├── 200.txt ├── concat.txt ├── keword_url.txt ├── paths.txt ├── urls.txt ├── 自动绕403截图.png ├── readme.txt └── cowcow.py /200.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /concat.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /keword_url.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /paths.txt: -------------------------------------------------------------------------------- 1 | robots.txt -------------------------------------------------------------------------------- /urls.txt: -------------------------------------------------------------------------------- 1 | https://www.baidu.com -------------------------------------------------------------------------------- /自动绕403截图.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sdfwesfe/cowcow/HEAD/自动绕403截图.png -------------------------------------------------------------------------------- /readme.txt: -------------------------------------------------------------------------------- 1 | 使用方法: 2 | 3 | 目录下创建urls.txt和paths.txt 4 | urls.txt作用: 填入http://xxxx/等url,一行一个 5 | paths.txt作用: 填入xxx/xx/等路径,一行一个 6 | 200.txt会保存存活的完整url和匹配到关键字的url 7 | concat.txt会保存拼接好的完整url 8 | 9 | 注意: 填入url和path的时候不要留空格 10 | 此工具我使用了随机UA头防爬虫封禁,同时增加了XFF头绕403状态的url,还增加了正则匹配敏感内容,如:shiro、身份证等 11 | 目前工具只能简单扫描,后续更新会逐渐完善自动绕403的方式、敏感匹配的正则库、防封禁方式等 12 | 13 | 14 | 命令行采用傻瓜式运行: 15 | python cowcow.py 16 | -------------------------------------------------------------------------------- /cowcow.py: -------------------------------------------------------------------------------- 1 | import random 2 | from colorama import Fore, Style 3 | import requests 4 | import os 5 | import times 6 | import argparse 7 | import textwrap 8 | from urllib3.exceptions import InsecureRequestWarning 9 | 10 | current_dir = os.path.dirname(os.path.abspath(__file__)) 11 | url_file = os.path.join(current_dir, "urls.txt") 12 | path_file = os.path.join(current_dir, "paths.txt") 13 | end_file = os.path.join(current_dir,"200.txt") 14 | result_file = os.path.join(current_dir,"end.txt") 15 | concat_file = os.path.join(current_dir,"concat.txt") 16 | keyword_file = os.path.join(current_dir,'keword_url.txt') 17 | 18 | 19 | 20 | banner = """ 21 | 22 | ____ ______ _ __ ____ ______ _ __ 23 | _/ ___\/ _ \ \/ \/ / _/ ___\/ _ \ \/ \/ / 24 | \ \__( <_> ) / \ \__( <_> ) / 25 | \___ >____/ \/\_/ \___ >____/ \/\_/ 26 | \/ \/ 27 | created by "小白鱼" 28 | """ 29 | print(banner) 30 | 31 | user_agents = [ 32 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.8.661 Safari/537.36', 33 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1', 34 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.7.24 Safari/537.36', 35 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.7.476 Safari/537.36', 36 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1', 37 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_0; rv:83.8.181) Gecko/20100101 Firefox/83.8.181', 38 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1', 39 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.135 Safari/537.36', 40 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.7.366 Safari/537.36', 41 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.5.698 Safari/537.36', 42 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.3.460 Safari/537.36', 43 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 44 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.1.372) Gecko/20100101 Firefox/108.1.372', 45 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.6.932 Safari/537.36', 46 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 47 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:54.6.828) Gecko/20100101 Firefox/54.6.828', 48 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1', 49 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.3.436 Safari/537.36', 50 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.8.513) Gecko/20100101 Firefox/57.8.513', 51 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.1.905 Safari/537.36', 52 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.4.208 Safari/537.36', 53 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1', 54 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.4.458 Safari/537.36', 55 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.7.42 Safari/537.36', 56 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 57 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.2.482 Safari/537.36', 58 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.368 Safari/537.36', 59 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.5.949 Safari/537.36', 60 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0.348) Gecko/20100101 Firefox/65.0.348', 61 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 13_7; rv:59.9.123) Gecko/20100101 Firefox/59.9.123', 62 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.7.577 Safari/537.36', 63 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_2; rv:68.4.629) Gecko/20100101 Firefox/68.4.629', 64 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1', 65 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2; rv:91.8.288) Gecko/20100101 Firefox/91.8.288', 66 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.7.579 Safari/537.36', 67 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.4.136 Safari/537.36', 68 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.4.54 Safari/537.36', 69 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5; rv:106.1.365) Gecko/20100101 Firefox/106.1.365', 70 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.4.710 Safari/537.36', 71 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.1.438) Gecko/20100101 Firefox/87.1.438', 72 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.7.986 Safari/537.36', 73 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.7.988 Safari/537.36', 74 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5; rv:52.1.396) Gecko/20100101 Firefox/52.1.396', 75 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 76 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1', 77 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.2.950 Safari/537.36', 78 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.6.384 Safari/537.36', 79 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.1.210 Safari/537.36', 80 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 13_3; rv:104.7.873) Gecko/20100101 Firefox/104.7.873', 81 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7; rv:76.3.698) Gecko/20100101 Firefox/76.3.698', 82 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.6.510 Safari/537.36', 83 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.4.328 Safari/537.36', 84 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.3.742) Gecko/20100101 Firefox/61.3.742', 85 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.6.402) Gecko/20100101 Firefox/76.6.402', 86 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.3.182 Safari/537.36', 87 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.36 Safari/537.36', 88 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 12_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.5.887 Safari/537.36', 89 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:116.5.701) Gecko/20100101 Firefox/116.5.701', 90 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 91 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.4.316 Safari/537.36', 92 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.9.612 Safari/537.36', 93 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.4.180 Safari/537.36', 94 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.6.932 Safari/537.36', 95 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.6.466 Safari/537.36', 96 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.6.577) Gecko/20100101 Firefox/86.6.577', 97 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0.399) Gecko/20100101 Firefox/78.0.399', 98 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.41 Safari/537.36', 99 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 100 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.6.776 Safari/537.36', 101 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.6.389) Gecko/20100101 Firefox/97.6.389', 102 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1', 103 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.1.914 Safari/537.36', 104 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 105 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 106 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.3.408 Safari/537.36', 107 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.9.462 Safari/537.36', 108 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1', 109 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.1.229) Gecko/20100101 Firefox/77.1.229', 110 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_0; rv:76.7.390) Gecko/20100101 Firefox/76.7.390', 111 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.9.946 Safari/537.36', 112 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.8.337 Safari/537.36', 113 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.7.679 Safari/537.36', 114 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2; rv:51.4.684) Gecko/20100101 Firefox/51.4.684', 115 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.6.695 Safari/537.36', 116 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.1.931 Safari/537.36', 117 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.4.959) Gecko/20100101 Firefox/85.4.959', 118 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.1.672 Safari/537.36', 119 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.1.649) Gecko/20100101 Firefox/88.1.649', 120 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.6.616 Safari/537.36', 121 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_4; rv:100.2.821) Gecko/20100101 Firefox/100.2.821', 122 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.5.157 Safari/537.36', 123 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.3.592) Gecko/20100101 Firefox/120.3.592', 124 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.4.549 Safari/537.36', 125 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.8.357 Safari/537.36', 126 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.6.495) Gecko/20100101 Firefox/98.6.495', 127 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 11_6; rv:61.7.330) Gecko/20100101 Firefox/61.7.330', 128 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.3.820 Safari/537.36', 129 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.3.988 Safari/537.36', 130 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6; rv:70.6.375) Gecko/20100101 Firefox/70.6.375', 131 | 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1' 132 | ] 133 | 134 | x_forwarded_fors = { 135 | '10.200.9.118', 136 | '10.214.244.54', 137 | '10.91.109.173', 138 | '172.29.82.24', 139 | '192.168.43.139', 140 | '172.25.113.233', 141 | '192.168.9.80', 142 | '10.50.162.124', 143 | '10.247.195.197', 144 | '172.27.46.69', 145 | '10.102.251.113', 146 | '172.26.87.212', 147 | '192.168.61.112', 148 | '10.144.227.3', 149 | '192.168.20.244', 150 | '172.17.11.20', 151 | '10.13.19.14', 152 | '10.206.22.215', 153 | '10.146.151.41', 154 | '10.214.209.195', 155 | '192.168.101.160', 156 | '10.53.34.253', 157 | '172.31.48.130', 158 | '172.16.73.159', 159 | '192.168.54.155', 160 | '192.168.83.207', 161 | '192.168.137.100', 162 | '172.23.157.157', 163 | '10.207.86.76', 164 | '172.23.92.95', 165 | '10.17.156.13', 166 | '192.168.229.142', 167 | '10.223.31.181', 168 | '10.101.162.249', 169 | '10.47.17.222', 170 | '172.17.153.140', 171 | '10.58.39.14', 172 | '172.31.147.96', 173 | '172.27.51.73', 174 | '10.234.199.139', 175 | '10.199.8.176', 176 | '192.168.4.168', 177 | '192.168.115.143', 178 | '192.168.155.109', 179 | '172.20.218.123', 180 | '172.29.86.190', 181 | '10.68.133.4', 182 | '10.226.103.210', 183 | '192.168.9.213', 184 | '192.168.168.176', 185 | '127.0.0.1', 186 | 'localhost' 187 | } 188 | 189 | keywords = { 190 | r'[^0-9]((\d{8}(0\d|10|11|12)([0-2]\d|30|31)\d{3}$)|(\d{6}(18|19|20)\d{2}(0[1-9]|10|11|12)([0-2]\d|30|31)\d{3}(\d|X|x)))[^0-9]', 191 | r'[^\w]((?:(?:\+|00)86)?1(?:(?:3[\d])|(?:4[5-79])|(?:5[0-35-9])|(?:6[5-7])|(?:7[0-8])|(?:8[\d])|(?:9[189]))\d{8})[^\w]', 192 | r'[^0-9]((127\.0\.0\.1)|(10\.\d{1,3}\.\d{1,3}\.\d{1,3})|(172\.((1[6-9])|(2\d)|(3[01]))\.\d{1,3}\.\d{1,3})|(192\.168\.\d{1,3}\.\d{1,3}))', 193 | r'(^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})|[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}))', 194 | r'(((access)(|-|_)(key)(|-|_)(id|secret))|(LTAI[a-z0-9]{12,20}))', 195 | r'((\'|")(|[\w]{1,10})([p](ass|wd|asswd|assword))(|[\w]{1,10})(\'|")(:|=)( |)\'|"(.*?)\'|")(|,))' 196 | r'((\'|")(|[\w]{1,10})(([u](ser|name|sername))|(account)|((((create|update)((d|r)|(by|on|at)))|(creator))))(|[\w]{1,10})(\'|")(:|=)( |)\'|"(.*?)\'|")(|,))' 197 | r'((corp)(id|secret))', 198 | r'(\$router\.push)', 199 | r'((access=)|(adm=)|(admin=)|(alter=)|(cfg=)|(clone=)|(config=)|(create=)|(dbg=)|(debug=)|(delete=)|(disable=)|(edit=)|(enable=)|(exec=)|(execute=)|(grant=)|(load=)|(make=)|(modify=)|(rename=)|(reset=)|(root=)|(shell=)|(test=)|(toggl=))', 200 | r'(=deleteMe|rememberMe=)', 201 | r'((swagger-ui.html)|(\"swagger\":)|(Swagger UI)|(swaggerUi)|(swaggerVersion))', 202 | r'(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9._-]{10,}|eyJ[A-Za-z0-9_\/+-]{10,}\.[A-Za-z0-9._\/+-]{10,})', 203 | r'(Druid Stat Index)', 204 | r'(ueditor\.(config|all)\.js)', 205 | r'(([a-z0-9]+[_|\.])*[a-z0-9]+@([a-z0-9]+[-|_|\.])*[a-z0-9]+\.((?!js|css|jpg|jpeg|png|ico)[a-z]{2,5}))' 206 | r"(?:username|user|account|email)\s*[:=]\s*([^\s]+)", 207 | r"(?:password|passwd|pwd|secret)\s*[:=]\s*([^\s]+)", 208 | r"(?:[\u4e00-\u9fa5]+省)?(?:[\u4e00-\u9fa5]+市)(?:[\u4e00-\u9fa5]+区)?(?:[\u4e00-\u9fa5]+街道)?(?:[\u4e00-\u9fa5]+路)?(?:[\u4e00-\u9fa5A-Za-z0-9\-]*号)?(?:[\u4e00-\u9fa5A-Za-z0-9\-]*室)?" 209 | } 210 | 211 | 212 | with open(url_file, "r", encoding="utf-8") as f: 213 | urls = f.readlines() 214 | with open(path_file, "r", encoding="utf-8") as f: 215 | paths = f.readlines() 216 | 217 | 218 | 219 | 220 | with open(concat_file,"w",encoding="utf-8") as f: 221 | for url in urls: 222 | for path in paths: 223 | full_url = url.strip() + path.strip() 224 | f.write(full_url + '\n') 225 | 226 | 227 | 228 | 229 | ## 工具作用主题函数 230 | def request_url(concat_url): 231 | requests.packages.urllib3.disable_warnings(InsecureRequestWarning) 232 | 233 | try: 234 | # 第一次请求:不带 X-Forwarded-For 头 235 | headers = { 236 | 'User-Agent': random.choice(user_agents) 237 | } 238 | response1 = requests.get(concat_url, headers=headers, verify=False) 239 | response2 = requests.post(concat_url, headers=headers, data={}, verify=False) 240 | 241 | if response1.status_code == 200 or response2.status_code == 200: 242 | # 保存 200 状态的 URL 243 | 244 | with open(end_file, "a", encoding="utf-8") as f: 245 | f.write(f"URL: {concat_url} + STATUS-CODE: {response1.status_code} '\n'") 246 | print(f"发现存活 URL:{concat_url} 状态码: {response1.status_code}" + Style.RESET_ALL) 247 | 248 | ## 匹配关键词 249 | content1 = response1.text 250 | content2 = response2.text 251 | match_keywords = [keyword for keyword in keywords if keyword in content1 or keyword in content2] 252 | with open(keyword_file, 'a', encoding='utf-8') as f: 253 | f.write(f"URL: {concat_url} 匹配到的关键词: {', '.join(match_keywords)}\n") 254 | print(Fore.GREEN + f"[匹配成功] {concat_url} 匹配到关键词: {', '.join(match_keywords)}" + Style.RESET_ALL) 255 | 256 | 257 | 258 | elif response1.status_code == 403 or response2.status_code == 403: 259 | # 第二次请求:逐一尝试 X-Forwarded-For 头 260 | for xff in x_forwarded_fors: 261 | headers['X-Forwarded-For'] = xff 262 | response1 = requests.get(concat_url, headers=headers, verify=False) 263 | response2 = requests.post(concat_url, headers=headers, data={}, verify=False) 264 | if response1.status_code == 200 or response2.status_code == 200: 265 | # 如果尝试后状态变为 200,则保存 266 | 267 | print(Fore.GREEN +f"【403变200】发现存活 URL:{concat_url} 状态码: {response1.status_code} XFF: {xff}" + Style.RESET_ALL) 268 | with open(end_file, "a", encoding="utf-8") as f: 269 | f.write(f"URL: {concat_url} + XFF: {xff} + STATUS-CODE: '\n'") 270 | 271 | content1 = response1.text 272 | content2 = response2.text 273 | match_keywords = [keyword for keyword in keywords if keyword in content1 or keyword in content2] 274 | with open(keyword_file, 'a', encoding='utf-8') as f: 275 | f.write(f"URL: {concat_url} 匹配到的关键词: {', '.join(match_keywords)}\n") 276 | print(Fore.GREEN + f"[匹配成功] {concat_url} 匹配到关键词: {', '.join(match_keywords)}"+ Style.RESET_ALL) 277 | ## 匹配关键词 278 | break # 成功后退出 X-Forwarded-For 尝试循环 279 | else: 280 | print(f"尝试 XFF {xff} 未成功:{concat_url} 状态码: {response1.status_code}") 281 | else: 282 | # 如果所有 XFF 都尝试后仍然 403,记录日志 283 | print(f"所有 XFF 尝试后仍然 403:{concat_url}") 284 | 285 | else: 286 | print(f"未发现存活:{concat_url} 状态码: {response1.status_code}") 287 | 288 | except requests.exceptions.RequestException as e: 289 | print(f"网络连接错误:{e} 请退出重新运行") 290 | 291 | # 读取文件中的 URL 并进行请求 292 | # 拼接后的 URL 文件 293 | with open(concat_file, "r", encoding="utf-8") as f: 294 | concat_urls = f.readlines() 295 | for concat_url in concat_urls: 296 | request_url(concat_url.strip()) 297 | 298 | 299 | --------------------------------------------------------------------------------