTURL值
字符串POSTANON =http://www.bungie.net/Default.aspx?wa=wsignin1.0; //获取ANON值
字符串ANON = HTML.Remove(0,HTML.IndexOf(别名));
ANON = ANON.Remove(0,ANON.IndexOf(值)+ 7);
ANON = ANON.Substring(0,ANON.IndexOf(\\));
ANON = HttpUtility.UrlEn code(佚名) //获取ANONExp值
串ANONExp = HTML.Remove(0,HTML.IndexOf(ANONExp));
ANONExp = ANONExp.Remove(0,ANONExp.IndexOf(值)+ 7);
ANONExp = ANONExp.Substring(0,ANONExp.IndexOf(\\));
ANONExp = HttpUtility.UrlEn code(ANONExp); //获取t值
串T = HTML.Remove(0,HTML.IndexOf(ID = \\T \\));
T = t.Remove(0,t.IndexOf(值)+ 7);
T = t.Substring(0,t.IndexOf(\\));
T = HttpUtility.UrlEn code(T); // POST的信息,并接受Bungie的饼干
HTTP =(HttpWebRequest的)HttpWebRequest.Create(POSTANON); http.UserAgent =Mozilla的/ 5.0(视窗; U; Windows NT的5.1; EN-US; rv中:1.9.1.8)的Gecko / 20100202火狐/ 3.5.8(.NET CLR 3.5.30729);
http.Accept =text / html的,是application / xhtml + xml的,应用/ XML; Q = 0.9 * / *; Q = 0.8;
http.Headers.Add(接受语言,EN-US,连接; Q = 0.5);
http.Headers.Add(接受编码,gzip的,放气);
http.Headers.Add(接收字符集,ISO-8859-1,utf-8的; Q = 0.7,*; Q = 0.7);
http.Headers.Add(保持活动,115);
http.CookieContainer =新的CookieContainer();
http.ContentType =应用/的X WWW的形式urlen codeD;
http.Method = WebRequestMethods.Http.Post; http.Expect = NULL; ostream的= http.GetRequestStream();
INT测试= ANON.Length;
INT TEST1 = ANONExp.Length;
INT测试2 = t.Length;
缓冲= encoding.GetBytes(ANON =+ ANON +&放大器; ANONExp =+ ANONExp +& T公司=+ T);
ostream.Write(缓冲液,0,buffer.Length);
ostream.Close(); //这里躺着的问题,我没有回到正确的饼干。
HttpWebResponse response3 =(HttpWebResponse)http.GetResponse();
GZipStream的gzip =新GZipStream(response3.GetResponseStream(),COM pressionMode.Decom preSS);
readStream =新的StreamReader(gzip的);
的HTML = readStream.ReadToEnd(); //获取两个饼干
字符串[] = strCookies2 response3.Headers.GetValues(11); response3.Close();
}
}
}
我不知道如果你仍然在做这个或没有,但在Windows Live开发网站上有很多关于它的信息,以帮助与使用Live ID的API。我已经没有太大的掏成,但他们的入门页面有信息的负荷加上下载示例应用程序详细介绍了如何在各种语言(包括C#),使用该服务的链接。
您可以从那里下载样例应用程序。
这听起来pretty有趣的你想要做什么,以至于我很看中有这个自己一玩!
I've been trying to automate a log in to a website I frequent, www.bungie.net. The site is associated with Microsoft and Xbox Live, and as such makes uses of the Windows Live ID API when people log in to their site.
I am relatively new to creating web spiders/robots, and I worry that I'm misunderstanding some of the most basic concepts. I've simulated logins to other sites such as Facebook and Gmail, but live.com has given me nothing but trouble.
Anyways, I've been using Wireshark and the Firefox addon Tamper Data to try and figure out what I need to post, and what cookies I need to include with my requests. As far as I know these are the steps one must follow to log in to this site.
1. Visit https: //login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917
2. Recieve the cookies MSPRequ and MSPOK.
3. Post the values from the form ID "PPSX", the values from the form ID "PPFT", your username, your password all to a changing URL similar to: https: //login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct= (there are a few numbers that change at the end of that URL)
4. Live.com returns the user a page with more hidden forms to post. The client then posts the values from the form "ANON", the value from the form "ANONExp" and the values from the form "t" to the URL: http ://www.bung ie.net/Default.aspx?wa=wsignin1.0
5. After posting that data, the user is returned a variety of cookies the most important of which is "BNGAuth" which is the log in cookie for the site.
Where I am having trouble is on fifth step, but that doesn't neccesarily mean I've done all the other steps correctly. I post the data from "ANON", "ANONExp" and "t" but instead of being returned a BNGAuth cookie, I'm returned a cookie named "RSPMaybe" and redirected to the home page.
When I review the Wireshark log, I noticed something that instantly stood out to me as different between the log when I logged in with Firefox and when my program ran. It could be nothing but I'll include the picture here for you to review. I'm being returned an HTTP packet from the site before I post the data in the fourth step. I'm not sure how this is happening, but it must be a side effect from something I'm doing wrong in the HTTPS steps.
using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Text;
using System.Net;
using System.IO;
using System.IO.Compression;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Web;
namespace SpiderFromScratch
{
class Program
{
static void Main(string[] args)
{
CookieContainer cookies = new CookieContainer();
Uri url = new Uri("https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917");
HttpWebRequest http = (HttpWebRequest)HttpWebRequest.Create(url);
http.Timeout = 30000;
http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)";
http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
http.Headers.Add("Accept-Language", "en-us,en;q=0.5");
http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7");
http.Headers.Add("Keep-Alive", "300");
http.Referer = "http://www.bungie.net/";
http.ContentType = "application/x-www-form-urlencoded";
http.CookieContainer = new CookieContainer();
http.Method = WebRequestMethods.Http.Get;
HttpWebResponse response = (HttpWebResponse)http.GetResponse();
StreamReader readStream = new StreamReader(response.GetResponseStream());
string HTML = readStream.ReadToEnd();
readStream.Close();
//gets the cookies (they are set in the eighth header)
string[] strCookies = response.Headers.GetValues(8);
response.Close();
string name, value;
Cookie manualCookie;
for (int i = 0; i < strCookies.Length; i++)
{
name = strCookies[i].Substring(0, strCookies[i].IndexOf("="));
value = strCookies[i].Substring(strCookies[i].IndexOf("=") + 1, strCookies[i].IndexOf(";") - strCookies[i].IndexOf("=") - 1);
manualCookie = new Cookie(name, "\"" + value + "\"");
Uri manualURL = new Uri("http://login.live.com");
http.CookieContainer.Add(manualURL, manualCookie);
}
//stores the cookies to be used later
cookies = http.CookieContainer;
//Get the PPSX value
string PPSX = HTML.Remove(0, HTML.IndexOf("PPSX"));
PPSX = PPSX.Remove(0, PPSX.IndexOf("value") + 7);
PPSX = PPSX.Substring(0, PPSX.IndexOf("\""));
//Get this random PPFT value
string PPFT = HTML.Remove(0, HTML.IndexOf("PPFT"));
PPFT = PPFT.Remove(0, PPFT.IndexOf("value") + 7);
PPFT = PPFT.Substring(0, PPFT.IndexOf("\""));
//Get the random URL you POST to
string POSTURL = HTML.Remove(0, HTML.IndexOf("https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct="));
POSTURL = POSTURL.Substring(0, POSTURL.IndexOf("\""));
//POST with cookies
http = (HttpWebRequest)HttpWebRequest.Create(POSTURL);
http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)";
http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
http.Headers.Add("Accept-Language", "en-us,en;q=0.5");
http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7");
http.Headers.Add("Keep-Alive", "300");
http.CookieContainer = cookies;
http.Referer = "https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268158321&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917";
http.ContentType = "application/x-www-form-urlencoded";
http.Method = WebRequestMethods.Http.Post;
Stream ostream = http.GetRequestStream();
//used to convert strings into bytes
System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
//Post information
byte[] buffer = encoding.GetBytes("PPSX=" + PPSX +"&PwdPad=IfYouAreReadingThisYouHaveTooMuc&login=YOUREMAILGOESHERE&passwd=YOURWORDGOESHERE" +
"&LoginOptions=2&PPFT=" + PPFT);
ostream.Write(buffer, 0, buffer.Length);
ostream.Close();
HttpWebResponse response2 = (HttpWebResponse)http.GetResponse();
readStream = new StreamReader(response2.GetResponseStream());
HTML = readStream.ReadToEnd();
response2.Close();
ostream.Dispose();
foreach (Cookie cookie in response2.Cookies)
{
Console.WriteLine(cookie.Name + ": ");
Console.WriteLine(cookie.Value);
Console.WriteLine(cookie.Expires);
Console.WriteLine();
}
//SET POSTURL value
string POSTANON = "http://www.bungie.net/Default.aspx?wa=wsignin1.0";
//Get the ANON value
string ANON = HTML.Remove(0, HTML.IndexOf("ANON"));
ANON = ANON.Remove(0, ANON.IndexOf("value") + 7);
ANON = ANON.Substring(0, ANON.IndexOf("\""));
ANON = HttpUtility.UrlEncode(ANON);
//Get the ANONExp value
string ANONExp = HTML.Remove(0, HTML.IndexOf("ANONExp"));
ANONExp = ANONExp.Remove(0, ANONExp.IndexOf("value") + 7);
ANONExp = ANONExp.Substring(0, ANONExp.IndexOf("\""));
ANONExp = HttpUtility.UrlEncode(ANONExp);
//Get the t value
string t = HTML.Remove(0, HTML.IndexOf("id=\"t\""));
t = t.Remove(0, t.IndexOf("value") + 7);
t = t.Substring(0, t.IndexOf("\""));
t = HttpUtility.UrlEncode(t);
//POST the Info and Accept the Bungie Cookies
http = (HttpWebRequest)HttpWebRequest.Create(POSTANON);
http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)";
http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
http.Headers.Add("Accept-Language", "en-us,en;q=0.5");
http.Headers.Add("Accept-Encoding", "gzip,deflate");
http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7");
http.Headers.Add("Keep-Alive", "115");
http.CookieContainer = new CookieContainer();
http.ContentType = "application/x-www-form-urlencoded";
http.Method = WebRequestMethods.Http.Post;
http.Expect = null;
ostream = http.GetRequestStream();
int test = ANON.Length;
int test1 = ANONExp.Length;
int test2 = t.Length;
buffer = encoding.GetBytes("ANON=" + ANON +"&ANONExp=" + ANONExp + "&t=" + t);
ostream.Write(buffer, 0, buffer.Length);
ostream.Close();
//Here lies the problem, I am not returned the correct cookies.
HttpWebResponse response3 = (HttpWebResponse)http.GetResponse();
GZipStream gzip = new GZipStream(response3.GetResponseStream(), CompressionMode.Decompress);
readStream = new StreamReader(gzip);
HTML = readStream.ReadToEnd();
//gets both cookies
string[] strCookies2 = response3.Headers.GetValues(11);
response3.Close();
}
}
}
I'm not sure if you're still working on this or not but the Windows Live Development site has a lot of info on it to help with using the Live ID API. I've not had much of a dig into it but their Getting Started page has a load of info plus a link to download sample applications detailing how to use the service in a variety of languages (including C#).
You can download the sample application from there.
It sounds pretty interesting what you're trying to do, so much so that I quite fancy having a play with this myself!
这篇关于登录到使用Live.com身份验证的网站的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
