内网探测脚本&简单代理访问 jsp/php 源码分享
作者:袖梨
2022-11-14
php内网探测脚本&简单代理访问
..
1.直接访问默认扫描当前IP的C段,获取标题、web容器.
2.可以自定义传入需要扫描的段,传入参数ip即可
3.代理访问参数为url,可简单的访问内网的web,对了,我还加载了网站里的css,做到尽量看上去和直接访问的效果一样
list = new ArrayList();
String referer = "";
String cookie = "";
String decode = "utf-8";
int thread = 100;
HttpURLConnection getHTTPConn(String urlString) {
try {
java.net.URL url = new java.net.URL(urlString);
java.net.HttpURLConnection conn = (java.net.HttpURLConnection) url
.openConnection();
conn.setRequestMethod("GET");
conn.addRequestProperty("User-Agent",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon;)");
conn.addRequestProperty("Accept-Encoding", "gzip");
conn.addRequestProperty("referer", referer);
conn.addRequestProperty("cookie", cookie);
//conn.setInstanceFollowRedirects(false);
conn.setConnectTimeout(3000);
conn.setReadTimeout(3000);
return conn;
} catch (Exception e) {
return null;
}
}
HttpURLConnection conn;
String getHtmlContext(HttpURLConnection conn, String decode) {
Map result = new HashMap();
try {
String code = "utf-8";
if (decode != null) {
code = decode;
}
StringBuffer html = new StringBuffer();
java.io.InputStreamReader isr = new java.io.InputStreamReader(
conn.getInputStream(), code);
java.io.BufferedReader br = new java.io.BufferedReader(isr);
String temp;
while ((temp = br.readLine()) != null) {
if (!temp.trim().equals("")) {
html.append(temp).append("n");
}
}
br.close();
isr.close();
return html.toString();
} catch (Exception e) {
System.out.println("getHtmlContext:"+e.getMessage());
return "null";
}
}
String getServerType(HttpURLConnection conn) {
try {
return conn.getHeaderField("Server");
} catch (Exception e) {
return "null";
}
}
String getTitle(String htmlSource) {
try {
List list = new ArrayList();
String title = "";
Pattern pa = Pattern.compile(".*?");
Matcher ma = pa.matcher(htmlSource);
while (ma.find()) {
list.add(ma.group());
}
for (int i = 0; i ", "");
} catch (Exception e) {
return null;
}
}
List getCss(String html, String url, String decode) {
List cssurl = new ArrayList();
List csscode = new ArrayList();
try {
String title = "";
Pattern pa = Pattern.compile(".*href="(.*)[.]css");
Matcher ma = pa.matcher(html.toLowerCase());
while (ma.find()) {
cssurl.add(ma.group(1) + ".css");
}
for (int i = 0; i "
+ getHtmlContext(getHTTPConn(cssuuu), decode)
+ "";
csscode.add(csshtml);
}
} catch (Exception e) {
System.out.println("getCss:"+e.getMessage());
}
return csscode;
}
String getMyIPLocal() throws IOException {
InetAddress ia = InetAddress.getLocalHost();
return ia.getHostAddress();
}%>
css = getCss(html, u, decode);
String csshtml = "";
if (!html.equals("null")) {
for (int i = 0; i queue = new LinkedBlockingQueue();
for (int i = 1; i > "+ title + ">>"+ serverType+ " >>" + status+ "
");
} catch (Exception e) {
e.printStackTrace();
}
}
} else {
return;
}
}
}
}).start();
}
while (tg.activeCount() != 0) {
}
} catch (Exception e) {
e.printStackTrace();
}
} catch (Exception e) {
out.println(e.toString());
}
}
%>
参数:
ip [需要探测的ip段]
url [需要请求的地址]
其他参数:
thread [指定线程数]
decode [指定编码]
referer [伪造referer]
cookie [伪造cookie]
待完善:
1.一个C段,可能有多种编码格式,所以指定一个参数是有问题的。
2.端口可以修改传入一个数组,支持探测多个端口80,8080..
3.代理访问功能并不完善,例如加载js、加载图片、超链接替换成代理访问的链接、表单替换支持真实请求..
php内网探测脚本&简单代理访问
<?php $url = isset($_REQUEST[‘u’])?$_REQUEST[‘u’]:null;
$ip = isset($_REQUEST[‘i’])?$_REQUEST[‘i’]:null;
if($url != null){
$host = getHost($url);
echo getCss($host,getHtmlContext($url));
}else if($ip != null){
$useIP = substr($ip,0,strripos($ip,”.”) + 1);
ob_start();
for($i=0;$i<256;$i++){
$url = “http://”.$***useIP.$i;
$html = getHtmlContext($url);
$title = getTitle(html);
$serverType = getHeader(“Server”);
$status = $html ? “Success”: “Fail”;
if($html){
echo $url.” >> “.$title.”>>”.$serverType.” >>”.$status.”
”;
}
@ob_flush();
flush();
}
ob_end_clean();
}
function getHtmlContext($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header
curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
$result = curl_exec($ch);
global $header;
if($result){
$headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$header = explode(“rn”,substr($result, 0, $headerSize));
$body = substr($result, $headerSize);
}
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) == ‘200’) {
return $body;
}
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) == ‘302’) {
$location = getHeader(“Location”);
if(strpos(getHeader(“Location”),’http://*??**?) == false){
$location = getHost($url).$location;
}
return getHtmlContext($location);
}
return NULL;
}
function getHeader($name){
global $header;
foreach ($header as $loop) {
if(strpos($loop,$name) !== false){
return trim(substr($loop,strlen($name)+2));
}
}
}
function getTitle($html){
preg_match(“/(.*?)/i”,$html, $matches);
return $matches[1];
}
function getHost($url){
preg_match(“/^(http://)?([^/]+)/i”,$url, $matches);
return $matches[0];
}
function getCss($host,$html){
preg_match_all(“//i”,$html, $matches);
//print_r($matches);
foreach($matches[1] as $v){
$cssurl = $v;
if(strpos($v,’http://*??**?) == false){
$cssurl = $host.”/”.$v;
}
$csshtml = “”;
$html .= $csshtml;
}
return $html;
}
?>
相关文章
-
uc浏览器网页版入口官网-手机/电脑uc浏览器网页版入口地址
游戏攻略 2026-05-26
-
little fox官方网站入口地址-little fox网页版中国官网入口地址
游戏攻略 2026-05-26
-
樱花动漫网官网在线观看入口-樱花动漫网最新网页版入口地址2026
游戏攻略 2026-05-26
-
剑桥少儿英语官网入口网址-剑桥少儿英语网页版入口地址
游戏攻略 2026-05-26
-
手机百度网盘登录入口地址-百度网盘手机网页版登录入口地址
游戏攻略 2026-05-26
-
192.168.1.1无线路由怎么访问?192.168.1.1无线路由器设置登录入口地址
游戏攻略 2026-05-26
