Ambari_HDP用户登入参数逆向

我们需要实现登入Ambari 用于其他接口使用～

说明：

网址：http://172.16.105.7:8080/#/login #我自己部署的Ambari

接口：http://172.16.105.7:8080/api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name&_=1718353223095

登录过程：登入进去就可以

逆向参数：

Authorization: Basic YWRtaW46MTExMTE=

登入这块比较简单

主要就是Authorization这个 

如下图 我多测试了几次 Basic是不会有变化的 所以我们直接搜索

直接搜索Basic应该就可以找到

果不其然

我们看下loginName + ":" + controller.get('password’)的值就真相大白了

有点像直接base64

我们试试看

Ok完成 这就是简单的base64

python代码如下 直接转就行

 def password_to_base64(username,password):
    data = f"{username}:{password}".encode('utf-8')
    return base64.b64encode(data).decode('utf-8')

附登入代码

# coding=UTF-8
"""
-*- coding: utf-8 -*-
# File       : login_hdp.py
# Time       ：2024/6/14 16:51
# Author     ：mg
# version    ：python 3.10.9
# Description：
"""
import base64
import configparser
import os
import requests




def read_ini(filename):
    """
    Read configuration from ini file.
    :param filename: filename of the ini file
    """
    config = configparser.ConfigParser()
    if not os.path.exists(filename):
        raise FileNotFoundError(f"File {filename} not found")
    config.read(filename, encoding="utf-8")
    return config




config = read_ini('./config.ini')
ambari_url = config['ambari'].get('ip')
ambari_port = config['ambari'].get('port')
ambari_username = config['ambari'].get('username')
ambari_password = config['ambari'].get('password')




def ambari_login():
    headers = {
        "Accept": "application/json, text/javascript, */*; q=0.01",
        "Accept-Language": "zh-CN,zh;q=0.9",
        "Authorization": "Basic " + password_to_base64(ambari_username, ambari_password),
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Content-Type": "text/plain",
        "Pragma": "no-cache",
        "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36",
        "X-Requested-By": "X-Requested-By",
        "X-Requested-With": "XMLHttpRequest"
    }
    cookies = {
        "AMBARISESSIONID": "node019mssa1f8hpu1o7uzia4b5cdw7.node0"
    }
    url = f"http://{ambari_url}:{ambari_port}/api/v1/users/{ambari_username}"
    response = requests.get(url, headers=headers, cookies=cookies, verify=False)


    print(response.text)
    print(response)




def password_to_base64(username, password):
    data = f"{username}:{password}".encode('utf-8')
    return base64.b64encode(data).decode('utf-8')




def run():
    ambari_login()




if __name__ == '__main__':
    print('开始')
    run()

配置config.ini：

[ambari]
ip = 172.16.105.7
port = 8080
username = admin
password = admin