Script template to send HTTP requests using Python.
#!/usr/bin/python
import requests
import re
# Remove warnings: InsecureRequestWarning: Unverified HTTPS request
requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
proxies = None
# Intercept requests using Burp :)
#proxies = {
# 'http': 'http://127.0.0.1:8080',
# 'https': 'http://127.0.0.1:8080'
#}
headers = {
'User-Agent': 'Mozilla/5.0',
'Content-Type': 'application/json'
}
# Extract the content of an HTML tag
# result = extract_tag("... <title>Whatever</title> ...", "title")
def extract_tag(text, tag):
result = ""
x = re.search('<' + tag + '>.*</' + tag + '>', text, flags=re.IGNORECASE)
if x:
result = str(x.group()).split(">")[1].split("<")[0]
return result
def send_http_request(url, method="GET", payload=""):
response = ""
try:
if method == "POST":
response = requests.request("POST", url, headers=headers, data=payload, verify=False, proxies=proxies, timeout=5)
else:
response = requests.request("GET", url, headers=headers, verify=False, proxies=proxies, timeout=5)
if "<title>" in response.text:
print(url + ', ' + str(response.status_code) + ' ' + response.reason + ', ' + extract_tag(response.text, "title"))
else:
print(url + ', ' + str(response.status_code) + ' ' + response.reason)
#print(response.headers)
#print(response.cookies)
#print(response.cookies['sessionid'])
#print(response.text)
return response.status_code
except Exception as e:
print(url + ', ERROR')
return 0
# GET request
status = send_http_request("https://example.com")
# POST request
payload="{ \"key1\" : \"value1\",\"key2\":\"value2\"}"
status = send_http_request("https://example.com", "POST", payload)