前往小程序,Get更优阅读体验!
立即前往
首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >云函数各种使用方式

云函数各种使用方式

作者头像
R0A1NG
发布2022-02-19 10:23:14
1.3K0
发布2022-02-19 10:23:14
举报
文章被收录于专栏:R0A1NG 技术分享R0A1NG 技术分享

云函数代理蚁剑流量

1.创建云函数

2021-11-20T12:38:58.png
2021-11-20T12:38:58.png
代码语言:javascript
复制
#!/usr/bin/env
# -*- coding:utf-8 -*-

import requests
import json
from urllib.parse import urlsplit

def geturl(urlstr):
    jurlstr = json.dumps(urlstr)
    dict_url = json.loads(jurlstr)
    return dict_url['url']

def main_handler(event, context):
    url = geturl(event['queryString'])
    host = urlsplit(url).netloc
    postdata = event['body']
    headers = event['headers']
    headers["HOST"] = host
    resp = requests.post(url, data=postdata, headers=headers, verify=False)
    response = {
        "isBase64Encoded": False,
        "statusCode": 200,
        "headers": {'Content-Type': 'text/html;charset=' + resp.apparent_encoding},
        "body": resp.text
}
    return response
2021-11-20T12:41:41.png
2021-11-20T12:41:41.png

使用时在webshell前加api访问路径。

https://service-ncowiper-xxxxxxx.apigw.tencentcs.com/release/helloworld-1637410382?url=https://www.baidu.com/shell.php

2021-11-20T12:44:05.png
2021-11-20T12:44:05.png

云函数HTTP代理

2021-11-20T13:01:14.png
2021-11-20T13:01:14.png
代码语言:javascript
复制
# -*- coding: utf8 -*-
import json
import pickle
from base64 import b64decode, b64encode

import requests


SCF_TOKEN = "INYZCKWDRHLGAFBQEXPTSMVUO"


def authorization():
    return {
        "isBase64Encoded": False,
        "statusCode": 401,
        "headers": {},
        "body": "Please provide correct SCF-Token",
    }


def main_handler(event: dict, context: dict):
    # Tencent cloud has its own authorization system https://console.cloud.tencent.com/cam/capi
    # But it may be a little overqualified for a simple usage like this
    try:
        token = event["headers"]["scf-token"]
    except KeyError:
        return authorization()

    if token != SCF_TOKEN:
        return authorization()

    data = event["body"]
    kwargs = json.loads(data)
    kwargs['data'] = b64decode(kwargs['data'])
    # Prohibit automatic redirect to avoid network errors such as connection reset
    r = requests.request(**kwargs, verify=False, allow_redirects=False)


    # TODO: REFACTOR NEEDED. Return response headers and body directly.
    # There are many errors occured when setting headers to r.headers with some aujustments(https://cloud.tencent.com/document/product/583/12513).
    # and the response `r.content`/`r.raw.read()` to body.(like gzip error)
    serialized_resp = pickle.dumps(r)

    return {
        "isBase64Encoded": False,
        "statusCode": 200,
        "headers": {},
        "body": b64encode(serialized_resp).decode("utf-8"),
    }

本地安装 mitmproxy

pip3 install mitmproxy

代码语言:javascript
复制
import json
import pickle
from typing import List
from random import choice
from urllib.parse import urlparse
from base64 import b64encode, b64decode

import mitmproxy
from mitmproxy.net.http import Headers

# API访问地址,可以添加多个,以逗号分隔
scf_servers: List[str] = ['https://service-xxxx.apigw.tencentcs.com/release/helloworld-1637412674']

# 授权Token,与云函数中的token配置一致
SCF_TOKEN = "INYZCKWDRHLGAFBQEXPTSMVUO"


def request(flow: mitmproxy.http.HTTPFlow):
    scf_server = choice(scf_servers)
    r = flow.request
    data = {
        "method": r.method,
        "url": r.pretty_url,
        "headers": dict(r.headers),
        "cookies": dict(r.cookies),
        "params": dict(r.query),
        "data": b64encode(r.raw_content).decode("ascii"),
    }

    flow.request = flow.request.make(
        "POST",
        url=scf_server,
        content=json.dumps(data),
        headers={
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
            "Accept-Encoding": "gzip, deflate, compress",
            "Accept-Language": "en-us;q=0.8",
            "Cache-Control": "max-age=0",
            "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36",
            "Connection": "close",
            "Host": urlparse(scf_server).netloc,
            "SCF-Token": SCF_TOKEN,
        },
    )


def response(flow: mitmproxy.http.HTTPFlow):
    if flow.response.status_code != 200:
        mitmproxy.ctx.log.warn("Error")

    if flow.response.status_code == 401:
        flow.response.headers = Headers(content_type="text/html;charset=utf-8")
        return

    if flow.response.status_code == 433:
        flow.response.headers = Headers(content_type="text/html;charset=utf-8")
        flow.response.text = "<html><body>操作已超过云函数服务最大时间限制,可在函数配置中修改执行超时时间</body></html>"
        return

    if flow.response.status_code == 200:
        body = flow.response.content.decode("utf-8")
        resp = pickle.loads(b64decode(body))

        r = flow.response.make(
            status_code=resp.status_code,
            headers=dict(resp.headers),
            content=resp.content,
        )
        flow.response = r

启动客户端

mitmdump -s client.py -p 8080

修改浏览器代理

2021-11-20T13:04:29.png
2021-11-20T13:04:29.png

添加mitmdump证书

2021-11-20T13:05:18.png
2021-11-20T13:05:18.png
2021-11-20T13:06:15.png
2021-11-20T13:06:15.png

选择证书导入 查看IP,每次刷新IP都会变化

2021-11-20T13:07:00.png
2021-11-20T13:07:00.png
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2021 年 11 月,如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体同步曝光计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
目录
  • 云函数代理蚁剑流量
  • 云函数HTTP代理
相关产品与服务
云函数
云函数(Serverless Cloud Function,SCF)是腾讯云为企业和开发者们提供的无服务器执行环境,帮助您在无需购买和管理服务器的情况下运行代码。您只需使用平台支持的语言编写核心代码并设置代码运行的条件,即可在腾讯云基础设施上弹性、安全地运行代码。云函数是实时文件处理和数据处理等场景下理想的计算平台。
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档