今天同事想測试WAF的页面统计功能,所以须要模拟多个IP向多个域名发送请求,也就是须要改动源IP地址。
这个假设使用socket库就比較麻烦了,
须要使用raw socket,相当麻烦。还好咱有scapy,轻松搞定。
DOMAIN是我随机构造的域名库。SOURCE也是随机构造的源IP地址。
#!/usr/bin/env python
#-*-encoding:UTF-8-*-
from scapy.all import *
from threading import Thread
from Queue import Queue
import random
import string
USER_AGENTS = ( # items used for picking random HTTP User-Agent header value
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_7_0; en-US) AppleWebKit/534.21 (KHTML, like Gecko) Chrome/11.0.678.0 Safari/534.21",
"Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)",
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20020508 Netscape6/6.1",
"Mozilla/5.0 (X11;U; Linux i686; en-GB; rv:1.9.1) Gecko/20090624 Ubuntu/9.04 (jaunty) Firefox/3.5",
"Opera/9.80 (X11; U; Linux i686; en-US; rv:1.9.2.3) Presto/2.2.15 Version/10.10"
)
TOP_DOMAIN = ('com','org','net','gov','edu','mil','info','name','biz')
DOMAIN = ["www.%s.%s" %(
'.'.join(''.join(random.sample(string.ascii_lowercase, random.randint(2,6))) for x in range(random.randint(1,2))),
random.choice(TOP_DOMAIN))
for _ in range(100)
]
SOURCE = ['.'.join((str(random.randint(1,254)) for _ in range(4))) for _ in range(100)]
class Scan(Thread):
HTTPSTR = 'GET / HTTP/1.0
Host: %s
User-Agent: %s
'
def run(self):
for _ in xrange(100):
domain = random.choice(DOMAIN)
http = self.HTTPSTR % (domain,random.choice(USER_AGENTS))
try:
request = IP(src=random.choice(SOURCE),dst=domain) / TCP(dport=80) / http
#request = IP(dst=domain) / TCP(dport=80) / http
send(request)
except:
pass
task = []
for x in range(10):
t = Scan()
task.append(t)
for t in task:
t.start()
for t in task:
t.join()
print 'all task done!'
但这将导致一个问题。因为我们域名是随机构造的。发送请求肯定首先查找DNS。非常可能解析失败。这里有两个方法解决问题:
1.将全部域名加入到hosts本地文件里,IP能够为server地址
2. 因为hosts文件不支持通配符表示,所以能够使用DNS代理,或者自己写小工具。想怎么解析就怎么解析。这里有一个,http://code.google.com/p/marlon-tools/source/browse/tools/dnsproxy/dnsproxy.py