# coding:utf-8
import requests
host = ‘http://192.168.75.175‘
url = host + ‘/zentao/user-login.html‘
req = requests.get(url)
print(req.headers)
h1 = {
"Accept": "application/json, text/javascript, */*; q=0.01",
"X-Requested-With": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Referer": "http://192.168.75.175/zentao/user-login.html",
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8,lb;q=0.7"
}
data = {
‘account‘: ‘admin‘,
‘password‘: ‘qazwsx123‘,
‘referer‘: host+ ‘/zentao/‘,
‘keepLogin‘: 1
}
r = requests.post(url, data=data, headers=h1)
print(r.headers)
以上为脚本;
1 加载登录页面
2 使用账号登录
分别打印出两次请求的响应的headers
加载登录页面
{‘Date‘: ‘Thu, 25 Jun 2020 01:13:45 GMT‘, ‘Server‘: ‘Apache‘, ‘Set-Cookie‘: ‘zentaosid=r6gisdnuucg5lrvsaken129ho2; path=/; HttpOnly, lang=en; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/, device=desktop; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/; HttpOnly, theme=default; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/‘, ‘Cache-Control‘: ‘private, no-cache‘, ‘Pragma‘: ‘no-cache‘, ‘Vary‘: ‘Accept-Encoding‘, ‘Content-Encoding‘: ‘gzip‘, ‘Content-Length‘: ‘3358‘, ‘Keep-Alive‘: ‘timeout=5, max=100‘, ‘Content-Type‘: ‘text/html; Language=UTF-8;charset=UTF-8‘, ‘Expires‘: ‘0‘, ‘Proxy-Connection‘: ‘Keep-alive‘}
使用账号登录
{‘Date‘: ‘Thu, 25 Jun 2020 01:13:45 GMT‘, ‘Server‘: ‘Apache‘, ‘Set-Cookie‘: ‘zentaosid=g5vgfpjhjsakk10eq7m4p0n1t4; path=/; HttpOnly, lang=zh-cn; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/, device=desktop; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/; HttpOnly, theme=default; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/, keepLogin=on; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/; HttpOnly, za=admin; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/; HttpOnly, zp=a8810b6835031abc4d0a15ed9e373b2b941dd814; expires=Sat, 25-Jul-2020 01:13:45 GMT; Max-Age=2592000; path=/zentao/; HttpOnly‘, ‘Cache-Control‘: ‘private, no-cache‘, ‘Pragma‘: ‘no-cache‘, ‘Content-Length‘: ‘65‘, ‘Keep-Alive‘: ‘timeout=5, max=100‘, ‘Content-Type‘: ‘text/html; Language=UTF-8;charset=UTF-8‘, ‘Expires‘: ‘0‘, ‘Proxy-Connection‘: ‘Keep-alive‘}
二者的关键不同点在于cookie中的zp字段,经过测试,zp与zentaoid相关联,但是又不强关联;
举例说明;
分别使用chrome和firefox浏览器登录,获取两组zentaoid和zp
这两组zentaoid和zp可以交叉组合,依然可以登录
原文:https://www.cnblogs.com/luke8919/p/13191113.html