批量创建CTFd账号和启动容器进行压测
前言代码
前言
使用随机数进行用户注册,获取csrftoken创建容器
代码
from requests
import session
import re
import random
import time
def register(random
,sess
,csrf
):
url
= "http://192.168.3.66:8000/register"
data
= "name="+random
+"&email="+random
+"%40qq.com"+"&password="+random
+"&nonce="+csrf
proxies
= {
"http": "http://127.0.0.1:8080",
"https": "http://127.0.0.1:8080",
}
headers
= {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36',
'Content-Type':'application/x-www-form-urlencoded'
}
r
= sess
.post
(url
, data
, headers
=headers
,verify
=False)
def getcsrf(sess
):
url
="http://192.168.3.66:8000/register"
headers
= {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36'
}
res
=sess
.get
(url
, headers
=headers
)
str1
=re
.search
('\'csrfNonce\': ".*"',str(res
.text
)).group
()
return str1
[14:78]
def getchacsrf(sess
):
url
="http://192.168.3.66:8000/challenges"
headers
= {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36'
}
res
=sess
.get
(url
, headers
=headers
)
str1
=re
.search
('\'csrfNonce\': ".*"',str(res
.text
)).group
()
return str1
[14:78]
def creatdocekr(sess
,id,chacsre
):
data
="{}"
url
="http://192.168.3.66:8000/plugins/ctfd-whale/container?challenge_id="+str(id)
headers
= {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36',
'Content-Type':'application/json',
'CSRF-Token':chacsrf
}
r
= sess
.post
(url
, data
, headers
=headers
, verify
=False)
print(r
.text
)
if __name__
== '__main__':
for i
in range(100):
sess
=session
()
number
=random
.randint
(9999,99999999)
csrf
=getcsrf
(sess
)
register
(str(number
),sess
,csrf
)
chacsrf
=getchacsrf
(sess
)
creatdocekr
(sess
, 9,chacsrf
)
time
.sleep
(5)
