附上渣渣代码,仅供学习交流
from flask import Flask, request
import requests
from bs4 import BeautifulSoup
from requests.exceptions import RequestException
from concurrent.futures import ThreadPoolExecutor
import logging
import threading
import time
import warnings
import random
import re
app = Flask(__name__)
logging.basicConfig(level=logging.INFO)
session = requests.Session()
ok_list = []
warnings.filterwarnings('ignore', message='Unverified HTTPS request')
def get_html():
headers = {
'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36",
'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
'Accept-Encoding': "gzip, deflate, br, zstd",
'Cache-Control': "max-age=0",
'sec-ch-ua': "\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Google Chrome\";v=\"122\"",
'sec-ch-ua-mobile': "?0",
'sec-ch-ua-platform': "\"Windows\"",
'Upgrade-Insecure-Requests': "1",
'Sec-Fetch-Site': "same-origin",
'Sec-Fetch-Mode': "navigate",
'Sec-Fetch-User': "?1",
'Sec-Fetch-Dest': "document",
'Referer': "https://i.nosec.org/",
'Accept-Language': "zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7"
}
html_contents = ""
url = f"https://fofa.info/result?qbase64=TG9jYXRpb246IGh0dHBzOi8vYWNjb3VudC5qZXRicmFpbnMuY29tL2Zscy1hdXRo&page=1&page_size=20"
try:
print(f"Getting html from Shodan page...")
html_contents += requests.get(url, headers=headers).text
except RequestException:
print(f"Failed to get html from Shodan page.")
# print(html_contents)
return html_contents
def get_links(html):
soup = BeautifulSoup(html, 'html.parser')
urls = []
a_tags = soup.find_all('a', href=True)
for a_tag in a_tags:
url = a_tag['href']
if url.startswith('http://') or url.startswith('https://'):
urls.append(url)
return urls
def check_link(link):
url = f"{link}/rpc/obtainTicket.action?buildDate=20231206&buildNumber=2023.3.4+Build+IU-233.14475.28&clientVersion=14&hostName=yourhostname&machineId=yourmachineid&productCode=xxxx&productFamilyId=xxxx&salt=xxx&secure=false&userName=username&version=2023300&versionNumber=2023300" #这里需要改成你的信息(可以是假的,但是要符合格式)
try:
res = requests.get(url, verify=False, timeout=5)
if "<responseCode>OK</responseCode>" in res.text:
return link
else:
return None
except RequestException:
return None
def update_ok_list():
global ok_list
print("Starting to update OK list...")
html = get_html()
print("Extracted html successfully.")
links = get_links(html)
for link in ok_list.copy(): # Use copy() to avoid modifying the loop variable
valid_link = check_link(link)
if not valid_link:
print(f"Link {link} is no longer valid. Removing from ok_list.")
ok_list.remove(link)
with ThreadPoolExecutor() as executor:
for link in links:
print(f"Checking link: {link}")
if link not in ok_list:
valid_link = check_link(link)
if valid_link:
print(f"Link {valid_link} is valid. Adding to ok_list.")
ok_list.append(valid_link)
else:
print(f"Link {link} is invalid.")
print("All links checked. Updated OK list:")
ok_list = list(set(ok_list))
print(ok_list)
def daily_update():
while True:
update_ok_list()
time.sleep(4320)
@app.route('/ok_list', methods=['GET'])
def list_endpoints():
if ok_list:
return {'ok_list': ok_list}, 200
else:
return 'No valid links at the moment.', 404
@app.route('/<path:subpath>', methods=['GET', 'POST'])
def proxy(subpath):
ii=random.randint(0,len(ok_list)-1)
url = f'{ok_list[ii] if ok_list else "http://127.0.0.1:5000"}/{subpath}'
logging.info(f'ok list: {ok_list}, redirected url: {url}')
try:
if request.method == 'GET':
resp = session.get(url, params=request.args, verify=False)
elif request.method == 'POST':
resp = session.post(url, data=request.get_json(), verify=False)
else:
return "Method not supported.", 405
except RequestException:
return 'Error occurred.', 500
return resp.content, resp.status_code, resp.headers.items()
if __name__ == '__main__':
threading.Thread(target=daily_update).start()
app.run(host='0.0.0.0', port=5000)
访问
http://127.0.0.1:5000
进行激活,会随机选择列表的一个激活服务器进行转发
访问http://127.0.0.1:5000/ok_list
查看列表
