Subdomain-blasting

  1. 前言
  2. 正文

前言

今天撸了一个子域名爆破脚本,感觉学到了不少。由于刚刚这个傻逼电脑蓝屏,真是操了你的妈。所以截图可能较少

正文

先从github上撸了一发字典:
字典传送链:https://paste.ubuntu.com/p/GYT9gBr5XT/

思路如下:

1.生成1-5级子域名,边生成边测试
2.存活的子域名写入txt

代码:

#author:九世
#time:2019/2/1

import requests
import threading
import os
import time

dict=[]

class Rkst:
    def __init__(self,headers):
        self.headers=headers

    def shenc(self,file):
            for k in file.readlines():
                qc="".join(k.split('\n'))
                yield qc

    def one_domain(self,ssl,url):
        for q in dict:
            urls='{}'.format(ssl)+q+'.'+url
            yield urls

    def two_domain(self,ssl,url):
        for v in dict:
            for v2 in dict:
                urls='{}'.format(ssl)+v+'.'+v2+'.'+url
                yield  urls

    def san_domain(self,ssl,url):
        for u in dict:
            for u1 in dict:
                for u2 in dict:
                    urls='{}'.format(ssl)+u+'.'+u1+'.'+u2+'.'+url
                    yield urls

    def si_domain(self,ssl,url):
        for s in dict:
            for s1 in dict:
                for s2 in dict:
                    for s3 in dict:
                        urls='{}'.format(ssl)+s+'.'+s1+'.'+s2+'.'+s3+'.'+url
                        yield urls

    def wu_domain(self,ssl,url):
        for b in dict:
            for b1 in dict:
                for b2 in dict:
                    for b3 in dict:
                        for b4 in dict:
                            urls='{}'.format(ssl)+b+'.'+b1+'.'+b2+'.'+b3+'.'+b4+'.'+url
                            yield urls

    def bao(self,url):
        try:
            reqt=requests.get(url=url,headers=self.headers,timeout=3)
            if reqt:
                print('[+] Found domain:{}'.format(url))
                print(url,file=('save.txt','a'))
        except:
            pass

        lock.release() #Unlock the thread

if __name__ == '__main__':
    headers={'user-agent':'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36'}
    if os.path.exists('file/one.txt'):
        print('[+] Found dict.txt')
    else:
        print('[-] Not Found dict.txt...')
        exit()

    dk=open('file/one.txt','r')

    user=input('domain>:')
    ssl=input('http/https>:')
    obj=Rkst(headers=headers)
    if ssl=='http':
        ht='http://'
    elif ssl=='https':
        ht='https://'

    print('[!] Test the first level domain name')
    for o in obj.shenc(dk):
        dict.append(o)


    lock=threading.BoundedSemaphore(100) #Set the thread to 100
    print('[!] Write the generated first-level domain name to the list')
    for y in obj.one_domain(ht,user):
        lock.acquire() #Lock the thread
        t = threading.Thread(target=obj.bao, args=(y,))
        t.start()

    print('[!] Write the generated second-level domain name to the list')
    for y2 in obj.two_domain(ht,user):
        lock.acquire()
        t = threading.Thread(target=obj.bao, args=(y2,))
        t.start()

    print('[!] Write the generated third-level domain name to the list')
    for y3 in obj.san_domain(ht,user):
        lock.acquire()
        t = threading.Thread(target=obj.bao, args=(y3,))
        t.start()

    print('[!] Write the generated four-level domain name to the list')
    for y4 in obj.si_domain(ht,user):
        lock.acquire()
        t = threading.Thread(target=obj.bao, args=(y4,))
        t.start()

    print('[!] Write the generated five-level domain name to the list')
    for y5 in obj.wu_domain(ht,user):
        lock.acquire()
        t = threading.Thread(target=obj.bao, args=(y5,))
        t.start()

我在这里加了线锁和指定线程,当然你可以自己更改。这里的默认线程为100
如果不加线锁和指定线程的话会出现以下情况:
k8vqaj.md.jpg

测试如下:
k8xFo9.png

内存情况如下:
k8xQdH.png

学到的:

解决方法:
设置好线程,然后在每个多线程执行之前加个线锁。在运行完指定函数后释放线锁。
设置指定线程数量的文章:https://blog.csdn.net/xkou/article/details/131051

设置指定线程数量用到的函数:lock=threading.BoundedSemaphore(指定线程)
线锁:lock.acquire() 
解锁:lock.release()

转载请声明:转自422926799.github.io


转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。

文章标题:Subdomain-blasting

本文作者:九世

发布时间:2019-02-03, 00:00:02

最后更新:2019-04-19, 20:36:16

原始链接:http://422926799.github.io/posts/60937edf.html

版权声明: "署名-非商用-相同方式共享 4.0" 转载请保留原文链接及作者。

目录