| View previous topic :: View next topic |
| Author |
Message |
Trucido
Moderator
![]() Reputation: 6
Joined: 08 Sep 2007
Posts: 2792
|
 Posted: Mon Aug 18, 2008 12:12 am Post subject: [C#] Question. |
 |
|
I'm currently trying to make a program that tells you whether or not a password is correct for a particular site.
I have a URL for the site like this
http://www.site.com/login?username=USERNAMEHERE&password=PASSWORDHERE&login
Firstly I'm wondering how I could make the Username here and Passhere be replaced by text entered via a text box in the GUI.
And secondly im wondering how I could make it notify me (via a message box popup, or somthing similar) If it got redirected to say:
http://www.site.com/passwordcorrect
or
http://www.site.com/passwordincorect
or
http://www.site.com/toomanyrequests
Thanks in advance.
_________________
I'm out. |
|
| Back to top |
|
 |
pkedpker
Master Cheater
![]() Reputation: 1
Joined: 11 Oct 2006
Posts: 412
|
| Posted: Mon Aug 18, 2008 12:43 am Post subject: |
|
|
in
vb.net it's
retVal = "http://www.site.com/login?username=" & USERNAME.text & "&password=" & PASSWORD.text & "&login"
in C# it's
retVal == "http://www.site.com/login?username=" + USERNAME.text + "&password=" + PASSWORD.text + "&login"
I just looked up .NET MSDN for WebBrowse and I believe it should look like this
| Code: |
WebBrowser br = new WebBrowser();
br.Navigate("http://www.site.com/login?username=" + USERNAME.text + "&password=" + PASSWORD.text + "&login");
while (!(br.ReadyState == WebBrowserReadyState.Complete)) {
Application.DoEvents();
}
if ((br.Url == "site.com/passwordcorrent")) {
Interaction.MsgBox("correct w00t im zezima now!.");
}
else if ((br.Url == "site.com/passwordincorrect")) {
Interaction.MsgBox("wrong my runescape cracker failed me :\\.");
}
else if ((br.Url == "site.com/toomanyrequests")) {
Interaction.MsgBox("too much request. ip bannt too much tries");
}
|
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
 Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Mon Aug 18, 2008 1:08 am Post subject: |
|
|
| Are you sure this isn't just a thinly veiled brute forcer?
|
|
| Back to top |
|
|
pkedpker
Master Cheater
![]() Reputation: 1
Joined: 11 Oct 2006
Posts: 412
|
| Posted: Mon Aug 18, 2008 1:22 am Post subject: |
|
|
I don't know but I remember runescape had a timeout thing too much requests and i right away made a joke by putting in runescape strings 
|
|
| Back to top |
|
|
Trucido
Moderator
![]() Reputation: 6
Joined: 08 Sep 2007
Posts: 2792
|
| Posted: Mon Aug 18, 2008 1:25 am Post subject: |
|
|
| Flyte wrote: | | Are you sure this isn't just a thinly veiled brute forcer? |
It may evolve into somthing similar to that one day, but as of yet its a simply checks whether or not the password is correct for the username without opening the webpage.
_________________
I'm out. |
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Aug 20, 2008 6:16 am Post subject: |
|
|
Going along with what Flyte brought up, I would suggest you do something to the password before sending it out. Such as MD5 sum, base64 enc, or some other type of security to it to prevent brute forced attack, or at least cripple them some.
_________________
- Retired. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
