Python请求post body

POST /REV/adminer-4.7.5-en.php?server=localhost&username=adepfran_wp975&db=adepfran_wp975&sql=select%20*%20from%20wplj_users HTTP/1.1 Host: mywebsite User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: https://mywebsite/REV/adminer-4.7.5-en.php?server=localhost&username=adepfran_wp975&db=adepfran_wp975&sql= Content-Type: multipart/form-data; boundary=---------------------------1328964205768204682490124619 Content-Length: 425 Cookie: adminer_sid=00e0c898e031284904f8e51b591c1dee; adminer_key=320bc6e9870ffdf2f54982cb2292de87 Connection: close Upgrade-Insecure-Requests: 1 -----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="query" select * from wplj_users -----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="limit" -----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="token" 401937:659783 -----------------------------1328964205768204682490124619--

-----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="query" select * from wplj_users -----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="limit" -----------------------------1328964205768204682490124619 Content-Disposition: form-data; name="token" 401937:659783 -----------------------------1328964205768204682490124619--

ses = requests.Session() data = {"server": "localhost", "username": wpuser, "db": wpdb, "sql": "SELECT * from wplj_users"} url="https://mywebsite/REV/adminer-4.7.5-en.php?server=localhost&username=adepfran_wp975&db=adepfran_wp975&sql=SELECT%20*%20from%20wplj_users" request = ses.post(url,data=data )

1条回答

网友

1楼 · 发布于 2024-10-04 01:22:07

看来你得以files=的形式发送

对于测试，我使用了https://httpbin.org，它发回所有请求中得到的内容，这样我就可以显示它并与预期的数据进行比较

我在文件中使用了(None, "SELECT * from wplj_users")，所以这个None将删除filename="query"

import requests

params = {
    'server': 'localhost',
    'username': 'adepfran_wp975',
    'db': 'adepfran_wp975',
    'sql': 'SELECT * from wplj_users',
   }

data = {
    "query": (None, "SELECT * from wplj_users"),
    "limit": (None, ""),
    "token": (None, "401937:659783"),
}

headers = {
    'User-Agent': 'Mozilla/5.0',
    #'Referer': 'https://mywebsite/REV/adminer-4.7.5-en.php?server=localhost&username=adepfran_wp975&db=adepfran_wp975&sql='

    # requests.Session() should care of cookies so this header shouldn't be needed
    #'Cookie': 'adminer_sid=00e0c898e031284904f8e51b591c1dee; adminer_key=320bc6e9870ffdf2f54982cb2292de87'
}

url = "https://httpbin.org/post"
#url = "https://mywebsite/REV/adminer-4.7.5-en.php"

s = requests.Session()
#r = s.get(url) # to get fresh cookies
r = s.post(url, params=params, headers=headers, files=data)

print('\n=== url ===\n')
print(r.request.url)

print('\n=== headers ===\n')
for key, val in r.request.headers.items():
    print('{}: {}'.format(key, val))

print('\n=== body ===\n')
print(r.request.body.decode())

结果

=== url ===

https://httpbin.org/post?server=localhost&username=adepfran_wp975&db=adepfran_wp975&sql=SELECT+%2A+from+wplj_users

=== headers ===

User-Agent: Mozilla/5.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Content-Length: 331
Content-Type: multipart/form-data; boundary=79f18e4306b943ea92a49bae21b51b9c

=== body ===

 79f18e4306b943ea92a49bae21b51b9c
Content-Disposition: form-data; name="query"

SELECT * from wplj_users
 79f18e4306b943ea92a49bae21b51b9c
Content-Disposition: form-data; name="limit"


 79f18e4306b943ea92a49bae21b51b9c
Content-Disposition: form-data; name="token"

401937:659783
 79f18e4306b943ea92a49bae21b51b9c

相关问题更多 >

编程相关推荐

热门问题

热门文章