爬虫闯关链接:
1. http://www.heibanke.com/accounts/login/?next=/lesson/crawler_ex02/
2. http://www.heibanke.com/accounts/login
知识点:cookie & session , csrf , Web编程
提示:此题有两个登录网址,登录结果完全不一样,第一次跳转进来时显示的是网址1,注册后跳转的是网址2,而只有最开始网址1用上一次注册的帐号密码登录才可以进入正确题目页面,与账单报表那个网页完全没有关系!!!每一次登录会动态赋予不同的CSRF凭证,存在cookie中,需要人为编程动态提取。
参考代码:
#!/usr/bin/env python
# encoding: utf-8
import requests
import sys
import re
reload(sys)
sys.setdefaultencoding("utf-8")
csrf = ""
username = "Peter"
password = "112233"
pw = "0"
payload_login = {
"username":username,
"password":password,
"csrfmiddlewaretoken":csrf
}
payload_attack = {
"username":username,
"password":pw,
"csrfmiddlewaretoken":csrf
}
website_signUp = "http://www.heibanke.com/accounts/login"
website_login = "http://www.heibanke.com/accounts/login/?next=/lesson/crawler_ex02/"
s = requests.Session()
s.get(website_signUp)
csrf = s.cookies["csrftoken"]
payload_login["csrfmiddlewaretoken"] = csrf
s.post(website_login,data=payload_login)
csrf = s.cookies["csrftoken"]
s.post(website_login)
payload_attack["csrfmiddlewaretoken"] = s.cookies["csrftoken"]
for i in range(31):
payload_attack["password"] = str(i)
resp = s.post("http://www.heibanke.com/lesson/crawler_ex02/",data=payload_attack)
if resp.content.find(u"错误".decode("utf8")) == -1:
print "[+]FOUND : " + payload_attack["password"]
print "
Text:
" + resp.content
break
else:
print payload_attack["password"]
continue