版权声明:本文为博主原创文章,遵循 CC 4.0 BY 版权协议,转载请附上原文出处链接和本声明。
sqlmap这款神器我就不多说了吧。
我也相信对于小白来说有些困扰,每次使用sqlmap的时候,一个不小心就被禁ip了。
使用sqlmap的代理池去进行渗透测试可以很好的帮助我们就解决这个的问题。
收集的大量资料和教程后,我决定编写的sqlmap的代理脚本。
编写思路
第一步使用python库中socket库。大家可以自己去百度一下关于这个库的内容。
推荐博客:
https://blog.csdn.net/weixin_39258979/article/details/80835555
https://blog.csdn.net/qq_36119192/article/details/83662680
https://www.cnblogs.com/liujiacai/p/7814699.html
socket代码内容:
class ProxyServerTest():
def __init__(self, proxyip):
# 本地socket服务
self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.proxyip = proxyip
def run(self):
try:
# 本地服务IP和端口
self.ser.bind(('127.0.0.1', 9999))
# 最大连接数
self.ser.listen(5)
except error as e:
print("[-]The local service : " + str(e))
return "[-]The local service : " + str(e)
while True:
try:
# 接收客户端数据
client, addr = self.ser.accept()
print('[*]accept %s connect' % (addr,))
data = client.recv(1024)
if not data:
break
print('[*' + localtime + ']: Accept data...')
except error as e:
print("[-]Local receiving client : " + str(e))
return "[-]Local receiving client : " + str(e)
while True:
# 目标代理服务器,将客户端接收数据转发给代理服务器
mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
iplen = len(self.proxyip)
proxyip = self.proxyip[random.randint(0, iplen - 1)]
print("[!]Now proxy ip:" + str(proxyip))
prip = proxyip[0]
prpo = proxyip[1]
try:
mbsocket.settimeout(3)
mbsocket.connect((prip, prpo))
except:
print("[-]RE_Connect...")
continue
break
# except :
# print("[-]Connect failed,change proxy ip now...")
# pass
try:
mbsocket.send(data)
except error as e:
print("[-]Sent to the proxy server : " + str(e))
return "[-]Sent to the proxy server : " + str(e)
while True:
try:
# 从代理服务器接收数据,然后转发回客户端
data_1 = mbsocket.recv(1024)
if not data_1:
break
print('[*' + localtime + ']: Send data...')
client.send(data_1)
except socket.timeout as e:
print(proxyip)
print("[-]Back to the client : " + str(e))
continue
# 关闭连接
client.close()
mbsocket.close()
第二步使用的文件读写
def Loadips():
print("[*]Loading proxy ips..")
ip_list = []
ip = ['ip', 'port']
with open("ips.txt")as ips:
lines = ips.readlines()
for line in lines:
ip[0], ip[1] = line.strip().split(":")
ip[1] = eval(ip[1])
nip = tuple(ip)
ip_list.append(nip)
return ip_list本脚本是采用的是多线程。
下面是全部的代码:
# -*-coding:utf-8-*-
import socket
from socket import error
import threading
import random
import time
localtime = time.asctime(time.localtime(time.time()))
class ProxyServerTest():
def __init__(self, proxyip):
# 本地socket服务
self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.proxyip = proxyip
def run(self):
try:
# 本地服务IP和端口
self.ser.bind(('127.0.0.1', 9999))
# 最大连接数
self.ser.listen(5)
except error as e:
print("[-]The local service : " + str(e))
return "[-]The local service : " + str(e)
while True:
try:
# 接收客户端数据
client, addr = self.ser.accept()
print('[*]accept %s connect' % (addr,))
data = client.recv(1024)
if not data:
break
print('[*' + localtime + ']: Accept data...')
except error as e:
print("[-]Local receiving client : " + str(e))
return "[-]Local receiving client : " + str(e)
while True:
# 目标代理服务器,将客户端接收数据转发给代理服务器
mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
iplen = len(self.proxyip)
proxyip = self.proxyip[random.randint(0, iplen - 1)]
print("[!]Now proxy ip:" + str(proxyip))
prip = proxyip[0]
prpo = proxyip[1]
try:
mbsocket.settimeout(3)
mbsocket.connect((prip, prpo))
except:
print("[-]RE_Connect...")
continue
break
# except :
# print("[-]Connect failed,change proxy ip now...")
# pass
try:
mbsocket.send(data)
except error as e:
print("[-]Sent to the proxy server : " + str(e))
return "[-]Sent to the proxy server : " + str(e)
while True:
try:
# 从代理服务器接收数据,然后转发回客户端
data_1 = mbsocket.recv(1024)
if not data_1:
break
print('[*' + localtime + ']: Send data...')
client.send(data_1)
except socket.timeout as e:
print(proxyip)
print("[-]Back to the client : " + str(e))
continue
# 关闭连接
client.close()
mbsocket.close()
def Loadips():
print("[*]Loading proxy ips..")
ip_list = []
ip = ['ip', 'port']
with open("ips.txt")as ips:
lines = ips.readlines()
for line in lines:
ip[0], ip[1] = line.strip().split(":")
ip[1] = eval(ip[1])
nip = tuple(ip)
ip_list.append(nip)
return ip_list
def main():
print('''
__ __ _ _____ ____
\ \ / /_ _/ |_ __ |___ /| _ \
\ \ / / _` | | '_ \ |_ \| |_) |
\ V / (_| | | | | |___) | _ < _
\_/ \__,_|_|_| |_|____/|_| \_(_)
bbs: https://blog.csdn.net/sun1318578251
''')
ip_list = Loadips()
try:
pst = ProxyServerTest(ip_list)
# 多线程
t = threading.Thread(target=pst.run, name='LoopThread')
print('[*]Waiting for connection...')
# 关闭多线程
t.start()
t.join()
except Exception as e:
print("[-]main : " + str(e))
return "[-]main : " + str(e)
if __name__ == '__main__':
main()
下载地址:
csdn:https://download.csdn.net/download/sun1318578251/11516833
链接: https://pan.baidu.com/s/1ILqgXJElqA4QEzPzlSnw1w 提取码: 37up
复制这段内容后打开百度网盘手机App,操作更方便哦
运行效果:
可能存在的问题:
1.ips.txt中的代理可能已经过期。
2.可能会报错,如果报错请使用决定路径打开,或者使用pycharm等工具打开。
如果在cmd中运行,请是转到对应的目录下,不然可能报ips.txt路径错误的问题。