├── HostCollisionGUI_v1.0.jar
├── README.md
├── host.txt
├── ip.txt
└── typora-img
    └── README
        ├── image-20231102210947908.png
        ├── image-20231103221731867.png
        ├── image-20231103221844337.png
        ├── image-20231103222019994.png
        ├── image-20231103222325586.png
        └── image-20231103222621241.png


/HostCollisionGUI_v1.0.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/HostCollisionGUI_v1.0.jar


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | （----后续会升级和优化判定规则,目前还未实现正确发生碰撞逻辑的判断）
 2 | 
 3 | ### 0x01 前言
 4 | 
 5 | ​		当访问目标网站时，通常无法直接使用真实IP，只有通过域名才能连接到后端业务服务。这是因为反向代理服务器（如nginx）禁止了直接IP访问。有时候，后端业务会保持隐秘，例如测试业务可能不会向外界开放。以前的DNS解析可能指向了外网，但后来删除了A记录，可能将业务迁移到了内网进行访问。
 6 | 
 7 | 
 8 | 
 9 | ### 0x02 原理复现分析
10 | 
11 | 首先使用Tomcat起一个web服务 http://127.0.0.1:8003/index.jsp
12 | 
13 | ![image-20231103221731867](typora-img/README/image-20231103221731867.png)
14 | 
15 | 使用nginx做反向代理
16 | 
17 | ```
18 | 	server {
19 | 		listen  80  default_server;
20 | 		server_name _;
21 | 		return 400;
22 | 	}
23 | 	server {
24 | 		listen  80;
25 | 		server_name www.charonlight.com;
26 | 
27 | 
28 | 		location / {
29 | 			proxy_pass http://127.0.0.1:8003/index.jsp;
30 | 			proxy_redirect off;
31 | 			proxy_set_header Host $host:$server_port;
32 | 			proxy_set_header X-Real-IP $remote_addr;
33 | 				root    html;
34 | 			index   index.html  index.htm;
35 | 		}
36 | 		access_log logs/test.com.log;
37 | 	}
38 | ```
39 | 
40 | 效果如下，即访问 http://127.0.0.1:80 会返回400，直接访问域名也是访问不到的
41 | 
42 | ![image-20231103221844337](typora-img/README/image-20231103221844337.png)
43 | 
44 | ![image-20231103222019994](typora-img/README/image-20231103222019994.png)
45 | 
46 | 但是当我们配置host进行访问时，即可访问
47 | 
48 | ![image-20231103222621241](typora-img/README/image-20231103222621241.png)
49 | 
50 | 
51 | 
52 | 师傅们环境不会搭建可以参考如下
53 | 
54 | nginx下载安装：https://blog.csdn.net/CSDN_Admin0/article/details/115640547
55 | 
56 | tomcat下载安装：https://blog.csdn.net/qq_46390120/article/details/128450109
57 | 
58 | 
59 | 
60 | ### 0x03 自动化工具使用
61 | 
62 | 直接导入需要碰撞的IP和域名，工具多线程碰撞速度快，访问状态码200成功时则会高亮。（注不是说只有200才算碰撞成功，具体可以根据网站标题进行判断）,后续我会升级下判定规则
63 | 
64 | ![image-20231103222325586](typora-img/README/image-20231103222325586.png)
65 | 
66 | 
67 | 
68 | ### 0x04 免责声明
69 | 
70 | 该开源工具是由作者按照开源许可证发布的，仅供个人学习和研究使用。作者不对您使用该工具所产生的任何后果负任何法律责任。
71 | 
72 | ![image-20231102210947908](typora-img/README/image-20231102210947908.png)
73 | 
74 | 


--------------------------------------------------------------------------------
/host.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/host.txt


--------------------------------------------------------------------------------
/ip.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/ip.txt


--------------------------------------------------------------------------------
/typora-img/README/image-20231102210947908.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231102210947908.png


--------------------------------------------------------------------------------
/typora-img/README/image-20231103221731867.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231103221731867.png


--------------------------------------------------------------------------------
/typora-img/README/image-20231103221844337.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231103221844337.png


--------------------------------------------------------------------------------
/typora-img/README/image-20231103222019994.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231103222019994.png


--------------------------------------------------------------------------------
/typora-img/README/image-20231103222325586.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231103222325586.png


--------------------------------------------------------------------------------
/typora-img/README/image-20231103222621241.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/HostCollisionGUI/be086a58dcc1d24f744a5c9e51a6ff2cf294ec8c/typora-img/README/image-20231103222621241.png


--------------------------------------------------------------------------------