带cookie的get访问:
注意:1.cookie需要逐条添加,且为dict型
2.需要先get访问一下登录界面,然后add cookie,然后再次访问
代码示例:
from selenium import webdriver
from selenium.webdriver.common.keys import Keys
import time
def xss_poc(url, cookie1, cookie2):
driver = webdriver.Chrome()
# 必须先打开一个页面(同域名页面)才能设置cookie,否则会报UnableToSetCookieException
driver.get(url)
# 添加Cookie时需要逐条添加
driver.add_cookie(cookie1)
driver.add_cookie(cookie2)
driver.get(url)
time.sleep(2)
if __name__ == '__main__':
url = 'http://192.168.32.131/dvwa/vulnerabilities/xss_r/'
cookie1 = {'name': 'security', 'value': 'low'}
cookie2 = {'name': 'PHPSESSID', 'value': '0fcbd48f10a1ab6023efdee0aa5abe31'}
xss_poc(url, cookie1, cookie2)