#coding=utf-8
from http import cookies
import requests;
from lxml import etree #解析html页面的包
if __name__ == "__main__":
url = "http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php"
html = requests.get(url)
cookie = html.cookies
tree = etree.HTML(html.text) #将html解析成树结构
calculate = tree.xpath("/html/body/form/text()[2]")[0] #取出表达式字段
cal = calculate.replace(' ','').replace('=','') #删除空格和等号
result = eval(cal) #使用库函数计算表达式
#带着计算结果提交,注意需要带上cookie,这样才能保证获得运算式的和提交结果的是同一个用户
res = requests.post(url = url, data={'v': result}, cookies=cookie)
res.encoding = res.apparent_encoding #解决中文乱码
print(res.text)
地址:http://hackinglab.cn/ShowQues.php?type=scripts
