云函数各种使用方式
云函数代理蚁剑流量
1.创建云函数
2021-11-20T12:38:58.png
#!/usr/bin/env
# -*- coding:utf-8 -*-
import requests
import json
from urllib.parse import urlsplit
def geturl(urlstr):
jurlstr = json.dumps(urlstr)
dict_url = json.loads(jurlstr)
return dict_url['url']
def main_handler(event, context):
url = geturl(event['queryString'])
host = urlsplit(url).netloc
postdata = event['body']
headers = event['headers']
headers["HOST"] = host
resp = requests.post(url, data=postdata, headers=headers, verify=False)
response = {
"isBase64Encoded": False,
"statusCode": 200,
"headers": {'Content-Type': 'text/html;charset=' + resp.apparent_encoding},
"body": resp.text
}
return response
2021-11-20T12:41:41.png
使用时在webshell前加api访问路径。
2021-11-20T12:44:05.png
云函数HTTP代理
2021-11-20T13:01:14.png
# -*- coding: utf8 -*-
import json
import pickle
from base64 import b64decode, b64encode
import requests
SCF_TOKEN = "INYZCKWDRHLGAFBQEXPTSMVUO"
def authorization():
return {
"isBase64Encoded": False,
"statusCode": 401,
"headers": {},
"body": "Please provide correct SCF-Token",
}
def main_handler(event: dict, context: dict):
# Tencent cloud has its own authorization system https://console.cloud.tencent.com/cam/capi
# But it may be a little overqualified for a simple usage like this
try:
token = event["headers"]["scf-token"]
except KeyError:
return authorization()
if token != SCF_TOKEN:
return authorization()
data = event["body"]
kwargs = json.loads(data)
kwargs['data'] = b64decode(kwargs['data'])
# Prohibit automatic redirect to avoid network errors such as connection reset
r = requests.request(**kwargs, verify=False, allow_redirects=False)
# TODO: REFACTOR NEEDED. Return response headers and body directly.
# There are many errors occured when setting headers to r.headers with some aujustments(https://cloud.tencent.com/document/product/583/12513).
# and the response `r.content`/`r.raw.read()` to body.(like gzip error)
serialized_resp = pickle.dumps(r)
return {
"isBase64Encoded": False,
"statusCode": 200,
"headers": {},
"body": b64encode(serialized_resp).decode("utf-8"),
}本地安装 mitmproxy
pip3 install mitmproxy
import json
import pickle
from typing import List
from random import choice
from urllib.parse import urlparse
from base64 import b64encode, b64decode
import mitmproxy
from mitmproxy.net.http import Headers
# API访问地址,可以添加多个,以逗号分隔
scf_servers: List[str] = ['https://service-xxxx.apigw.tencentcs.com/release/helloworld-1637412674']
# 授权Token,与云函数中的token配置一致
SCF_TOKEN = "INYZCKWDRHLGAFBQEXPTSMVUO"
def request(flow: mitmproxy.http.HTTPFlow):
scf_server = choice(scf_servers)
r = flow.request
data = {
"method": r.method,
"url": r.pretty_url,
"headers": dict(r.headers),
"cookies": dict(r.cookies),
"params": dict(r.query),
"data": b64encode(r.raw_content).decode("ascii"),
}
flow.request = flow.request.make(
"POST",
url=scf_server,
content=json.dumps(data),
headers={
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Encoding": "gzip, deflate, compress",
"Accept-Language": "en-us;q=0.8",
"Cache-Control": "max-age=0",
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36",
"Connection": "close",
"Host": urlparse(scf_server).netloc,
"SCF-Token": SCF_TOKEN,
},
)
def response(flow: mitmproxy.http.HTTPFlow):
if flow.response.status_code != 200:
mitmproxy.ctx.log.warn("Error")
if flow.response.status_code == 401:
flow.response.headers = Headers(content_type="text/html;charset=utf-8")
return
if flow.response.status_code == 433:
flow.response.headers = Headers(content_type="text/html;charset=utf-8")
flow.response.text = "<html><body>操作已超过云函数服务最大时间限制,可在函数配置中修改执行超时时间</body></html>"
return
if flow.response.status_code == 200:
body = flow.response.content.decode("utf-8")
resp = pickle.loads(b64decode(body))
r = flow.response.make(
status_code=resp.status_code,
headers=dict(resp.headers),
content=resp.content,
)
flow.response = r启动客户端
mitmdump -s client.py -p 8080
修改浏览器代理
2021-11-20T13:04:29.png
添加mitmdump证书
2021-11-20T13:05:18.png
2021-11-20T13:06:15.png
选择证书导入 查看IP,每次刷新IP都会变化
2021-11-20T13:07:00.png
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2021 年 11 月,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
相关产品与服务
云函数
云函数(Serverless Cloud Function,SCF)是腾讯云为企业和开发者们提供的无服务器执行环境,帮助您在无需购买和管理服务器的情况下运行代码。您只需使用平台支持的语言编写核心代码并设置代码运行的条件,即可在腾讯云基础设施上弹性、安全地运行代码。云函数是实时文件处理和数据处理等场景下理想的计算平台。