sqlmap+外部代理池绕过IP拦截
0x01:思路
1.先爬取代理网站的代理IP,然后做一下验证,验证是否可用并输出到文本里.
2.启用本地代理127.0.0.1:5320(5320=我想爱你)
3.sqlmap加上代理"--proxy=http://127.0.0.1:5320"
0x02:过程
一、获取代理IP
import requests,reurl="http://www.89ip.cn/tqdl.html?api=1&num=10"#采用89ip的接口采集types="https"proxys={}#print (url)headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25'}r=requests.get(url,headers=headers).textip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口for i,j in zip(port[2:],ip): print (j+i)二、验证代理IP并输出到文本
我们来回忆上次提到的Python中proxies的编写规则
proxy={'协议':'ip:端口'}编写格式:
tar=requests.get(url,headers=headers,proxies=proxy,timeout=5,verify=False)获取IP+验证代理
#/usr/bin/python3#author:Jaky
import requests,re
url="http://www.89ip.cn/tqdl.html?api=1&num=9000"#采用89ip的接口采集types="https"proxys={}headers={'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)'}r=requests.get(url,headers=headers).textip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口for i,j in zip(port[2:],ip): proxy=j+i print (proxy) proxys[types.lower()]='%s'%proxy try: tar=requests.get("https://ifconfig.me/ip",headers=headers,proxies=proxys,timeout=5,verify=False).text if tar in str(proxys): with open("ip.txt",'a') as file: file.write(proxy+'\n') # 保存文件 except : pass 我这里直接采集9000个+验证
同时输出结果到"ip.txt"
三、完整代码
#!/usr/bin/env python3# coding:utf-8
import socket,time,random,threading,requests,refrom socket import error
localtime = time.asctime(time.localtime(time.time()))
class ProxyServerTest(): def __init__(self, proxyip): # 本地socket服务 self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.proxyip = proxyip def run(self): try: # 本地服务IP和端口 self.ser.bind(('127.0.0.1', 5320)) # 最大连接数 self.ser.listen(10) except error as e: print("[-]The local service : " + str(e)) return "[-]The local service : " + str(e)
while True: try: # 接收客户端数据 client, addr = self.ser.accept() print('[*]accept %s connect' % (addr,)) data = client.recv(1024) if not data: break print('[*' + localtime + ']: Accept data...') except error as e: print("[-]Local receiving client : " + str(e)) return "[-]Local receiving client : " + str(e)
while True: # 目标代理服务器,将客户端接收数据转发给代理服务器 mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print("[!]Now proxy ip:" + str(self.proxyip)) prip = self.proxyip[0] prpo = self.proxyip[1]
try: mbsocket.settimeout(3) mbsocket.connect((prip, prpo)) except: print("[-]RE_Connect...") continue break
try: mbsocket.send(data) except error as e: print("[-]Sent to the proxy server : " + str(e)) return "[-]Sent to the proxy server : " + str(e)
while True: try: # 从代理服务器接收数据,然后转发回客户端 data_1 = mbsocket.recv(1024) if not data_1: break print('[*' + localtime + ']: Send data...') client.send(data_1) except socket.timeout as e: print(self. proxyip) print("[-]Back to the client : " + str(e)) continue # 关闭连接 client.close() mbsocket.close() def main(): print('Atuhor:Jaky') print('WeChat public number:luomiweixiong') file = open("ip.txt","r") for i in file: ip = i.split(':') ip_list = (ip[0],int(ip[1])) print(ip_list)
try: try_ip = ProxyServerTest(ip_list) except Exception as e: print("[-]main : " + str(e)) return "[-]main : " + str(e)
t = threading.Thread(target=try_ip.run, name='LoveJaky') print('[*]Waiting for connection...') # 关闭多线程 t.start() t.join() if __name__ == '__main__': main()0x03:总结
1、用之前得先爬取代理IP,验证完然后会自动保存在"ip.txt"里
2、执行以上代码,然后
sqlmap.py -u "http://www.xxx.com/1.asp?id=1" --proxy=http://127.0.0.1:5320本文参与 腾讯云自媒体分享计划,分享自微信公众号。
原始发表:2020-04-09,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读