Sanibonani.
Ngemva kokuqeda ukubhala omunye umbhalo ku-Bash, ngabona ukuthi konke kufanele kuhluke ngokuphelele, kodwa konke kwasebenza. Ngifuna ukukukhombisa ukuthi yimaphi amanyala nezinduku engizibhale ukuze ngixazulule inkinga, kodwa ngingakabi nayo inqola yolwazi. Ngamanye amazwi, i-caricature yohlelo.
Inhloso
Kwadingeka okuthile ukuze:
- Kuvezwe imilolozelo eminingi yegama, ngaphandle kwezikwele
- Weqe imilolozelo eminingi yamagama amabili
Kwani? Yebo, yilokho - futhi yilokho.
Ubani ongazi, imvumelwano eyisikwele (ngolimi oluvamile - isikwele) amagama amabili izinhlamvu zawo zokugcina ezimbili esipelingi ziqondana, okuthi (ngokuvamile, lokhu kuphela kwento) kuwenza abe imvumelwano. Ngokwesibonelo, ama-roses anoqhwa; isondo - imoto. Ukusetshenziswa kwezikwele ekuqinisekisweni kwesimanje akuvunyelwe ikakhulukazi abantu, ngenxa yobudala bazo.
Isixazululo
Kimina kwabonakala sengathi isixazululo esilula kwakuwukubhala umbhalo ku-Bash osebenzisa ijeneretha yemvumelwano esivele ikhona - HOST, ebakhetha ngokuyinhloko ngongwaqa, hhayi ngesipelingi. Hlobo luni lwe-HOST? Ngoba uma uveza igama langempela lesayithi, bazothi isikhangiso. Kungani ungaqhubeki nokuyisebenzisa? Okokuqala, naphezu kwenzuzo yakhe yokukhetha imilolozelo esekelwe kongwaqa, usavame ukukhiqiza izikwele. Okwesibili, kusafanele ucabange ngobuchopho bakho, uchithe isikhathi ushintsha phakathi kwamathebhu, namandla ubamba ngekhanda amagama aphindaphindiwe ezinhlwini ukuze uthole imvumelwano yamagama amabili.
Ukuthola imilolozelo enamandla
Ngazini? Ngiyazi ngohlelo lokusebenza wget, elanda ikhasi ku-URL eshiwo. Kulungile, ake senze isicelo - sithola ikhasi le-HTML efayeleni eliqanjwe ngegama elinemvumelwano. Isibonelo, ake sifune igama elithi "lapha":
wget https://HOST/rifma/здесь
Kodwa ngidinga uhlu lwamagama kuphela, ngingakuqeda kanjani konke okunye? Sibheka futhi sibone ukuthi uhlu lwamagama lufomethiwe, kungakhathaliseki ukuthi luyinqaba kangakanani, ngendlela yohlu, futhi amagama akumathegi. . Hhayi-ke, sinensiza enhle. sed - ake sikubhale kanje:
cat $word | grep '<li>' | sed -e "s%<li>%%" | sed -e "s%</li>%%" | sed -e "s/ //g" | sed -e "/^$/d" 1> $wordOkokuqala, efayeleni lamagama, khetha imigqa equkethe ithegi — sithola inqwaba yamathegi nemigqa enamagama. Sisusa ithegi ngokwayo kanye neyokuvala kwayo - lapha kusetshenziswa izimpawu zamaphesenti esikhundleni sama-slash ngoba kuthegi ngokwayo vele sekukhona i-slash, ngani? sed akakuqondi kancane. Futhi konke kuhamba kahle ngentshisekelo. Sisusa zonke izikhala kufayela, susa imigqa engenalutho. I-Voila - uhlu lwamagama enziwe ngomumo.
Ukuze ususe amagama anemvumelwano usebenzisa izinhlamvu zokugcina, khetha izinhlamvu ezimbili zokugcina egameni lokuqala bese usula uhlu:
squad=${word:((${#word}-2)):2}
cat $word | sed -e "/.$squad$/d" 1> $wordSibheka, siyazama - konke kuyasebenza ... ngakho-ke, luphi uhlu lwegama elithi "dlala"? Futhi ngegama elithi "Ngiyahamba"? Ifayela alinalutho! Futhi konke lokhu kungenxa yokuthi la magama ayizenzo, futhi siyazi ukuthi benzani kulabo abahambisana nezenzo. Imvumelwano yesenzo imbi kakhulu kunemvumelwano yesikwele, ngoba ulimi lwesiRashiya lunezenzi eziningi, futhi zonke zineziphetho ezifanayo, yingakho bezingekho efayeleni lokugcina ngemva kokuhlola iziphetho.
Nokho, asijahile. Ezwini ngalinye akukhona nje kuphela imilolozelo, kodwa futhi nama-assonances, ngezinye izikhathi azwakala engcono kakhulu kunemvumelwano - yingakho ama-assonance (i-French assonance, esuka ku-Latin assono - ngizwakala ngokuvumelana).
Sithola ama-assonance
Yilapho ubumnandi buqala khona: ama-assonance avela ku-URL ehlukile, futhi ekhasini elifanayo, ngokwenza iskripthi, ukuthumela isicelo se-HTTP nokuthola impendulo. Ngingasho kanjani wget'Ingabe uyayicindezela inkinobho? Kodwa akukho ndlela. Ngokudabukisayo.
Ngokubona ukuthi i-URL ekulayini ibishintsha ngandlela thile, ngikopishe obekukhona ngemuva kokushintshela kuma-assonance futhi ngikunamathisele kuthebhu entsha yesiphequluli - kuvulwe imilolozelo enamandla. Hhayi lokho.
Empeleni, ngacabanga ukuthi, akufanele kube nandaba kuseva ukuthi iskripthi esisithumela isicelo senziwe, noma ukuthi umuntu usibhala ngesandla. Ngakho? Kwazi bani, asihambe siyoyihlola.
Ungathumela kuphi? Yini ukuthumela? Isicelo se-HTTP kuseva ye-IP, kukhona into efana ne-GET... bese kuba nokuthile i-HTTP/1.1... Sidinga ukubona ukuthi isiphequluli sithumela ini nokuthi kuphi. Faka i-wireshark, buka ithrafikhi:
0040 37 5d a3 84 27 e7 fb 13 6d 93 ed cd 56 04 9d 82 7]£.'çû.m.íÍV...
0050 32 7c fb 67 46 71 dd 36 4d 42 3d f3 62 1b e0 ad 2|ûgFqÝ6MB=ób.à.
0060 ef 87 be 05 6a f9 e1 01 41 fc 25 5b c0 77 d3 94 ï.¾.jùá.Aü%[ÀwÓ.
Um... ini? Oh yebo, sine-HTTPS. Okufanele ngikwenze? Yethula ukuhlasela kwe-MITM ngokwakho? Ngokufanelekile, isisulu ngokwaso sizosisiza.
Ngokuvamile, ngemva kokunquma ukusebenzisa isiphequluli, ekugcineni ngithole isicelo ngokwaso kanye nomuntu obhalelwayo. Hamba:
Ingxoxo netheminali
telnet IP PORT
Trying IP...
Connected to IP.
Escape character is '^]'.
GET /rifma/%D0%BC%D0%B0%D1%82%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
Accept-Language: en-US,en;q=0.5
X-Requested-With: XMLHttpRequest
Connection: close
HTTP/1.1 400 Bad Request
Server: nginx/1.8.0
Date: Sun, 03 Nov 2019 20:06:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 270
Connection: close
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
Connection closed by foreign host.Sawubona. Hehehe. Ngempela, yilokho ebengikulindele lapho ngithumela isicelo esingenalutho se-HTTP echwebeni le-HTTPS. Ingabe kufanele sibethele manje? Konke lokhu kubangwa ngokhiye be-RSA, bese kuba nge-SHA256. Ngani, kukhona I-OpenSSL ngezinto ezinjalo. Hhayi-ke, sesivele sazi ukuthi yini okufanele siyenze, sizovele sisuse izinkundla ze-Referer ne-Cookie kuqala - ngicabanga ukuthi ngeke ziyithinte kakhulu indaba:
Ingxoxo netheminali
openssl s_client -connect IP:PORT
{Всякие ключи, сертификаты}
GET /rifma/%D0%B7%D0%B4%D0%B5%D1%81%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/javascript,text/html,application/xml,text/xml,*/*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Date: Sun, 03 Nov 2019 20:34:33 GMT
Set-Cookie: COOKIE
X-Powered-By: Phusion Passenger 5.0.16
Server: nginx/1.8.0 + Phusion Passenger 5.0.16
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip
Kuyini lokhu, ukuthuka iseva? Hhayi-ke, okungenani bangiphendule 200 KULUNGILE, okusho ukuthi amakhukhi kanye nesidluliseli akuthinti lutho. Ukucindezela kuyi-gzip, kodwa uma ukopisha, izinhlamvu ze-ASCII ziyakopishwa. Impela, ungasusa umugqa Yamukela ukubhala ngekhodi. Konke kuhamba kahle - sithola idokhumenti ye-HTML, manje enama-assonances. Kodwa nansi imibuzo emibili: isetshenziswa kanjani i-OpenSSL futhi idlulisele idatha kuyo usebenzisa umbhalo? Futhi ukufunda kanjani okukhiphayo uma ngemva kokuthola impendulo sihlala, njengokungathi, “kugobolondo” le-OpenSSL? Uma ukwazi ukuqhamuka nento eyesibili, kodwa ngeyokuqala...
Kuhle ukuthi kukhona UHabrlapho ngafunda khona mayelana nensizakalo lindela, okwenza ngokuzenzakalelayo inqubo yokusebenzelana nezinhlelo ezilindele ukusebenzisana kwabantu. Ukuba neqembu kuyathandeka nakakhulu lindela ngokuzenzakalelayo, eyakhayo lindela iskripthi esisekelwe ezenzweni zakho. Hhayi-ke, siyethula, yenza konke lokhu futhi nasi iskripthi esiqediwe. Kuphela yena mkhulu kakhulu, futhi konke ngoba I-OpenSSL ibonisa izitifiketi, okhiye, kanye lindela ilindele umphumela wakho konke lokhu. Siyakudinga lokhu? Cha. Sisusa konke ukwaziswa kokuqala, sishiya kuphela ukuhlukana komugqa wokugcina 'r'. Siphinde sisuse Umenzeli Womsebenzisi futhi Yamukela izinkambu esicelweni sethu - asithinti lutho. Ngakho-ke, ake siqalise. Iskripthi senziwa, kodwa iphi idokhumenti ye-HTML eyigugu? Lindela wadla. Ukuze umenze ayikhafule, udinga ukubeka:
set results $expect_out(buffer)ngaphambi kokuphela kweskripthi - yile ndlela okuphumayo okusebenzisekayo okuzobhalwa ngayo lindela'om umyalo futhi ukhonjiswe esikrinini. Kafushane, into efana nalena:
lindela iskripthi
#!/usr/bin/expect -f
set timeout -1
spawn openssl s_client -connect IP:PORT
match_max 100000
expect -exact "
---r
"
send -- "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1rHost: HOSTrAccept-Language: en-US,en;q=0.5rX-Requested-With: XMLHttpRequestrConnection: close"
expect -exact "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1r
Host: HOSTr
Accept-Language: en-US,en;q=0.5r
X-Requested-With: XMLHttpRequestr
Connection: close"
send -- "r"
set results $expect_out(buffer)
expect -exact "r
"
send -- "r"
expect eofKodwa akugcini lapho! Njengoba ubona, kuzo zonke izibonelo i-URL yesicelo ibimile, kodwa i-URL enesibopho salelo gama elizohlotshaniswa nama-assonance. Futhi kuvele ukuthi sizohlala sicinga igama elithi “%d0%b7%d0%b4%d0%b5%d1%81%d1%8c” ku-ASCII noma “lapha” ku-UTF-8. Okufanele ngikwenze? Kunjalo, vele ukhiqize umbhalo omusha njalo, bangane! Akusenjalo lindela ngokuzenzakalelayo'o, futhi ngosizo qalisa, ngoba Kweyethu entsha, akukho okushintshayo ngaphandle kwegama. Futhi phila isikhathi eside inkinga entsha: singalihumusha kanjani ngobuhlakani igama lisuka kuCyrillic liye kufomethi ye-URL? Akukho okukhethekile kutheminali futhi. Hhayi-ke, kulungile, singakwenza, akunjalo? Angakwazi:
Bheka engingakwenza!
function furl {
furl=$(echo "$word" | sed 's:А:%d0%90:g;s:Б:%d0%91:g;s:В:%d0%92:g;s:Г:%d0%93:g;s:Д:%d0%94:g;s:Е:%d0%95:g;s:Ж:%d0%96:g;s:З:%d0%97:g;s:И:%d0%98:g;s:Й:%d0%99:g;s:К:%d0%9a:g;s:Л:%d0%9b:g;s:М:%d0%9c:g;s:Н:%d0%9d:g;s:О:%d0%9e:g;s:П:%d0%9f:g;s:Р:%d0%a0:g;s:С:%d0%a1:g;s:Т:%d0%a2:g;s:У:%d0%a3:g;s:Ф:%d0%a4:g;s:Х:%d0%a5:g;s:Ц:%d0%a6:g;s:Ч:%d0%a7:g;s:Ш:%d0%a8:g;s:Щ:%d0%a9:g;s:Ъ:%d0%aa:g;s:Ы:%d0%ab:g;s:Ь:%d0%ac:g;s:Э:%d0%ad:g;s:Ю:%d0%ae:g;s:Я:%d0%af:g;s:а:%d0%b0:g;s:б:%d0%b1:g;s:в:%d0%b2:g;s:г:%d0%b3:g;s:д:%d0%b4:g;s:е:%d0%b5:g;s:ж:%d0%b6:g;s:з:%d0%b7:g;s:и:%d0%b8:g;s:й:%d0%b9:g;s:к:%d0%ba:g;s:л:%d0%bb:g;s:м:%d0%bc:g;s:н:%d0%bd:g;s:о:%d0%be:g;s:п:%d0%bf:g;s:р:%d1%80:g;s:с:%d1%81:g;s:т:%d1%82:g;s:у:%d1%83:g;s:ф:%d1%84:g;s:х:%d1%85:g;s:ц:%d1%86:g;s:ч:%d1%87:g;s:ш:%d1%88:g;s:щ:%d1%89:g;s:ъ:%d1%8a:g;s:ы:%d1%8b:g;s:ь:%d1%8c:g;s:э:%d1%8d:g;s:ю:%d1%8e:g;s:я:%d1%8f:g;s:ё:%d1%91:g;s:Ё:%d0%81:g')}Sekukonke, sineskripthi esiguqula igama libe umbhalo we-ASCII, sikhiqize esinye iskripthi esicela ikhasi lesayithi elinama-assonances avela kuseva nge-OpenSSL. Bese siqondisa kabusha okukhiphayo kombhalo wokugcina efayeleni futhi, ngendlela yesidala, sikudlulise izikwele ezengeziwe bese uzibhala efayeleni.
Ukuhlangana kwabaningi. Umugqa ongezansi
Empeleni, yilokhu kanye okubangela izinkinga ezincane kakhulu. Senza izinqubo ezingenhla zamagama amabili, bese kusuka ohlwini olubili siqhathanisa igama ngalinye negama ngalinye futhi uma kutholakala okufanayo, siyakukhipha. Manje sesineskripthi esithatha amagama amabili njengokufakwayo futhi sibonise uhlu lwamagama anemvumelwano nakho kokubili, ngisho nokucabangela ama-assonances, futhi konke lokhu ngaphandle kokushintsha ngesandla phakathi kwamathebhu amane nokukhumbula amagama "ngeso" - konke kuqoqwe, kubalwa. ngoba futhi kulahlwa ngokuzenzakalelayo. Kuyamangalisa.
Injongo yale ncwadi yayiwukubonisa ukuthi uma umuntu edinga okuthile, uyokwenza noma kunjalo. Ayisebenzi kakhulu, igwegwile, iyasabeka, kepha izosebenza.
Source: www.habr.com