前言
原创作者:Super403,文章分析主要用于研究教学
本期研究:【Londly01-safety-tool】工具源码
简介:自动化资产探测及漏扫脚本
工具来源:https://github.com/startagain2016/Londly01-safety-tool
截图展示:【如下图所示】
工具介绍
根据作者的工具简介,“自动化进行资产探测及漏洞扫描|红蓝对抗 | 快速打点 | 适用黑客进行赏金活动、SRC活动、大规模攻击使用 | 护网”可以理解这是一个调用市面上常用的渗透工具,进行自动流程化的脚本工具。首先看一下作者调用的工具,masscan,Fscan,httpx,Finger,observer,xray,nuclei,都是一些常见的渗透工具。脚本工具的核心是调用这些工具,采用人工常规渗透方式,及信息收集+资产测绘+漏洞扫描,将其连贯起来做成自动化流程。
工作流程
工具分析
__
| cdn.py # 去除节点ip
| const.py # cdn配置文件
| londly.py # 主程序
| README.md # 说明
|_ requirements.txt # 需要下载安装的pip的模块
londly.py
首先我们从头开始刨析这个脚本工具源码,这里发现主程序londly.py调用os,time,argparse,shutil等模块。
#coding:utf-8
import os #可以用于操作系统交互,执行命令
import time #可以用于调用时间相关事件,如演示等等
import argparse #用于编写用户友好的命令行接口,可以定义程序命令行参数
import shutil #提供了更高级的文件和文件夹操作,如复制、删除、移动文件和文件夹等
图形化展示字符设计,定义函数biaoti,里面包含一个变量splash1,展示输出。
def biaoti():
splash1 = """
__ __ __
| \ | \| \
| $$ ______ _______ ____| $$| $$ __ __
| $$ / \ | \ / $$| $$| \ | \
| $$ | $$$$$$\| $$$$$$$\| $$$$$$$| $$| $$ | $$
| $$ | $$ | $$| $$ | $$| $$ | $$| $$| $$ | $$
| $$____| $$__/ $$| $$ | $$| $$__| $$| $$| $$__/ $$
| $$ \$$ $$| $$ | $$ \$$ $$| $$ \$$ $$
\$$$$$$$$\$$$$$$ \$$ \$$ \$$$$$$$ \$$ _\$$$$$$$
| \__| $$
\$$ $$
\$$$$$$
"""
print(splash1)
下面主要涉及到argparse模块的知识,看不懂的可以去百度了解,不过多讲述。
下面代码,定义一个函数args函数,设置解析命令行参数,我看这段代码主要是调用masscan端口扫描工具,执行masscan命令的自定义参数,设置三个参数分别是 -i 从文件中读取要扫描的目标列表,-p 扫描端口,-rate扫描速率。最后将解析命令行参数保存至变量args。
**description='Masscan2Httpx2Nuclei' ** 设置提示描述,会在界面展示。
add_argument 用于向ArgumentParser对象,添加命令行参数。
**required=True ** 是设置命令参数为必选项。
help='' 是设置帮助信息,提示作用。
**args = parser.parse_args() **用于解析命令行参数
def args():
parser = argparse.ArgumentParser(description='Masscan2Httpx2Nuclei')
#help换行
parser.add_argument('-i', '--input', help='参考masscan -iL', required=True)
parser.add_argument('-p', '--port',help='参考masscan -p', required=True)
parser.add_argument('-rate','--rate', help='参考masscan速率rate', required=True)
args = parser.parse_args()
return args
这段代码定义一个更新模块update函数,设置提示变量展示,可以看到在当前目录下使用os模块执行系统命令来更新nuclei工具和xray工具,更新完成后输出提示。
def update():
splash00 = """
+----------------------------------+
| 正在更新nuclei&xray
+----------------------------------+
"""
print(splash00)
os.system('./nuclei -update')
os.system('./xray_linux_amd64 upgrade')
splash03 = """
+----------------------------------+
| 检查完毕,解放双手!!
+----------------------------------+
"""
print(splash03)
设置check_args函数,读取上面所说的args变量存储命令解析参数命令,这里做了三个逻辑判断.
第一 检查 -i ,input 参数指定的IP文件是否存在,不存在退出程序.
第二 检查 -p,port 的端口参数是否存在,不存在退出程序.
第三 检查-rate 的扫描速率参数是否存在,不存在退出程序.
如果所有逻辑判断正常, 函数会返回原始的 args 对象
def check_args(args):
if not os.path.exists(args.input):
print('ip文件不存在')
exit()
if not args.port:
print('请输入端口参数')
exit()
if not args.rate:
print('请输入扫描速率(例:-rate 2000)')
exit()
return args
这段代码的流程是调用check_args函数做个逻辑判断,验证参数无误后,设置三个变量,分别对于命令行中的三个参数,使用os模块执行系统命令,运行masscan,将结果保存到当前目录下的masscan.txt。
def masscan2httpx2nuclei(args):
args = check_args(args)
input_file = args.input
port = args.port
rate = args.rate
os.system('masscan -iL ' + input_file + ' -p' + port + ' -oL masscan.txt --rate ' + rate)
这段代码更好理解了,使用python3命令调用cdn.py ,具体我们看下面的cdn.py代码分析,最后会处理好IP
def cdn():
os.system('python3 cdn.py list.txt')
接下来我们分析masscan2httpx2nuclei_main函数:看函数名我们就知道,这个是工具处理函数,首先循环检查masscan.txt是否存在,不存在延时1秒继续检查,然后继续检查,当masscan.txt的大小为0,说明没有扫描到任何开放的端口,因此打印提示信息并退出程序 ,如果不为空则打开masscan.txt 文件并逐行读取。跳过以 # 开头的行(通常是注释或标题)。对于以 open 开头的行(表示扫描到的开放端口),提取端口号和相应的IP地址,并写入到 masscanconvert.txt 文件中 ,如果这个txt存在, 使用 httpx扫描masscanconvert.txt的结果,保存httpxresult.txt中,然后删除文件。
def masscan2httpx2nuclei_main():
while True:
if os.path.exists("masscan.txt"):
break
else:
time.sleep(1)
if os.path.getsize("masscan.txt") == 0:
splash3 = """
+----------------------------------+
| 无端口开放,程序已退出!
+----------------------------------+
"""
print(splash3)
exit()
else :
splash4 = """
+----------------------------------------+
| Masscan扫描结果解析并调用httpx
+----------------------------------------+
"""
print(splash4)
masscanfile = open("masscan.txt", "r")
masscanfile.seek(0)
for line in masscanfile:
if line.startswith("#"):
continue
if line.startswith("open"):
line = line.split(" ")
with open("masscanconvert.txt", "a") as f:
f.write(line[3]+":"+line[2]+"\n")
f.close()
masscanfile.close()
if os.path.exists("masscan.txt"):
os.system('./httpx -l masscanconvert.txt -nc -o httpxresult.txt')
os.remove("masscan.txt")
splash2 = """
+----------------------------------+
| Httpx is done !
+----------------------------------+
"""
print(splash2)
else:
splash5 = """
+----------------------------------+
| 未发现解析后的masscan端口结果
+----------------------------------+
"""
print(splash5)
exit()
使用observer工具处理masscanconvert.txt的IP端口结果,另存至observer.txt
def observer():
os.system('./observer -f masscanconvert.txt -c observer.txt')
使用Finger 指纹识别工具扫描,并处理其输出,将输出文件移动到当前工作目录
def Finger():
path=os.getcwd()
os.system('python3 Finger/Finger.py -f ' + path + r"/masscanconvert.txt")
files = path + r"/Finger/output/"
b = os.listdir(files)
new = path
for f in b:
shutil.move(files + f, new)
使用fscan工具扫描ip.txt 保存
def fscan():
os.system('./fscan64 -hf ip.txt -o fscan.txt')
nu函数,是检查httpxresult.txt文件存在,然后调用nuclei,xray扫描漏洞并输出,其中nuclei扫描中高危,并输出,如果没有http协议,也就是httpxresult是空文件,发出提示,然后查看nuclei扫描结果是否存在,存在输出提示,不存在输出未发现漏洞提示,然后检查xray扫描结果是否存在,存在输出结果提示,不存在输出未发现提示。
def nu():
if os.path.exists("httpxresult.txt"):
os.system('./nuclei -l httpxresult.txt -s medium,high,critical -o nucleiresult.txt')
os.system('./xray_linux_amd64 webscan -url-file httpxresult.txt --html-output xray.html')
os.remove("httpxresult.txt")
os.remove("masscanconvert.txt")
else:
print("扫描结果未发现http协议")
exit()
if os.path.exists("nucleiresult.txt"):
splash6 = """
+----------------------------------+
| 扫描完成,请查看nucleiresult.txt
+----------------------------------+
"""
print(splash6)
else:
splash7 = """
+----------------------------------+
| nuclei未发现中高危漏洞
+----------------------------------+
"""
print(splash7)
if os.path.exists("xray.html"):
splash8 = """
+----------------------------------+
| 扫描完成,请查看xray.html
+----------------------------------+
"""
print(splash8)
else:
splash9 = """
+----------------------------------+
| xray未发现漏洞
+----------------------------------+
"""
print(splash9)
exit()
接下来是main主程序,梳理一下工作流程
首先调用logo函数,检查更新,然后使用cdn模块梳理cdn节点,使用masscan2httpx2nuclei函数调用masscan扫描ip端口,httpx函数解析端口站点,调用observer和Finger和fscan扫描端口站点,ip,最后调用nuclei和xray扫描漏洞并输出
def main():
biaoti() # logo函数
update() # 检查更新
cdn() # 使用cdn函数
masscan2httpx2nuclei(args()) # masscan函数扫描指定的文件
masscan2httpx2nuclei_main() # httpx处理解析
observer()
Finger()
fscan()
nu()
if __name__ == '__main__':
main()
exit()
cdn.py
关于cdn.py 简单描述一些自己的看法,通读了代码后,发现逻辑不清晰,这倒可以理解,但是我不理解为什么会有涉及到域名方面的相关的code,而且在调试cdn.py 代码发现真的不好用,cdn.py 有很大几率是作者调用他人的脚本工具,不像是作者独自开发的,为什么说这个逻辑不清晰是有理由的,代码主体顺序还得靠猜,可读性较差。下面是全文代码,可以看一下。
# -*- coding: utf-8 -*-
import dns.resolver
import requests
import ipaddress
import geoip2.database
import socket
import sys
import re
from concurrent.futures import ThreadPoolExecutor,wait, ALL_COMPLETED
from const import all_CNAME,cdns,ASNS
def matched(obj,list):
#print(obj)
for i in list:
if i in obj:
return True
return False
def getCNAMES(domain):
cnames = []
cname = getCNAME(domain)
if cname is not None:
cnames.append(cname)
while(cname != None):
cname = getCNAME(cname)
if cname is not None:
cnames.append(cname)
return cnames
def getCNAME(domain):
try:
answer = dns.resolver.resolve(domain,'CNAME')
except:
return None
cname = [_.to_text() for _ in answer][0]
return cname
def checkIP(ip):
try:
for cdn in cdns:
if ipaddress.ip_address(ip) in ipaddress.ip_network(cdn):
return True
return False
except:
return False
def getIP(domain):
try:
addr = socket.getaddrinfo(domain,None)
except:
return None
return str(addr[0][4][0])
def checkASN(ip):
try:
with geoip2.database.Reader('GeoLite2-ASN.mmdb') as reader:
response = reader.asn(ip)
for i in ASNS:
if response.autonomous_system_number == int(i):
return True
except:
return False
return False
def wFile(file,str):
try:
f = open(file,'a')
f.write(str)
f.write('\n')
finally:
f.close()
def check(data):
if not re.search(r'\d+\.\d+\.\d+\.\d+', data):
ip = getIP(data)
else:
ip = data
if ip is None:
return
cdnip = checkIP(ip)
if cdnip == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
cdnasn = checkASN(ip)
if cdnasn == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
if not re.search(r'\d+\.\d+\.\d+\.\d+', data):
cnames = getCNAMES(data)
match = False
for i in cnames:
match = matched(i,all_CNAME)
if match == True:
break
if match == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
print(data+": notCDN")
wFile('ip.txt',data)
#wFile('../ip.txt',ip)
return
if __name__ == '__main__':
if len(sys.argv) != 2:
print("error command -h for help")
exit()
if sys.argv[1] == '-h':
print("")
print("checkCDN.py list.txt")
print("")
exit()
dataList = []
try:
f = open(sys.argv[1])
for text in f.readlines():
data = text.strip('\n')
dataList.append(data)
finally:
f.close()
with ThreadPoolExecutor(max_workers=100) as pool:
all_task = [pool.submit(check,data) for data in dataList]
wait(all_task, return_when=ALL_COMPLETED)
简单梳理一下逻辑,下面代码是作者调用的cdn.py的代码
# -*- coding: utf-8 -*-
import dns.resolver # Dns 查询模块
import requests
import ipaddress # IP处理模块
import geoip2.database # MaxMind的GeoIP2库的一部分,用于基于IP地址进行地理位置查询
import socket
import sys
import re # 正则模块
from concurrent.futures import ThreadPoolExecutor,wait, ALL_COMPLETED # 并发
from const import all_CNAME,cdns,ASNS # 从const.py 中调用 all_CNAME,cdns,ASNS
首先这部分是做个逻辑判断,调用argv函数判断,-h输出 工具使用然后退出程序
if __name__ == '__main__':
if len(sys.argv) != 2:
print("error command -h for help")
exit()
if sys.argv[1] == '-h':
print("")
print("checkCDN.py list.txt")
print("")
exit()
初始化一个空列表dataList,用于存储从文件中读取的数据。尝试打开文件读取文件内容,并且去除末尾换行符之后将数据保存至datalist中,接下来是使用并发线程100来处理主函数设置的任务
dataList = []
try:
f = open(sys.argv[1])
for text in f.readlines():
data = text.strip('\n')
dataList.append(data)
finally:
f.close()
with ThreadPoolExecutor(max_workers=100) as pool:
all_task = [pool.submit(check,data) for data in dataList]
wait(all_task, return_when=ALL_COMPLETED)
matched函数:是检查判断文件的一个处理逻辑。
getCNAME 函数:接收domain文件参数,并尝试获取该域名的 CNAME 记录。
getCNAMES函数:是获取给定域名的所有 CNAME 记录。与之前的 getCNAME 函数不同,getCNAMES 函数会递归地查询每个 CNAME 记录。
checkIP函数:检查给定的IP地址是否属于const.py里面自定义的cdns列表。尝试将ip和cdns中的每个CDN网络进行比较,如果ip位于cdns网络中,则返回True,否则返回False。
getIP函数:尝试获取给定域名domain的IP地址。使用socket.getaddrinfo函数来解析域名IP,将解析的IP地址的字符串形式。如果解析失败,则函数返回None。
checkASN函数:检查IP地址是否属于const.py中预定义的自治系统号ASNS列表。使用geoip2库来查询IP地址的ASN,然后比较查询到的ASN是否与ASNS列表中ASN是否匹配。如果匹配,则继续,如果查询失败或没有匹配项退出。
wFile函数:将字符串追加指定文件中,用于处理文件操作,当文件不存在则创建一个,写入字符串,并后续添加字符,做个异常处理,无论写入操作是否成功,都会关闭文件
def matched(obj,list):
#print(obj)
for i in list:
if i in obj:
return True
return False
def getCNAMES(domain):
cnames = []
cname = getCNAME(domain)
if cname is not None:
cnames.append(cname)
while(cname != None):
cname = getCNAME(cname)
if cname is not None:
cnames.append(cname)
return cnames
def getCNAME(domain):
try:
answer = dns.resolver.resolve(domain,'CNAME')
except:
return None
cname = [_.to_text() for _ in answer][0]
return cname
def checkIP(ip):
try:
for cdn in cdns:
if ipaddress.ip_address(ip) in ipaddress.ip_network(cdn):
return True
return False
except:
return False
def getIP(domain):
try:
addr = socket.getaddrinfo(domain,None)
except:
return None
return str(addr[0][4][0])
def checkASN(ip):
try:
with geoip2.database.Reader('GeoLite2-ASN.mmdb') as reader:
response = reader.asn(ip)
for i in ASNS:
if response.autonomous_system_number == int(i):
return True
except:
return False
return False
def wFile(file,str):
try:
f = open(file,'a')
f.write(str)
f.write('\n')
finally:
f.close()
check函数:是主函数,首先使用正则处理接收的数据,它接收一个字符串(可能是域名或IP地址)作为输入,然后调用checkIP函数处理IP检查这个字符串是否属于CDN。如果属于CDN,它将打印出这个字符串,并将其写入cdn.txt文件,然后将输出页面print(data+": notCDN") 展示的data变量保存的IP保存至ip.txt
def check(data):
if not re.search(r'\d+\.\d+\.\d+\.\d+', data):
ip = getIP(data)
else:
ip = data
if ip is None:
return
cdnip = checkIP(ip)
if cdnip == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
cdnasn = checkASN(ip)
if cdnasn == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
if not re.search(r'\d+\.\d+\.\d+\.\d+', data):
cnames = getCNAMES(data)
match = False
for i in cnames:
match = matched(i,all_CNAME)
if match == True:
break
if match == True:
print(data+": CDN")
wFile('cdn.txt',data)
return
print(data+": notCDN")
wFile('ip.txt',data)
#wFile('../ip.txt',ip)
return
这里有个问题:它不会判断domain,私下尝试将子域名放入ip列表,然后会将子域名和ip放入ip.txt,实验尝试masscan扫描ip.txt ,会发生报错导致程序运行失败
const.py
我们来分析const.py文件什么意思。
all_CNAME 列表 定义CDN节点域名
all_CNAME = [
"cdn-cdn.net", "fwdns.net", "bitgravity.com", "21okglb.cn", "kxcdn", "fastwebcdn.com", "cachefly.net", "simplecdn.net", "tbcache.com", "footprint.net", "cloudflare.net", "51cdn.com", "google.", "bluehatnetwork.com", "hadns.net", "incapdns", "skyparkcdn", "akamai", "hwcdn", "cdn77.org", "aicdn.com", "akamaitechnologies.com", "fastly", "fpbns", "cdn77.net", "zenedge.net", "akadns.net", "customcdn.com", "fastly.net", "lswcdn", "googleusercontent.com", "mncdn.com", "21speedcdn.com", "hiberniacdn.com", "mirror-image.net", "anankecdn.com.br", "cncssr.chinacache.net", "hichina.net", "insnw.net", "jiashule.com", "llnwd", "cdn.dnsv1.com", "bitgravity", "mwcloudcdn.com", "amazonaws.com", "systemcdn.net", "wscdns.com", "cdnvideo", "ccgslb", "fpbns.net", "dnsv1", "360wzb.com", "inscname.net", "ytcdn.net", "21vokglb.cn", "aliyuncs.com", "cdntip", "netdna-ssl.com", "att-dsa.net", "tcdn.qq.com", "netdna", "ccgslb.com.cn", "netdna.com", "l.doubleclick.net", "chinaidns.net", "turbobytes-cdn.com", "instacontent.net", "speedcdns", "clients.turbobytes.net", "akamai-staging.net", "fastcdn.cn", "wscloudcdn", "gslb.taobao.com", "hichina.com", "fastcache.com", "cachecn.com", "verygslb.com", "cdnzz.net", "fwcdn.com", "kunlunca.com", "cdn.cloudflare.net", "customcdn.cn", "vo.llnwd.net", "swiftserve.com", "lldns.net", "afxcdn.net", "ourwebpic.com", "edgekey", "ucloud.cn", "cdn20.com", "swiftcdn1.com", "cdn77", "azioncdn.net", "akamaized.net", "cdnvideo.ru", "incapdns.net", "tlgslb.com", "kunlun.com", "cloudflare.com", "anankecdn", "cdnudns.com", "footprint", "txnetworks.cn", "akamai.com", "cdnsun.net", "wpc.", "qiniudns.com", "okglb.com", "cloudflare", "ngenix", "cloudfront", "belugacdn.com", "edgecast", "cdnsun.net.", "alicdn.com", "cdn.telefonica.com", "lxdns.com", "internapcdn.net", "ewcache.com", "llnwd.net", "c3cdn.net", "chinacache.net", "21vianet.com.cn", "qingcdn.com", "yunjiasu-cdn", "cdn.ngenix.net", "skyparkcdn.net", "ccgslb.com", "adn.", "presscdn", "panthercdn.com", "edgecastcdn.net", "ay1.b.yahoo.com", "alicloudsec.com", "cachefly", "kunlunar.com", "bdydns.com", "cloudfront.net", "acadn.com", "cap-mii.net", "gslb.tbcache.com", "awsdns", "cdn.bitgravity.com", "cdnify.io", "kxcdn.com", "00cdn.com", "cdnetworks.net", "fastweb.com", "googlesyndication.", "akamaitech.net", "presscdn.com", "cdnetworks", "cdntip.com", "cdnify", "hacdn.net", "azureedge.net", "alicloudlayer.com", "internapcdn", "speedcdns.com", "cdnsun", "cdngc.net", "gccdn.net", "fastlylb.net", "cdnnetworks.com", "mwcloudcdn", "21cvcdn.com", "ccgslb.net", "azioncdn", "wac.", "unicache.com", "vo.msecnd.net", "stackpathdns.com", "lswcdn.net", "dnspao.com", "akamai.net", "azureedge", "aodianyun.com", "dnion.com", "wscloudcdn.com", "ourwebcdn.net", "netdna-cdn.com", "chinacache", "c3cache.net", "aliyun-inc.com", "sprycdn.com", "hwcdn.net", "yimg.", "telefonica", "aqb.so", "alikunlun.com", "chinanetcenter.com", "cloudcdn.net", "xgslb.net", "gccdn.cn", "globalcdn.cn", "lxcdn.com", "rncdn1.com", "youtube.", "txcdn.cn", "edgesuite.net", "okcdn.com", "akamaiedge.net"
]
cdns列表 定义节点IP的区间
cdns = [
'223.99.255.0/24', '71.152.0.0/17', '219.153.73.0/24', '125.39.46.0/24', '190.93.240.0/20', '14.0.113.0/24', '14.0.47.0/24', '113.20.148.0/22', '103.75.201.0/24', '1.32.239.0/24', '101.79.239.0/24', '52.46.0.0/18', '125.88.189.0/24', '150.138.248.0/24', '180.153.235.0/24', '205.251.252.0/23', '103.1.65.0/24', '115.127.227.0/24', '14.0.42.0/24', '109.199.58.0/24', '116.211.155.0/24', '112.253.3.0/24', '14.0.58.0/24', '223.112.227.0/24', '113.20.150.0/23', '61.182.141.0/24', '34.216.51.0/25', '124.95.188.0/24', '42.51.25.0/24', '183.136.133.0/24', '52.220.191.0/26', '119.84.93.0/24', '182.118.38.0/24', '13.59.250.0/26', '54.178.75.0/24', '119.84.92.0/24', '183.131.62.0/24', '111.32.136.0/24', '13.124.199.0/24', '111.47.227.0/24', '104.37.177.0/24', '14.0.50.0/24', '183.230.70.0/24', '114.111.59.0/24', '220.181.135.0/24', '112.140.32.0/19', '101.79.230.0/24', '14.0.115.0/24', '103.28.248.0/22', '117.34.72.0/24', '109.199.57.0/24', '101.79.149.0/24', '116.128.128.0/24', '115.231.186.0/24', '103.22.200.0/22', '61.155.165.0/24', '113.20.148.0/23', '185.254.242.0/24', '59.36.120.0/24', '70.132.0.0/18', '116.31.126.0/24', '119.147.134.0/24', '115.127.246.0/24', '52.47.139.0/24', '118.107.175.0/24', '52.78.247.128/26', '110.93.176.0/20', '54.240.128.0/18', '46.51.216.0/21', '119.31.251.0/24', '125.39.18.0/24', '108.175.33.0/24', '1.31.128.0/24', '61.151.163.0/24', '103.95.132.0/24', '58.215.118.0/24', '54.233.255.128/26', '120.52.113.0/24', '118.107.174.0/24', '1.32.242.0/24', '221.195.34.0/24', '101.79.228.0/24', '205.251.249.0/24', '113.200.91.0/24', '101.79.146.0/24', '221.238.22.0/24', '134.19.183.0/24', '110.93.160.0/20', '180.97.158.0/24', '115.127.251.0/24', '119.167.147.0/24', '115.127.238.0/24', '115.127.240.0/22', '14.0.48.0/24', '115.127.240.0/24', '113.7.183.0/24', '112.140.128.0/20', '115.127.255.0/24', '114.31.36.0/22', '101.79.232.0/24', '218.98.44.0/24', '106.119.182.0/24', '101.79.167.0/24', '125.39.5.0/24', '58.49.105.0/24', '124.202.164.0/24', '111.177.6.0/24', '61.133.127.0/24', '185.11.124.0/22', '150.138.150.0/24', '115.127.248.0/24', '103.74.80.0/22', '101.79.166.0/24', '101.71.55.0/24', '198.41.128.0/17', '117.21.219.0/24', '103.231.170.0/24', '221.204.202.0/24', '101.79.224.0/24', '112.25.16.0/24', '111.177.3.0/24', '204.246.168.0/22', '103.40.7.0/24', '134.226.0.0/16', '52.15.127.128/26', '122.190.2.0/24', '101.203.192.0/18', '1.32.238.0/24', '101.79.144.0/24', '176.34.28.0/24', '119.84.15.0/24', '18.216.170.128/25', '222.88.94.0/24', '101.79.150.0/24', '114.111.48.0/21', '124.95.168.0/24', '114.111.48.0/20', '110.93.176.0/21', '223.111.127.0/24', '117.23.61.0/24', '140.207.120.0/24', '157.255.26.0/24', '221.204.14.0/24', '183.222.96.0/24', '104.37.180.0/24', '42.236.93.0/24', '111.63.51.0/24', '114.31.32.0/20', '118.180.50.0/24', '222.240.184.0/24', '205.251.192.0/19', '101.79.225.0/24', '115.127.228.0/24', '113.20.148.0/24', '61.213.176.0/24', '112.65.75.0/24', '111.13.147.0/24', '113.20.145.0/24', '103.253.132.0/24', '52.222.128.0/17', '183.203.7.0/24', '27.221.27.0/24', '103.79.134.0/24', '123.150.187.0/24', '103.15.194.0/24', '162.158.0.0/15', '61.163.30.0/24', '182.140.227.0/24', '112.25.60.0/24', '117.148.161.0/24', '61.182.136.0/24', '114.31.56.0/22', '64.252.128.0/18', '183.61.185.0/24', '115.127.250.0/24', '150.138.138.0/24', '13.210.67.128/26', '211.162.64.0/24', '61.174.9.0/24', '14.0.112.0/24', '52.52.191.128/26', '27.221.124.0/24', '103.4.203.0/24', '103.14.10.0/24', '34.232.163.208/29', '114.31.48.0/20', '59.51.81.0/24', '183.60.235.0/24', '101.227.206.0/24', '125.39.174.0/24', '119.167.246.0/24', '118.107.160.0/21', '223.166.151.0/24', '110.93.160.0/19', '204.246.172.0/23', '119.31.253.0/24', '143.204.0.0/16', '14.0.60.0/24', '123.151.76.0/24', '116.193.80.0/24', '120.241.102.0/24', '180.96.20.0/24', '216.137.32.0/19', '223.94.95.0/24', '103.4.201.0/24', '14.0.56.0/24', '115.127.234.0/24', '113.20.144.0/23', '103.248.104.0/24', '122.143.15.0/24', '101.79.229.0/24', '101.79.163.0/24', '104.37.112.0/22', '115.127.253.0/24', '141.101.64.0/18', '113.20.144.0/22', '101.79.155.0/24', '117.148.160.0/24', '124.193.166.0/24', '109.94.168.0/24', '203.90.247.0/24', '101.79.208.0/21', '182.118.12.0/24', '114.31.58.0/23', '202.162.109.0/24', '101.79.164.0/24', '58.216.2.0/24', '222.216.190.0/24', '101.79.165.0/24', '111.6.191.0/24', '1.255.100.0/24', '52.84.0.0/15', '112.65.74.0/24', '183.250.179.0/24', '101.79.236.0/24', '119.31.252.0/24', '113.20.150.0/24', '60.12.166.0/24', '101.79.234.0/24', '113.17.174.0/24', '101.79.237.0/24', '61.54.46.0/24', '118.212.233.0/24', '183.110.242.0/24', '150.138.149.0/24', '117.34.13.0/24', '115.127.245.0/24', '14.0.102.0/24', '14.0.109.0/24', '61.130.28.0/24', '113.20.151.0/24', '219.159.84.0/24', '114.111.62.0/24', '172.64.0.0/13', '61.155.222.0/24', '120.52.29.0/24', '115.127.231.0/24', '14.0.49.0/24', '113.202.0.0/16', '103.248.104.0/22', '205.251.250.0/23', '103.216.136.0/22', '118.107.160.0/20', '109.87.0.0/21', '54.239.128.0/18', '115.127.224.0/19', '111.202.98.0/24', '109.94.169.0/24', '59.38.112.0/24', '204.246.176.0/20', '123.133.84.0/24', '103.4.200.0/24', '111.161.109.0/24', '112.84.34.0/24', '103.82.129.0/24', '183.3.254.0/24', '112.137.184.0/21', '122.227.237.0/24', '36.42.75.0/24', '13.35.0.0/16', '101.226.4.0/24', '116.140.35.0/24', '58.250.143.0/24', '13.54.63.128/26', '205.251.254.0/24', '173.245.48.0/20', '183.61.177.0/24', '113.20.144.0/24', '104.37.183.0/24', '35.158.136.0/24', '116.211.121.0/24', '42.236.94.0/24', '117.34.91.0/24', '123.6.13.0/24', '13.224.0.0/14', '113.20.146.0/24', '58.58.81.0/24', '52.124.128.0/17', '122.228.198.0/24', '197.234.240.0/22', '99.86.0.0/16', '144.220.0.0/16', '119.188.97.0/24', '36.27.212.0/24', '104.37.178.0/24', '114.31.52.0/22', '218.65.212.0/24', '1.255.41.0/24', '14.0.45.0/24', '1.32.243.0/24', '220.170.185.0/24', '122.190.3.0/24', '103.79.133.0/24', '220.181.55.0/24', '125.39.191.0/24', '115.127.226.0/24', '125.39.32.0/24', '61.120.154.0/24', '103.4.202.0/24', '103.79.134.0/23', '115.127.224.0/24', '113.20.147.0/24', '61.156.149.0/24', '210.209.122.0/24', '115.127.249.0/24', '104.37.179.0/24', '120.52.18.0/24', '54.192.0.0/16', '14.0.55.0/24', '61.160.224.0/24', '113.207.101.0/24', '101.79.157.0/24', '110.93.128.0/20', '58.251.121.0/24', '61.240.149.0/24', '130.176.0.0/16', '113.107.238.0/24', '112.65.73.0/24', '103.75.200.0/23', '199.83.128.0/21', '123.129.220.0/24', '54.230.0.0/16', '114.111.60.0/24', '199.27.128.0/21', '14.0.118.0/24', '101.79.158.0/24', '119.31.248.0/21', '54.182.0.0/16', '113.31.27.0/24', '14.17.69.0/24', '101.79.145.0/24', '113.20.144.0/21', '180.163.22.0/24', '104.37.176.0/21', '117.25.156.0/24', '115.127.252.0/24', '115.127.244.0/23', '14.0.46.0/24', '113.207.102.0/24', '52.199.127.192/26', '13.113.203.0/24', '64.252.64.0/18', '1.32.240.0/24', '123.129.232.0/24', '1.32.241.0/24', '180.163.189.0/24', '157.255.25.0/24', '1.32.244.0/24', '103.248.106.0/24', '121.48.95.0/24', '54.239.192.0/19', '113.20.146.0/23', '61.136.173.0/24', '35.162.63.192/26', '117.34.14.0/24', '183.232.29.0/24', '42.81.93.0/24', '122.228.238.0/24', '183.61.190.0/24', '125.39.239.0/24', '115.127.230.0/24', '103.140.200.0/23', '202.102.85.0/24', '14.0.32.0/21', '14.0.57.0/24', '112.25.90.0/24', '58.211.137.0/24', '210.22.63.0/24', '34.226.14.0/24', '13.32.0.0/15', '101.79.156.0/24', '103.89.176.0/24', '14.0.116.0/24', '106.42.25.0/24', '101.79.233.0/24', '101.79.231.0/24', '103.75.200.0/24', '119.188.9.0/24', '183.232.51.0/24', '149.126.72.0/21', '103.21.244.0/22', '115.127.233.0/24', '27.221.20.0/24', '198.143.32.0/19', '103.248.107.0/24', '101.79.227.0/24', '115.127.242.0/24', '119.31.250.0/24', '103.82.130.0/24', '99.84.0.0/16', '222.73.144.0/24', '103.79.132.0/22', '101.79.208.0/20', '104.37.182.0/24', '101.79.152.0/24', '36.99.18.0/24', '101.71.56.0/24', '36.250.5.0/24', '61.158.240.0/24', '119.188.14.0/24', '13.249.0.0/16', '183.214.156.0/24', '60.221.236.0/24', '58.30.212.0/24', '115.127.254.0/24', '188.114.96.0/20', '115.127.241.0/24', '103.4.200.0/22', '115.127.239.0/24', '115.127.243.0/24', '111.32.135.0/24', '120.221.29.0/24', '115.127.232.0/24', '14.0.43.0/24', '14.0.59.0/24', '183.61.236.0/24', '34.223.12.224/27', '103.24.120.0/24', '52.57.254.0/24', '113.207.100.0/24', '222.186.19.0/24', '113.20.149.0/24', '150.138.151.0/24', '115.231.110.0/24', '52.56.127.0/25', '104.37.176.0/24', '163.177.8.0/24', '163.53.89.0/24', '52.82.128.0/19', '114.111.63.0/24', '108.162.192.0/18', '14.136.130.0/24', '115.127.229.0/24', '14.17.71.0/24', '52.212.248.0/26', '180.163.188.0/24', '61.182.137.0/24', '119.161.224.0/21', '14.0.41.0/24', '202.162.108.0/24', '106.122.248.0/24', '52.66.194.128/26', '115.127.237.0/24', '220.170.186.0/24', '14.0.32.0/19', '14.0.114.0/24', '112.90.216.0/24', '115.127.236.0/24', '116.193.84.0/24', '113.207.76.0/24', '101.79.235.0/24', '101.79.224.0/20', '61.155.149.0/24', '101.79.148.0/24', '180.163.224.0/24', '204.246.174.0/23', '183.60.136.0/24', '101.227.207.0/24', '103.248.105.0/24', '119.188.35.0/24', '42.236.7.0/24', '116.193.88.0/21', '116.193.83.0/24', '120.199.69.0/24', '122.226.182.0/24', '58.20.204.0/24', '110.93.128.0/21', '115.231.187.0/24', '69.28.58.0/24', '114.31.32.0/19', '112.25.91.0/24', '59.52.28.0/24', '117.27.149.0/24', '61.147.92.0/24', '14.0.117.0/24', '14.0.40.0/24', '119.97.151.0/24', '103.199.228.0/22', '122.70.134.0/24', '115.127.244.0/24', '223.112.198.0/24', '115.127.225.0/24', '104.16.0.0/12', '121.12.98.0/24', '103.31.4.0/22', '204.246.164.0/22', '223.94.66.0/24', '35.167.191.128/26', '116.31.127.0/24', '101.79.226.0/24', '34.195.252.0/24', '115.127.247.0/24', '61.240.144.0/24', '108.175.32.0/20', '120.197.85.0/24', '183.232.53.0/24', '111.161.66.0/24', '117.34.28.0/24', '45.64.64.0/22', '14.0.44.0/24', '109.86.0.0/15', '182.23.211.0/24', '58.211.2.0/24', '119.36.164.0/24', '116.55.250.0/24', '101.227.163.0/24', '13.228.69.0/24', '131.0.72.0/22', '120.221.136.0/24', '119.188.132.0/24', '115.127.235.0/24', '42.236.6.0/24', '125.88.190.0/24', '61.54.47.0/24', '103.27.12.0/22', '116.193.80.0/21', '101.79.159.0/24', '123.155.158.0/24', '111.47.226.0/24', '192.230.64.0/18', '107.154.0.0/16', '45.223.0.0/16', '45.60.0.0/16'
]
ASNS 列表 定义
ASNS = [
'10576', '10762', '11748', '131099', '132601', '133496', '134409', '135295', '136764', '137187', '13777', '13890',
'14103', '14520', '17132', '199251', '200013', '200325', '200856', '201263', '202294', '203075', '203139', '204248',
'204286', '204545', '206227', '206734', '206848', '206986', '207158', '208559', '209403', '21030', '21257', '23327',
'23393', '23637', '23794', '24997', '26492', '268843', '28709', '29264', '30282', '30637', '328126', '36408',
'38107', '397192', '40366', '43303', '44907', '46071', '46177', '47542', '49287', '49689', '51286', '55082',
'55254', '56636', '57363', '58127', '59730', '59776', '60068', '60626', '60922', '61107', '61159', '62026', '62229',
'63062', '64232', '8868', '9053', '55770', '49846', '49249', '48163', '45700', '43639', '39836', '393560', '393234',
'36183', '35994', '35993', '35204', '34850', '34164', '33905', '32787', '31377', '31110', '31109', '31108', '31107',
'30675', '24319', '23903', '23455', '23454', '22207', '21399', '21357', '21342', '20940', '20189', '18717', '18680',
'17334', '16702', '16625', '12222', '209101', '201585', '135429', '395747', '394536', '209242', '203898', '202623',
'14789', '133877', '13335', '132892', '21859', '6185', '47823', '30148'
]
总结
该项目开发逻辑较为简单,代码写的较为粗糙,思路还行,适合新手参考。