需要request.get一个cookie(ASP.NET_SessionID)然后request.post,cookie作为参数

时间:2014-09-19 14:25:00

标签: python asp.net post python-requests sessionid

我无法获取Cookie,将其传递到参数列表,然后使用请求lib发布该Cookie。

我用Burpsuite困住了帖子,sessionId是其中一个参数,见下面的截图。 http://imgur.com/OuRi4bI

网页的源代码位于下方的屏幕截图中 http://imgur.com/TLTgCjc

我的代码包含在下面:

import requests
import cookielib
import sys
from bs4 import BeautifulSoup

print "Enter the url",
url = raw_input
print url
r = requests.get(url)
c = r.content
soup = BeautifulSoup(c)

#Finding Captcha
div1 = soup.find('div', id='Custom')
comment = next(div1.children)
captcha = comment.partition(':')[-1].strip()
print captcha

#Finding viewstate
viewstate = soup.findAll("input", {"type" : "hidden", "name" : "__VIEWSTATE"})
v = viewstate[0]['value']
print v

#Finding eventvalidation
eventval = soup.findAll("input", {"type" : "hidden", "name" : "__EVENTVALIDATION"})
e = eventval[0]['value']
print e

# Get Cookie (this is where I am confused), and yes I have read through the Requests and BS docs
s = r.cookies
print s # Prints the class call but I don't get anything I can pass as a parameter

#Setting Parameters
params = { 
          '__VIEWSTATE' : v,
          'txtMessage'  : 'test',
          'txtCaptcha'  : captcha,
          'cmdSubmit'   : 'Submit',
          '__EVENTVALIDATION' : e
          #Need ASP.NET_SessionId Key : Value here
}

#Posting
requests.post(url, data=params)

print r.status_code

所以要清楚,我正在尝试在连接Web服务器时使用sessionId并将其用作发布到此留言板的参数。这适用于沙盒VM上的实验室,而不是实时站点。这是我第一次用Python写一篇文章,所以如果我错了,我已经做了最好的,我可以阅读Lib文档和其他网站。

谢谢!

1 个答案:

答案 0 :(得分:3)

将“s”作为参数传递给您的帖子。

s = r.cookies
print s # Prints the class call but I don't get anything I can pass as a parameter

您需要将Cookie作为名为“cookies”的参数传递。在https://github.com/kennethreitz/requests/blob/master/requests/sessions.py的源代码中,它表示Cookie可以是CookieJar,也可以是包含您要传递的Cookie的字典。

在您的情况下,将Cookie复制到下一篇文章更容易,无需将其转换为字典。

设置参数

params = { 
         '__VIEWSTATE' : v,
         'txtMessage'  : 'test',
         'txtCaptcha'  : captcha,
         'cmdSubmit'   : 'Submit',
          '__EVENTVALIDATION' : e
          #Need ASP.NET_SessionId Key : Value here
}

#Posting
requests.post(url, data=params,cookies=s)

但是,我强烈建议您使用requests.Session()对象。

session = requests.Session()
session.get(url)
session.get(url2)
#It will keep track of your cookies automatically for you, for every domain you use your session on . Very handy in deed, I rarely use requests.get unless I don't care at all about cookies.
相关问题
最新问题