WebBrowser Sessions...

[ganav]

Hello!
I'm using a webbrowser control in my program and I navigate to a page that uses sessions. I need to delete them somehow and I tried to close IE and enter it again and it worked, the sessions were deleted.
But I've done it manually, and I need to do it through my program, so is there a way to imitate the closing and reopening of my webbrowser control?

Thanks!

[Pc_Not_Mac]

What sessions are you talking about?
Explain

[kleinma]

is this for a specific site, or in general? usually sites that use sessions will have a page that kills the session (the page that is navigated to when you click the "sign out" links on these types of sites). You may just be able to navigate your browser to that URL. If that doesn't work for you, then I would probably have some additional questions in order to try to provide a solution.

[ganav]

It's a specific site, I've managed to navigate to the logout page, but I'm not sure it deletes the sessions.
Generally, my goal is to register to a certain site twice, but I don't want that site to know I have there 2 users.
In order to do it, after I registered the first time, I change my IP and delete all my cookies and temporary internet files through my program.
But there is another thing that can reveal the fact I already registered and that is sessions, so I need to be sure they are deleted and if I'm not wrong, I can ensure that by reentering my internet browser.
That's what I'm trying to do, somehow delete those sessions.
Maybe you could tell me if I've taken all the steps needed to ensure that the site won't reveal the fact I registered twice, or are there another steps to be taken?

Any help will be appreciated!

[kleinma]

You could just create the browser instances on the fly via code versus adding them statically at design time, and then dispose of them when you no longer want the instance to exist, which in theory should free up the underlying browser connection. Of course it does sound like you are likely trying to do something that could be considered malicious, as trying to fake out websites doesn't have too many legit purposes, so I am not sure how willing I am to personally assist.

[ganav]

Sorry, but I did not understand what you said... maybe you could give me a little example? (btw I'm not doing anything malicious, in case you thought so...)

[kleinma]

Then what is the purpose of making a site think you are a totally different person 2 times in a row?

[DramaQueen]

Whatever you're doing, it sounds like you could do it with much more efficiency with httpWebRequests. Say, you need to fill 3 textboxes and hit a button, you could use a WebRequest and its properties to post the data directly. More fun too!

[ganav]

In overall, I'm trying to secure my own website by thinking like the user, what he would try to do.
DramaQueen, how can I fill textboxes with httpWebRequests? Where can I find a tutorial about it?
And another quiestion: how is it possible that I login to a site, change my IP, delete all my cookies(I'm remain in the site) and I keep browsing like I'm logged in? How can the site identify that it's me?

[DramaQueen]

I'm running late so sorry for the short answers.

1. When using a WebRequest you don't need the textboxes. What happens when someone clicks your button is something like this...
userid = txtUserID.Value, userpass = txtUserPass.Value
"POST userid, userpass"

WebRequest skips the textfield part, and posts the desired data right away. Much faster, much more efficient.

2. If he's using a proxy to hide his IP, you'll have to detect the proxy by comparing his IP to a list of known proxy IPs. If he just doesn't have a static IP you should be ok by blocking his IP range. That's pretty much what you can do, AFAIK.

[stateofidleness]

btw I'm not doing anything malicious, in case you thought so...

lol... if i had a nickel.

not buyin' it. spammer