无法使用Python请求自动化脚本以在phishcheck.me上检查url

时间:2018-02-21 17:11:05

标签: python python-requests phishing

在此先感谢,我正在尝试自动化获取URL是否为网络钓鱼或不使用此页面(必须)phishcheck.me

这是我的python代码: 

import requests
from time import time
import warnings

warnings.simplefilter("ignore")

def main():
    badurl = "google.com"
    user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36"
    user_agent +=" (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    url = "https://phishcheck.me/submit"
    referer = 'https://phishcheck.me'
    header = {
        'Referer': referer + "/",
        'User-Agent': user_agent,
        "Origin": referer,
        "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
        "Accept": "application/json, text/javascript, */*; q=0.01",
        "Accept-Encoding": "gzip, deflate, br",
        "Accept-Language": "en-US,en;q=0.9,es;q=0.8",
        "Connection": "keep-alive",
        "Host": "phishcheck.me",
        "X-Requested-With": "XMLHttpRequest"
    }

    client = requests.session()
    client.get(referer, verify=False)
    csrftoken = client.cookies['csrftoken']
    session_id = client.cookies['sessionid']

    cookies = {
        'csrftoken': csrftoken,
        '_ga': 'GA1.2.{0}.1517235473'.format(int(time())),
        '_gid': 'GA1.2.{0}.1519059714'.format(int(time())),
        '_gat': '1',
        "sessionid": session_id
    }

    # Try 1
    payload = {
        'csrfmiddlewaretoken': csrftoken,
        'url': badurl,
        'useragent': '0'
    }
    # Try 2
    payload = "csrfmiddlewaretoken={0}&url={1}&useragent=0".format(
        csrftoken, badurl
    )

    r = client.post(url, headers=header, data=payload,
                    cookies=cookies, verify=False)
    return r

print(main().text)
# {"is_success": false}
print(main().cookies)
# <RequestsCookieJar[<Cookie messages="c0fa3b2c4d55aea15b28a734768e681a2680ff7d$[[__json_message\0540\05440\054Malformed URL. Please check your entry and try again.]]" for phishcheck.me/>]>

Cookie告诉我我的网址格式错误,我不知道如何修复它。

以下是有关如何从phishcheck.me网页创建请求的屏幕截图。

Chrome developer screenshot

我遗失的任何细节,请询问!

1 个答案:

答案 0 :(得分:3)

您要将数据发布到/submit而不是/submit/,这会导致您出现此错误,因此您必须将https://phishcheck.me/submit更改为https://phishcheck.me/submit/并且它将对您有效< / p>

以下是我使用的代码: 

import requests

requests.urllib3.disable_warnings()

url = 'https://phishcheck.me/'

sess = requests.Session()

g = sess.get(url)

DATA = {
    'url': 'http://google.com',  # <- url you scanning
    'useragent': '0',
    'csrfmiddlewaretoken': g.cookies['csrftoken'],
    'recheck': 'True' # <- False if you don't wanna recheck the link again
}


p = sess.post(url + '/submit/', data=DATA)

d = sess.get('https://phishcheck.me/' + str(p.json()['sid']) + '/details')

print(d.text)
相关问题
最新问题