我在做什么:我通过client.send(req)在循环中发送get请求后有client.recv(4096),其中client是已连接到服务器的套接字
我想要它做什么:本质上,我只想查看服务器上是否存在每次循环迭代测试的文件。
它在做什么:循环只在第一次迭代时获得响应。
背景故事&其他信息:我正在尝试自动解决我已经遭遇过的黑客挑战。下面是我的代码,我尽可能地评论了它。我正在使用PyPy。如果我忘记提及或不清楚,请随时提出问题。
我尝试了什么:我尝试过:使用更复杂的while循环来尝试收集所有正在接收的数据,搜索stackoverflow,对非阻塞套接字进行一点点混淆读取。 / p>
可能的替代路线:请求库是否会比套接字更好地帮助我?
我的剧本:
# I need socket obviously, and I am using time as a method to slow the process down just to wait for the server
import socket
import time
# My dictionaries of things to try ('pre' is not yet integrated)
exts = ['conf', 'bak', 'swp', 'txt', 'old', 'tar', 'gz', 'bz2', 'zip']
pre = ['old', 'bak', 'backup', 'copyof']
# Create and connect the socket
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client.connect(("challenge01.root-me.org", 80))
# Send a test request
client.send("HEAD / HTTP/1.1\r\nHost: challenge01.root-me.org\r\n\r\n")
resp = client.recv(4096)
# Tell myself it's working
if "200" in resp:
print "[i] Connection is working."
# Setting up my request for the loop
head = "GET /realiste/ch1/login.php"
http = " HTTP/1.1\r\nHost: challenge01.root-me.org\r\n\r\n"
# Getting my lists to hold the requests and responses ready
urls = []
respers = []
# Saving myself some typing
def store(request, response):
urls.append(request)
respers.append(response)
# Here's the main loop. It's looping through my dictionary (techinically a list)
# of extensions.
for ext in exts:
# It creates a request with each iteration, in essence adding .old or .bak to the file in the request
req = head + '.' + ext + http
# Send it off to the server
client.send(req)
# So I set my response variable to "" and then start grabbing data
# If it has data, I put it in my response
# If it's empty, I move on out of this while loop and back into the main for loop
# Thing is, I may get a file or a large response. If either happen, I don't want the entire thing.
# So I set up a little if/else to look for a connection code. As soon as
# it finds it, it cuts the while loop.
# To summarize, once it gets the entire response, or once it finds a connection code,
# it stops the loop.
resp = ""
while True:
currentResp = client.recv(4096)
if currentResp != "":
resp += currentResp
if "200" in resp or "400" in resp or "404" in resp or "502" in resp:
store(req, resp)
break
else:
continue
else:
break
# Give the server a breather
time.sleep(0.5)
# Fancy shmancy output
for search in range(0, len(respers)):
ecx = 1
if "200" in respers[search]:
print "[" + str(ecx) + "] " + urls[search].replace("\n", "").replace("\r", "")
print "|__ ::: " + respers[search].splitlines()[0]
print "|"
# Finish.
print "[*] Done."
提前致谢!
答案 0 :(得分:0)
请求修复了此问题。调整后的代码为:
CREATE TABLE t1 (
ts1 TIMESTAMP DEFAULT 0,
ts2 TIMESTAMP DEFAULT CURRENT_TIMESTAMP
ON UPDATE CURRENT_TIMESTAMP);
CREATE TABLE t2 (
ts1 TIMESTAMP NULL,
ts2 TIMESTAMP DEFAULT CURRENT_TIMESTAMP
ON UPDATE CURRENT_TIMESTAMP);
CREATE TABLE t3 (
ts1 TIMESTAMP NULL DEFAULT 0,
ts2 TIMESTAMP DEFAULT CURRENT_TIMESTAMP
ON UPDATE CURRENT_TIMESTAMP);