HTTP 나 HTTPS 퍼징할때 써볼려고 만든거 ㅋ
잘 작동 여부는 각자 알아서 테스트를 ㅋ
#!/usr/bin/python
import sys
import socket
import ssl
import datetime
import time
lv_pre_method='GET'
lv_pre_url='/'
lv_pre_ver='HTTP/1.1'
lv_pre_host='Host: 192.168.0.1'
lv_pre_user='User-Agent: '
lv_pre_accept='Accept: '
lv_pre_lang='Accept-Language: '
lv_pre_enc='Accept-Encoding: '
lv_pre_dnt='DNT: '
lv_pre_ref='Referer: '
lv_pre_cookie='Cookie: '
lv_pre_con='Connection: '
lv_full_method='GET'
lv_full_url='/'
lv_full_ver='HTTP/1.1'
lv_full_host='Host: 192.168.0.1'
lv_full_user='User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0'
lv_full_accept='Accept: */*'
lv_full_lang='Accept-Language: en-US,en;q=0.5'
lv_full_enc='Accept-Encoding: gzip, deflate'
lv_full_dnt='DNT: 1'
lv_full_ref='Referer: http://192.168.0.1/'
lv_full_cookie='Cookie: '
lv_full_con='Connection: keep-alive'
lv_msg_send=''
lv_msg_recv=''
lv_send_pre_method = lv_pre_method+'%s '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_url = lv_pre_method+' '+lv_pre_url+'%s '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_ver = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'%s\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_host = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'%s\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_user = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'%s\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_accept = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'%s\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_lang = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'%s\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_enc = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'%s\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_dnt = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'%s\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_ref = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'%s\n'+lv_pre_cookie+'\n'+lv_pre_con+'\n\n'
lv_send_pre_cookie = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'%s\n'+lv_pre_con+'\n\n'
lv_send_pre_con = lv_pre_method+' '+lv_pre_url+' '+lv_pre_ver+'\n'+lv_pre_host+'\n'+lv_pre_user+'\n'+lv_pre_accept+'\n'+lv_pre_lang+'\n'+lv_pre_enc+'\n'+lv_pre_dnt+'\n'+lv_pre_ref+'\n'+lv_pre_cookie+'\n'+lv_pre_con+'%s\n\n'
lv_send_full_method = lv_full_method+'%s '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_url = lv_full_method+' '+lv_full_url+'%s '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_ver = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'%s\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_host = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'%s\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_user = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'%s\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_accept = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'%s\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_lang = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'%s\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_enc = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'%s\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_dnt = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'%s\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_ref = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'%s\n'+lv_full_cookie+'\n'+lv_full_con+'\n\n'
lv_send_full_cookie = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'%s\n'+lv_full_con+'\n\n'
lv_send_full_con = lv_full_method+' '+lv_full_url+' '+lv_full_ver+'\n'+lv_full_host+'\n'+lv_full_user+'\n'+lv_full_accept+'\n'+lv_full_lang+'\n'+lv_full_enc+'\n'+lv_full_dnt+'\n'+lv_full_ref+'\n'+lv_full_cookie+'\n'+lv_full_con+'%s\n\n'
lv_send_array=[lv_send_pre_method, lv_send_pre_url, lv_send_pre_ver, lv_send_pre_host, lv_send_pre_user, lv_send_pre_accept, lv_send_pre_lang, lv_send_pre_enc, lv_send_pre_dnt, lv_send_pre_ref, lv_send_pre_cookie, lv_send_pre_con, lv_send_full_method, lv_send_full_url, lv_send_full_ver, lv_send_full_host, lv_send_full_user, lv_send_full_accept, lv_send_full_lang, lv_send_full_enc, lv_send_full_dnt, lv_send_full_ref, lv_send_full_cookie, lv_send_full_con]
# print lv_msg_recv#len(lv_msg_recv)
jx=0
while jx<len(lv_send_array):
ix=0
while ix<100000000:
try:
lv_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
lv_msg_send = lv_send_array[jx]%('a'*ix)
lv_sock.connect(('192.168.0.1',443))
lv_sock_ssl = ssl.wrap_socket(lv_sock)
lv_sock_ssl.send(lv_msg_send)
lv_msg_recv = lv_sock_ssl.recv()
open('log_'+str(jx)+'.txt','a').write('---------- '+str(ix)+'('+str(len(lv_msg_recv))+') : '+str(datetime.datetime.now())+' ----------\n')
lv_sock_ssl.close()
lv_sock.close()
except:
open('dis_'+str(jx)+'.txt','a').write('---------- '+str(ix)+'('+str(len(lv_msg_recv))+') : '+str(datetime.datetime.now())+' ----------\n')
os.system('ifconfig eth0 down')
time.sleep(60)
os.system('ifconfig eth0 up')
ix = ix+1
#end while
jx = jx+1
#end while
0개의 덧글:
댓글 쓰기
에 가입 댓글 [Atom]
<< 홈