url = "http://www.example.com?type=a&type1=b&type2=c"
urllist = get_urllist(url)
trigger = ["'or '1'='1'"," 'OR '1'='2'","'OR a=a"]
def get_urllist(url):
url_parsed = urlparse.urlparse(url)
#extract the query parameters of the URL
query = urlparse.parse_qs(url_parsed.query)
#get the list of query
query_list = query_list(query)
#Get Base url
url = urlparse._replace(query=None).geturl()
#modify url to get url_list
for query in query_list :
# change the original query to get the expected result
return url_list
def query_list(query):
for t in trigger:
for key, value in query.items():
query[key] += t
query_list.append(query)
return …我有一个安全的 websocket 服务器在 localhost:443/server-demo (jetty websocket 服务器)上运行。现在我正在编写一个可以与websocket服务器通信的go客户端。我可以使用正确的证书连接到 websocket 服务器。这是示例代码。
package main
import (
"crypto/tls"
"crypto/x509"
"fmt"
"io"
"log"
)
func main() {
cert, err := tls.LoadX509KeyPair("nifi-1.10.0-bin/nifi-1.10.0/extras/gen-certs/certs/admin.pem", "nifi-1.10.0-bin/nifi-1.10.0/extras/gen-certs/certs/admin-key.pem")
if err != nil {
log.Fatalf("server: loadkeys: %s", err)
}
config := tls.Config{Certificates: []tls.Certificate{cert}, InsecureSkipVerify: true}
conn, err := tls.Dial("tcp", "127.0.0.1:443", &config)
if err != nil {
log.Fatalf("client: dial: %s", err)
}
defer conn.Close()
log.Println("client: connected to: ", conn.RemoteAddr())
state := conn.ConnectionState()
for _, v := range state.PeerCertificates {
fmt.Println(x509.MarshalPKIXPublicKey(v.PublicKey))
fmt.Println(v.Subject)
}
log.Println("client: …