How to use the pycurl.SSL_VERIFYHOST function in pycurl
To help you get started, we’ve selected a few pycurl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
linuxdeepin / deepin-music / src / dwidgets / coverlrc / mycurl.py View on Github 
crl.setopt(pycurl.PROXY, rel_proxy_host)
rel_proxy_port = proxy_port or self.proxy_port
if rel_proxy_port:
crl.setopt(pycurl.PROXYPORT, rel_proxy_port)
# set cookie
rel_cookie_file = cookie_file or self.cookie_file
if rel_cookie_file:
crl.setopt(pycurl.COOKIEFILE, rel_cookie_file)
crl.setopt(pycurl.COOKIEJAR, rel_cookie_file)
# set ssl
crl.setopt(pycurl.SSL_VERIFYPEER, 0)
crl.setopt(pycurl.SSL_VERIFYHOST, 0)
crl.setopt(pycurl.SSLVERSION, 3)
crl.setopt(pycurl.CONNECTTIMEOUT, 10)
crl.setopt(pycurl.TIMEOUT, 300)
crl.setopt(pycurl.HTTPPROXYTUNNEL,1)
rel_header = header or self.header
if rel_header:
crl.setopt(pycurl.HTTPHEADER, rel_header)
crl.fp = StringIO.StringIO()
if isinstance(url, unicode):
url = str(url)
crl.setopt(pycurl.URL, url)
crl.setopt(crl.WRITEFUNCTION, crl.fp.write)rel_proxy_host = proxy_host or self.proxy_host
if rel_proxy_host:
crl.setopt(pycurl.PROXY, rel_proxy_host)
rel_proxy_port = proxy_port or self.proxy_port
if rel_proxy_port:
crl.setopt(pycurl.PROXYPORT, rel_proxy_port)
# set cookie
rel_cookie_file = cookie_file or self.cookie_file
if rel_cookie_file:
crl.setopt(pycurl.COOKIEFILE, rel_cookie_file)
crl.setopt(pycurl.COOKIEJAR, rel_cookie_file)
# set ssl
crl.setopt(pycurl.SSL_VERIFYPEER, 0)
crl.setopt(pycurl.SSL_VERIFYHOST, 0)
crl.setopt(pycurl.SSLVERSION, 3)
crl.setopt(pycurl.CONNECTTIMEOUT, 10)
crl.setopt(pycurl.TIMEOUT, 300)
crl.setopt(pycurl.HTTPPROXYTUNNEL,1)
rel_header = header or self.header
if rel_header:
crl.setopt(pycurl.HTTPHEADER, rel_header)
crl.fp = StringIO.StringIO()
crl.setopt(crl.POSTFIELDS, data) # post data
if isinstance(url, unicode):
url = str(url)c.setopt(pycurl.URL, external) # external HEAD check before to attack
c.setopt(pycurl.NOBODY,0) # use GET
if self.attack_mode == True:
if options.place:
# use zombie's vector to connect to a target's place and add a random query to evade cache
random_hash = random.randint(1, 100000000)
url_attack = zombie + options.target + "/"+ options.place + "?" + str(random_hash)
else:
url_attack = zombie + options.target # Use zombie vector to connect to original target url
print url_attack
c.setopt(pycurl.URL, url_attack) # GET connection on target site
c.setopt(pycurl.NOBODY,0) # use GET
c.setopt(pycurl.HTTPHEADER, ['Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg', 'Connection: Keep-Alive', 'Content-type: application/x-www-form-urlencoded; charset=UTF-8', 'Cache-control: no-cache', 'Pragma: no-cache', 'Pragma-directive: no-cache', 'Cache-directive: no-cache', 'Expires: 0']) # set fake headers (important: no-cache)
c.setopt(pycurl.FOLLOWLOCATION, 1) # set follow redirects
c.setopt(pycurl.MAXREDIRS, 10) # set max redirects
c.setopt(pycurl.SSL_VERIFYHOST, 0) # don't verify host
c.setopt(pycurl.SSL_VERIFYPEER, 0) # don't verify peer
c.setopt(pycurl.SSLVERSION, pycurl.SSLVERSION_SSLv3) # sslv3
c.setopt(pycurl.COOKIEFILE, '/dev/null') # black magic
c.setopt(pycurl.COOKIEJAR, '/dev/null') # black magic
c.setopt(pycurl.FRESH_CONNECT, 1) # important: no cache!
b = StringIO.StringIO()
c.setopt(pycurl.HEADERFUNCTION, b.write)
h = StringIO.StringIO()
c.setopt(pycurl.WRITEFUNCTION, h.write)
if options.agent: # set user-agent
c.setopt(pycurl.USERAGENT, options.agent)
else:
c.setopt(pycurl.USERAGENT, self.user_agent)
if options.referer: # set referer
c.setopt(pycurl.REFERER, options.referer)
else:curl.setopt(pycurl.PROXYUSERPWD, credentials)
if request.proxy_auth_mode is None or request.proxy_auth_mode == "basic":
curl.setopt(pycurl.PROXYAUTH, pycurl.HTTPAUTH_BASIC)
elif request.proxy_auth_mode == "digest":
curl.setopt(pycurl.PROXYAUTH, pycurl.HTTPAUTH_DIGEST)
else:
raise ValueError(
"Unsupported proxy_auth_mode %s" % request.proxy_auth_mode
)
else:
curl.setopt(pycurl.PROXY, "")
curl.unsetopt(pycurl.PROXYUSERPWD)
if request.validate_cert:
curl.setopt(pycurl.SSL_VERIFYPEER, 1)
curl.setopt(pycurl.SSL_VERIFYHOST, 2)
else:
curl.setopt(pycurl.SSL_VERIFYPEER, 0)
curl.setopt(pycurl.SSL_VERIFYHOST, 0)
if request.ca_certs is not None:
curl.setopt(pycurl.CAINFO, request.ca_certs)
else:
# There is no way to restore pycurl.CAINFO to its default value
# (Using unsetopt makes it reject all certificates).
# I don't see any way to read the default value from python so it
# can be restored later. We'll have to just leave CAINFO untouched
# if no ca_certs file was specified, and require that if any
# request uses a custom ca_certs file, they all must.
pass
if request.allow_ipv6 is False:
# Curl behaves reasonably when DNS resolution gives an ipv6 addressdef head(self):
conn=pycurl.Curl()
conn.setopt(pycurl.SSL_VERIFYPEER,False)
conn.setopt(pycurl.SSL_VERIFYHOST,1)
conn.setopt(pycurl.URL,self.completeUrl)
conn.setopt(pycurl.HEADER, True) # estas dos lineas son las que importan
conn.setopt(pycurl.NOBODY, True) # para hacer un pedido HEAD
conn.setopt(pycurl.WRITEFUNCTION, self.header_callback)
conn.perform()
rp=Response()
rp.parseResponse(self.__performHead)
self.response=rprel_proxy_host = proxy_host or self.proxy_host
if rel_proxy_host:
crl.setopt(pycurl.PROXY, rel_proxy_host)
rel_proxy_port = proxy_port or self.proxy_port
if rel_proxy_port:
crl.setopt(pycurl.PROXYPORT, rel_proxy_port)
# set cookie
rel_cookie_file = cookie_file or self.cookie_file
if rel_cookie_file:
crl.setopt(pycurl.COOKIEFILE, rel_cookie_file)
crl.setopt(pycurl.COOKIEJAR, rel_cookie_file)
# set ssl
crl.setopt(pycurl.SSL_VERIFYPEER, 0)
crl.setopt(pycurl.SSL_VERIFYHOST, 0)
crl.setopt(pycurl.SSLVERSION, 3)
crl.setopt(pycurl.CONNECTTIMEOUT, 10)
crl.setopt(pycurl.TIMEOUT, 300)
crl.setopt(pycurl.HTTPPROXYTUNNEL,1)
rel_header = header or self.header
if rel_header:
crl.setopt(pycurl.HTTPHEADER, rel_header)
crl.fp = StringIO.StringIO()
crl.setopt(crl.POSTFIELDS, data) # post data
if isinstance(url, unicode):
url = str(url)curl.setopt(pycurl.ENCODING, "gzip,deflate")
else:
curl.setopt(pycurl.ENCODING, "none")
if request.proxy_host and request.proxy_port:
curl.setopt(pycurl.PROXY, request.proxy_host)
curl.setopt(pycurl.PROXYPORT, request.proxy_port)
if request.proxy_username:
credentials = '%s:%s' % (request.proxy_username,
request.proxy_password)
curl.setopt(pycurl.PROXYUSERPWD, credentials)
else:
curl.setopt(pycurl.PROXY, '')
curl.unsetopt(pycurl.PROXYUSERPWD)
if request.validate_cert:
curl.setopt(pycurl.SSL_VERIFYPEER, 1)
curl.setopt(pycurl.SSL_VERIFYHOST, 2)
else:
curl.setopt(pycurl.SSL_VERIFYPEER, 0)
curl.setopt(pycurl.SSL_VERIFYHOST, 0)
if request.ca_certs is not None:
curl.setopt(pycurl.CAINFO, request.ca_certs)
else:
# There is no way to restore pycurl.CAINFO to its default value
# (Using unsetopt makes it reject all certificates).
# I don't see any way to read the default value from python so it
# can be restored later. We'll have to just leave CAINFO untouched
# if no ca_certs file was specified, and require that if any
# request uses a custom ca_certs file, they all must.
pass
if request.allow_ipv6 is False:
# Curl behaves reasonably when DNS resolution gives an ipv6 addressdef request(self):
"""
Perform a request and returns the payload.
"""
if self.agent:
self.set_option(pycurl.USERAGENT, self.agent)
if self.referer:
self.set_option(pycurl.REFERER, self.referer)
if self.proxy:
self.set_option(pycurl.PROXY, self.proxy)
if self.ignoreproxy:
self.set_option(pycurl.PROXY, "")
if self.url:
self.set_option(pycurl.URL, self.url)
self.set_option(pycurl.SSL_VERIFYHOST, 0)
self.set_option(pycurl.SSL_VERIFYPEER, 0)
self.handle.setopt(self.handle.WRITEFUNCTION, self.captcha.write)
try:
self.handle.perform()
print "[Info] Getting captcha...\n"
return self.captcha
except pycurl.error, error:
errno, errstr = error
print '\n[Error] Connection error!:', errstr, "\n"
return "exit"postdata = 'csrfmiddlewaretoken='+csrfmiddlewaretoken[0]+'&username='+username+'&password='+password
buf = cStringIO.StringIO()
c = pycurl.Curl()
c.setopt(pycurl.URL, "https://instagram.com"+postaction[0])
c.setopt(pycurl.COOKIEFILE, "pycookie.txt")
c.setopt(pycurl.COOKIEJAR, "pycookie.txt")
c.setopt(pycurl.WRITEFUNCTION, buf.write)
c.setopt(pycurl.FOLLOWLOCATION, 1)
c.setopt(pycurl.ENCODING, "")
c.setopt(pycurl.SSL_VERIFYPEER, 0)
c.setopt(pycurl.SSL_VERIFYHOST, 0)
c.setopt(pycurl.REFERER, "https://instagram.com/accounts/login/?next=/oauth/authorize/%3Fclient_id%3D"+clientid[0]+"%26redirect_uri%3Dhttp%3A//web.stagram.com/%26response_type%3Dcode%26scope%3Dlikes%2Bcomments%2Brelationships")
useragent = random.choice(browsers) + str(random.randrange(1,9)) + "." + str(random.randrange(0,50)) + " (" + random.choice(operatingsystems) + "; " + random.choice(operatingsystems) + "; rv:" + str(random.randrange(1,9)) + "." + str(random.randrange(1,9)) + "." + str(random.randrange(1,9)) + "." + str(random.randrange(1,9)) + ")"
c.setopt(pycurl.USERAGENT, useragent)
c.setopt(pycurl.POST, 1)
c.setopt(pycurl.POSTFIELDS, postdata)
c.setopt(pycurl.POSTFIELDSIZE, len(postdata))
#c.setopt(pycurl.VERBOSE, True)
c.perform()
curlData = buf.getvalue()
buf.close()def __init__(self, base_url="", fakeheaders=[ 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg', 'Connection: Keep-Alive', 'Content-type: application/x-www-form-urlencoded; charset=UTF-8']):
self.handle = pycurl.Curl()
self._closed = False
self.set_url(base_url)
self.verbosity = 0
self.signals = 1
self.payload = ""
self.header = StringIO()
self.fakeheaders = fakeheaders
self.headers = None
self.set_option(pycurl.SSL_VERIFYHOST, 0)
self.set_option(pycurl.SSL_VERIFYPEER, 0)
try:
self.set_option(pycurl.SSLVERSION, pycurl.SSLVERSION_TLSv1_2) # max supported version by pycurl
except:
try:
self.set_option(pycurl.SSLVERSION, pycurl.SSLVERSION_TLSv1_1)
except: # use vulnerable TLS/SSL versions (TLS1_0 -> weak enc | SSLv2 + SSLv3 -> deprecated)
try:
self.set_option(pycurl.SSLVERSION, pycurl.SSLVERSION_TLSv1_0)
except:
try:
self.set_option(pycurl.SSLVERSION, pycurl.SSLVERSION_SSLv3)
except:
self.set_option(pycurl.SSLVERSION, pycurl.SSLVERSION_SSLv2)
self.set_option(pycurl.FOLLOWLOCATION, 0)
self.set_option(pycurl.MAXREDIRS, 50)pycurl
PycURL -- A Python Interface To The cURL library
Package Health Score
88 / 100Popular pycurl functions
- pycurl.CONNECTTIMEOUT
- pycurl.Curl
- pycurl.CurlMulti
- pycurl.CUSTOMREQUEST
- pycurl.error
- pycurl.FOLLOWLOCATION
- pycurl.HEADERFUNCTION
- pycurl.HTTP_CODE
- pycurl.HTTPHEADER
- pycurl.MAXREDIRS
- pycurl.NOSIGNAL
- pycurl.POST
- pycurl.POSTFIELDS
- pycurl.SSL_VERIFYHOST
- pycurl.SSL_VERIFYPEER
- pycurl.TIMEOUT
- pycurl.URL
- pycurl.USERAGENT
- pycurl.USERPWD
- pycurl.WRITEFUNCTION