'csrf = soup.find("input") ['value'] TypeError: 'NoneType' object is not subscriptable
When i run below code in the following format, python.exe sql-lab-02.py https://ace61f2f1f1e76b9c0931a7400310060.web-security-academy.net "admin" I get the following error csrf = soup.find("input") ['value'] TypeError: 'NoneType' object is not subscriptable . I would be glad to figure out how go about this error.
import sys
import urllib3
#from html.parser import HTMLParser
#import markupbase
from bs4 import BeautifulSoup
#from lxml import html
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
proxies = {'http':'http://127.0.0.1:8081', 'https': 'http://127.0.0.1:8081'}
def get_csrf_token(s, url):
r = s.get(url, verify=False, proxies=proxies)
#print(r.text)
soup = BeautifulSoup(r.text, 'html.parser')
#soup = BeautifulSoup(r.text, features='html')
#print(soup.prettify())
csrf = soup.find("input") ['value']
print(csrf)
def exploit_sqli(s, url, payload):
csrf = get_csrf_token(s, url)
# incomplete
if __name__ == "__main__":
try:
url=sys.argv[1].strip()
sqli_payload = sys.argv[2].strip()
except IndexError:
print("[-] Usage: %s <url> <sql-payload>" % sys.argv[0])
print('[-] Example: %s www.example.com "1=1"' %sys.argv[0])
sys.exit(-1)
s = requests.Session()
#print(s.text)
if exploit_sqli(s, url, sqli_payload):
print('[+] SQL injection successful! We have logged you in as administrator user.')
else:
print('[+] SQL injection unsuccessful!')
The error is generated in line 39, in if exploit_sqli(s, url, sqli_payload): line 24, in exploit_sqli csrf = get_csrf_token(s, url)
in line 19, in get_csrf_token csrf = soup.find("input") ['value']
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|