#coding=utf-8 from http import cookies import requests; from lxml import etree #解析html页面的包 if __name__ == "__main__": url = "http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php" html = requests.get(url) cookie = html.cookies tree = etree.HTML(html.text) #将html解析成树结构 calculate = tree.xpath("/html/body/form/text()[2]")[0] #取出表达式字段 cal = calculate.replace(' ','').replace('=','') #删除空格和等号 result = eval(cal) #使用库函数计算表达式 #带着计算结果提交,注意需要带上cookie,这样才能保证获得运算式的和提交结果的是同一个用户 res = request....