1.例如登录页提交需要的csrfmiddlewaretoken:
1.1.登录网址首页,查看页面源码,获取csrfmiddlewaretoken相关源码如下:
<form action="" method="post" id="login-form"> <div class="panel panel-default panel-single" id="panel-login"> <input type='hidden' name='csrfmiddlewaretoken' value='wUpi9oQIY6xHSJGmTgw9OaVfKTAomS3GNwAHrROX8TFVcdVU8KEkLR5XOOFBjuPs' /> <div class="panel-heading">
只用csrfmiddlewaretoken部分的数据,
1.2. lr获取脚本csrfmiddlewaretoken如下:
web_reg_save_param("logincsrfmiddlewaretoken","LB='csrfmiddlewaretoken' value='","RB=' />",LAST);
其中logincsrfmiddlewaretoken为自定义的变量的名字;
LB=后面部分:是从页面源码中获取的变量内容的之前的内容
RB=后面部分: 是从页面源码中获取的变量内容的之后的内容
通过LB与RB来获取变量的值(如果包含双引号,需要用\进行转义)
1.3. 脚本放在访问网址前,如下:
web_reg_save_param("logincsrfmiddlewaretoken","LB='csrfmiddlewaretoken' value='","RB=' />",LAST); web_url("192.168.1.102:8000", "URL=http://192.168.1.102:8000/", "Resource=0", "RecContentType=text/html", "Referer=", "Snapshot=t8.inf", "Mode=HTML", EXTRARES, "Url=/static/xadmin/vendor/font-awesome/fonts/fontawesome-webfont.eot?", ENDITEM, LAST);
其中web_ url为访问网址,web_reg_save_param代码放在访问脚本前
大写的LAST,表示结尾,固定用法
1.4.变量引用,之后的脚本都可以引用这个变量,如下引用:
submit_login() { web_submit_data("192.168.1.102:8000_2", "Action=http://192.168.1.102:8000/", "Method=POST", "RecContentType=text/html", "Referer=http://192.168.1.102:8000/", "Snapshot=t9.inf", "Mode=HTML", ITEMDATA, "Name=csrfmiddlewaretoken", "Value={logincsrfmiddlewaretoken}", ENDITEM, "Name=username", "Value=bobby", ENDITEM, "Name=password", "Value=admin123", ENDITEM, "Name=this_is_the_login_form", "Value=1", ENDITEM, "Name=next", "Value=/", ENDITEM, EXTRARES, "Url=/static/xadmin/vendor/font-awesome/fonts/fontawesome-webfont.eot?", ENDITEM, LAST); lr_think_time(5); web_link("用户", "Text=用户", "Ordinal=1", "Snapshot=t10.inf", EXTRARES, "Url=/static/xadmin/vendor/font-awesome/fonts/fontawesome-webfont.eot?", ENDITEM, LAST); return 0; }
其中Value={logincsrfmiddlewaretoken}就是对变量logincsrfmiddlewaretoken的引用,用{}j进行变量引用
