您好,登录后才能下订单哦!
通过Python中的requests模块也可以来发送HTTP请求,接收HTTP响应,从而实现一些更加灵活的操作。
requests是第三方库,不过在Kali中已经自带了该模块。Python3和Python2的用法稍微有些差别,这里先以Python2为例。
root@kali:~# python
Python 2.7.15 (default, Jul 28 2018, 11:29:29)
[GCC 8.1.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
>>> import requests
下面以之前做过的Bugku中的Get和Post方法两道题目为例,来介绍requests模块的用法。
1.Get请求
利用requests模块中的get方法,向目标url发送Get请求,将结果赋值给变量r1,直接查看r1的值,将显示状态码。查看text属性可以获得HTTP响应正文。通过print()函数输出,可以解析其中的换行符。
>>> r1=requests.get(url='http://123.206.87.240:8002/get/')
>>> r1
<Response [200]>
>>> r1.text
u"$what=$_GET['what'];<br>\r\necho $what;<br>\r\nif($what=='flag')<br>\r\necho 'flag{****}';<br>\r\n\r\n\r\n"
>>> print(r1.text)
$what=$_GET['what'];<br>
echo $what;<br>
if($what=='flag')<br>
echo 'flag{****}';<br>
下面发送带参数的Get请求,参数要以字典的形式表示:
>>> r1=requests.get(url='http://123.206.87.240:8002/get/',params={'what':'flag'})
>>> print(r1.text)
$what=$_GET['what'];<br>
echo $what;<br>
if($what=='flag')<br>
echo 'flag{****}';<br>
flagflag{bugku_get_su8kej2en}
2.Post请求
仍是向目标url发送Post请求,并将结果存储在变量r2中:
>>> r2=requests.post(url='http://123.206.87.240:8002/post/')
>>> print(r2.text)
$what=$_POST['what'];<br>
echo $what;<br>
if($what=='flag')<br>
echo 'flag{****}';<br>
发送带参数的Post请求:
>>> r2=requests.post(url='http://123.206.87.240:8002/post/',data={'what':'flag'})
>>> print(r2.text)
$what=$_POST['what'];<br>
echo $what;<br>
if($what=='flag')<br>
echo 'flag{****}';<br>
flagflag{bugku_get_ssseint67se}
3.查看报文头
查看headers属性可以获得响应头,可以看到响应头中的信息是以字典的形式存放:
>>> r1.headers
{'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Keep-Alive': 'timeout=60', 'Server': 'nginx', 'Connection': 'keep-alive', 'Date': 'Tue, 04 Dec 2018 23:12:33 GMT', 'Content-Type': 'text/html'}
通过for循环对字典中的键进行遍历:
>>> for key in r1.headers:
... print(key)
...
Server
Date
Content-Type
Transfer-Encoding
Connection
Keep-Alive
Content-Encoding
遍历键和值:
>>> for key in r1.headers:
... print(key,r1.headers[key])
...
('Server', 'nginx')
('Date', 'Tue, 04 Dec 2018 23:12:33 GMT')
('Content-Type', 'text/html')
('Transfer-Encoding', 'chunked')
('Connection', 'keep-alive')
('Keep-Alive', 'timeout=60')
('Content-Encoding', 'gzip')
查看指定的键值:
>>> r1.headers['Server']
'nginx'
查看request.headers属性可以获得请求头:
>>> r1.request.headers
{'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'User-Agent': 'python-requests/2.18.4'}
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。