本文整理汇总了Python中form.Form.fill_entries方法的典型用法代码示例。如果您正苦于以下问题:Python Form.fill_entries方法的具体用法?Python Form.fill_entries怎么用?Python Form.fill_entries使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类form.Form的用法示例。
在下文中一共展示了Form.fill_entries方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: fill_login_form
# 需要导入模块: from form import Form [as 别名]
# 或者: from form.Form import fill_entries [as 别名]
args, url, method = fill_login_form(response.url, response.content, login_user, login_pass)
loginResponse = client.post(url, data=args, headers=dict(Referer=start_urls))
pprint(loginResponse)
jsonform = []
if "Invalid" in response.content:
pprint("Login failed")
else:
pprint("login successful")
for formDetails in data:
url = formDetails["url"]
action = formDetails["action"]
if checkStringContainKey(action,negKeywords)==False:#check the Negative keywords to filter out non-sensitive data
if formDetails["method"].lower() == "get":# form is a get form, it cannot
csrfForm = Form(url,formDetails)
valid_parameters = dict(csrfForm.fill_entries())
try:
r = client.get(action,params=urlencode(valid_parameters))
if r != None:
if r.status_code == 200:
#formDetails["url"] = url
formDetails["parameter"] = valid_parameters
if len(valid_parameters) != 0:
jsonform.append(formDetails)
#pprint("post form "+csrfForm.formdata["action"] + " is vulnerable to CSRF")
continue
except :
''
elif formDetails["method"].lower() == "post":# form is a post form, check for CSRF
csrfForm = Form(url,formDetails)示例2: checkStringContainKey
# 需要导入模块: from form import Form [as 别名]
# 或者: from form.Form import fill_entries [as 别名]
action = formDetails["action"]
if checkStringContainKey(action,negKeywords)==False:#check the Negative keywords to filter out non-sensitive data
if formDetails["method"].lower() == "get":# form is a get form, it cannot
#load possible exploit payloads(may generate from phase2)
with open('evaluation.json') as evaluates:
evalData = json.load(evaluates)
for item in evalData:
ssciForm = Form(url, formDetails)
# print '!!!!!formLength'
# print len(ssciForm.formdata["parameter"])
parameters = ssciForm.formdata["parameter"]
for name in parameters.keys():
# print 'name1:', name
# print 'value:', parameters[name]
valid_parameters = dict(ssciForm.fill_entries(payload=evalData[item], paramkey=name))
# print 'parameters!!!'
# print valid_parameters
try:
newParam = ''
r = client.get(action, params=urlencode(valid_parameters))
if r != None:
if r.status_code == 200:
# print r.content
# print r.url
injectSuccess = False
if item == 'LFI1':
if "root:/bin/bash" in r.content \
or 'root:/bin/sh' in r.content:
print "injection success1!"