All geek questions in one place

How can I make the HTTPWebRequest ASP.NET web service and appear that I am registered in this domain?

I have a web service that I can access only if I am registered on a website that runs a web service. I need to check the service remotely. Therefore, I wrote code to create a fake session, which is registered on the site in another browser. Then I made an HTTP request, and I'm trying to set a cookie containing the ASP.NET session ID of this logged in user. But the web service does not detect that the web request is a registered user or session. What do I need to get the web service to convince him that this is a valid session?

// used on each read operation

byte[] buf = new byte[8192];

CookieContainer myContainer = new CookieContainer();

string sessionID = SessionID;

myContainer.Add(new Cookie("ASP.NET_SessionId", sessionID, "/", WebsiteUrl));

// prepare the web page we will be asking for
HttpWebRequest request = (HttpWebRequest)
    WebRequest.Create(CreateWebserviceUrl("doneScreenScore"));
request.ContentType = "text/xml; charset=utf-8";            
request.Method = "POST";
request.Accept = "text/xml";
request.Headers.Add("SOAPAction", "http://detectent.net/doneScreenScore");

request.CookieContainer = myContainer;

Stream s = request.GetRequestStream();

string soaprequest = "";
soaprequest += "<?xml version=\"1.0\" encoding=\"utf-8\"?>";
soaprequest += "<soap12:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap12=\"http://www.w3.org/2003/05/soap-envelope\">";
soaprequest += "  <soap12:Body>";
soaprequest += "    <doneScreenScore xmlns=\"http://detectent.net/\">";
soaprequest += "      <input1>string</input1>";
soaprequest += "<input2>string</input2>";
soaprequest += "<input3>string</input3>";
soaprequest += "<input4>string</input4>";
soaprequest += "</doneScreenScore>";
soaprequest += "</soap12:Body>";
soaprequest += "</soap12:Envelope>";

s.Write(System.Text.Encoding.ASCII.GetBytes(soaprequest), 0, soaprequest.Length);

s.Close();

// execute the request
HttpWebResponse response = (HttpWebResponse)
    request.GetResponse();

// we will read data via the response stream
Stream resStream = response.GetResponseStream();
string responseFromWebServiceCall = ReadResponseStream(resStream);
+3
source share
3

, - ... -...

rpt.Credentials = new System.Net.NetworkCredential(UserName, Password, Domain);

+1

, . , , , , WireShark. ( Ethereal)

WireShark - . -, , -. , -, WebRequest, .

WireShark .

+1

NetworkCredentials , - Windows.

, . . cookie SessionID. CookieCollection (.. CookieCollection, ), .

In the odd case, I still think that the website will not recognize my newly registered session. In this case, I manually log in using FireFox and use the WebDeveloper toolbar to view cookies. I grab the cookie name / value and put them in the application settings that the program uses to populate the cookie collection.

Make sure you also fool the actual user. Because of this, I also had sites that deny me.

0
source

Source: https://habr.com/ru/post/1702333/

More articles:


All Articles