search

boy-hack / hack-requests

The hack-requests is an http network library for hackers
MIT License
466 stars 90 forks source link

可能发现了一个bug #23

Open myxss opened 3 years ago

myxss commented 3 years ago

当我这样写代码时

import HackRequests
import json

def gexam():
    hack = HackRequests.hackRequests()

    url1 = 'http://t.51cto.com/ajax/exam-analyze?id=2110100' #+str(sid)
    header = '''
    Connection: close
    sec-ch-ua: "Google Chrome";v="95", "Chromium";v="95", ";Not A Brand";v="99"
    Accept: */*
    X-Requested-With: XMLHttpRequest
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Referer: https://t.51cto.com/user/score_id-2110054.html
    Accept-Encoding: gzip, deflate
    Accept-Language: zh,zh-CN;q=0.9,en;q=0.8,en-US;q=0.7
    Cookie: gr_user_id=30d2c604-c295-4186-aeb4-3490e7cfce49; www51cto=7E335C8AA0426CAA2F90960E544A29A8bMYk; _ga=GA1.1.2001727821.1635478857; _ga_WVMQZ6MDKJ=GS1.1.1635735070.5.1.1635735394.0; reg_from=e.51cto.com; login_from=e.51cto.com; pub_sauth1=FhwMAFRXUQZSVgcEB1sEPQUHAFReBAAEa1IBVwBdUQxRUQw; pub_sauth2=62716860daf9f7c7fa644208d67a4ecc; pub_cookietime=2592000; pub_wechatopen=aG0wVVNWAlsADAIEVg; Hm_lvt_110fc9b2e1cae4d110b7959ee4f27e3b=1635844505,1635937965,1635997284; BigUser=c78176fe8f8c7a57bf60e2aa2bb935467ce8962fb8faf1fdc5840f382e2d88f3a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22BigUser%22%3Bi%3A1%3Bs%3A87%3A%22e8e7VFEIAwYJAwUIBVVXUlRXDlwBVw1YBwUICV4BDggGVQJdVwoBAAlVBwBUVFYPVVQCBVEHAFIKUVVaDV0OVAM%22%3B%7D; reg_sources=edu; UM_distinctid=17ce90adeec23d-01c2c4ec0ba2b4-57b1a33-144000-17ce90adeed107; PHPSESSID=l1fjcbvk300jsodks716bsgs8p; acw_tc=276082a516360028710731093e070df2d8227d3f8b84ad26f4717ff542edec; looyu_id=0f27d63f9265f2447df3e2fbe7b7c3c1_20000923%3A3; _t99_chat=1; sensorsdata2015jssdkcross=%7B%22distinct_id%22%3A%2214408655%22%2C%22first_id%22%3A%22177e8bebeed322-0e8d0aa8cc2e77-53e3566-1327104-177e8bebeee1dc%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%2C%22%24latest_utm_source%22%3A%22e%22%2C%22%24latest_utm_content%22%3A%22list_kc%22%2C%22%24latest_utm_medium%22%3A%2251cto%22%7D%2C%22%24device_id%22%3A%22177e8bebeed322-0e8d0aa8cc2e77-53e3566-1327104-177e8bebeee1dc%22%7D; _t99_chat_mini=0; ssxmod_itna=eqAx0DBDRD9Q0QGkiDXYqSGZ7KudrxxAKGCAFQRDBk7m4iNDnAD8hDra2iOQo8pX5OK2OP4Ke8am2fY3WjRGnQWDCPGnDB9qPO7ixiiDC40rD74irDDxD3hxneD+D0RSBRHqi3DhxGQD3qGynf=DA4tDbO6RDit/DDtO04G2D7UcmqLKxmbDAMxgK7GcD0tdxBLricGcGQca=0tg41n8WY4DCOvC5cGd9cwxbCpReWiDtqD9DC=Dbbd3uc=lbm4PW4k3nE+r8ghxiAmqBGD3zAdTDhGYzxMx+G5A3o+fK4qqDDfxQDwruiDD; ssxmod_itna2=eqAx0DBDRD9Q0QGkiDXYqSGZ7KudrxxAKGCAFQD8T17nPGX+bPGaW+YfxsSdhxnRh8qY+YAAkeOeere+Pcem0ureweQ4w8pF+nfhLYdKzDFG3na/CycOLaIoiRMzDLlt4xEyqoC2AauCzxnq48wWuEqiYDBTD6pOxZG=uOpmucPmDfipr3v=26ysqCW7qboQFaA7NzoFPPAmv+YTvKcOKt7+S87Ew33i1apxXZeI=zj63=drzPIXvaWny2QFhZEQtdEtc4TA+=DnKxuF/tbgksKBqAG1kF9DTrfCfxY1=N12BXNuRutS++77yR0cyYPjYcYi5zKGl0H4qwYnFrSePL2YSvAAwqnYr3KL7PxDpGQAptnZ+P+FvI+nSFmdr4QoWKdEkiTpzPb94ingC4u=M4+ivi0Yg7pBY4Sfng/vvlbw9mmnaQqebpTE3gpt++3OWYSPenqQE4taH0nYFnDtdAzWbrL3yStdERmOocr+4kh+eH17oLfdeMiaxDKq5bRXWfKe01sWNo==NOm=8er0DQ2Xrz2QAriYGhhKpETv1jQFKPoneOniOsDpYNG2yG2EPFBq9YbCR0cwUurixdlnVhycDxNjQOjrBi5wBxY7ss=xyY5fzDD7=DYIxeD=
    '''
    try:
        print(url1)
        hh = hack.http(url=url1, headers=header)
        json_data = json.loads(hh.text())
        #print(type(json_data))
        print(json_data['data']['data']['examine']['examine_id'],json_data['data']['data']['examine']['title'])
    except :
        print("error")

gexam()

直接失败了 image

换了个写法

import HackRequests
import json

hack = HackRequests.hackRequests()
url1 = 'http://t.51cto.com/ajax/exam-analyze?id=2110100' #+str(sid)
header = '''
Connection: close
sec-ch-ua: "Google Chrome";v="95", "Chromium";v="95", ";Not A Brand";v="99"
Accept: */*
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
sec-ch-ua-platform: "Windows"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://t.51cto.com/user/score_id-2110054.html
Accept-Encoding: gzip, deflate
Accept-Language: zh,zh-CN;q=0.9,en;q=0.8,en-US;q=0.7
Cookie: gr_user_id=30d2c604-c295-4186-aeb4-3490e7cfce49; www51cto=7E335C8AA0426CAA2F90960E544A29A8bMYk; _ga=GA1.1.2001727821.1635478857; _ga_WVMQZ6MDKJ=GS1.1.1635735070.5.1.1635735394.0; reg_from=e.51cto.com; login_from=e.51cto.com; pub_sauth1=FhwMAFRXUQZSVgcEB1sEPQUHAFReBAAEa1IBVwBdUQxRUQw; pub_sauth2=62716860daf9f7c7fa644208d67a4ecc; pub_cookietime=2592000; pub_wechatopen=aG0wVVNWAlsADAIEVg; Hm_lvt_110fc9b2e1cae4d110b7959ee4f27e3b=1635844505,1635937965,1635997284; BigUser=c78176fe8f8c7a57bf60e2aa2bb935467ce8962fb8faf1fdc5840f382e2d88f3a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22BigUser%22%3Bi%3A1%3Bs%3A87%3A%22e8e7VFEIAwYJAwUIBVVXUlRXDlwBVw1YBwUICV4BDggGVQJdVwoBAAlVBwBUVFYPVVQCBVEHAFIKUVVaDV0OVAM%22%3B%7D; reg_sources=edu; UM_distinctid=17ce90adeec23d-01c2c4ec0ba2b4-57b1a33-144000-17ce90adeed107; PHPSESSID=l1fjcbvk300jsodks716bsgs8p; acw_tc=276082a516360028710731093e070df2d8227d3f8b84ad26f4717ff542edec; looyu_id=0f27d63f9265f2447df3e2fbe7b7c3c1_20000923%3A3; _t99_chat=1; sensorsdata2015jssdkcross=%7B%22distinct_id%22%3A%2214408655%22%2C%22first_id%22%3A%22177e8bebeed322-0e8d0aa8cc2e77-53e3566-1327104-177e8bebeee1dc%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%2C%22%24latest_utm_source%22%3A%22e%22%2C%22%24latest_utm_content%22%3A%22list_kc%22%2C%22%24latest_utm_medium%22%3A%2251cto%22%7D%2C%22%24device_id%22%3A%22177e8bebeed322-0e8d0aa8cc2e77-53e3566-1327104-177e8bebeee1dc%22%7D; _t99_chat_mini=0; ssxmod_itna=eqAx0DBDRD9Q0QGkiDXYqSGZ7KudrxxAKGCAFQRDBk7m4iNDnAD8hDra2iOQo8pX5OK2OP4Ke8am2fY3WjRGnQWDCPGnDB9qPO7ixiiDC40rD74irDDxD3hxneD+D0RSBRHqi3DhxGQD3qGynf=DA4tDbO6RDit/DDtO04G2D7UcmqLKxmbDAMxgK7GcD0tdxBLricGcGQca=0tg41n8WY4DCOvC5cGd9cwxbCpReWiDtqD9DC=Dbbd3uc=lbm4PW4k3nE+r8ghxiAmqBGD3zAdTDhGYzxMx+G5A3o+fK4qqDDfxQDwruiDD; ssxmod_itna2=eqAx0DBDRD9Q0QGkiDXYqSGZ7KudrxxAKGCAFQD8T17nPGX+bPGaW+YfxsSdhxnRh8qY+YAAkeOeere+Pcem0ureweQ4w8pF+nfhLYdKzDFG3na/CycOLaIoiRMzDLlt4xEyqoC2AauCzxnq48wWuEqiYDBTD6pOxZG=uOpmucPmDfipr3v=26ysqCW7qboQFaA7NzoFPPAmv+YTvKcOKt7+S87Ew33i1apxXZeI=zj63=drzPIXvaWny2QFhZEQtdEtc4TA+=DnKxuF/tbgksKBqAG1kF9DTrfCfxY1=N12BXNuRutS++77yR0cyYPjYcYi5zKGl0H4qwYnFrSePL2YSvAAwqnYr3KL7PxDpGQAptnZ+P+FvI+nSFmdr4QoWKdEkiTpzPb94ingC4u=M4+ivi0Yg7pBY4Sfng/vvlbw9mmnaQqebpTE3gpt++3OWYSPenqQE4taH0nYFnDtdAzWbrL3yStdERmOocr+4kh+eH17oLfdeMiaxDKq5bRXWfKe01sWNo==NOm=8er0DQ2Xrz2QAriYGhhKpETv1jQFKPoneOniOsDpYNG2yG2EPFBq9YbCR0cwUurixdlnVhycDxNjQOjrBi5wBxY7ss=xyY5fzDD7=DYIxeD=
'''
try:
    print(url1)
    hh = hack.http(url=url1, headers=header)
    json_data = json.loads(hh.text())
    #print(type(json_data))
    print(json_data['data']['data']['examine']['examine_id'],json_data['data']['data']['examine']['title'])
except :
    print("error")

惊喜,成功了 image

myxss commented 3 years ago

后来找到了解决方法,把try去掉后显示我的 header name 有问题 image

排查下。发现可能时header没有顶格的问题,改成如下 image

成功了