为什么请求库无法读取源代码?

时间:2020-07-13 10:26:35

标签: python python-requests

我一直在为所有Natas挑战编写Python脚本。到目前为止,一切都很顺利。

在挑战natas22中,页面上没有任何内容,但它为您提供了源代码的链接。从浏览器,我可以到达源代码(PHP)并读取它。但是我不能用我的Python脚本来做到这一点。这很奇怪,因为我在其他挑战中做到了这一点……

我还试图提供一个用户代理(最新的chrome浏览器),但没有用。

这是小代码:

import requests

user = 'natas22'
passw = 'chG9fbe1Tq2eWVMgjYYD1MsfIvN461kJ'
url = 'http://%s.natas.labs.overthewire.org/' % user

response = requests.get('http://natas22.natas.labs.overthewire.org/index-source.html', auth=(user, passw))
print(response.text)

哪个返回:

<code><span style="color: #000000">
<br /></span>ml&gt;id="viewsource"&gt;&lt;a&nbsp;href="index-source.html"&gt;View&nbsp;sourcecode&lt;/a&gt;&lt;/div&gt;nbsp;next&nbsp;level&nbsp;are:&lt;br&gt;";l.js"&gt;&lt;/script&gt;
</code>

但是实际上,它应该返回:

<?  session_start(); 

if(array_key_exists("revelio", $_GET)) { 
    // only admins can reveal the password 
    if(!($_SESSION and array_key_exists("admin", $_SESSION) and $_SESSION["admin"] == 1)) { 
    header("Location: /"); 
    }  }  ?> 


<html>  <head>  <!-- This stuff in the header has nothing to do with the level -->  <link rel="stylesheet" type="text/css" href="http://natas.labs.overthewire.org/css/level.css">  <link rel="stylesheet" href="http://natas.labs.overthewire.org/css/jquery-ui.css" />  <link rel="stylesheet" href="http://natas.labs.overthewire.org/css/wechall.css" />  <script src="http://natas.labs.overthewire.org/js/jquery-1.9.1.js"></script>  <script src="http://natas.labs.overthewire.org/js/jquery-ui.js"></script>  <script src=http://natas.labs.overthewire.org/js/wechall-data.js></script><script src="http://natas.labs.overthewire.org/js/wechall.js"></script>  <script>var wechallinfo = { "level": "natas22", "pass": "<censored>" };</script></head>  <body>  <h1>natas22</h1>  <div id="content"> 

<? 
    if(array_key_exists("revelio", $_GET)) { 
    print "You are an admin. The credentials for the next level are:<br>"; 
    print "<pre>Username: natas23\n"; 
    print "Password: <censored></pre>"; 
    }  ?> 

<div id="viewsource"><a href="index-source.html">View sourcecode</a></div>  </div>  </body>  </html>

为什么会这样?我很好奇,找不到答案

如果要从浏览器尝试使用该网址:

url:http://natas22.natas.labs.overthewire.org/index-source.html

用户名:natas22

密码:chG9fbe1Tq2eWVMgjYYD1MsfIvN461kJ

2 个答案:

答案 0 :(得分:2)

您的代码似乎没问题。源代码使用\r而不是\n,因此大多数代码都隐藏在终端中。

您可以使用response.content而不是response.test来查看此内容:

import requests

user = 'natas22'
passw = 'chG9fbe1Tq2eWVMgjYYD1MsfIvN461kJ'
url = 'http://%s.natas.labs.overthewire.org/' % user

response = requests.get('http://natas22.natas.labs.overthewire.org/index-source.html', auth=(user, passw))
print(response.content)

答案 1 :(得分:0)

尝试:

import requests

user = 'natas22'
passw = 'chG9fbe1Tq2eWVMgjYYD1MsfIvN461kJ'
url = 'http://%s.natas.labs.overthewire.org/' % user

response = requests.get('http://natas22.natas.labs.overthewire.org/index-source.html', auth=(user, passw))
print(response.text.replace('\r', '\n'))

这也有效:

import requests

user = 'natas22'
passw = 'chG9fbe1Tq2eWVMgjYYD1MsfIvN461kJ'
url = 'http://%s.natas.labs.overthewire.org/' % user

response = requests.get('http://natas22.natas.labs.overthewire.org/index-source.html', auth=(user, passw))
print(response.content.decode('utf8').replace('\r', '\n'))
相关问题
最新问题