650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M00/8B/48/wKioL1hJACzjbzDDAAHlVRZi_kU399.png-wh_500x0-wm_3 -wmp_4-s_2045683009.png "title=" 21.png "alt=" Wkiol1hjaczjbzddaahlvrzi_ku399.png-wh_50 "/>
The site is a VMware virtual machine set up a Go Network mall, TOMCAT+MYSQL+SSH architecture, this is the background interface, browser press F12 grab Bag
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/8B/4B/wKiom1hJAO6wDyv5AAIfAHHmRg8676.png-wh_500x0-wm_3 -wmp_4-s_3587759057.png "title=" 22.png "alt=" Wkiom1hjao6wdyv5aaifahhmrg8676.png-wh_50 "/>
Account password Admin below US py forged POST Request Login
# coding=utf-8import urllibimport urllib2import re#9ok Demo landed the admin account Def denglu ( Username= ' admin ', password= ' admin '): url = ' http://192.168.171.144:8080/Shop/ Admin/user/user_logon.html ' #请求体 postdata=urllib.urlencode ( { ' Content-type ': ' application/x-www-form-urlencoded ', ' username ':username, ' Password ':p assword }) #请求头 headers = { ' user-agent ': ' mozilla/5.0 (windows nt 6.1; wow64; rv:50.0) gecko/20100101 firefox/50.0 ', ' Accept ': ' text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 ', &nBSP; ' Accept-language ': ' zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 ', ' Accept-encoding ': ' gzip, deflate ', ' Referer ': ' Http://192.168.171.144:8080/Shop/admin/user/user_login.html ', ' Connection ': ' keep-alive ', ' upgrade-insecure-requests ': ' 1 ' } req = urllib2. Request (url, postdata, headers) response = urllib2.urlopen (req) the_page = response.read () print the_page print response.code print len (the_page) #函数调用 First login account Second login password return a Cookiedenglu (' admin ', ' admin ')
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/8B/48/wKioL1hJA6HiQIJFAADvdTA-1T4205.png-wh_500x0-wm_3 -wmp_4-s_2033514890.png "title=" 23.png "alt=" Wkiol1hja6hiqijfaadvdta-1t4205.png-wh_50 "/>
Some grab kits are also useful, such as burp when you need to debug uploads or other requests.
About getting cookie value in post call Web other features please see the next article
This article is from the "Grand Mile" blog, so be sure to keep this source http://xiami.blog.51cto.com/9292349/1880743
Python POST request forged login Browser Grab Bag