移动开发中接口 测试与管理的利器 个人业余开发。现共享出来给大家使用
http://api.so-cools.com
参加了今年的pycon2015 议题是 python和抓包
认识了很多的朋友。
对应PPT 下载地址: http://www.so-cools.com/down/pyconppt.pdf
php jwt
1.生成签名:
<?php
$message="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wveHh4eC54eHguY25cL3dhcFwvaW5kZXgucGhwIiwidWlkIjoieHh4eCIsImNpdHkiOiJ4eHgiLCJkYXRhX3ZlciI6MiwidHMiOjE1MzcxNzg5NjE5MzEsImNpdHlfY29kZSI6IjUwMDEwMCIsInByb3ZfY29kZSI6IjUwMDAwMCIsInByb3YiOiJ4IiwibGF0IjoyMTkuNjE0NTE1ODA2OTU5MTA1LCJsbmciOjIwNi41MDYyNTMyODI0MzMxMSwibm9uY2UiOiI2QTAyMkI5MS1BRUQ1LTQ3N0MtODkzRC1BODQ3RDkyMjk1RUEifQ==";
$secret='07e4e10fbc774f8ab914b58a2ea26752';
$secret=md5($secret);
$s = hash_hmac('sha256', $message, $secret,true);
$resut=base64_encode($s);
echo $resut;
$saferesult=str_replace('=', '', strtr(base64_encode($s), '+/', '-_'));
var_dump($saferesult);
?>
2.
<?php
$head='{"alg": "HS256","typ": "JWT"}';
$payload='{"sub": "1234567890","name": "John Doe","iat": 151623902}';
$head_base=base64_encode($head);
$payload_base=base64_encode($payload);
$message="{$head_base}.{$payload_base}";
$secret='07e4e10fbc774f8ab914b58a2ea26752';
//$secret=md5($secret);
$s = hash_hmac('sha256', $message, $secret,true);
$resut=base64_encode($s);
echo $resut;
$saferesult=str_replace('=', '', strtr(base64_encode($s), '+/', '-_'));
var_dump($saferesult);
$token=$message.".".$saferesult;
?>
lua dump 变量
function var_dump(data, max_level, prefix)
if type(prefix) ~= "string" then
prefix = ""
end
if type(data) ~= "table" then
dump_html(prefix .. tostring(data))
else
dump_html(tostring(data))
if max_level ~= 0 then
local prefix_next = prefix .. " "
dump_html(prefix .. "{")
for k,v in pairs(data) do
dump_html(prefix_next .. k .. " = ")
if type(v) ~= "table" or (type(max_level) == "number" and max_level <= 1) then
dump_html(v)
else
if max_level == nil then
var_dump(v, nil, prefix_next)
else
var_dump(v, max_level - 1, prefix_next)
end
end
end
dump_html(prefix .. "}")
end
end
end
function dump_html(str)
if str ~= nil then
ngx.header.content_type = "text/html"
ngx.say(str)
end
end
logstash 解析nginx error日志
input {
# beats {
# host => "0.0.0.0"
# port => 5400
# }
stdin { }
}
filter {
grok {
patterns_dir => "/etc/logstash/patterns"
#match => [ "message" , "%{NGINXACCESS}"]
match => [ "message" , "%{DATA:timestr} \[%{DATA:error_level}\] (?<nginx_message>(.|\r|\n)*)(?:, client: %{IPORHOST:clientip})(?:, server: %{IPORHOST:nginx_server})(?:, request: \"%{DATA:nginx_request}\")?(?:, upstream: \"%{DATA:nginx_upstream}\")?(?:, host: \"%{DATA:nginx_host}\")?(?:, referrer: \"%{DATA:nginx_referrer}\")?"]
}
if [http_x_forwarded_for] == "-" or [http_x_forwarded_for] == "null" {
mutate {
update => { "http_x_forwarded_for" => "" }
}
}
if [referer] == "-" or [referer] == "null" {
mutate {
update => { "referer" => "" }
}
}
geoip {
source => "clientip"
}
useragent {
source => "agent"
target => "agent_fields"
}
date {
match => [ "timestr", "yyyy/MM/dd HH:mm:ss" ]
timezone => "Asia/Shanghai"
#target => "newtimestr"
#locale => "en"
}
ruby {
code => "event.set('index_day', event.get('@timestamp').time.localtime.strftime('%Y%m%d'))"
}
}
output {
elasticsearch {
hosts => ["127.0.0.1:9200"]
#index => "tek-%{+YYYY.MM.dd}"
index => "tek-%{index_day}"
document_type => "nginx_logs"
template_name => "ta"
}
stdout { codec => rubydebug }
}
防止一天的日志分在了两个index中
ruby {
code => "event.set('index_day', event.get('@timestamp').time.localtime.strftime('%Y%m%d'))"
}
kvm网络隔离禁止虚拟机之间通信
nwfilter xml文件默认路径: /etc/libvirt/nwfilter/
cat deny-test.xml
<filter name='deny-test' chain='ipv4' priority='-700'>
<uuid>fce8ae34-e69e-83bf-262e-30786c1f8079</uuid>
<rule action='drop' direction='out' priority='200'>
<ip srcipaddr='172.21.13.102' dstipaddr='172.21.13.107' dstipmask='32'/>
</rule>
</filter>
virsh nwfilter-define deny-test.xml
virsh nwfilter-list #确认是否添加成功
virsh edit xxx
<interface type='bridge'>
<mac address='52:54:00:7c:17:86'/>
<source bridge='br0'/>
<model type='virtio'/>
<filterref filter='deny-test'/> #add
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
重启虚拟机
宿主机上执行:
ebtables -t nat -L
确认规则有没有添加成功
Bridge table: nat Bridge chain: PREROUTING, entries: 1, policy: ACCEPT -i vnet46 -j libvirt-I-vnet46 Bridge chain: OUTPUT, entries: 0, policy: ACCEPT Bridge chain: POSTROUTING, entries: 0, policy: ACCEPT Bridge chain: libvirt-I-vnet46, entries: 1, policy: ACCEPT -p IPv4 -j I-vnet46-ipv4 Bridge chain: I-vnet46-ipv4, entries: 1, policy: ACCEPT -p IPv4 --ip-src 172.21.13.102 --ip-dst 172.21.13.107 -j DROP
简单 SHELL
#!/bin/bash
# usage ./1.sh 172.21.13.102 deny-test
tmpxml=$(mktemp /tmp/ifcfg.XXX)
macaddr="$(virsh domiflist $1 | awk "/bridge\s/ {print \$NF}")"
if [ -z "$macaddr" ]; then
echo "vm not exist"
exit 2
fi
if [ -z "$2" ]; then
echo "nwfilter name is null"
exit 2
fi
cat > "$tmpxml" <<EOF
<interface type='bridge'>
<mac address='$macaddr'/>
<source bridge='br0'/>
<model type='virtio'/>
<filterref filter='$2'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
EOF
virsh update-device "$1" "$tmpxml" --live --persistent --config
rm "$tmpxml"
密码保护:更新 ntopng Enterprise Edition v.3.4.180622 破解笔记
密码保护:某商用堡垒机系统破解笔记+算法逆向+注册机
密码保护:full static compile 静态编译 xmrig 笔记
判断一个IP是否在一个子网中
package main
import (
"net"
"fmt"
)
func main() {
network := "192.168.5.0/24"
clientips := []string{
"192.168.5.1",
"192.168.6.0",
}
_, subnet, _ := net.ParseCIDR(network)
for _, clientip := range clientips {
ip := net.ParseIP(clientip)
if subnet.Contains(ip) {
fmt.Println("IP in subnet", clientip)
}
}
}
判断一个IP是否能ping通
package main
import (
"time"
"net"
"fmt"
)
func isping(ip string) (bool) {
recvBuf1 := make([]byte, 2048)
payload:=[]byte{0x08,0x00,0x4d,0x4b,0x00,0x01,0x00,0x10,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f,0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69}
Time, _ := time.ParseDuration("3s")
conn, err := net.DialTimeout("ip4:icmp", ip,Time)
if err !=nil {
fmt.Println("bibi")
return false
}
_,err=conn.Write(payload)
if err !=nil {
return false
}
conn.SetReadDeadline(time.Now().Add(time.Second * 2))
num, err := conn.Read(recvBuf1[0:])
if err !=nil {
//check 80 3389 443 22 port
Timetcp, _ := time.ParseDuration("1s")
conn1, err := net.DialTimeout("tcp", ip+":80",Timetcp)
if err == nil {
defer conn1.Close()
return true
}
conn2, err := net.DialTimeout("tcp", ip+":443",Timetcp)
if err == nil {
defer conn2.Close()
return true
}
conn3, err := net.DialTimeout("tcp", ip+":3389",Timetcp)
if err == nil {
defer conn3.Close()
return true
}
conn4, err := net.DialTimeout("tcp", ip+":22",Timetcp)
if err == nil {
defer conn4.Close()
return true
}
return false
}
conn.SetReadDeadline(time.Time{})
if string(recvBuf1[0:num]) !="" {
return true
}
return false
}
func main() {
ip := "172.8.47.213"
fmt.Println(isping(ip))
}
遍历中国所有IP地址
#main
package main
import (
"libmy"
"fmt"
)
var iplistchan chan string
var iplistsuccess chan string
var hostsuccess chan string
func insertintochan(iplist []string,iplistchan chan string) {
for _,ipcidr := range iplist {
hosts, _ := libmy.Hosts(ipcidr)
for _, ip := range hosts {
iplistchan <- ip
}
}
close(iplistchan)
iplistsuccess <- "good"
}
func worker(iplistchan chan string) {
for {
if elem, ok := <-iplistchan; ok {
fmt.Println(elem)
} else {
break
}
}
hostsuccess <- "good"
}
func main() {
iplistchan=make(chan string ,1000)
iplistsuccess=make(chan string)
hostsuccess=make(chan string)
iplist:=libmy.ReadList("cn1.zone")
go insertintochan(iplist,iplistchan)
for i:=0;i<13;i++ {
go worker(iplistchan)
}
<-iplistsuccess
for j:=0;j<13;j++ {
<-hostsuccess
}
}
#lib.go
package libmy
import "net"
import "os"
import "bufio"
import "fmt"
import "strings"
func Hosts(cidr string) ([]string, error) {
ip, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return nil, err
}
var ips []string
for ip := ip.Mask(ipnet.Mask); ipnet.Contains(ip); inc(ip) {
ips = append(ips, ip.String())
}
return ips[1 : len(ips)-1], nil
}
func inc(ip net.IP) {
for j := len(ip) - 1; j >= 0; j-- {
ip[j]++
if ip[j] > 0 {
break
}
}
}
func ReadList(fileName string) ( [] string) {
ipListFile, err := os.Open(fileName)
if err != nil {
fmt.Println("ERR::" + err.Error())
os.Exit(1)
}
defer ipListFile.Close()
ipList:=make([]string,0)
scanner := bufio.NewScanner(ipListFile)
scanner.Split(bufio.ScanLines)
for scanner.Scan() {
ipinfo := strings.TrimSpace(scanner.Text())
ipList = append(ipList, ipinfo)
}
return ipList
}