思路
1.先爬取代理网站的代理IP,然后做一下验证,验证是否可用并输出到文本里.
2.启用本地代理127.0.0.1:5320(5320=我想爱你)
3.sqlmap加上代理"–proxy=http://127.0.0.1:5320"
获取IP+验证代理
#/usr/bin/python3
#author:Jaky
import requests,re
url="http://www.xxxx.cn/xxx.html?api=1&num=9000"#采用89ip的接口采集
types="https"
proxys={}
headers={'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
proxy=j+i
print (proxy)
proxys[types.lower()]='%s'%proxy
try:
tar=requests.get("https://xxxx.me/ip",headers=headers,proxies=proxys,timeout=5,verify=False).text
if tar in str(proxys):
with open("ip.txt",'a') as file: file.write(proxy+'\n') # 保存文件
except :
pass
代理转发
#!/usr/bin/env python3
# coding:utf-8
import socket,time,random,threading,requests,re
from socket import error
localtime = time.asctime(time.localtime(time.time()))
class ProxyServerTest():
def __init__(self, proxyip):
# 本地socket服务
self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.proxyip = proxyip
def run(self):
try:
# 本地服务IP和端口
self.ser.bind(('127.0.0.1', 5320))
# 最大连接数
self.ser.listen(10)
except error as e:
print("[-]The local service : " + str(e))
return "[-]The local service : " + str(e)
while True:
try:
# 接收客户端数据
client, addr = self.ser.accept()
print('[*]accept %s connect' % (addr,))
data = client.recv(1024)
if not data:
break
print('[*' + localtime + ']: Accept data...')
except error as e:
print("[-]Local receiving client : " + str(e))
return "[-]Local receiving client : " + str(e)
while True:
# 目标代理服务器,将客户端接收数据转发给代理服务器
mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print("[!]Now proxy ip:" + str(self.proxyip))
prip = self.proxyip[0]
prpo = self.proxyip[1]
try:
mbsocket.settimeout(3)
mbsocket.connect((prip, prpo))
except:
print("[-]RE_Connect...")
continue
break
try:
mbsocket.send(data)
except error as e:
print("[-]Sent to the proxy server : " + str(e))
return "[-]Sent to the proxy server : " + str(e)
while True:
try:
# 从代理服务器接收数据,然后转发回客户端
data_1 = mbsocket.recv(1024)
if not data_1:
break
print('[*' + localtime + ']: Send data...')
client.send(data_1)
except socket.timeout as e:
print(self. proxyip)
print("[-]Back to the client : " + str(e))
continue
# 关闭连接
client.close()
mbsocket.close()
def main():
print('Atuhor:Jaky')
print('WeChat public number:luomiweixiong')
file = open("ip.txt","r")
for i in file:
ip = i.split(':')
ip_list = (ip[0],int(ip[1]))
print(ip_list)
try:
try_ip = ProxyServerTest(ip_list)
except Exception as e:
print("[-]main : " + str(e))
return "[-]main : " + str(e)
t = threading.Thread(target=try_ip.run, name='LoveJaky')
print('[*]Waiting for connection...')
# 关闭多线程
t.start()
t.join()
if __name__ == '__main__':
main()
总结
1、使用之前得先爬取代理IP,验证完然后会自动保存在"ip.txt"里
2、执行以上代码,然后
sqlmap.py -u “http://www.xxx.com/1.asp?id=1” --proxy=http://127.0.0.1:5320
1235
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
