12月 31st, 2007总结2007

2007年在几个小时后就将过去,新的一年已经在向我招手了。回顾即将过去的这一年,无甚感慨,在这里就记录一些里程碑事件吧,鸡毛蒜皮的小事就不写了。以下的记录按照时间先后顺序,实在找不到更好的记事方式了。

  1. 直博。这是我年初的时候的一个重要决定。如果按照2006年的展望,我是准备今年找工作的。但是经过了寒假的闭关思想斗争,权衡了各种利弊之后我还是毅然选择了直博这条道路。现在就来评价这次选择正确与否还为时尚早,一切都还刚刚开始,有待时间的检验。希望自己3年后再写总结的时候能够证明我现在走的这条道路的正确性。
  2. CCNA。如果今年没有直博成功,我现在应该已经找好工作了(臭美一下*__*)。说起CCNA,还得从大二的时候说起,记得当时我们宿舍的小烨子同学经常跟我们宣扬CCIE的niubility,说将来有机会一定也要考个。时光流逝,眼瞅着自己研二了才去考CCNA其实挺丢人的。。。不过现在回过头来看自己学习和备考CCNA的这段经历还是很有价值的。我并没有为了考证而考证,而是一步一个脚印,以CCNA的课程为主线,系统的把计算机网络学习了一遍,阅读了一些RFC文档,做了大量的实验。应该说我不是一个Paper CCNA : )
  3. 863。今年参与了2个863项目的申请,一个成功,一个失败。高兴的是这是我们项目组的第一个863,可惜的是以我主笔的那个项目申请失败了: ( 后来陆续又写过2个别的项目的申请,一个通过了第一轮,第二轮答辩后排名第二被淘汰。另一个最后不了了之。感觉今年至少有3个月的时间都是在忙不同方向的项目申请,不能说浪费了自己的时间吧,但是确实挺分散精力的。明年一点要注意控制。

今年做的项目比较杂,所以对自己掌握的技术门类是一个极大的丰富。年初的4个多月主要是Win32
C,刚有点感觉就被换到了项目申请上,然后开始给一个公司做方案,安全无关的,属于网络规划吧。对方需要提一个创新的技术方案,但也不舍得给钱,ft!自
己主抓了2个多月,后续又由实验室的一个师妹断断续续做了2个多月,最后由我完成了现场的项目评审答辩,告一段落。如果说今年收获最大的,应该就是在网络
渗透测试方面的技术吧。从收集整理工具、熟悉测试流程到自己写测试脚本,应该说已经自成一套了吧。写了1个安全评估的报告模板,不断修改完善中,今年是没
有派上大用场,不知道明年如何。 其他项目先后用过C、Perl、Java、C#,最夸张的是居然用到了Flash as脚本编程。。。服了,感觉自己快变成鸠摩智了,武功路数虽然多,但是无甚精通。这个需要注意,明年的目标就是化繁为简,嗯。
最后说说生活吧,今年2次外出旅游,承德、北戴河,承德是第一次去,感觉还不错,吃的很便宜,住的比较贵,可能跟我们是五一期间去的有关系吧。北戴河已经是每年一游了,不过常去常新,海鲜总是那么的诱人~年末的时候,gf的工作也确定了下来,待遇还不错,应该说给我俩的2007年划上了一个圆满的句号。
ok,打住了,不憧憬2008了,晚上睡觉的时候再好好想想~

纯净水 No Comments »

12月 30th, 2007[原创]JScript实现的病毒清除脚本

经常分析SREng日志的人都会有体会,远程帮人清除病毒真是一件体力活。特别当对方是个电脑“白痴”的时候,那真是各种的无法沟通。。。你教她删文件、改注册表、停服务?算了吧,还是让windows的脚本来帮我们搞定一切吧!
折腾了2天,终于release了我的VirusCleanerUtils.js~~
由于脚本的一些局限性,我的这个病毒清除脚本还依赖于2个小工具分别是ps和spt,关于这2个文件的更多信息可以分别看下面的链接:
X-PS: http://www.unnoo.com/research/tools/xps/
spt: http://www.syssafety.com/leaktests.141.html

目前版本支持的功能包括:

  1. 停止服务
  2. 注册表键值的删除/修改/创建
  3. 进程终止(正常终止/借助spt的16种进程终止技术)
  4. 运行中进程的dll强行卸载(借助X-PS)
  5. 文件删除(支持绝对路径/相对路径/带环境变量)
  6. 文本文件修改
  7. 文件拷贝
  8. 目录删除(不支持“非法”[如autorun..和通过NativeAPI创建的dos保留关键字目录,如con]目录删除)

在源代码中加入了测试代码,方便即改即测~
使用方法:
将VirusCleanerUtils.js、ps.exe、spt.exe三个文件放在同一个目录下,通过以下命令行启动

cscript //nologo VirusCleanerUtils.js

当然了,嫌这样麻烦,自己把上面的启动代码放到一个bat文件里,双击启动,更加傻瓜点~

源代码:VirusCleanerUtils.js

******************************************************************************
 * Author:              TrojanJason@NEWSMTH
 * Created on:          2007-12-28      
 * Last Modified:       2007-12-29
 * Version:             0.1
 */
//—————–全局变量开始———————–
var objWSH      =       new ActiveXObject(“wscript.shell”);
var fso         =       new ActiveXObject(“scripting.filesystemobject”);
var hasExceptions = 0;

//OpenTextFile 中读写标志位
var ForRead     =       1;
var ForWrite    =       2;
var ForAppend   =       8;

//custom input dialog vars
var vbOKCancel          =       1;       // 确定/取消
var vbOKOnly            =       0;          //确定
var vbInformation       =       64;
var vbCancel = 2; //终止 重试 忽略,对于Popup的返回值来说表示用户点击’取消’

//special folders spec
var WindowsFolder       =       0;
var SystemFolder        =       1;
var TemporaryFolder     =       2;
//spt kill level constant
/*
        1       - standard process termination;
        2       - terminate process by terminating all its threads;
        3       - terminate process using remote thread;
        4       - terminate process by instruction pointer (IP) modification;
        5       - crash process by resetting memory attributes;
        6       - crash process by rewriting critical process data;
        7       - terminate process as part of a job;
        8       - terminate process using debuger;
        9       - terminate process as a task;
        10      - terminate process by sending WM_CLOSE;
        11      - terminate process by sending WM_SYSCOMMAND;
        12      - terminate process using windows station message;
        13      - terminate process using DLL injection 1;
        14      - terminate process using DLL injection 2;
        15      - simulation of normal process exit;
        16      - terminate process by “bruteforce” message posting;
*/
//—————–全局变量结束———————–

//—————–全局对象定义开始———————–
function VCHelper()
{
}

VCHelper.prototype.stopSystemService    =       stopSystemService;
VCHelper.prototype.deleteRegKey         =       deleteRegKey;
VCHelper.prototype.createRegKey         =       createRegKey;
VCHelper.prototype.readRegKey           =       readRegKey;
VCHelper.prototype.killProcessByName    =       killProcessByName;
VCHelper.prototype.killProcessByPid     =       killProcessByPid;
VCHelper.prototype.findProcessByPid     =       findProcessByPid;
VCHelper.prototype.killProcessByPidSpt  =       killProcessByPidSpt;
VCHelper.prototype.unloadDll            =       unloadDll;
VCHelper.prototype.deleteFile           =       deleteFile;
VCHelper.prototype.deleteFileByEnvVar   =       deleteFileByEnvVar;
VCHelper.prototype.writeTextToFile      =       writeTextToFile;
VCHelper.prototype.copyFile             =       copyFile;
VCHelper.prototype.deleteFolder         =       deleteFolder;
function UtilsHelper()
{
}

UtilsHelper.prototype.hex               =       hex;
UtilsHelper.prototype.info              =       info;

function TestVCHelper()
{

}

TestVCHelper.prototype.buildTestCase = function(){
        try{
                fso.OpenTextFile(“test.txt”, ForWrite, true).Close();
                fso.OpenTextFile(“d:\\temp\\sss.txt”, ForWrite, true).Close();
                fso.CreateFolder(“d:\\中文 目录”);
                fso.OpenTextFile(“d:\\中文 目录\\test.txt”, ForWrite, true).Close();
                fso.OpenTextFile(fso.GetSpecialFolder(TemporaryFolder)+“temp.ani”, ForWrite, true).Close();

        }catch(Err){
        }
}

TestVCHelper.prototype.runTestCase = function(){
        var TestCase = new VCHelper();

        //display program info
        info();

        //test copy file
        TestCase.copyFile(“test.txt”, “d:\\temp\\test2222.txt”);
        TestCase.copyFile(“test.txt”,“d:\\temp\\test22222.txt”);
        TestCase.copyFile(“test.txt”,“d:\\nonexist\\test22222.txt”);
        TestCase.deleteFile(“d:\\temp\\sss.txt”);
        TestCase.deleteFile(“d:\\中文 目录\\test.txt”);
        TestCase.deleteFolder(“d:\\中文 目录”);
        TestCase.deleteFileByEnvVar(“%temp%\\temp.ani”);
        TestCase.writeTextToFile(“111\n2222\n333″, “test.txt”, ForAppend, false);
        TestCase.writeTextToFile(“111\n2222\n333″, “test.txt”, ForWrite, true);
        TestCase.writeTextToFile(“444\n2222\n333″, “test.txt”, ForAppend, true);
        //test process termination
        TestCase.unloadDll(“SciLexer.DLL”);
        TestCase.killProcessByName(“calc.exe”);
        TestCase.killProcessByPid(3968);
        TestCase.killProcessByPidSpt(3532,2);

        //test stopping service
        TestCase.stopSystemService(“MSIServer”);

        //test registry operations
        TestCase.createRegKey(“HKCU\\Software\\ACME\\FortuneTeller\\,1,“REG_BINARY”);
        TestCase.createRegKey(“HKCU\\Software\\ACME\\FortuneTeller\\MindReader”, “Goocher!”, “REG_SZ”);
        WScript.StdErr.WriteLine(readRegKey(“HKCU\\Software\\ACME\\FortuneTeller\\MindReader”));
        TestCase.deleteRegKey(“HKCU\\Software\\ACME\\FortuneTeller\\MindReader”);
        TestCase.deleteRegKey(“HKCU\\Software\\ACME\\FortuneTeller\\);
        TestCase.deleteRegKey(“HKCU\\Software\\ACME\\);

}

//—————–全局对象定义结束———————–

/**************************************
 ************ 系统服务操作 **************
 **************************************/
//停止服务
function stopSystemService(srvcName)
{
        try{
                var strcomputer, objwmi, servicelist, service, sname;
                strcomputer =“.”;
                objwmi = GetObject(“winmgmts:\\\\ + strcomputer + \\root\\cimv2″);
                //确保只停止当前状态为’Running’或’Unknown’的服务
                servicelist = objwmi.ExecQuery(“Select * from Win32_Service where (State=’Running’ or State=’Unknown’) and Name=’” + srvcName + “‘”);
                var e = new Enumerator(servicelist);
                for (;!e.atEnd();e.moveNext()) {
                        var service = e.item();
                        if(service.stopservice()){
                                WScript.StdErr.WriteLine(“!!!!!停止服务:’” + srvcName + “‘失败”);
                        }else{
                                WScript.StdOut.WriteLine(“*****停止服务:’” + srvcName + “‘成功”);
                        }
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

/**************************************
 ************ 注册表操作 ***************
 **************************************/
//删除注册表键值
function deleteRegKey(regKeyName)
{
        try{
                objWSH.RegDelete(regKeyName);
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

//创建/修改注册表键值
function createRegKey(regKeyName, regKeyValue, regType)
{
        try{
                objWSH.RegWrite(regKeyName, regKeyValue, regType);
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

//读取注册表键值
function readRegKey(regKeyName)
{
        try{
                return objWSH.RegRead(regKeyName);
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

/**************************************
 ************ 进程操作 ***************
 **************************************/
//进程终结 by name
function killProcessByName(procName)
{
        try{
                var w = GetObject(“winmgmts:”);
                var processlist = w.execquery(“select * from win32_process where name=’” + procName + “‘”);
                var e = new Enumerator(processlist);
                for(;!e.atEnd();e.moveNext()){
                        var process = e.item();
                        if(process.terminate()){
                                objWSH.Popup(“终止进程:’” + procName + “‘失败”);
                        }
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}
//进程终结 by pid
function killProcessByPid(pid)
{
        try{
                var w = GetObject(“winmgmts:”);
                var processlist = w.execquery(“select * from win32_process where ProcessId=’” + pid + “‘”);
                var e = new Enumerator(processlist);
                for(;!e.atEnd();e.moveNext()){
                        var process = e.item();
                        process.terminate;           //结束进程    
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

function findProcessByPid(pid)
{
        try{
                var w = GetObject(“winmgmts:”);
                var processlist = w.execquery(“select * from win32_process where ProcessId=’” + pid + “‘”);
                var e = new Enumerator(processlist);
                for(;!e.atEnd();e.moveNext()){
                        var process = e.item();
                        return process;
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }

}

//进程终结 by pid 使用spt.exe
function killProcessByPidSpt()
{
        var pid, level, params;
        if(arguments == null || arguments.length < 2){
                return;
        }else{
                pid = arguments[0];
                level = arguments[1];
                params = arguments[2] == null ? null : arguments[2];
        }
        try{
                if(findProcessByPid(pid) == null){//不存在pid所代表的进程
                        WScript.StdErr.WriteLine(“!!!!!不存在进程(pid=” + pid + “, level=” + level + “)”);
                        return;
                }
                var oExec;
                if(params == null || params.length < 1){
                        oExec = objWSH.Exec(“spt “ + pid + ” “ + level);
                }else{
                        oExec = objWSH.Exec(“spt “ + pid + ” “ + level + ” “ + params);
                }
                var isSuccessful = false;
                while(!oExec.StdOut.AtEndOfStream)
                {
                        var output = oExec.StdOut.ReadLine();
                        if(output.indexOf(“succeed”) > -1){//程序执行成功
                                isSuccessful = true;
                                break;
                        }
                }
                if(!isSuccessful){
                        WScript.StdErr.WriteLine(“!!!!!强制终止进程(pid=” + pid + “, level=” + level + “)失败”);
                }else{
                        WScript.StdOut.WriteLine(“*****强制终止进程(pid=” + pid + “, level=” + level + “)成功”);
                }

        }catch(err){
                objWSH.Popup(“请将第三方程序spt.exe与本专杀放在同一目录下”,64,“注意”);
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

//dll文件卸载
function unloadDll(dllName)
{
        try{
                var oExec = objWSH.Exec(“ps /e * “ + dllName);
                var output = “”;
                var isSuccessful = false;
                while(!oExec.StdOut.AtEndOfStream)
                {
                        var output = oExec.StdOut.ReadLine();
                        if(output.indexOf(“succeed”) > -1){//程序执行成功
                                isSuccessful = true;
                                break;
                        }
                }
                if(!isSuccessful){
                        WScript.StdOut.WriteLine(“!!!!!强制卸载dll文件:” + dllName + “失败,请确认dll文件名是否正确”);
                }else{
                        WScript.StdOut.WriteLine(“*****强制卸载dll文件:” + dllName + “成功”);
                }
        }catch(err){
                objWSH.Popup(“请将第三方程序ps.exe与本专杀放在同一目录下”,64,“注意”);
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}

/**************************************
 ************ 文件操作 ***************
 **************************************/
//删除文件(根据全路径+文件名,注意路径中的斜杠是\\)
function deleteFile(fileName)
{
        try{
                if(fso.FileExists(fileName)){
                        var v = fso.GetFile(fileName);
                        v.attributes = 0;
                        v.Delete(true);//force delete if read-only flag is set
                        if(fso.FileExists(fileName)){//check if file has been deleted
                                WScript.StdErr.WriteLine(“!!!!!删除文件’” + fileName + “‘失败”);
                        }else{
                                WScript.StdOut.WriteLine(“*****删除文件’” + fileName + “‘成功”);
                        }
                }

        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}
//删除文件(根据环境变量名+文件名,注意路径中的斜杠是\\)
function deleteFileByEnvVar(fileSpec){
        try{
                var d = objWSH.ExpandEnvironmentStrings(fileSpec);
                if(fso.FileExists(d)){
                        var v = fso.GetFile(d);
                        v.attributes = 0;
                        v.Delete(true);//force delete if read-only flag is set
                        if(fso.FileExists(d)){//check if file has been deleted
                                WScript.StdErr.WriteLine(“!!!!!删除文件’” + fileSpec + “‘失败”);
                        }else{
                                WScript.StdOut.WriteLine(“*****删除文件’” + fileSpec + “‘成功”);
                        }
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}
//强制删除文件(借助第三方工具)

//写文本文件
function writeTextToFile(txt, fileName, iomode, ForceCreate)
{
        try{
                var re = fso.OpenTextFile(fileName, iomode, ForceCreate);
                re.Write(txt);
                re.Close();

        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }
}
//复制文件
function copyFile(src, dst)
{
        try{
                if(fso.FileExists(src)){
                        var tempDst = dst.substring(0,dst.lastIndexOf(\\) + 1);
                        if(!fso.FolderExists(tempDst)){//检查是否存在目标文件所在的目录
                                if(objWSH.Popup(“不存在目标目录” + tempDst + “自动创建?”,64,“注意”,vbOKCancel) == vbCancel){//放弃复制
                                        return;
                                }
                                        fso.CreateFolder(tempDst);
                }
                        if(fso.FileExists(dst)){//检查目标文件是否已经存在
                                if(objWSH.Popup(“目标文件” + dst + “已存在,是否覆盖?”,64,“注意”,vbOKCancel) == vbCancel){//放弃覆盖
                                        return;
                                }
                        }
                        fso.GetFile(src).Copy(dst);

                }else{
                        objWSH.Popup(“要拷贝的源文件” + src + “不存在”,64,“注意”,vbOKOnly);
                }
        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);
        }

}
//删除目录
function deleteFolder(folderName)
{
        try{
                if(fso.FolderExists(folderName)){
                        var folder = fso.GetFolder(folderName);
                        folder.attributes = 0;
                        folder.Delete(true);
                        if(fso.FolderExists(folderName)){
                                WScript.StdErr.WriteLine(“!!!!!删除目录’” + folderName + “‘失败”);
                        }else{
                                WScript.StdOut.WriteLine(“*****删除目录’” + folderName + “‘成功”);
                        }
                }

        }catch(err){
                hasExceptions ++;
                WScript.StdErr.WriteLine(“Error “ + hasExceptions + ” occurred\nCode: “ + hex(err.number) + \nDescriptions: “ + err.description);

        }
}

/**************************************
 ************ UtilsHelper类 ***************
 **************************************/
function hex(nmb)
{
    if (nmb > 0)
        return nmb.toString(16);
    else
        return (nmb + 0×100000000).toString(16);
}

function info()
{
        var _name = “Virus Clean Helper”;
        var _author = “All rights by TrojanJason@NEWSMTH”;
        var _version = “Version 0.1″;
        objWSH.Popup(_author + \n + _version, 64, _name);
}

//run TestCase
var TestCase = new TestVCHelper();
TestCase.buildTestCase();
TestCase.runTestCase();

		

		

			Javascript,  安全技术 No Comments »
		

	

	
	  
    

	  

        
12月 13th, 2007[原创]IP->DNS域名反查小工具

	  

		

			
原理很简单,利用MSN Search的特殊搜索语法ip:x.x.x.x

废话少说,上代码,想到哪儿写到哪儿,以后用的时候再慢慢完善


基本用法:

perl SEHack.pl [options]

-ip ip:x.x.x.x      #单个IP地址

-iplst file         #从文件中读取IP地址列表,格式为ip:x.x.x.x,一条记录一行

-dbglevel [0,1,2]   #调试记录级别,2最高

-o file             #输出结果文件的文件名


附代码如下:


#!/usr/bin/perl

use LWP::UserAgent;

use strict;

use Getopt::Long;




#Global variables here

my ($baseGoogleURL) = http://www.google.com/search?q=;

# the base google url 

my ($baseMSNURL) = http://search.msn.com/results.aspx?q=; 

# the base msn url

my ($baseMSNurl) = http://search.msn.com; 

# the base msn web site url

my $maxerror = 3;

my $dieOnFail = 1;

my $proxy = “”;

my $debuglevel = 1;

my $debuglog = debug.log;

my $ip = “”;

my $file = ips.txt;

my $ofile = domains.txt;

my $hlp;

my $oquery;


GetOptions(ip:s => \$ip,

iplst:s => \$file,

dbglevel:i => \$debuglevel,

o:s => \$ofile,

h => \$hlp

);


my @queryList = ();


main();


sub main

{

if($hlp){

help();

exit(0);

}

if(length($ip) < 1 && !-e $file){

help();

exit(-1);

}

elsif(-e $file){

open(FILE, <$file) or die Could not open file $file for read: $!\n;

while(my $line = <FILE>){

chomp $line;

if(length $line > 1){

push(@queryList,$line);

}

}

close(FILE);

print loaded . scalar(@queryList).  ips from $file\n;

}

else{

push(@queryList, $ip);

}


foreach my $query (@queryList){

logMe(query is $query,$debuglevel,$debuglog);

$oquery = $query;

open (FILE,>>$ofile) or die Could not open file $ofile for write: $!\n;

print FILE $query.\n;

my @domainNames = ();

my $url;

my $hasNext = 0;

my $count = 0;

my %seen = ();

do{

$url = buildSearchURL($baseMSNURL,$query);

my @rsContent = getURLasArray($url,$maxerror,$dieOnFail,$proxy);


my @matches = ();


my $found = 0;

#iterate throughout the line

foreach my $rsLine (@rsContent)

{

#logMe (”当前解析行的内容:”.$rsLine,$debuglevel,$debuglog);

if (@matches = $rsLine=~ /<li class=”dispUrl”>([^\s]+?)<\/li>/g)

{

foreach my $match (@matches){

$match =~ s/\/[a-zA-Z\.\?~=%-_&;\d^\x00-\xff]*//g;

# remove numeric ip 

if($match =~ /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/){

# ignore

}

else

{

if(!$seen{$match}++){

print (get domain name: .$match.\n);

push(@domainNames, $match);

print FILE $match.\n;

}

}

}

}


my @nextUrls;

if($found == 0){

if(@nextUrls = $rsLine=~ /<a  class=”nP” href=”\/results\.aspx\?q=([a-zA-Z\.\?~=%-_&;\d^\x00-\xff]*)“>[^\s]+?<\/a>/g)

{

foreach my $nextUrl (@nextUrls){

$query = htmlDecode($nextUrl);

#logMe(”next page url is $query”, $debuglevel, $debuglog);

}

$found ++;

}

}

}

if($found > 0){

$hasNext ++;

logMe($query,$debuglevel,$debuglog);

}else{

$hasNext = 0;

}


}while($hasNext);


if(scalar(@domainNames) > 0)

{

print We got . scalar(@domainNames).  domain names related to .$oquery.\n;

}

else

{

print We got no domain name related to .$oquery.\n;

}

print FILE \n;

close (FILE);

}

}


sub getURLasArray($)

{

my ($url) = $_[0];

my ($maxerror)= $_[1];

my ($dieOnFail)= $_[2];

my ($proxy)=$_[3];

# my ($maxerror)= 3;

my ($content)=“”;

my (@content);

my ($errorcount)=0;

my ($seconds)=5;

# my ($debuglevel)=”";

# my ($debuglog)=”";

my ($response);

my $ua = LWP::UserAgent->new(env_proxy => 0,

keep_alive => 1,

timeout => 300,

agent => Mozilla/5.001 (windows; U; NT4.0; en-us)

);


#if (length($proxy)>0)

#{

#   $ua->proxy([’http’, ‘ftp’], $proxy);

#   logMe (”Setting Proxy “.$proxy,$debuglevel,$debuglog);

#}


logMe (fetching .$url.“”,$debuglevel,$debuglog);


# $content = get($url);

$response = $ua->get($url);

$content=$response->content;

@content=split(/\n/,$content);

while (! $response->is_success())

{

# if we got an error remove all proxies possibly the proxy failed …

$ua->proxy([http, ftp], );

$errorcount++;

warn (Could not fetch url \n.$url. \n attempt .$errorcount.\n);

logMe (Could not fetch url .$url. attempt .$errorcount..,2,debug.log);

logMe (Could not fetch url .$url. attempt .$errorcount..,2,debug.log);

$response = $ua->get($url);

$content=$response->content;

@content=split(/\n/,$content);


if ($errorcount==$maxerror) # on maximum error

{


logMe (Permanent error fetching url: .$url,$debuglevel,$debuglog);

logMe (Permanent error fetching url: .$url,2,debug.log);

if ($dieOnFail==1)

{

die Permanent error fetching url:\n.$url.\n;

}

else

{

warn (\a\a\a\a\a Permanent error fetching url:\n.$url.\n);

return(-1);

}

}


# increase delay to fool stupid webserver…

logMe (going to sleep for .$seconds*$errorcount. seconds,$debuglevel,$debuglog);

sleep ($seconds*$errorcount);

logMe (woke up!);;

}

logMe (got .scalar(@content). lines,$debuglevel,$debuglog);

return (@content);

}


sub buildSearchURL($)

{

my ($base) = $_[0];

my ($keyWords) = $_[1];


my ($url);


$url = $base.$keyWords;

$url =~ s/ //g;


return ($url);


}


sub logMe($)

{

my ($text) = $_[0];

my ($level)= $_[1];

my ($filename)= $_[2];

if ($level==0)

{

return(0);

}

my ($logfile);

my ($now);

$logfile=>>.$filename;


open (LOGFILE, $logfile) or die Can’t open $logfile: $!;

$now=localtime();

print (LOGFILE $now. - .$text.\n);

if ($level==2)

{

print ($now. - .$text.\n);

}

close (LOGFILE);

return(1);

}


sub help

{

print <<EOHELP;

-==========================================================================-    

 >>>>>>>>>>>>>>>>>>>>    MSN Hack v0.0.2 by huangwei    <<<<<<<<<<<<<<<<<<<<

-==========================================================================-

syntax:$0   

-ip ip:x.x.x.x      #单个IP地址

-iplst file         #从文件中读取IP地址列表,格式为ip:x.x.x.x,一条记录一行

-dbglevel [0,1,2]   #调试记录级别,2最高

-o file             #输出结果文件的文件名

EOHELP

}


sub atoi {

my $t;

foreach my $d (split(//, shift())) {

$t = $t * 10 + $d;

}

}


sub htmlDecode {

my $str = shift;


return “” unless (defined $str && $str ne “”);


$str =~ s/&/&/g;

$str =~ s/</</g;

$str =~ s/>/>/g;

$str =~ s///g;

$str =~ s/\<BR\>/\n/g;


return $str;


}


sub htmlEncode {

my $str = shift;


return “” unless (defined $str && $str ne “”);


$str =~ s/&/&/g;

$str =~ s/</</g;

$str =~ s/>/>/g;

$str =~ s///g;

$str =~ s/\n/\<BR\>/g;


return $str;


}

		

		

			Perl,  安全技术 No Comments »
		

	

	
	  
    

	  

        
12月 13th, 2007备份一下vim的配置文件

	  

		

			
 今天写个perl的小程序的时候猛然发现自己以前设置的vim的环境还是很好用的,尽管还有点小bug,不过基本的运行和调试时没有问题了

贴出来,自己备份一下,也共享一下~~


” An example for a vimrc file.



 Maintainer: Bram Moolenaar <Bram@vim.org>

” Last change: 2002 May 28



” To use it, copy it to

”     for Unix and OS/2:  ~/.vimrc

”       for Amiga:  s:.vimrc

”  for MS-DOS and Win32:  $VIM\_vimrc

”     for OpenVMS:  sys$login:.vimrc


” When started as “evim”, evim.vim will already have done these settings.

if v:progname =~? “evim”

finish

endif


” Use Vim settings, rather then Vi settings (much better!).

” This must be first, because it changes other options as a side effect.

set nocompatible


” allow backspacing over everything in insert mode

set backspace=indent,eol,start


“set autoindent  ” always set autoindenting on

if has(“vms”)

set nobackup  ” do not keep a backup file, use versions instead

else

set backup  ” keep a backup file

endif

set history=50  ” keep 50 lines of command line history

set ruler  ” show the cursor position all the time

set showcmd  ” display incomplete commands

set incsearch  ” do incremental searching


 For Win32 GUI: remove ‘t’ flag from ‘guioptions’: no tearoff menu entries

” let &guioptions = substitute(&guioptions, “t”, “”, “g”)


” Don’t use Ex mode, use Q for formatting

map Q gq


“###################################################################

“@author -  huangwei

“@created on -  2005-10-20

“@last modified - 10:16 2005-10-21 

“——————————————————————-

” F2 - write file without confirmation

” F3 - call file explorer Ex

” F4 - show Taglist

” F5 - automatically insert current time to current location 

” F8 - automatically complete keywords

” F12 - switch between windows 

“——————————————————————- 

map <S-Tab> :call NextField(’ \{2,}’,2,’ ‘,0)<CR>

map! <S-Tab> <C-O>:call NextField(’ \{2,}’,2,’ ‘,0)<CR>

” function: NextField

 Args: fieldsep,minlensep,padstr,offset



” NextField checks the line above for field separators and moves the cursor on

” the current line to the next field. The default field separator is two or more

” spaces. NextField also needs the minimum length of the field separator,

” which is two in this case. If NextField is called on the first line or on a

” line that does not have any field separators above it the function echoes an

” error message and does nothing.


func! NextField(fieldsep,minlensep,padstr,offset)

let curposn = col(“.”)

let linenum = line(“.”)

let prevline = getline(linenum-1)

let curline = getline(linenum)

let nextposn = matchend(prevline,a:fieldsep,curposn-a:minlensep)+1

let padding = “”


if nextposn > strlen(prevline) || linenum == 1 || nextposn == 0

echo “last field or no fields on line above”

return

endif


echo “”


if nextposn > strlen(curline)

if &modifiable == 0

return

endif

let i = strlen(curline)

while i < nextposn - 1

let i = i + 1

let padding = padding . a:padstr

endwhile

call setline(linenum,substitute(curline,“$”,padding,“”))

endif

call cursor(linenum,nextposn+a:offset)

return

endfunc


” for quick save in normal mode

map <silent> <F2> :write<CR>

map <silent> <F3> :Explore<CR>


” switch between windows

map <silent> <F12> <C-W>w



” for quick save in edit mode

imap <F2> <ESC><F2>a


” according to SMTH’s VIM board

nnoremap <silent> <F4> :Tlist<CR>


” let F5 insert current time to current location.

map <F5> i<C-R>=strftime(”%H:%M %Y-%m-%d”)<ESC><ESC>

” map! <F5> <C-R>=strftime(”%H:%M %Y-%m-%d”)<RETURN>


“mouse function support

set mouse=a


” set auto shift width

” set shiftwidth=4


” disable auto backup

set nobackup


” set root directory of DICTIONARY, whose value by default is

” NULL to Linux

” /cygdrive/c to cygwin

 C: to Win32

let g:DIC_ROOT_DIR=“C:\\dict”



” set default ‘dictionary’ path

execute “:set dictionary+=”.g:DIC_ROOT_DIR.\\words”

” more and more place including such keyword

set iskeyword+=-

” Let F8 made dictionary automatically complete keywords.

map! <F8> <C-X><C-K>


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”*

” autocmd FileType *      set comments&

“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”C


autocmd FileType c  call C()

fun! C()

set cindent

set comments=sr:/*,mb:*,el:*/,://

set commentstring=\ \ //\ %s\  ” <SPACE>

set foldcolumn=3

set expandtab

set tags+=/usr/include/tags

execute “:set dictionary=C:\\dict\\C”

   ” control-c comments block

vmap <C-C> :s/^/\/\//g<enter>

   ” control-x uncomments block

vmap <C-X> :s/^\/\///g<enter>

map! =for for(i = 0; i < ; i++){<LEFT><LEFT><LEFT><LEFT><LEFT><LEFT><LEFT>

endfun ” endfun C


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"CPP

autocmd FileType cpp  call CPP()

fun! CPP()

set cindent

set comments=sr:/*,mb:*,el:*/,://

set commentstring=\ \ //\ %s\  ” <SPACE>

set foldcolumn=3

set expandtab

set tags+=/usr/include/tags

     ” control-c comments block

vmap <C-C> :s/^/\/\//g<enter>

     ” control-x uncomments block

vmap <C-X> :s/^\/\///g<enter>

execute “:set dictionary=C:\\dict\\CPP”

endfun ” endfun CPP


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"PERL

autocmd FileType sed,awk,perl call PERL()

fun! PERL()

set cindent

set commentstring=\ \ #\ %s\  ” <SPACE>

set foldcolumn=3

     ” control-c comments block

vmap <C-C> :s/^/#/g<enter>

     ” control-x uncomments block

vmap <C-X> :s/^#//g<enter>

 ” ———-22:34 2007-01-04 update this—————————–

 ” —–F4 查字典 F7 单步调试 F8 语法检查 F9 运行程序——-

 ” —–;a 自动完成—–



 ” —–问题:运行程序的错误和结果如何捕捉?——


        “<F11> == see perldoc for current word under cursor

map <F11> :call PerlDoc(expand(”<cword>“))<CR>


        “<F7> for perl debugging

map <F7> :w<CR>:!perl.exe -wd “%”<CR>

        “<F8> for perl syntax checking (autosave first)

map <F8> :w<CR>:!perl.exe -wc “%”<CR>

        “<F9> to run by perl (autosave first) “”,” are both ok

map <F9> :w<CR>:!perl.exe “%”<CR>


        ” set dictionary for perl keywords completion

set dictionary=C:\\dict\\PERL


        “set autoindent depth

set shiftwidth=4

        “set tabstop

set tabstop=4

        “set showmatch

set showmatch


        ” mapping my insert commands

        ” I called them “;-command” ’cause you’ve the least hesitation

        ” between you type the “;” and the following <Space> or <CR>


        “<;a> for Auto-completion using dictionary

imap ;a <C-X><C-K>

        “then use <C-N> to match the next keywords, and <C-P> the previous one

        ” map!=imap+cmap (i=insert mode, c=:command mode)

        ” a) imap <Space><Space> xx also can work, but not good

        ” b) i cannot map <M-x> or <M-Space>, why?

        ” c) Ctrl-Space <=> Ctrl-@

endfun ” endfun PERL


func PerlDoc(keyword)

if a:keyword=~“::”

                        “module name;

exec ‘:!perldoc ‘.a:keyword

elseif a:keyword=~“^perl”

                        “perl pod

exec ‘:!perldoc ‘.a:keyword

else

                        “perl function

exec ‘:!perldoc -f ‘.a:keyword

endif

endfunc


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"HTML

autocmd FileType html call HTML()

fun! HTML()

set dictionary=C:\\dict\\JS

set dictionary+=C:\\dict\\HTML

set tabstop=4

set shiftwidth=4

endfun ” endfun HTML

“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"JAVA

autocmd FileType java call JAVA()

fun! JAVA()

set cindent

set commentstring=\ \ //\ %s\  ” <SPACE>

set foldcolumn=3

set expandtab tags+=${JAVA_HOME}/src/tags

     ” control-c comments block

vmap <C-C> :s/^/\/\//g<enter>

     ” control-x uncomments block

vmap <C-X> :s/^\/\///g<enter>

execute “:set dictionary=C:\\dict\\JAVA”

map! =for for(int i = 0; i < ; i++){<LEFT><LEFT><LEFT><LEFT><LEFT><LEFT><LEFT>

map! =psvm public static void main(String [] args){<RETURN>

map! =soutn System.out.println(

map! =sout System.out.print(

map! =try try{<RETURN>}catch(Exception e){<RETURN>System.out.println(e.getMessage());<RETURN>}<ESC>kkko

map! =tryb try{<ESC>:/^[ \t]*$/<RETURN>ddko}catch(Exception e){<RETURN>System.out.println(e.getMessage());<RETURN>}<ESC>k

endfun ” endfun JAVA


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"JSP

autocmd FileType jsp call JSP()

fun! PHP()

execute “:set dictionary=C:\\dict\\JSP”

endfun ” endfun JSP


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"JS

autocmd Filetype js call JS()

fun! JS()

set dictionary=C:\\dict\\JS

set tabstop=4

set shiftwidth=4

endfun ” endfun JS


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"PHP

autocmd FileType php call PHP()

fun! PHP()

execute “:set dictionary=C:\\dict\\PHP”

endfun ” endfun PHP


“”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"”"XML

autocmd FileType xml call XML()

fun! XML()

execute “:set dictionary=C:\\dict\\XML”

endfun ” endfun XML

“##################################################################


” This is an alternative that also works in block mode, but the deleted

” text is lost and it only works for putting the current register.

“vnoremap p “_dp


” Switch syntax highlighting on, when the terminal has colors

” Also switch on highlighting the last used search pattern.

if &t_Co > 2 || has(“gui_running”)

syntax on

set hlsearch

endif


” Only do this part when compiled with support for autocommands.

if has(“autocmd”)


  ” Enable file type detection.

  ” Use the default filetype settings, so that mail gets ‘tw’ set to 72,

  ” ‘cindent’ is on in C files, etc.

  ” Also load indent files, to automatically do language-dependent indenting.

filetype plugin indent on


  ” For all text files set ‘textwidth’ to 78 characters.

autocmd FileType text setlocal textwidth=78


  ” When editing a file, always jump to the last known cursor position.

  ” Don’t do it when the position is invalid or when inside an event handler

  ” (happens when dropping a file on gvim).

autocmd BufReadPost *

    \ if line(“‘\”") > 0 && line(“‘\”") <= line(“$”) |

    \   exe “normal g`\”" |

    \ endif


endif ” has(”autocmd”)

		

		

			CodeSnippet,  Vim No Comments »
		

	

	
		
	

	   
	

	
		
  

  



  








  




	
© 2007 猪在笑 | iKon Wordpress Theme by TextNData | Powered by Wordpress | rakCha web directory


	
XHTML CSS RSS
 


  







登录 |
访问数171237 | 水木BLOG | 水木社区 | 关于我们 | Blog论坛 | 法律声明 | 隐私权保护 | 京ICP证050249号



水木社区Blog系统是基于KBS系统WordPress MU架构的