我在做什么:在循环中通过 client.send(req) 发送 get 请求后,我有 client.recv(4096),其中客户端是已经连接到服务器的套接字.
我想要它做什么:本质上,我只想查看在循环的每次迭代中测试的文件是否存在于服务器上。
它在做什么:循环只在第一次迭代时得到响应。
背景故事和其他信息:我正在尝试自动解决我已经击败的黑客挑战。下面是我的代码,我已经尽我所能对其进行了评论。我正在使用 PyPy。如果有任何我忘记提及或不清楚的地方,请随时提出问题。
我尝试过的:我尝试过:使用更复杂的 while 循环来尝试收集所有接收到的数据,搜索 stackoverflow,对非阻塞套接字的一些困惑阅读。
可能的替代路线:请求库会比套接字更好地帮助我吗?
我的脚本:
# I need socket obviously, and I am using time as a method to slow the process down just to wait for the server
import socket
import time
# My dictionaries of things to try ('pre' is not yet integrated)
exts = ['conf', 'bak', 'swp', 'txt', 'old', 'tar', 'gz', 'bz2', 'zip']
pre = ['old', 'bak', 'backup', 'copyof']
# Create and connect the socket
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client.connect(("challenge01.root-me.org", 80))
# Send a test request
client.send("HEAD / HTTP/1.1\r\nHost: challenge01.root-me.org\r\n\r\n")
resp = client.recv(4096)
# Tell myself it's working
if "200" in resp:
print "[i] Connection is working."
# Setting up my request for the loop
head = "GET /realiste/ch1/login.php"
http = " HTTP/1.1\r\nHost: challenge01.root-me.org\r\n\r\n"
# Getting my lists to hold the requests and responses ready
urls = []
respers = []
# Saving myself some typing
def store(request, response):
urls.append(request)
respers.append(response)
# Here's the main loop. It's looping through my dictionary (techinically a list)
# of extensions.
for ext in exts:
# It creates a request with each iteration, in essence adding .old or .bak to the file in the request
req = head + '.' + ext + http
# Send it off to the server
client.send(req)
# So I set my response variable to "" and then start grabbing data
# If it has data, I put it in my response
# If it's empty, I move on out of this while loop and back into the main for loop
# Thing is, I may get a file or a large response. If either happen, I don't want the entire thing.
# So I set up a little if/else to look for a connection code. As soon as
# it finds it, it cuts the while loop.
# To summarize, once it gets the entire response, or once it finds a connection code,
# it stops the loop.
resp = ""
while True:
currentResp = client.recv(4096)
if currentResp != "":
resp += currentResp
if "200" in resp or "400" in resp or "404" in resp or "502" in resp:
store(req, resp)
break
else:
continue
else:
break
# Give the server a breather
time.sleep(0.5)
# Fancy shmancy output
for search in range(0, len(respers)):
ecx = 1
if "200" in respers[search]:
print "[" + str(ecx) + "] " + urls[search].replace("\n", "").replace("\r", "")
print "|__ ::: " + respers[search].splitlines()[0]
print "|"
# Finish.
print "[*] Done."
提前致谢!
最佳答案
Requests 修复了这个问题。调整后的代码为:
import requests
import time
exts = ['conf', 'bak', 'swp', 'txt', 'old', 'tar', 'gz', 'bz2', 'zip']
pre = ['old', 'bak', 'backup', 'copyof']
session = requests.head("http://challenge01.root-me.org/")
if session.status_code == 200:
print "[i] Connection is working."
http = "http://challenge01.root-me.org"
file = "/realiste/ch1/login.php"
urls = []
codes = []
def store(request, code):
urls.append(request)
codes.append(code)
for ext in exts:
req = http + file + "." + ext
connection = requests.head(req)
store(req, connection.status_code)
time.sleep(0.1)
for search in range(0, len(codes)):
ecx = 1
if codes[search] != 404:
print "============="
print "[" + str(ecx) + "] URL ::: " + urls[search].replace("\n", "").replace("\r", "")
print "|__ COD ::: " + str(codes[search])
print "============="
print "[*] Done."
关于循环中的 Python socket.recv 只接收一次,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46347178/