移动开发中接口 测试与管理的利器 个人业余开发。现共享出来给大家使用
http://api.so-cools.com
参加了今年的pycon2015 议题是 python和抓包
认识了很多的朋友。
对应PPT 下载地址: http://www.so-cools.com/down/pyconppt.pdf
密码保护:更新 ntopng Enterprise Edition v.3.4.180622 破解笔记
密码保护:某商用堡垒机系统破解笔记+算法逆向+注册机
密码保护:full static compile 静态编译 xmrig 笔记
判断一个IP是否在一个子网中
package main
import (
"net"
"fmt"
)
func main() {
network := "192.168.5.0/24"
clientips := []string{
"192.168.5.1",
"192.168.6.0",
}
_, subnet, _ := net.ParseCIDR(network)
for _, clientip := range clientips {
ip := net.ParseIP(clientip)
if subnet.Contains(ip) {
fmt.Println("IP in subnet", clientip)
}
}
}
判断一个IP是否能ping通
package main
import (
"time"
"net"
"fmt"
)
func isping(ip string) (bool) {
recvBuf1 := make([]byte, 2048)
payload:=[]byte{0x08,0x00,0x4d,0x4b,0x00,0x01,0x00,0x10,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f,0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69}
Time, _ := time.ParseDuration("3s")
conn, err := net.DialTimeout("ip4:icmp", ip,Time)
if err !=nil {
fmt.Println("bibi")
return false
}
_,err=conn.Write(payload)
if err !=nil {
return false
}
conn.SetReadDeadline(time.Now().Add(time.Second * 2))
num, err := conn.Read(recvBuf1[0:])
if err !=nil {
//check 80 3389 443 22 port
Timetcp, _ := time.ParseDuration("1s")
conn1, err := net.DialTimeout("tcp", ip+":80",Timetcp)
if err == nil {
defer conn1.Close()
return true
}
conn2, err := net.DialTimeout("tcp", ip+":443",Timetcp)
if err == nil {
defer conn2.Close()
return true
}
conn3, err := net.DialTimeout("tcp", ip+":3389",Timetcp)
if err == nil {
defer conn3.Close()
return true
}
conn4, err := net.DialTimeout("tcp", ip+":22",Timetcp)
if err == nil {
defer conn4.Close()
return true
}
return false
}
conn.SetReadDeadline(time.Time{})
if string(recvBuf1[0:num]) !="" {
return true
}
return false
}
func main() {
ip := "172.8.47.213"
fmt.Println(isping(ip))
}
遍历中国所有IP地址
#main
package main
import (
"libmy"
"fmt"
)
var iplistchan chan string
var iplistsuccess chan string
var hostsuccess chan string
func insertintochan(iplist []string,iplistchan chan string) {
for _,ipcidr := range iplist {
hosts, _ := libmy.Hosts(ipcidr)
for _, ip := range hosts {
iplistchan <- ip
}
}
close(iplistchan)
iplistsuccess <- "good"
}
func worker(iplistchan chan string) {
for {
if elem, ok := <-iplistchan; ok {
fmt.Println(elem)
} else {
break
}
}
hostsuccess <- "good"
}
func main() {
iplistchan=make(chan string ,1000)
iplistsuccess=make(chan string)
hostsuccess=make(chan string)
iplist:=libmy.ReadList("cn1.zone")
go insertintochan(iplist,iplistchan)
for i:=0;i<13;i++ {
go worker(iplistchan)
}
<-iplistsuccess
for j:=0;j<13;j++ {
<-hostsuccess
}
}
#lib.go
package libmy
import "net"
import "os"
import "bufio"
import "fmt"
import "strings"
func Hosts(cidr string) ([]string, error) {
ip, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return nil, err
}
var ips []string
for ip := ip.Mask(ipnet.Mask); ipnet.Contains(ip); inc(ip) {
ips = append(ips, ip.String())
}
return ips[1 : len(ips)-1], nil
}
func inc(ip net.IP) {
for j := len(ip) - 1; j >= 0; j-- {
ip[j]++
if ip[j] > 0 {
break
}
}
}
func ReadList(fileName string) ( [] string) {
ipListFile, err := os.Open(fileName)
if err != nil {
fmt.Println("ERR::" + err.Error())
os.Exit(1)
}
defer ipListFile.Close()
ipList:=make([]string,0)
scanner := bufio.NewScanner(ipListFile)
scanner.Split(bufio.ScanLines)
for scanner.Scan() {
ipinfo := strings.TrimSpace(scanner.Text())
ipList = append(ipList, ipinfo)
}
return ipList
}
通过cidr遍历IP地址
package main
import (
"net"
"fmt"
)
func hosts(cidr string) ([]string, error) {
ip, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return nil, err
}
var ips []string
for ip := ip.Mask(ipnet.Mask); ipnet.Contains(ip); inc(ip) {
ips = append(ips, ip.String())
}
return ips[1 : len(ips)-1], nil
}
func inc(ip net.IP) {
for j := len(ip) - 1; j >= 0; j-- {
ip[j]++
if ip[j] > 0 {
break
}
}
}
func main() {
hosts, _ := hosts("192.168.11.9/27")
for _, ip := range hosts {
fmt.Println("sent: " + ip)
}
}
检测一个端口是否为HTTPS
package main
import (
"fmt"
"time"
"net"
"strconv"
"os"
)
func main(){
t:=[]byte{0x16,0x03,0x01,0x00,0xb5,0x01,0x00,0x00,0xb1,0x03,0x03,0xb2,0xd3,0x4d,0xfd,0x63,0xbe,0x89,0xdb,0xe5,0x46,0xcc,0xaf,0x39,0x6e,0xba,0x63,0x63,0x75,0xce,0x30,0xda,0xe0,0x4f,0xab,0xa2,0x3e,0x50,0xea,0x41,0x20,0x10,0xc4,0x00,0x00,0x18,0xc0,0x2b,0xc0,0x2f,0xc0,0x2c,0xc0,0x30,0xc0,0x13,0xc0,0x14,0x00,0x9c,0x00,0x9d,0x00,0x2f,0x00,0x35,0x00,0x0a,0x00,0xff,0x01,0x00,0x00,0x70,0x00,0x00,0x00,0x15,0x00,0x13,0x00,0x00,0x10,0x77,0x77,0x77,0x2e,0x73,0x6f,0x2d,0x63,0x6f,0x6f,0x6c,0x73,0x2e,0x63,0x6f,0x6d,0x00,0x0b,0x00,0x04,0x03,0x00,0x01,0x02,0x00,0x0a,0x00,0x06,0x00,0x04,0x00,0x17,0x00,0x18,0x00,0x23,0x00,0x00,0x00,0x0d,0x00,0x20,0x00,0x1e,0x06,0x01,0x06,0x02,0x06,0x03,0x05,0x01,0x05,0x02,0x05,0x03,0x04,0x01,0x04,0x02,0x04,0x03,0x03,0x01,0x03,0x02,0x03,0x03,0x02,0x01,0x02,0x02,0x02,0x03,0x00,0x05,0x00,0x05,0x01,0x00,0x00,0x00,0x00,0x00,0x0f,0x00,0x01,0x01,0x00,0x10,0x00,0x0b,0x00,0x09,0x08,0x68,0x74,0x74,0x70,0x2f,0x31,0x2e,0x31}
Target:="115.239.210.27"
port:=443
Time, _ := time.ParseDuration("1s")
conn, err := net.DialTimeout("tcp", Target+":"+strconv.Itoa(port), Time )
if err != nil {
fmt.Println("ERR::" + strconv.Itoa(port) + ">" + err.Error())
os.Exit(1)
}
conn.Write(t)
recvBuf := make([]byte, 2048)
conn.SetReadDeadline(time.Now().Add(time.Second * 2))
_, err = conn.Read(recvBuf[:])
conn.SetReadDeadline(time.Time{})
fmt.Println("tlsinfo:")
fmt.Println( string(recvBuf[:]))
if string(recvBuf[0:4]) == string([] byte {22,3,3,0}) {
fmt.Println("this is tls ^_^")
}else{
fmt.Println("this is not tls")
}
conn.Close()
}
iptables 禁止国外IP访问
某业务需求,禁止国外IP访问,也能在发生攻击时阻挡部分流量
由于IP地址太多, 直接用iptables 一条一条的去匹配会影响性能,故使用ipset 结合 iptables使用
yum install ipset ipset create china hash:net hashsize 10000 maxelem 1000000 #ipset add china 1.2.3.0/24 #ipset list china
把国内的IP段添加进去
wget http://www.ipdeny.com/ipblocks/data/countries/cn.zone for i in `cat cn.zone` do echo "ipset add china $i" >>ipset_result.sh done
执行
chmod +x ipset_result.sh ./ipset_result.sh # ipset list china #检验
最后的iptables规则:(封禁了UDP和TCP)
-A INPUT -s 10.202.72.116/32 -p udp -m udp --sport 53 -j ACCEPT -A INPUT -s 10.202.72.118/32 -p udp -m udp --sport 53 -j ACCEPT -A INPUT -s 114.114.114.114/32 -p udp -m udp --sport 53 -j ACCEPT -A INPUT -p udp -j DROP -A INPUT -s 127.0.0.1/32 -p tcp -j ACCEPT -A INPUT -i lo -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j DROP -A INPUT -m set --match-set china src -j ACCEPT -A INPUT -j DROP