willow_liang的博客

socket编程不太懂，等看完视频和计算机网络回来补上

1.正则爬取图片import requestsimport reimport osheaders = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0"}# url = 'https://pic.qiushibaike.com/system/pictures/12425/124253455/medium/BS3559JFPXJ1DIL.

1.爬取搜狗页面的首页import requestsurl = 'https://www.sogou.com/' #指定urlrespone = requests.get(url=url) #发起请求page_text = respone.text #获取响应数据，text为字符串形式的响应数据print(page_text)with open('./sogou.html','w',encoding='utf-8') as fp: fp.write(page_te

队列的使用import queueq = queue.Queue() #空队列for i in range(10): q.put(i)while not q.empty(): print(q.get())0123456789import queueimport threadingq = queue.Queue() #空队列for i in range(30): q.put(i)def test(q): while not

1.收集域名信息# whois# https://www. tianyancha. com !2.收集敏感信息# site:edu.cn intext:后台# site:Github. comsmtp @163. com# firefox工作台查找有用信息# https ://www.exploit-db.com/google-hacking-database3.收集子域名信息# fierce -dns baidu.com -threads 10# site:baidu. com4.收

kali使用Ettercap进行arp欺骗192.168.0.105加入target1,192.168.0.1网关加入target2点击MITM中的ARPwindows7查看mac地址已经发生变化可以用driftnet查看被攻击的win7访问网页的图片，最新版的kali未安装该软件，实际测试该软件应该只能查看一些加密不严格的网站或者使用wireshark抓包嗅探win7登录dvwa过程，可在kali抓包嗅探到python编写arp欺骗脚本srp发送数据包verbose不显

基于scapy官方文档学习scapyScapy是一个Python程序，使用户能够发送，嗅探，解剖和伪造网络数据包。此功能允许构建可探测，扫描或攻击网络的工具。发送一个基于TCP/IP的数据包，用wireshark抓包from scapy.all import *data = 'hello world'pkt = IP(src="192.168.0.1",dst="192.168.1.1")/TCP(sport=1000,dport=1000)/datasend(pkt,inter=1,count

scapy模块学习from scapy.all import *def packet_callback(packet): print(packet.show())sniff(filter="", iface="eth0", prn = packet_callback,count=1, store=0 )#filter指定过滤器#iface为设置嗅探器的网卡#prn指定嗅探到符合过滤器条件的数据包时所调用的回调函数#count用于指定嗅探的数据包个数#store不在内存当中保留原始

模块学习def run_command(): while True: try: command = input("shell") out = subprocess.check_output(command,stderr=subprocess.STDOUT, shell=True) #stderr=subprocess.STDOUT输出错误信息 print(out.decode('gbk'

#bytes和字符串之间的转换test = 'hello world'print(type(test))byte = test.encode('utf-8')print(type(byte))string = byte.decode() #decode解码print(type(string))F:\python3.8\python.exe 模块.py<class 'str'><class 'bytes'><class 'str'>Proce

import socketfrom threading import Threadimport timedef main(target): print("开始扫描： %s" % target) for port in range(1,65535): t = Thread(target=portscan,args=(target,port)) t.start()def portscan(target,port): try:

1.socket网络编程（1）服务端#coding=utf-8#服务端import socketlanguage = {'what is your name':'I am tom', 'how old are you ': '25', 'bye': 'bye!'}host = "127.0.0.1"port = 9999s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s.bind((host, port)) s..

#-*- coding:utf-8 -*-import optparseimport sysimport osimport threadingimport paramiko#parasmiko为ssh登录模块class ThreadWork(threading.Thread): def __init__(self,ip,usernameBlock,passwordBlock,port): threading.Thread.__init__(self)

多线程爆破脚本#-*- encoding:utf-8 -*-import requestsimport threadingimport os#分块大小BLOCK_SIZE = 1000class ThreadWork: url = "http://192.168.0.109/WeakPassword/login.php" headers ={ "User-Agent": "Mozilla / 5.0(WindowsNT10.0;Wi.

使用python编写生成密码字典的脚本需要用到itertools模块。3个需要用的函数:permutation(iterable, r):返回terble中元素所有组合长度为r的项目序列，r省略则默认取iterable中项目的数量。例如itertools.Permutations(‘abc’,3),从“abc" 中按顺序排列组合长度为 3进行输出， 即abc, acb, bac, bca, cab, cba。product(*iterables[, repeat]):可以获得多个循环器的笛卡儿积。

python实现base64编/解码脚本#-*- encoding:utf-8 -*-import base64def bs64(): method = input("输入编码或者解码:") word = input("enter a string") try: if method == '编码': bs = base64.b64encode(word.encode('utf-8')) print("编码后的为：

requests模块代理import requestsproxy = '127.0.0.1:1080'proxies = { 'http':'http://' + proxy, 'https':'https://' + proxy}try: respone = requests.get('http://httpbin.rof/get',proxies=proxies) print(respone.text)except Exception as e:

Tamper简介sqlmap的tamper一般用来绕过waf进行sql注入，脚本在tamper目录下。以0eunion.py为例#!/usr/bin/env python"""Copyright (c) 2006-2020 sqlmap developers (http://sqlmap.org/)See the file 'LICENSE' for copying permission"""import refrom lib.core.enums import PRIORITY#

sql盲注脚本url:http://192.168.0.128/sqli/Less-8/?id=1此关是关于sql盲注，如果盲注正确页面则会显示 You are in …，如果盲注错误，则不会显示由此可以猜测服务器端的sql语句为：select * from users where id = '$id' limt 0,1;limit对显示长度作出了限制#!/usr/bin/python3# -*- coding: utf-8 -*-import requestsimport optp

5.1未授权访问漏洞在安全配置，权限认证，授权页面存在逻辑缺陷，导致其他用户可以直接访问，从而引发权限可被操作，数据库网站等敏感信息写偶。目前存在未授权访问漏洞的服务包括：NFS,Samba,LDAP,Rsync,FTP,Gitlab,Jenkins,MongoDB,ZooKeeper等5.1.1redis未授权访问漏洞介绍kali下载按照redis客户端redis-cli1.获取redis资源　　wget http://download.redis.io/releases/redis-4.0.

被动信息收集4.1被动信息收集ip查询：可以使用socker库函数中的gethostbyname()获取域名对应的IP地址import socketurl = input("enter your url:")ip = socket.gethostbyname(url)print(ip)whois查询pip install pyhton-whoisfrom whois import whoisdata = whois('www.baidu.com')print(data)i

pocsuite安装安装pocsuite3pip3 install pocsuite安装数据包pip3 install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple/ requirement.txt内容requests == 2.22.0PySocks == 1.7.1requests-toolbelt == 0.9.1urllib3 == 1.25.6flask简介Flask是一个使用pyt