从 C# 应用程序登录到 joomla

问题描述

我也使用多种方法登录到 joomla 管理面板.但返回值与登录页面相同.即使用户名和密码正确.

i use many methods too login in to joomla ***** panel. but the returned value is same az the login page. even when the username and password are correct.

示例:

WebClient Client = new WebClient();
System.Collections.Specialized.NameValueCollection Collection = 
    new System.Collections.Specialized.NameValueCollection();
Collection.Add("username", "--my username--");
Collection.Add("passwd", "--my password--");
Collection.Add("option", "com_login");
Colletion.Add("e0484cdc56d8ccc42187d26a813324ba", "1");
Collection.Add("lang", "");

Client.Proxy = null;
byte[] res = Client.UploadValues(
    "http://127.0.0.1/*****istrator/index.php", "POST", Collection);
textBox1.Text = Encoding.UTF8.GetString(res, 0, res.Length);

推荐答案

问题出在这一行:

Colletion.Add("e0484cdc56d8ccc42187d26a813324ba", "1");

这是 joomla 的 CSRF 反欺骗令牌.乔姆拉！尝试通过在每个 POST 表单和每个 GET 查询字符串中插入一个 this 令牌来保护 CSRF，这些字符串可以修改 Joomla! 中的某些内容！系统.这个随机字符串提供了保护，因为受感染的站点不仅需要知道目标站点的 URL 和目标站点的有效请求格式，还必须知道随每个会话和每个用户而变化的随机字符串.

which is joomla's CSRF anti-spoofing token. Joomla! attempts to protect againt CSRF by inserting a this token into each POST form and each GET query string that is able to modify something in the Joomla! system. This random string provides protection because not only does the compromised site need to know the URL of the target site and a valid request format for the target site, it also must know the random string which changes for each session and each user.

为了在您的登录请求中发送正确的令牌，您必须:

In order to sent a correct token with your login request you'd have to:

1. 首先使用客户端对象"请求通过 GET 请求正确的登录表单
2. 使用正则表达式检索令牌 /name="([a-zA-z0-9]{32})"/
3. 使用令牌发送登录请求

祝你好运

在您的集合"中再添加一个参数:

To your "collection" add one more param:

Collection.Add("task", "login");