CloudFront的节点打开,在响应的Header里Server字段值为CloudFront,利用这方法我们可以用脚本自动扫描到CloudFront的CDN节点IP地址,从而通过自选IP达到加速网站的访问速度的目的… 脚本的大致思路是找到CloudFront的所有IP段,然后用masscan工具检测这些IP的443端口通不通,保留通的IP再进行Header里Server字段值的判断,值为CloudFront即为其种某一个CDN节点。
1、环境准备 脚本运行条件:python3环境、numpy和requests模块、另加zmap工具。python3环境可以改为python环境,只需要把脚本的queue模块名改成Queue,第十四行也改成Queue。扫描工具也可以是masscan或者nmap,本文采用masscan。
CentOS系统
1 2 3 4 5 6 7 8 9 10 11 12 13 # 安装编译环境和python环境 yum install gcc+ gcc-c++ make python3 wget ftp://ftp.gnu.org/gnu/gengetopt/gengetopt-2.22.6.tar.gz tar -zvxf gengetopt-2.22.6.tar.gz cd gengetopt-2.22.6 ./configure make make install # 安装python脚本所需要的模块 pip3 install requests pip3 install numpy
2、安装扫描工具 masscan速度处于zmap和nmap两者之间,准确度也处于两者之间。masscan可以兼容部分nmap参数。
masscan安装
1 2 3 4 5 6 # CentOS yum install git gcc make libpcap-devel git clone https://github.com/robertdavidgraham/masscan cd masscan make cd bin && cp masscan /bin/
3、Python扫描脚本 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 import threadingimport requestsimport queueimport sysimport reimport osimport numpy as npdef bThread (iplist ): threadl = [] global q q = queue.Queue() for host in iplist: q.put(host) for x in range (0 , int (SETTHREAD)): threadl.append(tThread(q)) for t in threadl: t.start() for t in threadl: t.join() class tThread (threading.Thread): def __init__ (self, queue ): threading.Thread.__init__(self) self.queue = q def run (self ): while not self.queue.empty(): host = self.queue.get() try : checkServer(host) except : continue def checkalive (): print ('\n[Step1] Scanning alive servers:\n' ) zmap = os.popen("masscan -sS -Pn -n -p443 --rate 120000 --exclude 255.255.255.255 -iL iplist.txt | awk '{print $6}'" ) global IPLIST IPLIST = zmap.read().splitlines() def checkServer (host ): header ={'user-agent' : 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36' } aimurl = "http://" +host+":443" response = requests.get(url=aimurl,headers=header,timeout=10 ) serverText = response.headers['server' ] if (serverText == "CFS 0215" ): print ("NewNode:" + host +" has been catched!\n" ) if MUTEX.acquire(3 ): with open ("result.txt" ,"a+" ) as file: file.write(host+"\n" ) file.close() MUTEX.release() if __name__ == '__main__' : os.system("clear" ) print ('\n############# Cloud Front Scan ################' ) print ('# Author Madlifer|blog:https://vicho.me #' ) print ('###############################################\n' ) global SETIPLIST global SETTHREAD global MUTEX MUTEX = threading.Lock() SETIPLIST = sys.argv[1 ] SETTHREAD = sys.argv[2 ] checkalive() print ('\n[Step2] Start Scanning edge nodes:\n' ) bThread(IPLIST) print ('\n[WOW] Winner Winner Chicken Dinner!\n' )
在脚本的同级目录下新建iplist.txt,将你要扫描的IP段放进去,运行:
1 python3 scan.py iplist.txt 200