在扫描之前,我们首先要对url进行整理 因为我使用的是requests模块 所以我的url要用http://开头 所以我的判断代码是
if url.startswith('http://'): _url = url elif url.startswith('https://'): tmp_url = url.replace('https://', 'http://') _url = tmp_url else: _url = 'http://' + url其次判断扫描的类型,默认为全部扫描 即all
if dirtype == 'dir': dir_txt = open("./dir_dict/DIR.txt").readlines() all_url = dir_txt elif dirtype == 'php': php_txt = open("./dir_dict/PHP.txt").readlines() all_url = php_txt elif dirtype == 'asp': asp_txt = open("./dir_dict/ASP.txt").readlines() asp_two_txt = open("./dir_dict/ASP_TWO.txt").readlines() all_url = asp_txt + asp_two_txt elif dirtype == 'jsp': jsp_txt = open("./dir_dict/JSP.txt").readlines() all_url = jsp_txt elif dirtype == 'mdb': mdb_txt = open("./dir_dict/MDB.txt").readlines() all_url = mdb_txt else: php_txt = open("./dir_dict/PHP.txt").readlines() asp_txt = open("./dir_dict/ASP.txt").readlines() jsp_txt = open("./dir_dict/JSP.txt").readlines() mdb_txt = open("./dir_dict/MDB.txt").readlines() dir_txt = open("./dir_dict/DIR.txt").readlines() asp_two_txt = open("./dir_dict/ASP_TWO.txt").readlines() all_url = php_txt + asp_txt + jsp_txt + mdb_txt + asp_two_txt + dir_txt将url与文件形成一个新的url 然后使用函数对新的url进行判断 状态码为200返回状态值1
def dir_alive_url(option): dir = option[0] header = option[1] r = requests.get(dir, headers=header).status_code if r == 200: return (1, dir, r) else: return (0, dir, r)请求头使用随机请求头
import random def get_user_agent(): user_agent_list = [ {'User-Agent': 'Mozilla/4.0 (Mozilla/4.0; MSIE 7.0; Windows NT 5.1; FDM; SV1; .NET CLR 3.0.04506.30)'}, {'User-Agent': 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; en) Opera 11.00'}, { 'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.2) Gecko/2008092313 Ubuntu/8.04 (hardy) Firefox/3.0.2'}, { 'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.1.15) Gecko/20101027 Fedora/3.5.15-1.fc12 Firefox/3.5.15'}, { 'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.551.0 Safari/534.10'}, {'User-Agent': 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.2) Gecko/2008092809 Gentoo Firefox/3.0.2'}, { 'User-Agent': 'Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/7.0.544.0'}, {'User-Agent': 'Opera/9.10 (Windows NT 5.2; U; en)'}, { 'User-Agent': 'Mozilla/5.0 (iPhone; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko)'}, {'User-Agent': 'Opera/9.80 (X11; U; Linux i686; en-US; rv:1.9.2.3) Presto/2.2.15 Version/10.10'}, { 'User-Agent': 'Mozilla/5.0 (Windows; U; Windows NT 5.1; ru-RU) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5'}, {'User-Agent': 'Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9b3) Gecko/2008020514 Firefox/3.0b3'}, { 'User-Agent': 'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_4_11; fr) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16'}, { 'User-Agent': 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-US) AppleWebKit/534.20 (KHTML, like Gecko) Chrome/11.0.672.2 Safari/534.20'}, { 'User-Agent': 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)'}, {'User-Agent': 'Mozilla/4.0 (compatible; MSIE 6.0; X11; Linux x86_64; en) Opera 9.60'}, { 'User-Agent': 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.366.0 Safari/533.4'}, {'User-Agent': 'Mozilla/5.0 (Windows NT 6.0; U; en; rv:1.8.1) Gecko/20061208 Firefox/2.0.0 Opera 9.51'} ] return random.choice(user_agent_list) if __name__ == '__main__': user_agent = get_user_agent() print(user_agent)如果有cookie将cookie加入到请求头中 最后使用多线程跑 速度还是比较快的 线程一般不要太大,否则可能会漏扫
