The site has an authorization form, when sent, which is sent xhr request ajax.php file with the same name. In the body, respectively, the data (password and login) from the form. So I log into my account. And in what ways can I make my bot written in Python "enter" the same account? Although it does not even matter what in Python, what to look for?
- See this answer: www.stackoverflow.com/a/852494/201445 - gil9red
- @ gil9red does not go. Perhaps because the site does not have a separate page like login.php, and the form simply appears when you click a button, and where it is sent, I have already said. Here is the site itself csgopositive.com - korzh
- it does not matter whether the page is there or not, you need to look at which request is sent (POST / GET), which body (if the POST request) and / or which parameters go with it. And this is repeated in your request to the site. And sometimes the request headers are needed - for the same xhr. I will be able to see that link in about 7 hours - the corporate proxy does not skip - gil9red
- @ gil9red thank you so much - korzh
- Thank you because you figured it out yourself at the prompt or thank in advance for looking? Oo - gil9red
|
1 answer
I repeated the authorization request, which is executed when clicking on ВОЙТИ :
headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0', 'X-Requested-With': 'XMLHttpRequest', 'Referer': 'https://csgopositive.com/', } data = { 'action': 'auth', 'login': 'my@email.ru', 'password': '1234', 'lang': 'RU', 'g-recaptcha-response': '12A444kEkmbxr5MUU0oCX777Ua4Mf4rWgEfodfSmqQyNr5OOIbtaD669kW3sG9v99TBRk0WGaWhg198qVsisBtm2eSCFQbUqSbcnQrPB1-MrMRwwY05mEBhmYqeaLxcybgjwQbkffe71z2IRGme3I3-2FJ7wvUqcSJSISGXMaIViznWbl78cvPq-b0fpxDTnTkV8VQ9iGKuwAHfe4eR-0js3vOFH74tHsUQiDDhobOfjDhUXwM6fUg3gosp6pfIpEO11-HnPUC01JT0LDj59c2eHODiUBupLfZAA', } import requests rs = requests.post('https://csgopositive.com/lib/ajax.php', headers=headers, data=data) print(rs) # <Response [200]> # Если токен капчи будет невалидный, отсутствующий или просроченный, # то придет: "Вы не прошли капчу!" print(rs.text) # Неверный логин или пароль'12A444kEkmbxr5MUU0oCX777Ua4Mf4rWgEfodfSmqQyNr5OOIbtaD669kW3sG9v99TBRk0WGaWhg198qVsisBtm2eSCFQbUqSbcnQrPB1-MrMRwwY05mEBhmYqeaLxcybgjwQbkffe71z2IRGme3I3-2FJ7wvUqcSJSISGXMaIViznWbl78cvPq-b0fpxDTnTkV8VQ9iGKuwAHfe4eR-0js3vOFH74tHsUQiDDhobOfjDhUXwM6fUg3gosp6pfIpEO11-HnPUC01JT0LDj59c2eHODiUBupLfZAA',headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0', 'X-Requested-With': 'XMLHttpRequest', 'Referer': 'https://csgopositive.com/', } data = { 'action': 'auth', 'login': 'my@email.ru', 'password': '1234', 'lang': 'RU', 'g-recaptcha-response': '12A444kEkmbxr5MUU0oCX777Ua4Mf4rWgEfodfSmqQyNr5OOIbtaD669kW3sG9v99TBRk0WGaWhg198qVsisBtm2eSCFQbUqSbcnQrPB1-MrMRwwY05mEBhmYqeaLxcybgjwQbkffe71z2IRGme3I3-2FJ7wvUqcSJSISGXMaIViznWbl78cvPq-b0fpxDTnTkV8VQ9iGKuwAHfe4eR-0js3vOFH74tHsUQiDDhobOfjDhUXwM6fUg3gosp6pfIpEO11-HnPUC01JT0LDj59c2eHODiUBupLfZAA', } import requests rs = requests.post('https://csgopositive.com/lib/ajax.php', headers=headers, data=data) print(rs) # <Response [200]> # Если токен капчи будет невалидный, отсутствующий или просроченный, # то придет: "Вы не прошли капчу!" print(rs.text) # Неверный логин или пароль
Most of the request headers removed - and without them the request passes. User-Agent is also optional, but for bots it is better to have a browser's User-Agent.
gil9red gil9red
31.9k four 24 69
- Ha! Thank you in general, but it is strange why nothing came out of me, because I did everything almost as well. - korzh
|