关住 公 纵 号 “ 阿蒙课程分享 ” 获得学习资料及趣味分享
其实这种问题感觉应该可以用 模式匹配替换,但是尝试了半天没成功,先这样,以后再过一遍模式匹配再写方法2
# -*-coding:utf-8-*-
#-*-coding:utf-8-*-
import sys
import base64
import json
import requests
import re
import traceback
# from requestparse import parse
def get_request_body(payload,vul_param):
str1 = "File=../WEB-INF/spring-security.xml&SUBMIT=View+File"
print(str1)
body_list = str1.split('&')
# print(body_list)
for index in range(len(body_list)):
if body_list[index].find(vul_param +'=')!= -1:
item_list = body_list[index].split("=")
item_list[1] = payload
body_list[index] = item_list[0] + '=' + item_list[1]
# print(body_list[index])
# print(body_list)
request_body = "&".join(body_list)
print(request_body)
return request_body
payload = "llllllllll"
vul_param = "SUBMIT"
get_request_body(payload, vul_param)