[英]Getting encrypted body response WinHttp HTTPS
我正在嘗試使用端口 443 SSL 連接google.com 但是當我調用WinHttpReadData返回加密文本時,但使用WinHttpQueryHeaders我從服務器獲取純/文本響應標頭。
完全不確定為什么會發生這種情況,我指的是沒有加密的標題和正文,是的,我的目標是解密響應正文。
來源在這里:
// ConsoleApplication3.cpp : Este archivo contiene la función "main". La ejecución del programa comienza y termina ahí.
//
#include "pch.h"
#include <windows.h>
#include <winhttp.h>
#include <iostream>
#include <string>
#include <algorithm>
int main(){
DWORD dwSize = 2000;
DWORD dwDownloaded = 0;
LPSTR pszOutBuffer;
DWORD headerSize = 0;
char * lpOutBuffer = new char[dwSize / sizeof(char)];
HINTERNET hSession = NULL;
HINTERNET hConnect = NULL;
HINTERNET hRequest = NULL;
// Use WinHttpOpen to obtain a session handle.
hSession = WinHttpOpen(L"WinHTTP Example/1.0",
WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS, 0);
// Specify an HTTP server.
if (hSession)
hConnect = WinHttpConnect(hSession, L"google.com",
443, 0); //443 port for SSL/TLS
std::cout << "hConnect " << hConnect << std::endl;
// Create an HTTP request handle.
if (hConnect)
hRequest = WinHttpOpenRequest(hConnect, L"GET", L"/",
L"HTTP/1.1", WINHTTP_NO_REFERER,
NULL,
WINHTTP_FLAG_SECURE); //SECURE FLAG
std::cout << "hRequest " << hRequest << std::endl;
if (hRequest) { //Adding Headers
std::cout << "Añadiendo headers!\n";
WinHttpAddRequestHeaders(hRequest,
L"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Accept-Encoding: gzip, deflate, br",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Connection: keep-alive",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Host: google.com",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Upgrade-Insecure-Requests: 1",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
}
// Send a request.
BOOL bResults;
if (hRequest)
bResults = WinHttpSendRequest(hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS,
0, WINHTTP_NO_REQUEST_DATA, 0,
0, 0);
std::cout << "bResults " << bResults << " " << GetLastError() << std::endl;
if (bResults)
bResults = WinHttpReceiveResponse(hRequest, NULL);
std::cout << "bResults " << bResults << " " << GetLastError() << std::endl;
if (bResults)
{
WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_RAW_HEADERS,
WINHTTP_HEADER_NAME_BY_INDEX, NULL,
&dwSize, WINHTTP_NO_HEADER_INDEX);
printf("Tamaño de los headers: %d", dwSize);
// Allocate memory for the buffer.
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
{
lpOutBuffer = new char[dwSize / sizeof(char)];
// Now, use WinHttpQueryHeaders to retrieve the header.
bResults = WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_RAW_HEADERS,
WINHTTP_HEADER_NAME_BY_INDEX,
lpOutBuffer, &dwSize,
WINHTTP_NO_HEADER_INDEX);
if (bResults){
char * headers_aqui = new char[dwSize / sizeof(char)];
int dwSize2 = 0;
for (int i = 0,i2 = 0; i < dwSize; i++) {
//std::cout << (int)str[i] << std::endl;
if ((int)lpOutBuffer[i] != 0) {
headers_aqui[i2] = lpOutBuffer[i];
dwSize2 = i2;
i2++;
}
}
std::cout << "Tamaño ahora: " << dwSize2 << std::endl;
std::string str(headers_aqui, dwSize2);
std::cout << "Header contents: \n" << str << "\n\n\n\n\n"; //No encrypted or compressed.
}
}
}
if (bResults)
{
do
{
// Check for available data.
dwSize = 0;
if (!WinHttpQueryDataAvailable(hRequest, &dwSize))
printf("Error %u in WinHttpQueryDataAvailable.\n",
GetLastError());
// Allocate space for the buffer.
pszOutBuffer = new char[dwSize + 1];
if (!pszOutBuffer)
{
printf("Out of memory\n");
dwSize = 0;
}
else
{
// Read the data.
ZeroMemory(pszOutBuffer, dwSize + 1);
if (!WinHttpReadData(hRequest, (LPVOID)pszOutBuffer,
dwSize, &dwDownloaded))
printf("Error %u in WinHttpReadData.\n", GetLastError());
else
printf("%s", pszOutBuffer); //Encrypted or compressed, think SSL encryption.
// Free the memory allocated to the buffer.
delete[] pszOutBuffer;
}
} while (dwSize > 0);
}
// Report any errors.
if (!bResults)
printf("Error %d has occurred.\n", GetLastError());
// Close any open handles.
if (hRequest) WinHttpCloseHandle(hRequest);
if (hConnect) WinHttpCloseHandle(hConnect);
if (hSession) WinHttpCloseHandle(hSession);
//std::cout << "Hello World!\n";
}
Output 這里: https://pastebin.com/cSkEugDT
我閱讀了文檔,但沒有找到有關WinHttpReadData中內容解密的任何信息,顯然這只發生在 https 上,當我測試 http 時,它返回純文本/文本。
我懷疑調用 WinHttpReadData 之前的某些參數。
最后我得到了錯誤,這是在 header Accept-Encoding
WinHttpAddRequestHeaders(hRequest,
L"Accept-Encoding: gzip, deflate, br",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
我評論並解決了這個問題。 GZIP是一種壓縮算法,它制作了這種壓縮文本(deflate 和其他具有相同目的的算法)。
關於Accept-Encoding header: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.