0x00 多线程目录扫描
import sys
import os
import tarfile
import wsgiref.validate
import requests
import threading
import time
import queue
q=queue.Queue()
def scan():
while not q.empty():
dir=q.get()
urls=url+dir
urls=urls.replace("n",'')
code=requests.get(urls).status_code
if code==200 or code==403:
f=open("yes.txt","a+")
f.write(urls)
f.close
else:
print(urls+'|'+str(code))
time.sleep(1)
def show():
print("ps:scan.py 目标 字典 线程数字")
print("n")
if __name__ == '__main__':
path=os.path.dirname(os.path.realpath(__file__))
if len(sys.argv)<4:
show()
sys.exit()
url=sys.argv[1]
file=sys.argv[2]
num=sys.argv[3]
for dir in open(path+'/'+file):
q.put(dir)
for i in range(int(num)):
t=threading.Thread(target=scan)
t.start()
0x01 tcp端口扫描
import threading
import time
import socket
import queue
q=queue.Queue()
ip='x.x.x.x'
port=1351
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM,0)
rep=s.connect_ex((ip,port))
def portscan():
while not q.empty():
ip ='x.x.x.x'
port=q.get()
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
rep = s.connect_ex((ip, port))
if rep==0:
file=open('open.txt','a+')
file.write(str(port)+'n')
file.close()
else:
print(str(port)+'|close'+'n')
time.sleep(0.1)
s.close()
if __name__ == '__main__':
for port in range(1,65536):
q.put(port)
for i in range(20):
al=threading.Thread(target=portscan)
al.start()
0x02 子域名爆破
import os
import queue
import sys
import threading
import time
import dns.resolver
import requests
q=queue.Queue()
def domainscan():
while not q.empty():
domain=q.get()
domain=domain+'.'+url
domain=domain.replace('n','')
try:
A = dns.resolver.query(domain,'A')
for i in A.response.answer:
print(i)
except dns.exception.Timeout:
print("解析超时")
time.sleep(0.1)
except dns.resolver.NoAnswer:
print("出现异常,重试中")
time.sleep(0.1)
except dns.resolver.NXDOMAIN:
print("异常")
time.sleep(0.1)
def show():
print('ps:scan.py kxsy.work dir.txt 10')
print("n")
print("脚本名 域名 字典 线程")
if __name__ == '__main__':
path=os.path.dirname(os.path.realpath(__file__))
if len(sys.argv)<4:
show()
sys.exit()
url=sys.argv[1]
file=sys.argv[2]
num=sys.argv[3]
for dir in open(path+'/'+file):
q.put(dir)
for i in range(int(num)):
t=threading.Thread(target=domainscan)
t.start()
0x03 豆ban属性爬取
from webbrowser import Mozilla
import requests
from lxml import etree
url="https://movie.douban.com/cinema/nowplaying/wuhan/"
header={
"User-Agent": "xxx"
}
cookie={
"Cookie": "xxx"
}
cookies={}
resp=requests.get(url,headers=header,cookies=cookie).text
#print(resp)
m=etree.HTML(resp)
ul=m.xpath("//ul[@class='lists']")[0]
li=ul.xpath("./li")
for lis in li:
title=lis.xpath("@data-title")[0]
dura=lis.xpath("@data-duration")[0]
print(title+'|'+dura)
