使用 Python 发送请求(使用 Burp 拦截)
Send requests with Python (intercepted with Burp)
我无法理解请求。
假设我有这个请求:
POST /user/follow HTTP/1.1
Host: www.website.com
User-Agent: some user agent
Accept: application/json, text/plain, */*
Accept-Language: pl,en-US;q=0.7,en;q=0.3
Referer: https://www.website.com/users/12345/profile
Content-Type: application/json;charset=utf-8
X-CSRF-TOKEN: Ab1/2cde3fGH
Content-Length: 27
Cookie: some-cookie=;
DNT: 1
Connection: close
{"targetUser":"12345"}
我应该如何使用此信息通过 python 发送有效请求?
我发现的并没有什么帮助。我需要有人用我给你的数据给我举个例子。
我不会写诗我只是给你一些示例代码:
import requests
headers = {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Referer": "SOMETHING",
"Cookie": "SOMETHING",
"Connection": "close",
"Content-Type": "application/x-www-form-urlencoded"
}
data = "SOME DATA"
url = "https://example.com/something"
request = requests.post(url, headers=headers, data=data)
在 header 中你设置了需要 header 等。我想你明白了 ;)
我会做这样的事情。
import requests
headers = {
"User-Agent": "some user agent",
"Content-Length": 27
# you get the point
}
data = {
"targetUser" : "12345"
}
url = "www.website.com/user/follow"
r = requests.post(url, headers=headers,data=data)
是的,您将使用 cookie 登录。Cookie 是 headers 的一部分。
这个 Burp 扩展可能有帮助:Copy As Python-Requests
它可以将选定的请求复制为 Python-请求调用。
在你的例子中,在复制为 Python-Requests 之后,你会得到:
import requests
burp0_url = "http://www.website.com:80/user/follow"
burp0_cookies = {"some-cookie": ""}
burp0_headers = {"User-Agent": "some user agent", "Accept": "application/json, text/plain, */*", "Accept-Language": "pl,en-US;q=0.7,en;q=0.3", "Referer": "https://www.website.com/users/12345/profile", "Content-Type": "application/json;charset=utf-8", "X-CSRF-TOKEN": "Ab1/2cde3fGH", "DNT": "1", "Connection": "close"}
burp0_json={"targetUser": "12345"}
requests.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, json=burp0_json)
我无法理解请求。 假设我有这个请求:
POST /user/follow HTTP/1.1
Host: www.website.com
User-Agent: some user agent
Accept: application/json, text/plain, */*
Accept-Language: pl,en-US;q=0.7,en;q=0.3
Referer: https://www.website.com/users/12345/profile
Content-Type: application/json;charset=utf-8
X-CSRF-TOKEN: Ab1/2cde3fGH
Content-Length: 27
Cookie: some-cookie=;
DNT: 1
Connection: close
{"targetUser":"12345"}
我应该如何使用此信息通过 python 发送有效请求? 我发现的并没有什么帮助。我需要有人用我给你的数据给我举个例子。
我不会写诗我只是给你一些示例代码:
import requests
headers = {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Referer": "SOMETHING",
"Cookie": "SOMETHING",
"Connection": "close",
"Content-Type": "application/x-www-form-urlencoded"
}
data = "SOME DATA"
url = "https://example.com/something"
request = requests.post(url, headers=headers, data=data)
在 header 中你设置了需要 header 等。我想你明白了 ;)
我会做这样的事情。
import requests
headers = {
"User-Agent": "some user agent",
"Content-Length": 27
# you get the point
}
data = {
"targetUser" : "12345"
}
url = "www.website.com/user/follow"
r = requests.post(url, headers=headers,data=data)
是的,您将使用 cookie 登录。Cookie 是 headers 的一部分。
这个 Burp 扩展可能有帮助:Copy As Python-Requests
它可以将选定的请求复制为 Python-请求调用。
在你的例子中,在复制为 Python-Requests 之后,你会得到:
import requests
burp0_url = "http://www.website.com:80/user/follow"
burp0_cookies = {"some-cookie": ""}
burp0_headers = {"User-Agent": "some user agent", "Accept": "application/json, text/plain, */*", "Accept-Language": "pl,en-US;q=0.7,en;q=0.3", "Referer": "https://www.website.com/users/12345/profile", "Content-Type": "application/json;charset=utf-8", "X-CSRF-TOKEN": "Ab1/2cde3fGH", "DNT": "1", "Connection": "close"}
burp0_json={"targetUser": "12345"}
requests.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, json=burp0_json)