需求
1. 入参url也许是没有参数的请求,也许是多个参数的请求
2. 遍历每个参数为每个参数赋值Payload做请求尝试
3. 过滤白名单、黑名单
代码(GET)
import re
match_white_list = "(cat|dir|action|board|date|datail|file|download|path|folder|prefix|include|page|inc|locate|show|doc|site|type|view|content|document|out|latout|mod|conf|target|filename|js)"
match_black_list = "(token)"
def requester(self, url, parameters=''):
if self.args["proxy"]:
webOBJ = request.get(url, allow_redirects=False, headers=self.args["headers"], proxies=self.args["proxy"], verify=False, timeout=30, params=parameters)
else:
webOBJ = request.get(url, allow_redirects=False, headers=self.args["headers"], timeout=10, verify=False, params=parameters)
return webOBJ
def request(url, params=''):
try:
page = sel