Dean reptiles (analog login form is submitted)
1. Try to analyze landing approach
Find Dean is POST, request form way to get account password.
View the form format:
Form Data={
muser: Student ID, (plain text)
passwd: password (clear text)
x: Click at the horizontal axis,
y: Click at ordinate
}
x, y coordinates of the two data is on the LOGIN button in this figure, you click on it, coordinates are sent to the server.
2. In the simplest of requests for analog library to log into the Office of Academic Affairs
First, create a session session, use the login interface to send post way ( ' http://59.77.226.32/logincheck.asp ')
import requests
headers={
'Accept-Encoding': 'gzip, deflate',
'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8',
'Origin': 'http//jwch.fzu.edu.cn',
'Proxy-Connection': 'keep-alive',
'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36',
'Referer': 'http://jwch.fzu.edu.cn/',
}
formData = {
'muser': '你的账号',
'passwd': '你的密码',
'x':23,
'y':23,#(x,y)是按钮的确定框的坐标
}
def request():
url = 'http://59.77.226.32/logincheck.asp'
session=requests.session() #创建一个会话
response=session.post(url,headers=headers,data=formData) #post请求提交表单
print(response.status_code)#返回状态码
print(response.text)#返回html文本
if __name__=='__main__':
request()The results should be run as follows:
{{图4.PNG(uploading...)}}
Code observed, Office of Academic Affairs after landing by a number of embedded pages. So we continue the session and then appends request. As long as we analyze these api embedded pages to complete.
3. Analysis of Embedded pages api
These four documents aspx file, we are looking for the file, the interface addresses are:
| http://59.77.226.35/default.aspx?id=20199131939864460 |
| http://59.77.226.35/top.aspx?id=20199131939864460 |
| http://59.77.226.35/left.aspx?id=20199131939864460 |
| http://59.77.226.35/right.aspx?id=20199131939864460 |
Analyzed against four address format:
Fixed address file name .aspx + id +
Id value should be as 2019/9/13/19 request time: 39: 86: 44: 60
The generation time is that we do not need to operate, if we examine the page source code, can be found, the simulation log on, the site has been returned to us the parameters.
Use regular expressions to extract.
4. embedded page request session
Id expression by normal extraction time, and then assembled into the address aspx
default: http://59.77.226.35/default.aspx?id=20199149551280317
top: http://59.77.226.35/top.aspx?id=20199149551280317
left: http://59.77.226.35/left.aspx?id=20199149551280317
right: http://59.77.226.35/right.aspx?id=20199149551280317
Then the immediately preceding session, the upper four address is get request, to give returns.
One thing worth noting: need to modify the headers in the request header 'Referer' values for different attributes Referer address is different
The modified code as follows:
rootUrl='http://59.77.226.35/'
def request():
url = 'http://59.77.226.32/logincheck.asp'
session=requests.session() #创建一个会话
response=session.post(url,headers=headers,data=formData) #post请求提交表单
html=response.text
#正则提取
top=re.search(r'top\.aspx\?id=\d+',html).group()
num = re.search(r'=\d+',top).group()[1:]
#拼接地址
top=rootUrl+'top.aspx?id='+num
left=rootUrl+'left.aspx?id='+num
right=rootUrl+'right.aspx?id='+num
default=rootUrl+'default.aspx?id='+num
headers_clone = headers #重新搞一个请求头
headers_clone['Referer']=left
#发送get请求
res = session.get(top, headers=headers_clone)
print(res.text)The following information can be obtained
5. get more information
According to the above code, we can continue to analyze the addresses of other pages, get more personal information
For example, to get personal information:
This blog is only for study and reference.