思路:由于要在2秒内提交,那可以用脚本提交就ok了
步骤:
1.先get到算式
2.post结果
3.取得提交后的页面内容(有key)
脚本:
import requests import re url = 'http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php' header = {'Cookie': 'PHPSESSID=yourcookie'} req = requests.get(url, headers = header).content.decode('utf-8') result = re.search("(.*)=<input", req) data = {'v': str(eval(result.group(1)))} req1 = requests.post(url, headers=header, data=data).content.decode('utf-8') result1 = re.search("<body>(.*)</body>", req1) print(result1.group(1))