midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Simple Linux Panel
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5261 Commits
8 Branches
70 Tags
40 MiB
Tag: Branch: Tree: 7bdcd0ac2b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7bdcd0ac2b'
${ noResults }
mdserver-web/plugins/op_waf/t/index.py

227 lines
4.9 KiB
Raw Normal View History Unescape

init
3 years ago
# coding:utf-8
import sys
import io
import os
import time
import json
up
3 years ago
import os
import sys
import time
import string
import json
import hashlib
import shlex
import datetime
import subprocess
import re
from random import Random
init
3 years ago
up
3 years ago
TEST_URL = "http://t1.cn/"
up
3 years ago
# TEST_URL = "https://www.zzzvps.com/"
up
3 years ago
op防火墙更新1
3 years ago
def httpGet(url, timeout=10):
up
3 years ago
import urllib.request
try:
req = urllib.request.urlopen(url, timeout=timeout)
result = req.read().decode('utf-8')
return result
except Exception as e:
return str(e)
op防火墙更新1
3 years ago
def httpGet__UA(url, ua, timeout=10):
import urllib.request
headers = {'user-agent': ua}
try:
req = urllib.request.Request(url, headers=headers)
response = urllib.request.urlopen(req)
result = response.read().decode('utf-8')
return result
except Exception as e:
return str(e)
demo
3 years ago
def httpGet__cdn(url, ip, timeout=10):
import urllib.request
headers = {'x-forwarded-for': ip}
try:
req = urllib.request.Request(url, headers=headers)
response = urllib.request.urlopen(req)
result = response.read().decode('utf-8')
return result
except Exception as e:
return str(e)
up
3 years ago
def httpPost(url, data, timeout=10):
"""
发送POST请求
@url 被请求的URL地址(必需)
@data POST参数可以是字符串或字典(必需)
@timeout 超时时间默认60秒
return string
"""
if sys.version_info[0] == 2:
try:
import urllib
import urllib2
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
data = urllib.urlencode(data)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req, timeout=timeout)
return response.read()
except Exception as ex:
return str(ex)
else:
try:
import urllib.request
import ssl
try:
ssl._create_default_https_context = ssl._create_unverified_context
except:
pass
data = urllib.parse.urlencode(data).encode('utf-8')
req = urllib.request.Request(url, data)
response = urllib.request.urlopen(req, timeout=timeout)
result = response.read()
if type(result) == bytes:
result = result.decode('utf-8')
return result
except Exception as ex:
return str(ex)
def test_Dir():
op防火墙更新1
3 years ago
'''
目录保存
'''
up
3 years ago
url = TEST_URL + '?t=../etc/passwd'
print("args test start")
op防火墙更新1
3 years ago
url_val = httpGet(url, 10)
# print(url_val)
up
3 years ago
print("args test end")
op防火墙更新1
3 years ago
def test_UA():
'''
user-agent 过滤
'''
url = TEST_URL
print("user-agent test start")
url_val = httpGet__UA(url, 'ApacheBench')
print(url_val)
print("user-agent test end")
up
3 years ago
def test_UA_for(num):
'''
user-agent 过滤
'''
url = TEST_URL
print("user-agent test start")
for x in range(num):
url_val = httpGet__UA(url, 'ApacheBench')
print(url_val)
print("user-agent test end")
demo
3 years ago
def test_cdn():
'''
user-agent 过滤
'''
url = TEST_URL
print("cdn test start")
url_val = httpGet__cdn(url, '2409:8a62:e20:95f0:45b7:233e:f003:c0ab')
print(url_val)
Update index.py
3 years ago
url_val2 = httpGet__cdn(url, '91.245.227.173')
print(url_val2)
demo
3 years ago
print("cdn test end")
op防火墙更新1
3 years ago
def test_POST():
'''
user-agent 过滤
'''
url = TEST_URL
print("POST test start")
url_val = httpPost(url, {'data': "substr($mmsss,0,1)"})
# url_val = httpPost(url, {'data': "123123"})
print(url_val)
print("POST test end")
def test_scan():
'''
目录保存
'''
url = TEST_URL + '/acunetix_wvs_security_test?t=1'
print("scan test start")
url_val = httpGet(url, 10)
print(url_val)
print("scan test end")
up
3 years ago
def test_CC():
'''
目录保存
'''
url = TEST_URL + 'ok.txt'
print("CC test start")
for x in range(122):
url_val = httpGet(url, 10)
print(url_val)
print("CC test end")
up
3 years ago
def test_url_ext():
'''
目录保存
'''
url = TEST_URL + 't.sql'
print("url_ext start")
url_val = httpGet(url, 10)
print(url_val)
print("url_ext end")
PHP添加会话管理功能
3 years ago
up
3 years ago
添加 强制安全验证 功能
3 years ago
def test_OK():
'''
目录保存
'''
url = TEST_URL
print("ok test start")
url_val = httpGet(url, 10)
print(url_val)
print("ok test end")
up
3 years ago
def test_start():
up
3 years ago
# test_OK()
up
3 years ago
# test_Dir()
up
3 years ago
# test_UA()
up
3 years ago
test_UA_for(1000)
up
3 years ago
# test_POST()
# test_scan()
up
3 years ago
# test_CC()
ip
3 years ago
# test_url_ext()
up
3 years ago
# test_cdn()
up
3 years ago
init
3 years ago
if __name__ == "__main__":
up
3 years ago
os.system('cd /Users/midoks/Desktop/mwdev/server/mdserver-web/plugins/op_waf && sh install.sh uninstall 0.2.2 && sh install.sh install 0.2.2')
up
3 years ago
os.system('cd /Users/midoks/Desktop/mwdev/server/mdserver-web/ && python3 plugins/openresty/index.py stop && python3 plugins/openresty/index.py start')
up
3 years ago
test_start()