<?php
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Stored in: " . $_FILES["file"]["tmp_name"];
}
?>
运行file.py结果如下:
Upload: Top250.txt<br />Type: <br />Size: 182.2763671875 Kb<br />Stored in: C:\xampp\tmp\php56EB.tmp 200
需要注意的是Top25.txt和py文件是同一目录,上传其他位置的文件修改为绝对路径就好了。
2.cookie设置
获取cookie:
在upload_file.php中设置一个cookie:setcookie("user", "Python", time()+3600);
cookie.py:
url = ‘http://192.168.137.128/upload_file.php‘
res = requests.get(url)
print(res.cookies)
#遍历cookies
for cookie in res.cookies.items():
print(cookie)
运行结果如下:
<RequestsCookieJar[<Cookie user=Python for 192.168.137.128/>]>
(‘user‘, ‘Python‘)
替换cookie:
还是使用headers参数,将登录后的cookie写在里面。
url = ‘http://192.168.137.128/dvwa/index.php‘
headers = {
‘Cookie‘:‘security=impossible; PHPSESSID=lolg9oq8i9n0o2bh0c6dvmblt1‘,
‘Host‘:‘192.168.137.128‘,
‘User-Agent‘:‘Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0‘
}
res = requests.get(url,headers= headers)
print(res.text)
运行结果如下:
可以看到登录成功后的结果。说明登录成功了。