I'm trying to log in to the Damn Vulnerable Web Application, because I try to write my first exploit. However the first barrier is the login page. Without a valid login I can't access the other directories.
I tried to analyze which headers etc. I have to send, but I still can't seem to make the login work.
POST /dvwa/login.php HTTP/1.1
Host: 192.168.26.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.26.129/dvwa/login.php
Cookie: security=high; PHPSESSID=c4bb8820be21ea83e6545eff0a2cb53b
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Content-Length: 44
username=admin&password=password&Login=Login
This is the whole request from burp, when I try to log in using the browser.
import requests
payload = {
'username': 'admin',
'password': 'password',
'Login': 'Login'
}
headers = {
'Host': '192.168.26.129',
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0',
'Accept': 'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0',
'Accept-Language': 'en-US,en;q=0.5',
'Referer': 'http://192.168.26.129/dvwa/login.php',
'Connection': 'close',
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': '44'
}
cookies = dict(security='high', PHPSESSID='c4bb8820be21ea83e6545eff0a2cb53b')
with requests.Session() as c:
p = c.post('http://192.168.26.129/dvwa/login.php', headers=headers, data=payload, cookies=cookies)
print(p)
r = c.get('http://192.168.26.129/dvwa/vulnerabilities/exec')
print(r.text)
And that's how I tried to log in using python requests. I get a 200 OK twice, but it always returns the HTML code of the login screen.
Could someone tell me what my mistake is?
Aucun commentaire:
Enregistrer un commentaire