sqlmap +外部代理池绕过IP拦截

19490
温馨提示:
本文最后更新于2024-06-09 08:01:07
某些文章具有时效性,若有错误或已失效,请在下方留言或联系Apibug咨询更新价格。

0x00:前言

一,基于前面写过给“扫描目录+ N多代理”,这次给sqlmap加一个代理池。用处就是在跑sqlamp注入的时候,防止被ban掉IP。

扫目录+ N多代理IP绕过拦截

二,这个想法是很久之前就有了,只不过这次是自己的研究一下原理结合网上公开的脚本,并用Python写出来的。这次没有创新的知识,纯当做是练习python脚本的编写。

0x01:思路

1.先爬取代理网站的代理IP,然后做一下验证,验证是否可用并输出到文本里。

2.启用本地代理127.0.0.1:5320(5320=我想爱你)

3.sqlmap加上代理“ –proxy = http://127.0.0.1:5320”


0x02:过程

一,获取代理IP

import requests,re
url="http://www.89ip.cn/tqdl.html?api=1&num=10"#采用89ip的接口采集
types="https"
proxys={}
#print (url)
headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  print (j+i)
import requests,re
url="http://www.89ip.cn/tqdl.html?api=1&num=10"#采用89ip的接口采集
types="https"
proxys={}
#print (url)
headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  print (j+i)
import requests,re
url="http://www.89ip.cn/tqdl.html?api=1&num=10"#采用89ip的接口采集
types="https"
proxys={}
#print (url)
headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  print (j+i)

二,验证代理IP并输出到文本

我们来回忆上次提到的Python中代理的编写规则

proxy={'协议''ip:端口'}
proxy={'协议':'ip:端口'}
proxy={'协议':'ip:端口'}

编写格式:

tar=requests.get(url,headers=headers,proxies=proxy,timeout=5,verify=False)
tar=requests.get(url,headers=headers,proxies=proxy,timeout=5,verify=False)
tar=requests.get(url,headers=headers,proxies=proxy,timeout=5,verify=False)

获取IP +验证代理:

#/usr/bin/python3
import requests,re
url="http://www.89ip.cn/tqdl.html?api=1&num=9000"#采用89ip的接口采集
types="https"
proxys={}
headers={'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  proxy=j+i
  print (proxy)
  proxys[types.lower()]='%s'%proxy
  try:
    tar=requests.get("https://ifconfig.me/ip",headers=headers,proxies=proxys,timeout=5,verify=False).text
    if tar in str(proxys):
      with open("ip.txt",'a') as file: file.write(proxy+'\n') # 保存文件
  except :
    pass  
#/usr/bin/python3

import requests,re

url="http://www.89ip.cn/tqdl.html?api=1&num=9000"#采用89ip的接口采集
types="https"
proxys={}
headers={'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  proxy=j+i
  print (proxy)
  proxys[types.lower()]='%s'%proxy
  try:
    tar=requests.get("https://ifconfig.me/ip",headers=headers,proxies=proxys,timeout=5,verify=False).text
    if tar in str(proxys):
      with open("ip.txt",'a') as file: file.write(proxy+'\n') # 保存文件
  except :
    pass  
#/usr/bin/python3

import requests,re

url="http://www.89ip.cn/tqdl.html?api=1&num=9000"#采用89ip的接口采集
types="https"
proxys={}
headers={'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)'}
r=requests.get(url,headers=headers).text
ip=re.findall("((?:[0-9]{1,3}\.){3}[0-9]{1,3})", r)#正则匹配出IP与端口
port=re.findall("(:\d{1,5})", r)#正则匹配出IP与端口
for i,j in zip(port[2:],ip):
  proxy=j+i
  print (proxy)
  proxys[types.lower()]='%s'%proxy
  try:
    tar=requests.get("https://ifconfig.me/ip",headers=headers,proxies=proxys,timeout=5,verify=False).text
    if tar in str(proxys):
      with open("ip.txt",'a') as file: file.write(proxy+'\n') # 保存文件
  except :
    pass

我这里直接采集9000个+验证

同时输出结果到“ ip.txt”


三,完整代码

#!/usr/bin/env python3
# coding:utf-8
import socket,time,random,threading,requests,re
from socket import error
localtime = time.asctime(time.localtime(time.time()))
class ProxyServerTest():
    def __init__(self, proxyip):
        # 本地socket服务
        self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.proxyip = proxyip
        
    def run(self):
        try:
            # 本地服务IP和端口
            self.ser.bind(('127.0.0.1', 5320))
            # 最大连接数
            self.ser.listen(10)
        except error as e:
            print("[-]The local service : " + str(e))
            return "[-]The local service : " + str(e)
        while True:
            try:
                # 接收客户端数据
                client, addr = self.ser.accept()
                print('[*]accept %s connect' % (addr,))
                data = client.recv(1024)
                if not data:
                    break
                print('[*' + localtime + ']: Accept data...')
            except error as e:
                print("[-]Local receiving client : " + str(e))
                return "[-]Local receiving client : " + str(e)
            while True:
                # 目标代理服务器,将客户端接收数据转发给代理服务器
                mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                print("[!]Now proxy ip:" + str(self.proxyip))
                prip = self.proxyip[0]
                prpo = self.proxyip[1]
                try:
                    mbsocket.settimeout(3)
                    mbsocket.connect((prip, prpo))
                except:
                    print("[-]RE_Connect...")
                    continue
                break
            try:
                mbsocket.send(data)
            except error as e:
                print("[-]Sent to the proxy server : " + str(e))
                return "[-]Sent to the proxy server : " + str(e)
            while True:
                try:
                    # 从代理服务器接收数据,然后转发回客户端
                    data_1 = mbsocket.recv(1024)
                    if not data_1:
                        break
                    print('[*' + localtime + ']: Send data...')
                    client.send(data_1)
                except socket.timeout as e:
                    print(self. proxyip)
                    print("[-]Back to the client : " + str(e))
                    continue
            # 关闭连接
        client.close()
        mbsocket.close()
          
def main():
    print('Atuhor:Jaky')
    print('WeChat public number:luomiweixiong')
    file = open("ip.txt","r")
    for i in file:
        ip = i.split(':')
        ip_list = (ip[0],int(ip[1]))
        print(ip_list)
        try:
            try_ip = ProxyServerTest(ip_list)
        except Exception as e:
            print("[-]main : " + str(e))
            return "[-]main : " + str(e)
    t = threading.Thread(target=try_ip.run, name='LoveJaky')
    print('[*]Waiting for connection...')
    # 关闭多线程
    t.start()
    t.join()
    
if __name__ == '__main__':
    main()
#!/usr/bin/env python3
# coding:utf-8

import socket,time,random,threading,requests,re
from socket import error

localtime = time.asctime(time.localtime(time.time()))

class ProxyServerTest():
    def __init__(self, proxyip):
        # 本地socket服务
        self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.proxyip = proxyip
        
    def run(self):
        try:
            # 本地服务IP和端口
            self.ser.bind(('127.0.0.1', 5320))
            # 最大连接数
            self.ser.listen(10)
        except error as e:
            print("[-]The local service : " + str(e))
            return "[-]The local service : " + str(e)

        while True:
            try:
                # 接收客户端数据
                client, addr = self.ser.accept()
                print('[*]accept %s connect' % (addr,))
                data = client.recv(1024)
                if not data:
                    break
                print('[*' + localtime + ']: Accept data...')
            except error as e:
                print("[-]Local receiving client : " + str(e))
                return "[-]Local receiving client : " + str(e)

            while True:
                # 目标代理服务器,将客户端接收数据转发给代理服务器
                mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

                print("[!]Now proxy ip:" + str(self.proxyip))
                prip = self.proxyip[0]
                prpo = self.proxyip[1]

                try:
                    mbsocket.settimeout(3)
                    mbsocket.connect((prip, prpo))
                except:
                    print("[-]RE_Connect...")
                    continue
                break

            try:
                mbsocket.send(data)
            except error as e:
                print("[-]Sent to the proxy server : " + str(e))
                return "[-]Sent to the proxy server : " + str(e)

            while True:
                try:
                    # 从代理服务器接收数据,然后转发回客户端
                    data_1 = mbsocket.recv(1024)
                    if not data_1:
                        break
                    print('[*' + localtime + ']: Send data...')
                    client.send(data_1)
                except socket.timeout as e:
                    print(self. proxyip)
                    print("[-]Back to the client : " + str(e))
                    continue
            # 关闭连接
        client.close()
        mbsocket.close()
          
def main():
    print('Atuhor:Jaky')
    print('WeChat public number:luomiweixiong')
    file = open("ip.txt","r")
    for i in file:
        ip = i.split(':')
        ip_list = (ip[0],int(ip[1]))
        print(ip_list)

        try:
            try_ip = ProxyServerTest(ip_list)
        except Exception as e:
            print("[-]main : " + str(e))
            return "[-]main : " + str(e)

    t = threading.Thread(target=try_ip.run, name='LoveJaky')
    print('[*]Waiting for connection...')
    # 关闭多线程
    t.start()
    t.join()
    
if __name__ == '__main__':
    main()

#!/usr/bin/env python3
# coding:utf-8

import socket,time,random,threading,requests,re
from socket import error

localtime = time.asctime(time.localtime(time.time()))

class ProxyServerTest():
    def __init__(self, proxyip):
        # 本地socket服务
        self.ser = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.proxyip = proxyip
        
    def run(self):
        try:
            # 本地服务IP和端口
            self.ser.bind(('127.0.0.1', 5320))
            # 最大连接数
            self.ser.listen(10)
        except error as e:
            print("[-]The local service : " + str(e))
            return "[-]The local service : " + str(e)

        while True:
            try:
                # 接收客户端数据
                client, addr = self.ser.accept()
                print('[*]accept %s connect' % (addr,))
                data = client.recv(1024)
                if not data:
                    break
                print('[*' + localtime + ']: Accept data...')
            except error as e:
                print("[-]Local receiving client : " + str(e))
                return "[-]Local receiving client : " + str(e)

            while True:
                # 目标代理服务器,将客户端接收数据转发给代理服务器
                mbsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

                print("[!]Now proxy ip:" + str(self.proxyip))
                prip = self.proxyip[0]
                prpo = self.proxyip[1]

                try:
                    mbsocket.settimeout(3)
                    mbsocket.connect((prip, prpo))
                except:
                    print("[-]RE_Connect...")
                    continue
                break

            try:
                mbsocket.send(data)
            except error as e:
                print("[-]Sent to the proxy server : " + str(e))
                return "[-]Sent to the proxy server : " + str(e)

            while True:
                try:
                    # 从代理服务器接收数据,然后转发回客户端
                    data_1 = mbsocket.recv(1024)
                    if not data_1:
                        break
                    print('[*' + localtime + ']: Send data...')
                    client.send(data_1)
                except socket.timeout as e:
                    print(self. proxyip)
                    print("[-]Back to the client : " + str(e))
                    continue
            # 关闭连接
        client.close()
        mbsocket.close()
          
def main():
    print('Atuhor:Jaky')
    print('WeChat public number:luomiweixiong')
    file = open("ip.txt","r")
    for i in file:
        ip = i.split(':')
        ip_list = (ip[0],int(ip[1]))
        print(ip_list)

        try:
            try_ip = ProxyServerTest(ip_list)
        except Exception as e:
            print("[-]main : " + str(e))
            return "[-]main : " + str(e)

    t = threading.Thread(target=try_ip.run, name='LoveJaky')
    print('[*]Waiting for connection...')
    # 关闭多线程
    t.start()
    t.join()
    
if __name__ == '__main__':
    main()


0x03:总结

1,使用之前得先爬取代理IP,验证完然后会自动保存在“ ip.txt”里

2,执行以上代码,然后

sqlmap.py -u "http://www.xxx.com/1.asp?id=1" --proxy=http://127.0.0.1:5320
sqlmap.py -u "http://www.xxx.com/1.asp?id=1" --proxy=http://127.0.0.1:5320
sqlmap.py -u "http://www.xxx.com/1.asp?id=1" --proxy=http://127.0.0.1:5320

本站代码教程仅供学习交流使用请勿商业运营,严禁二次倒卖,否则ban账号处理!
© 版权声明
sqlmap +外部代理池绕过IP拦截-Apibug
本文链接:https://www.apibug.com/tools/727.html
文章作者
Apibug
隐私政策
PrivacyPolicy
用户协议
UseGenerator
许可协议
NC-SA 4.0
THE END
精品软件编程语言Python精品软件编程语言
# api# 代码# html# 拦截# python# 端口# 代理# 接口# sqlmap# 代理IP# 扫目录# 代理池
喜欢就支持一下吧
点赞0赞赏 分享
Apibug的头像-Apibug钻石会员
相关推荐
评论 共1条

请登录后发表评论

    请登录后查看评论内容

默认头像

耻辱柱本站违规账号展示

暂无耻辱柱成员

创作者激励计划

Apibug开放社区创作者计划泛指通过发布文章、社区帖子和社区提问解惑,以及提供优质评论,为创作者提供收益机会,同时创作者也可与其他用户建立交流和互动. 规则详情
15

创作者加入

1,203.44

累计发放收益

立即加入 规则详情
非常有研究价值的源码阿里云证书重签名逆向教程逆向适配越狱调试语音包证书认证解密裸奔菜单自瞄绘制开源绘制终端美化系统码签名