前提准备:
登录页面1.html
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>haha</title>
</head>
<body>
<form action="work1.php" method="get"> <!—一会要改成post -->
账户:<input type="text" name="username"> <br>
密码:<input type="password" name="password"> <br>
<input type="submit" value="登录">
<input type="reset" value="取消">
</form>
</body>
</html>
处理页面work1.php
<?php
@$uname = $_REQUEST['username']; //接受传参
@$passwd = $_REQUEST['password'];
if($uname == "admin" and $passwd =='123456'){
echo "success";
}else{
echo "fail";
}
?>
GET请求
不带参数
r = requests.get('https://api.github.com/events')
带参数
r = requests.get("http://httpbin.org/get", params= {
'key1':'value1', 'key2':'value2'})
测试结果:
import requests
url = "http://www.baidu.com"
r = requests.get(url=url)
print(r.url)
print(r.status_code)
import requests
url = "http://127.0.0.1/work1.php"
#get请求带参数的关键字是 params
r = requests.get(url=url,params={
'uname':'admin','passwd':'admin'})
print(r.url) #输出获取的url
print(r.status_code) #输出返回状态码
print(r.text) #输出返回数据(字符串类型)
print(type(r.text)) #输出返回数据类型
补充一(返回二进制类型):
import requests
url = "http://127.0.0.1/work1.php"
#get请求带参数的关键字是 params
payload = {
'uname':'admin','passwd':'admin'}
r = requests.get(url=url,params=payload)
print(type(r.content)) #输出返回数据类型
print(r.content) #以二进制类型输出返回结果
二进制一般用于非文本类型返回,如压缩包、照片等等
补充二(查询返回包内数据):
一个好的脚本exp,应该是更加人性化的。
如在加载字典爆破的时候,
假如密码错误,就返回“ 密码错误 ”提示。
假如密码对了,就返回等录的账户密码。
import requests
url = "http://127.0.0.1/work1.php"
#get请求带参数的关键字是 params
payload = {
'username':'admin','password':'1234s56'}
r = requests.get(url=url,params=payload)
if 'succ' in r.text: #在返回数据中查询有没有'succ'这个字符串
print("admin:123456" + " 密码猜解正确 ");
else:
print("密码猜解错误")
POST请求
不带参数
r = requests.POST('https://api.github.com/events')
//很少post传参不带数据
带参数
payload = {'key1': 'value1', 'key2': 'value2'}
r = requests.post('http://httpbin.org/post', data = payload)
测试结果:
import requests
url = "https://www.baidu.com"
r = requests.post(url=url)
print(r.status_code)
可以看到百度主页面对于post请求,返回的是302重定向(跳转)状态码。
会自动跳转到,https://www.baidu.com/search/error.html。
接下来测试自己搭建的网址:
import requests
url = "http://127.0.0.1/work1.php"
#post请求带参数的关键字是 data
payload = {
'username':'admin','password':'123456'}
r = requests.post(url=url,data=payload)
print(r.status_code)
print(r.text)
补充一(post带数据的关键字是”data”):
当然,post也可以做的更加人性化一些。
import requests
url = "http://127.0.0.1/work1.php"
payload = {
"username":"admin","password":"123456"}
r = requests.post(url=url,data=payload)
print(r.status_code)
if 'succ' in r.text:
print("admin:123456 " + " 猜解成功")
else:
print("猜解错误")
自定义请求头:
原因:
一些时候,某些目标网址对我们发起数据的请求头检测,
检测到我们是py脚本就直接阻止我们,这个时候我们可以通过自定义请求头来解决。
==================================================================
Headers = {key1:value2}
Request.get(url,headers=headers)
测试结果:
import requests
url = 'http://127.0.0.1/1.html'
headers={
"User-Agent":"MSS66"}
r = requests.get(url=url)
print(r.request.headers)
r1 = requests.get(url=url,headers=headers)
print(r1.request.headers)
其他请求(PUT、HEAD、DELETE、OPTIONS):
-
r = requests.put(‘http://httpbin.org/put’, data = {‘key’:‘value’})
-
r = requests.delete(‘http://httpbin.org/delete’)
-
r = requests.head(‘http://httpbin.org/get’)
-
r = requests.options(‘http://httpbin.org/get’)