{"id":2262,"date":"2012-11-06T21:04:23","date_gmt":"2012-11-06T13:04:23","guid":{"rendered":"https:\/\/kyle.ai\/blog\/?p=2262"},"modified":"2012-11-15T23:01:12","modified_gmt":"2012-11-15T15:01:12","slug":"%e5%bc%80%e5%8f%91%e8%80%85%e5%bf%85%e7%9f%a5%e5%bf%85%e4%bc%9a%e7%9a%84%e5%91%bd%e4%bb%a4%e8%a1%8c%e5%b7%a5%e5%85%b7","status":"publish","type":"post","link":"https:\/\/kyle.ai\/blog\/2262.html","title":{"rendered":"[\u8bd1]\u5f00\u53d1\u8005\u5fc5\u77e5\u5fc5\u4f1a\u7684\u547d\u4ee4\u884c\u5de5\u5177"},"content":{"rendered":"

\u7ffb\u8bd1\u81ea\uff1ahttp:\/\/coding.smashingmagazine.com\/2012\/10\/29\/powerful-command-line-tools-developers\/<\/span><\/p>\n

\u7b2c\u4e00\u6b21\u7ffb\u8bd1\u5916\u6587\u3002\u518d\u7ed3\u5408\u6211\u81ea\u5df1\u7684\u7ecf\u9a8c\uff0c\u6dfb\u52a0\u4e86\u4e00\u4e9b\u5185\u5bb9\u3002<\/span><\/p>\n

\u5728web\u5f00\u53d1\u8fc7\u7a0b\u5f53\u4e2d\uff0c\u5982\u679c\u7a0b\u5e8f\u51fa\u73b0\u4ec0\u4e48\u95ee\u9898\uff0c\u5c31\u4f1a\u6bd4\u8f83\u9ebb\u70e6\uff0c\u56e0\u4e3a\u95ee\u9898\u53ef\u80fd\u51fa\u73b0\u5728\u4efb\u4f55\u73af\u8282\uff0c\u4efb\u4f55\u5730\u65b9\uff0c\u53ef\u80fd\u662f\u4f60\u53d1\u9001\u7684\u6570\u636e\u672c\u8eab\u5c31\u6709\u95ee\u9898\uff0c\u4e5f\u6709\u53ef\u80fd\u662f\u8fd4\u56de\u6570\u636e\u7684\u95ee\u9898\uff0c\u53ef\u80fd\u662f\u8bf7\u6c42\u7b2c\u4e09\u65b9\u5e93\u6216\u7b2c\u4e09\u65b9API\u7684\u9020\u6210\u7684\u9519\u8bef\uff0c\u5173\u952e\u662f\u8981\u627e\u51fa\u95ee\u9898\u5230\u5e95\u51fa\u5728\u54ea\u4e2a\u5730\u65b9\u3002<\/span><\/p>\n

\u4e00\u4e2a\u597d\u7684\u5de5\u5177\u6709\u51e0\u4e2a\u4f5c\u7528\uff1a1\u3001\u8ba9\u4f60\u66f4\u52a0\u5bb9\u6613\u627e\u51fa\u95ee\u9898\u6240\u5728 2\u3001\u907f\u514d\u4e00\u4e9b\u8bbf\u95ee\u7684\u4ea7\u751f 3\u3001\u5e2e\u52a9\u4f60\u66f4\u52a0\u9ad8\u6548\u5730\u5de5\u4f5c\u3002\u7531\u4e8e\u547d\u4ee4\u884c\u5de5\u5177\u53ef\u4ee5\u5f88\u65b9\u4fbf\u5730\u7ec4\u5408\u8d77\u6765\u4f7f\u7528\uff0c\u5e76\u4e14\u6709\u81ea\u52a8\u5316\u548c\u53ef\u91cd\u7528\u7684\u7279\u70b9\uff0c\u6709\u65f6\u5019\u7528\u547d\u4ee4\u884c\u5de5\u5177\u663e\u5f97\u7279\u522b\u597d\u7528\u3002\u8fd9\u91cc\u6211\u4eec\u4ecb\u7ecd6\u4e2a\u5f3a\u5927\u597d\u7528\u7684\u547d\u4ee4\u884c\u5de5\u5177\uff0c\u5e2e\u52a9\u4f60\u66f4\u597d\u5730\u8fdb\u884c\u5f00\u53d1\u5de5\u4f5c\u3002<\/span><\/p>\n

\"\"<\/a><\/p>\n

\u4e00\u3001Curl<\/span><\/p>\n

curl\u662f\u4e00\u6b3e\u7f51\u7edc\u5de5\u5177\uff0c\u8ddfwget\u547d\u4ee4\u5f88\u7c7b\u4f3c\uff0c\u4ed6\u4eec\u7684\u4e3b\u8981\u533a\u522b\u5728\u4e8ewget\u9ed8\u8ba4\u5c06\u8f93\u51fa\u4fdd\u5b58\u5230\u6587\u4ef6\uff0c\u800ccurl\u5219\u76f4\u63a5\u8f93\u51fa\u5728\u7ec8\u7aef\u4e0a\u3002\u76f8\u6bd4\u4e4b\u4e0b\uff0ccurl\u66f4\u52a0\u65b9\u4fbf\u6211\u4eec\u67e5\u770b\u9875\u9762\u7684\u5185\u5bb9\u3002\u6bd4\u5982\uff0c\u6211\u4eec\u901a\u8fc7\u8bbf\u95ee\u7f51\u7ad9 ifconfig.me \u6765\u83b7\u53d6\u6211\u4eec\u5f53\u524d\u7684ip\u5730\u5740\uff0c\u5229\u7528curl\u5b9e\u73b0\u5982\u4e0b\uff1a<\/span><\/p>\n

\r\n$ curl ifconfig.me\r\n93.96.141.93\r\n<\/pre>\n
curl\u6709\u4e24\u4e2a\u975e\u5e38\u597d\u7528\u7684\u9009\u9879\uff0c-i(\u67e5\u770bhttp\u5934\u4fe1\u606f)\uff0c-I(\u53ea\u67e5\u770bhttp\u5934)\uff0c\u5982\uff1a<\/span><\/p>\n
\r\n$ curl -I news.ycombinator.com\r\nHTTP\/1.1 200 OK Content-Type: text\/html; charset=utf-8\r\nCache-Control: private\r\nConnection: close\r\n<\/pre>\n
curl\u7684 -L \u9009\u9879\uff0c\u53ef\u4ee5\u8ba9\u5b83\u81ea\u52a8\u8ddf\u968f\u8df3\u8f6c\u3002<\/span><\/p>\n
\r\n\u535a\u4e3b\u6ce8\uff1acurl \u7684\u5176\u5b83\u5e38\u7528\u53c2\u6570\r\n-b \u8bbe\u7f6ecookies\uff0c\u5982 curl -b "PHPSESSID=87a5a03f89d09d49e4d10879917f135b"\u3002\r\n-d \u8bbe\u7f6epost\u53c2\u6570\uff0c\u5982 curl -d "user=chm"\u3002\r\n-H \u8bbe\u7f6eheader\uff0c\u5982 curl -H "X-FORWARDED-FOR:8.8.8.8" -H "CLIENT-IP:8.8.8.8"\u3002\r\n-D \u5c06header\u5934\u8f93\u51fa\u5230\u6587\u4ef6\uff0c\u5982 curl -s -d "__userlable__=${user_name}&type=login" -D cookies.txt\r\n-F \u4ee5 multipart\/form-data \u7684\u65b9\u5f0f\u53d1\u9001POST\u8bf7\u6c42\u3002-F\u53c2\u6570\u4ee5name=value\u7684\u65b9\u5f0f\u6765\u6307\u5b9a\u53c2\u6570\u5185\u5bb9\uff0c\u5982\u679c\u503c\u662f\u4e00\u4e2a\u6587\u4ef6\uff0c\u5219\u9700\u8981\u4ee5name=@file\u7684\u65b9\u5f0f\u6765\u6307\u5b9a\u3002\r\n\u5982\u5229\u7528curl\u4e0a\u4f20\u6587\u4ef6 curl -F "action=upload" -F "filename=@file.tar.gz" http:\/\/localhost\/action.php\r\n<\/pre>\n
\u4e8c\u3001Ngrep<\/span><\/p>\n
Wireshark\u662f\u4e00\u6b3e\u975e\u5e38\u4e13\u4e1a\u7684\u7f51\u7ad9\u6293\u5305\u5206\u6790\u5de5\u5177\uff0c\u5b83\u62e5\u6709\u4e0a\u5343\u79cd\u9009\u9879\u3001\u914d\u7f6e\u3001\u8fc7\u6ee4\u7b49\u3002\u540c\u6837\u4e5f\u6709\u547d\u4ee4\u884c\u7248\u672c\u7684\u6293\u5305\u5de5\u5177\uff0c\u6bd4\u5982TShark\u3002\u5bf9\u4e8e\u4e00\u4e9b\u7b80\u5355\u7684\u4efb\u52a1\uff0cWireshark\u663e\u5f97\u592a\u91cd\u91cf\u7ea7\u4e86\uff0c\u9664\u975e\u6709\u975e\u5e38\u5f3a\u5927\u590d\u6742\u7684\u9700\u6c42\uff0c\u5426\u5219\u6211\u4e00\u822c\u9009\u62e9 ngrep\u3002ngrep\u5dee\u4e0d\u591a\u5c31\u662f\u7f51\u7edc\u7248\u672c\u7684grep\uff0c\u7528\u8d77\u6765\u5c31\u50cfgrep\u7528\u5728\u6587\u4ef6\u5185\u5bb9\u8fc7\u6ee4\u4e00\u6837\u3002<\/span><\/p>\n
\u4e00\u822c\u5bf9http\u8fdb\u884c\u6293\u5305\u7684\u65f6\u5019\uff0c\u90fd\u4f1a\u7528\u201c-W byline\u201d \u8fd9\u4e2a\u53c2\u6570\uff0c\u5b83\u53ef\u4ee5\u89e3\u6790\u6362\u884c\uff0c\u8f93\u51fa\u683c\u5f0f\u53cb\u597d\u7684\u4fe1\u606f\u3002-q \u53c2\u6570\u8868\u793a\u5b89\u9759\u6a21\u5f0f\uff0c\u53ea\u8f93\u51fa\u5339\u914d\u5230\u7684\u7f51\u7edc\u5305\u5185\u5bb9\u3002\u4e0b\u9762\u8fd9\u4e2a\u4f8b\u793a\uff0c\u6211\u4eec\u6293\u53d6\u7f51\u7edc\u6570\u636e\u4e2d\u5305\u542b GET \u6216\u8005 POST\u5b57\u7b26\u4e32\u7684\u6570\u636e\u5305\u3002<\/span><\/p>\n
\r\nngrep -q -W byline "^(GET|POST) .*"\r\n<\/pre>\n
\u4f60\u4e5f\u53ef\u4ee5\u53e6\u4e00\u4e9b\u989d\u5916\u7684\u53c2\u6570\uff0c\u4ee5\u4fbf\u66f4\u52a0\u7cbe\u51c6\u5730\u8fdb\u884c\u8fc7\u6ee4\u3002\u5982\u6307\u5b9a\u57df\u540d\uff0cip\u6216\u8005\u7aef\u53e3\u53f7\u3002\u4e0b\u9762\u8fd9\u4e2a\u4f8b\u5b50\uff0c\u53ea\u8fc7\u6ee4\u53d1\u9001\u5230\u6216\u8005\u662f\u6765\u81ea\u4e8ewww.google.com\u7684\uff0c\u6307\u5b9a\u7aef\u53e3\u4e3a80\uff0c\u5e76\u4e14\u5305\u542b\u5b57\u7b26\u4e32\u201csearch\u201d\u7684\u7f51\u7edc\u6570\u636e\u3002<\/span><\/p>\n
\r\nngrep -q -W byline "search" host www.google.com and port 80\r\n<\/pre>\n
 <\/p>\n
\r\n=====================================\r\n\u535a\u4e3b\u6ce8\r\n\u6211\u7ecf\u5e38\u7528ngrep\u6765\u6293\u53d6falsh\u97f3\u4e50\u64ad\u653e\u5668\u7684mp3\u6587\u4ef6\u4e0b\u8f7d\u5730\u5740\uff1a\r\nsudo ngrep -d any -W byline -qwi  '.mp3'\r\n\u6548\u679c\u6bd4\u8f83\u597d\uff0c\u4e0d\u8fc7\u4e5f\u8fd8\u6709\u5176\u5b83\u591a\u79cd\u6280\u672f\u65b9\u6cd5\u55bd\uff0c\u8fd9\u91cc\u4e0d\u518d\u8d58\u8ff0\u3002\r\n<\/pre>\n
\u4e09\u3001Netcat<\/span><\/p>\n
Netcat\uff0c\u53c8\u53eb nc \uff0c\u53f7\u79f0\u201c\u745e\u58eb\u519b\u5200\u201d\uff0c\u662f\u4e00\u4e2a\u7b80\u5355\u4f46\u53c8\u975e\u5e38\u5f3a\u5927\u7684\u7f51\u7edc\u5de5\u5177\uff0c\u4e3b\u8981\u7528\u6765\u521b\u5efa\u5404\u79cd\u7f51\u7edc\u8fde\u63a5\uff0c\u7528\u9014\u975e\u5e38\u5e7f\u6cdb\u3002\u4f8b\u5982\uff0c\u6211\u4eec\u53ef\u4ee5\u7528\u5b83\u4f5c\u4e3a\u4e00\u4e2a\u7aef\u53e3\u626b\u63cf\u5de5\u5177\uff1a<\/span><\/p>\n
\r\n$ nc -z example.com 20-100\r\nConnection to example.com 22 port [tcp\/ssh] succeeded!\r\nConnection to example.com 80 port [tcp\/http] succeeded!\r\n<\/pre>\n
Netcat\u4e0d\u4ec5\u53ef\u4ee5\u626b\u63cf\u7aef\u53e3\uff0c\u8fd8\u53ef\u4ee5\u5bf9\u6307\u5b9a\u7aef\u53e3\u8fdb\u884c\u76d1\u542c\u3002\u6211\u4eec\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u7279\u6027\uff0c\u5c06nc\u547d\u4ee4\u4e0etar\u547d\u4ee4\u7ed3\u5408\u8d77\u6765\uff0c\u5728\u4e24\u53f0\u4e3b\u673a\u4e4b\u95f4\u9ad8\u6548\u800c\u7b80\u6d01\u5730\u8fdb\u884c\u6587\u4ef6\u4f20\u8f93\uff0c\u6211\u4eec\u53ea\u9700\u8981\u5728\u670d\u52a1\u4e3b\u673a\u4e0a\u8fd0\u884c\u547d\u4ee4\uff1a<\/span><\/p>\n
\r\n$ nc -l 9090 | tar -xzf -\r\n<\/pre>\n
\u7136\u540e\u5728\u53e6\u4e00\u53f0\u4e3b\u673a\u4e0a\u8fd0\u884c\uff1a<\/span><\/p>\n
\r\n$ tar -czf dir\/ | nc server 9090\r\n<\/pre>\n
\u5229\u7528nc\uff0c\u6211\u4eec\u53ef\u4ee5\u5c06\u4efb\u610f\u7a0b\u5e8f\u6620\u5c04\u5230\u7f51\u7edc\u4e2d\uff0c\u4e0b\u9762\u547d\u4ee4\u5c31\u628ashell\u91cd\u5b9a\u5411\u52308080\u7aef\u53e3\u800c\u516c\u5f00\uff1a<\/span><\/p>\n
\r\n$ mkfifo backpipe\r\n$ nc -l 8080 0 backpipe\r\n<\/pre>\n
\u7ecf\u8fc7\u4e0a\u9762\u547d\u4ee4\u6620\u5c04\u4e4b\u540e\uff0c\u6211\u4eec\u5c31\u53ef\u4ee5\u76f4\u63a5\u901a\u8fc78080\u7aef\u53e3\u6765\u8fde\u63a5shell\uff1a<\/span><\/p>\n
\r\n$ nc example.com 8080\r\nuname -a\r\nLinux li228-162 2.6.39.1-linode34 ##1 SMP Tue Jun 21 10:29:24 EDT 2011 i686 GNU\/Linux\r\n<\/pre>\n
\u7136\u540e\u6700\u540e\u4e24\u4e2a\u4f8b\u5b50\u7684\u7528\u6cd5\uff0c\u4e00\u822c\u90fd\u4f1a\u7528\u5176\u5b83\u66f4\u52a0\u4e13\u4e1a\u7684\u547d\u4ee4\u6765\u66ff\u4ee3nc\uff0c\u5982rsync\u7528\u6765\u6587\u4ef6\u4f20\u8f93\uff0cssh\u7528\u6765shell\u8fde\u63a5\u3002<\/span><\/p>\n
\u56db\u3001Sshuttle<\/span><\/p>\n
Sshuttle\u547d\u4ee4\u53ef\u4ee5\u7528\u6765\u5c06\u4f60\u672c\u5730\u7684\u7f51\u7edc\u901a\u8fc7ssh\u96a7\u9053\u8fdb\u884c\u8f6c\u53d1\uff0c\u5b83\u5b89\u88c5\u4e0e\u4f7f\u7528\u90fd\u975e\u5e38\u7b80\u5355\uff0c\u4e0d\u9700\u8981\u4f60\u5728\u670d\u52a1\u5668\u7aef\u5b89\u88c5\u989d\u5916\u7684\u8f6f\u4ef6\uff0c\u4e5f\u4e0d\u9700\u8981\u66f4\u6539\u672c\u5730\u7684\u4ee3\u7406\u8bbe\u7f6e\uff0c\u53ea\u8981\u4f60\u6709\u4e00\u53f0ssh\u6743\u9650\u7684\u670d\u52a1\u5668\u5373\u53ef\u3002<\/span><\/p>\n
\u901a\u8fc7ssh\u8f6c\u53d1\u540e\uff0c\u4f60\u7684\u7f51\u7edc\u5c31\u53d8\u5f97\u5b89\u5168\u4e86\uff0c\u4f8b\u5982\u4f60\u5904\u4e8e\u4e0d\u5b89\u5168\u7684\u516c\u5171wifi\u7f51\u7edc\u4e2d\u65f6\uff0c\u5c31\u53ef\u4ee5\u907f\u514d Firesheep \u548c dsniff \u7b49\u5de5\u5177\u7684\u653b\u51fb\u3002\u4e00\u5207\u7f51\u7edc\u901a\u8baf\uff0c\u90fd\u53ef\u4ee5\u901a\u8fc7ssh\u6765\u8fdb\u884c\u8f6c\u53d1\uff0c\u5305\u542bDNS\u89e3\u6790\u5728\u5185\uff1a<\/span><\/p>\n
\r\n$ sshuttle -r  --dns 0\/0\r\n<\/pre>\n
\u201c–daemon\u201d\u53c2\u6570\u4f1a\u4f7f Sshuttle \u4ee5\u5b88\u62a4\u7684\u65b9\u5f0f\u8fd0\u884c\u5728\u540e\u53f0\u3002\u4f60\u53ef\u4ee5\u8bbe\u7f6ebash\u547d\u4ee4\u522b\u540d\uff0c\u4ece\u800c\u5f88\u65b9\u4fbf\u5730\u5f00\u542f\u3001\u5173\u95edssh\u8f6c\u53d1\uff1a<\/span><\/p>\n
\r\nalias tunnel='sshuttle --D --pidfile=\/tmp\/sshuttle.pid -r  --dns 0\/0'\r\nalias stoptunnel='[[ -f \/tmp\/sshuttle.pid ]] && kill `cat \/tmp\/sshuttle.pid`'\r\n<\/pre>\n
\u4f60\u8fd8\u53ef\u4ee5\u5229\u7528sshuttle\u6765\u7ed5\u8fc7\u4e00\u4e9b\u57fa\u4e8eIP\u5730\u57df\u9650\u5236\uff0c\u4ece\u800c\u4f7f\u7528\u76f8\u5173\u670d\u52a1\uff0c\u5982BBC\u7684iPlayer\u8f6f\u4ef6\uff0c\u4f60\u7684IP\u5fc5\u987b\u5728\u82f1\u56fd\u5185\u624d\u53ef\u4ee5\u4f7f\u7528\u3002\u6211\u4eec\u53ea\u8981\u901a\u8fc7\u4f4d\u4e8e\u82f1\u56fd\u7684ssh\u670d\u52a1\u5668\uff0c\u5229\u7528ssh\u8f6c\u53d1\uff0c\u6765\u4f7f\u4f60\u7684IP\u5728\u5b83\u770b\u6765\uff0c\u662f\u4f4d\u4e8e\u82f1\u56fd\u7684\u3002\u8fd9\u65f6\u5019\uff0c\u4f60\u4e00\u822c\u4e0d\u9700\u8981\u5c06\u6240\u6709\u7f51\u7edc\u90fd\u8fdb\u884c\u8f6c\u53d1\uff0c\u53ea\u9700\u8981\u5c06\u6307\u5b9a\u7684\u670d\u52a1\u8f6c\u53d1\u5373\u53ef\u3002\u4f46\u662fsshuttle\u4e0d\u80fd\u4f7f\u7528\u57df\u540d\uff0c\u53ea\u80fd\u7528IP\u5730\u5740\uff0c\u6240\u4ee5\u5728\u4f7f\u7528sshuttle\u4e4b\u524d\uff0c\u6211\u4eec\u8981\u5148\u7528 dig \u547d\u4ee4\u6765\u5c06\u57df\u540d\u89e3\u6790\u4e3aIP\u5730\u5740\uff1a<\/span><\/p>\n
\r\n$ sshuttle -r  `dig +short `\r\n<\/pre>\n
\u4e94\u3001Siege<\/span><\/p>\n
Siege\u662f\u4e00\u6b3ehttp\u538b\u529b\u6d4b\u8bd5\u5de5\u5177\uff0c\u9664\u4e86\u4e00\u4e9b\u57fa\u672c\u7684\u538b\u529b\u6d4b\u8bd5\u7279\u6027\u5916\uff0c\u5b83\u8fd8\u6709\u4e00\u4e2a\u6bd4\u8f83\u597d\u7528\u7684-g\u53c2\u6570\uff0c-g\u53c2\u6570\u4e0ecurl\u7684-i\/-I\u53c2\u6570\u7c7b\u4f3c\uff0c\u90fd\u663e\u793a\u51fahttp\u54cd\u5e94\u5934\u4fe1\u606f\u3002\u4e0b\u9762\u4ee5google\u4e3a\u4f8b\uff08\u6211\u5df2\u7ecf\u5220\u6389\u4e00\u4e9b\u5934\u4fe1\u606f\uff09\uff1a<\/span><\/p>\n
\r\n$ siege -g www.google.com\r\nGET \/ HTTP\/1.1\r\nHost: www.google.com\r\nUser-Agent: JoeDog\/1.00 [en] (X11; I; Siege 2.70)\r\nConnection: close\r\n\r\nHTTP\/1.1 302 Found\r\nLocation: http:\/\/www.google.co.uk\/\r\nContent-Type: text\/html; charset=UTF-8\r\nServer: gws\r\nContent-Length: 221\r\nConnection: close\r\n\r\nGET \/ HTTP\/1.1\r\nHost: www.google.co.uk\r\nUser-Agent: JoeDog\/1.00 [en] (X11; I; Siege 2.70)\r\nConnection: close\r\n\r\nHTTP\/1.1 200 OK\r\nContent-Type: text\/html; charset=ISO-8859-1\r\nX-XSS-Protection: 1; mode=block\r\nConnection: close\r\n<\/pre>\n
Siege\u975e\u5e38\u64c5\u957f\u4e8e\u505a\u538b\u529b\u6d4b\u8bd5\uff0c\u50cfapache\u7684ab\u5de5\u5177\u4e00\u6837\u3002\u4f60\u53ef\u4ee5\u901a\u8fc7\u5b83\u5411\u4e00\u7f51\u7ad9\u53d1\u9001\u5e76\u53d1\u8bf7\u6c42\uff0c\u5e76\u89c2\u5bdf\u670d\u52a1\u5668\u7684\u54cd\u5e94\u60c5\u51b5\u3002\u4e0b\u9762\u547d\u4ee4\u4e2d\uff0c\u6211\u4eec\u540c\u65f6\u5411google\u53d1\u900120\u4e2a\u8bf7\u6c42\uff0c\u5e76\u6301\u7eed30\u79d2\u65f6\u95f4\uff0c\u7136\u540e\u5c31\u4f1a\u5f97\u5230\u4e00\u4e2a\u76f4\u89c2\u7684\u7edf\u8ba1\uff1a<\/span><\/p>\n
\r\n$ siege -c20 www.google.co.uk -b -t30s\r\n...\r\nLifting the server siege... done.\r\nTransactions: 1400 hits\r\nAvailability: 100.00 %\r\nElapsed time: 29.22 secs\r\nData transferred: 13.32 MB\r\nResponse time: 0.41 secs\r\nTransaction rate: 47.91 trans\/sec\r\nThroughput: 0.46 MB\/sec\r\nConcurrency: 19.53\r\nSuccessful transactions: 1400\r\nFailed transactions: 0\r\nLongest transaction: 4.08\r\nShortest transaction: 0.08\r\n<\/pre>\n
Siege\u6709\u4e00\u4e2a\u5f88\u6709\u7528\u7684\u7279\u6027\uff0c\u6211\u4eec\u53ef\u4ee5\u5c06\u5f88\u591aurl\u5217\u8868\u653e\u6587\u4ef6\u91cc\u9762\uff0c\u7136\u540e\u5c06\u8be5\u6587\u4ef6\u4f5c\u4e3a\u53c2\u6570\u4f20\u7ed9Siege\uff0c\u5b83\u5c31\u4f1a\u6307\u8bbf\u95ee\u6240\u6709\u7684url\u5217\u8868\uff0c\u5728\u505a\u538b\u529b\u6d4b\u8bd5\u7684\u65f6\u5019\uff0c\u8fd9\u4e2a\u7528\u6cd5\u663e\u7136\u662f\u975e\u5e38\u6709\u7528\u7684\uff0c\u56e0\u4e3a\u8fd9\u79cd\u65b9\u5f0f\u57fa\u672c\u4e0a\u76f8\u5f53\u4e8e\u91cd\u73b0\u771f\u5b9e\u8bbf\u95ee\u7f51\u7ad9\u7684\u8bf7\u6c42\uff0c\u4f7f\u6d4b\u8bd5\u7684\u6570\u636e\u66f4\u52a0\u8d34\u8fd1\u771f\u5b9e\u3002\u4e0b\u9762\u6211\u4eec\u5c06apache\u65e5\u5fd7\u91cc\u9762\u7684\u8bbf\u95ee\u5217\u8868\u63d0\u53d6\u51fa\u6765\uff0c\u7136\u540e\u5229\u7528Siege\u52a0\u8f7d\u5217\u8868\uff0c\u8fdb\u884c\u538b\u529b\u6d4b\u8bd5\uff1a<\/span><\/p>\n
\r\n$ cut -d ' ' -f7 \/var\/log\/apache2\/access.log > urls.txt\r\n$ siege -c -b -f urls.txt\r\n<\/pre>\n
 <\/p>\n
\r\n=================================\r\n\u535a\u4e3b\u6ce8\uff1a\u8865\u5145\u51e0\u4e2aab\u547d\u4ee4\u53c2\u6570\r\n\u6211\u7ecf\u5e38\u7528ab\u505a\u538b\u529b\u6d4b\u8bd5\u5de5\u5177\uff0c\u51e0\u4e2a\u5e38\u7528\u53c2\u6570\uff1a\r\n-p \u540e\u52a0\u6587\u4ef6\uff0c\u6587\u4ef6\u91cc\u9762\u4e3apost\u7684\u53c2\u6570\uff0c\u5982 pid=102\r\n-T \u6307\u5b9acontent-type\uff0c\u5982 ab -p post.txt -T "application\/x-www-form-urlencoded"\r\n-C \u8bbe\u7f6ecookie\uff0c\u5982 ab -C "PHPSESSID=c70d349634c566b1f5f5a12ef18860b9"\r\n<\/pre>\n
\u516d\u3001Mitmproxy<\/span><\/p>\n
\r\n\u535a\u4e3b\u6ce8\uff1a\r\n\u8fd9\u4e2a\u4e1c\u897f\u6211\u4e0d\u592a\u719f\u6089\uff0c\u6240\u4ee5\u4e0b\u9762\u4e5f\u4e0d\u7ffb\u8bd1\u4e86\uff0c\u76f4\u63a5\u6458\u8fc7\u6765\u5427\u3002\u6015\u6211\u7ffb\u8bd1\u51fa\u6765\u8ddf\u539f\u610f\u5dee\u592a\u5927\uff5e\uff5e\r\n<\/pre>\n
Mitmproxy is an SSL-capable, man-in-the-middle HTTP proxy that allows you to inspect both HTTP and HTTPS traffic, and rewrite requests on the fly. The application has been behind quite a few iOS application privacy scandals, including Path\u2019s address book upload scandal. Its ability to rewrite requests on the fly has also been used to target iOS, including setting a fake high score in GameCenter.<\/span><\/p>\n
Far from only being useful to see what mobile applications are sending over the wire or for faking high scores, mitmproxy can help out with a whole range of Web development tasks. For example, instead of constantly hitting F5 or clearing your cache to make sure you\u2019re seeing the latest content, you can run<\/span><\/p>\n
\r\n$ mitmproxy --anticache\r\n<\/pre>\n
which will automatically strip all cache-control headers and make sure you always get fresh content. Unfortunately it doesn\u2019t automatically set up forwarding for you like sshuttle does, so after starting mitmproxy you still need to change your system-wide or browser-specific proxy settings.<\/span><\/p>\n
Another extremely handy feature of mitmproxy is the ability to record and replay HTTP interactions. The official documentation gives an example of a wireless network login. The same technique can be used as a basic Web testing framework. For example, to confirm that your user signup flow works, you can start recording the session:<\/span><\/p>\n
\r\n$ mitmdump -w user-signup\r\n<\/pre>\n
Then go through the user signup process, which at this point should work as expected. Stop recording the session with Ctrl + C. At any point we can then replay what was recorded and check for the 200 status code:<\/span><\/p>\n
\r\n$ mitmdump -c user-signup | tail -n1 | grep 200 && echo "OK" || echo "FAIL"\r\n<\/pre>\n
If the signup flow gets broken at any point, we\u2019ll see a FAIL message, rather than an OK. You could create a whole suite of these tests and run them regularly to make sure you get notified if you ever accidentally break anything on your site.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"
\u7ffb\u8bd1\u81ea\uff1ahttp:\/\/coding.smashingmagazine.com\/2012\/10\/29\/power […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-2262","post","type-post","status-publish","format-standard","hentry","category-diary"],"_links":{"self":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/2262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/comments?post=2262"}],"version-history":[{"count":9,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/2262\/revisions"}],"predecessor-version":[{"id":2264,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/2262\/revisions\/2264"}],"wp:attachment":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/media?parent=2262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/categories?post=2262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/tags?post=2262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}